Zoek.exe v5.0.0.0 Updated 21-11-2014 Tool run by Geenen on za 22/11/2014 at 7:55:49,95. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKELA1AB\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 22/11/2014 8:02:21 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\FreeTime deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\Garmin deleted successfully C:\PROGRA~3\NtiDvdCopy deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Geenen\AppData\Roaming\Spesoft Audio Converter deleted successfully C:\Users\Geenen\AppData\Roaming\TP deleted successfully C:\Users\Geenen\AppData\Roaming\Vso deleted successfully C:\Users\Tess\AppData\Roaming\Google deleted successfully C:\Users\Geenen\AppData\Local\Garmin deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3361971770-3593541603-1513510909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7} deleted successfully HKEY_USERS\S-1-5-21-3361971770-3593541603-1513510909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7} deleted successfully HKEY_USERS\S-1-5-21-3361971770-3593541603-1513510909-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4730BAB-06F7-4E3E-8933-99AC988051A7} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7}]- ==== Deleting Files \ Folders ====================== C:\user.js deleted C:\Users\Geenen\AppData\Roaming\shshortcut.ico deleted C:\PROGRA~3\OberonGameConsole deleted C:\PROGRA~3\Package Cache deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-11-21 20:59:52 B59EF013D567E5746F1DEE2565F747ED 43152 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Geenen\AppData\Local\Temp ==== 2014-11-20 16:35:24 142373A6130734A1ECEE7F94D7642183 174638 ------w- C:\Users\Geenen\AppData\Local\Temp\is45637729\554974_stp\Generic_vo.exe 2014-11-20 10:47:46 3F4C24738D918F79E5737C4768BEAD09 5981328 ----a-w- C:\Users\Geenen\AppData\Local\Temp\optprosetup.exe 2014-11-20 10:47:35 D426485FB122354E762F247F76077291 297704 ----a-w- C:\Users\Geenen\AppData\Local\Temp\BackupSetup.exe 2014-11-20 10:47:31 B0F7EA48B4A259549B7797F37155C221 286714 ----a-w- C:\Users\Geenen\AppData\Local\Temp\67E9tmp\vopackage.exe 2014-11-20 10:47:30 AF37247590F4E4B8A8A214A091EA6067 73816 ----a-w- C:\Users\Geenen\AppData\Local\Temp\67D9tmp\cloud_backup_setup.exe 2014-11-20 10:47:30 833F4C61A4DBABC7F02DAF75F5BC3302 6160376 ----a-w- C:\Users\Geenen\AppData\Local\Temp\67EAtmp\optimizerpro.exe 2014-11-08 08:47:13 5C73E64374D9BA37AC5569D1F7DE5C9B 665682 ----a-w- C:\Users\Geenen\AppData\Local\Temp\sqlite3.dll 2014-11-08 08:33:34 7AAB90847C56E6F7E922BB29D5B3EA8A 601088 ----a-w- C:\Users\Geenen\AppData\Local\Temp\Quarantine.exe ====== Java Cache ===== 2014-11-22 06:44:42 30810F09A3FCC03EC583120B033700BC 282329 ----a-w- C:\Users\Geenen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-69fc0aae 2014-11-22 06:44:39 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\Geenen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\31b19ba-4ab9427d 2014-11-22 06:44:41 67911F367EC150BDC8F2CB46397F0925 845 ----a-w- C:\Users\Geenen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-1053fac8 2014-11-22 06:44:42 684DDB546BDA67B06C2A6494E10DC036 437 ----a-w- C:\Users\Geenen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap ====== C:\Windows\SysWOW64 ===== 2014-11-22 06:43:57 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-11-22 06:43:34 8FA677D5F2AFE2A3F111C50D68A93542 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-22 06:43:34 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-11-22 06:43:34 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-11-19 16:23:16 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\SysWOW64\pku2u.dll 2014-11-19 16:23:15 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-11-17 10:38:56 980EEEE8815DA7593708774D1225BD35 681984 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2014-11-17 10:38:54 9AB39ADD28C7C1A685B1EA8C6A25CF08 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2014-11-17 10:38:53 9216ABFD53F5EC1F35C3554AD1A175DE 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-11-17 10:38:53 13E5B1CD503A4B21E9F0A2D55A00198B 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2014-11-17 10:37:13 EDA54D2E17C0271D2CDA946ABE344110 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2014-11-17 10:37:00 B6273619A3DF28F03B64E911E45A6AB2 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-11-17 10:37:00 5D5640C34C4A97467F77489DBB157568 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-17 10:36:59 A6E51BDCB8F4B84E874F918F0452763D 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-11-17 10:36:56 FB56C76FEA44693752BD99D7D9930ABA 341168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-11-17 10:36:56 4772DB007FFBD4BBE3F526704BCA67FE 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-11-17 10:36:55 843BD9DAF03ABB6761DEE6D155301F28 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-17 10:36:54 66F4FFDBCD501260ABC198317D2B0D10 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-11-17 10:36:54 26EE6C9780A8FC872C60F9E35D7EBD4B 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-11-17 10:36:52 93074C4FA92A8399404D032F6AF72C1B 19781632 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-11-17 10:36:46 5972510EF1C6097D9C14C17387A5EDB2 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-11-17 10:36:44 5E01004CBC35A78FE2AB4016CCAD4760 708096 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-11-17 10:36:44 19D68FDEE62519C5A0387EB4E88A01EF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-11-17 10:36:43 7748B3DDDC92C7FC11F7462DB872E8E7 2051072 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-11-17 10:36:42 FA310BD4A5DE904445DDDE54C5A654F2 2277376 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-11-17 10:36:37 8A46404AC1AEB22AA2D4C906D0FC86C2 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-11-17 10:36:36 6DDC0F44A70976C492CB1666BA9A7912 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-11-17 10:36:36 4F8CD74CD69A94ED1A5D7E837A356F4E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-11-17 10:36:35 A1A2EE55A2C69F79AED00973E604B9C4 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-11-17 10:36:35 8585BC27224F97458C186AA085B754A7 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-11-17 10:36:31 36EE0A2A981617610F921BCBB997DB06 12819456 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-11-17 10:36:18 4169C6A6613856D69224498620F0C2B5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-17 10:36:17 AE39939F1E25401B9A4952A7A8D372AC 4298240 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-11-17 10:36:15 9ED3132B7F0D36FA9911721E8B2CB968 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-11-17 10:36:14 6DD7D61A8EF3DFEC4FAEFEB395E77424 1892864 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-11-17 10:36:10 755D0A90CFC4BCB178D7070B0351F0AE 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-17 10:36:10 139E85C4E5DF322AE1BF6544D8C32B0A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-11-12 15:35:15 537184E7306E06BB22C5B93D2AFA4DF8 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-11-12 15:35:15 09FA271EE1F9AD68B2D1C1C210F4B71F 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 15:35:12 5FDBDEECA34E73325D87C5ACD16A3EEC 701440 ----a-w- C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 15:35:04 8FE6AB488ECDC60930CE973A7051B0D4 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 15:35:04 8CFAEFCD7F1E004950FCAE870A501B3E 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-11-12 15:35:03 B580A6B9932669DE703001AEE66D5BB1 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 15:35:03 9CEA80FFC617E6B6DD7B52E6225C0D38 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 15:35:03 37BC079204BF9B087D6DE6B728908B4B 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-11-12 15:35:02 8205E55DFB11809E5F2AAD1C48840535 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-11-12 15:34:51 FD79B005E849DF3D7E9B5EB7A637C528 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 15:34:51 AA7325057A1E1CC401798C0B1238E182 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 15:34:51 8D338464B851DDD76E2B876A3E09EB70 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 15:34:46 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\Windows\SysWOW64\packager.dll 2014-11-12 15:34:39 CB55B9AAB060C803BE4AD229AA0FEC28 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-21 21:00:03 6663B30328C239D2AB10D2583054CF2E 364512 ----a-w- C:\Windows\Sysnative\aswBoot.exe 2014-11-19 16:23:16 8A8CB073A4B9F9D97CFA8CA9C1C851CE 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-11-19 16:23:16 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\Windows\Sysnative\pku2u.dll 2014-11-17 10:39:10 F992AAE3F2DF1D7D2A75B681B0C5280E 304640 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-11-17 10:39:09 9F1FA4F36406693C77CC5779AA7E532D 228864 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-11-17 10:39:07 6021CF6A11DE9B5FC1BD210B6855C497 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-11-17 10:38:58 008CD4EBFABCF78D0F19B3778492648C 683520 ----a-w- C:\Windows\Sysnative\termsrv.dll 2014-11-17 10:38:56 C4C1B73FC2FF151BA08E1EAFDE2A2FAF 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-11-17 10:38:56 58F87BF5659C8EBC61EB439C916F2F9A 681984 ----a-w- C:\Windows\Sysnative\adtschema.dll 2014-11-17 10:38:54 7184AEACDA13E64B10F84E9DD79C8A01 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2014-11-17 10:37:14 B938AF16A521C913791C6F7AFF032757 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2014-11-17 10:36:59 7293701905DF1F40760C851F20DDC9EC 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-11-17 10:36:59 1F3794CE1AEA5DA12ACF90210EAE4ECB 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-11-17 10:36:57 854B230F5D77486B67D809FFB8A10C7E 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-11-17 10:36:57 4E47ABA3C6C5032446A2AF7EFD026037 716800 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-11-17 10:36:57 26BC4EC95E363DD59171710E22108F15 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-11-17 10:36:54 33098C85B789630865CD3F5D22FB0DFC 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-11-17 10:36:43 1C216980E7D21100A357B52B3C45F78D 388272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-11-17 10:36:42 56651A76C63DAF2C593F1F767FC8A856 1550336 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-11-17 10:36:37 E17C34BECCD1388E9B386A9F82F01222 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-11-17 10:36:35 C6A719FD0B07B2DD0ADACD07636F4BAD 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-11-17 10:36:35 2A1A7F17C906941334C6A67E935F214B 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-11-17 10:36:34 1E30BECF0DB35481588FB72C9CF97CA2 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-11-17 10:36:29 BD708EBEDB35E474F1A19747154ACC47 799232 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-11-17 10:36:29 6507CA9349500A535AF70670F248E525 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-11-17 10:36:25 5C9D58591D0091630452B04F35527240 2124288 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-11-17 10:36:23 BA4EC6139B8830BBA9CC5D065CA5796C 2884096 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-11-17 10:36:13 31F2A5ECFD2C75F970A3007ACD5627C7 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-11-17 10:36:12 08BCDD6C9E23D00309F359620461DFE8 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-11-17 10:36:03 277A4735954F1BF29EE3D138A5251BFE 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-11-17 10:36:02 69602F6259598A7837CB83D3608FE293 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-11-17 10:36:00 154B8555A118BCFD95F358390E418B00 14390272 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-11-17 10:35:53 7EE5FBD190BF5B27F7977EA6CBF0DCAC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-11-17 10:35:52 98088A13F65BE35DA3693F264740CEEC 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-11-17 10:35:51 7EC80DB959695D4F927D2D601DA59F35 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-11-17 10:35:49 F208D7FB40FD80EA9F123BABF687359C 6040064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-11-17 10:35:46 B6DC4597FF946B0C8B29650A71F52D4E 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-11-17 10:35:46 6FC2819A4F80AAB2DADEDFC1EFEE3C3F 2365440 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-11-17 10:35:43 4B6D9AB2ECD11AF5F6B1C42D938E0A85 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-11-17 10:35:42 EE3592B010E3F69D141323E592C01A1A 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-11-17 10:35:39 BBD6A636AAA65D874F3863280CD8373D 25110016 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-11-12 15:35:15 D005697F0467BBDDAB7638496DA5DB52 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-11-12 15:35:15 364ECFF4ABD9D575F4F7CF7EB7928EF3 1882624 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-11-12 15:35:12 1FEBD408F32DFC523882E7DA5AC57819 878080 ----a-w- C:\Windows\Sysnative\IMJP10K.DLL 2014-11-12 15:35:06 A71B81AC2C14ABA013CCF1225D9E3E36 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-11-12 15:35:05 109CC0DF72CC07A6CB59D2995255A1DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-11-12 15:35:03 DF30FC54FFF79BC744B22A4850A3CF92 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-11-12 15:35:03 55F0CF40479A1FC89CFA578909A540F2 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-11-12 15:35:03 47C48C705F4F1EFC99B50B43AE4301FE 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-11-12 15:35:02 336BA030AB7B05300CB0B5C6AFB27176 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-11-12 15:34:51 FAFCB80D42A65964B6F4945283B8C10F 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2014-11-12 15:34:51 DE3E38431B00C2EA247C53675DCF01A0 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2014-11-12 15:34:51 B1BB7B91C3C878FDB2874138CE81C4EF 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll 2014-11-12 15:34:51 A2C9E45F4069A002E985D1563D16813B 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2014-11-12 15:34:51 9383B21A4B77C130940262DDC5F3F49B 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2014-11-12 15:34:46 934735F508E297504460935B71E99F0B 77824 ----a-w- C:\Windows\Sysnative\packager.dll 2014-11-12 15:34:45 93C055B6AAD76360A60CB7E59A491531 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-11-12 15:34:40 2720C94ADCC1727A66365CCB1CE456C4 3241984 ----a-w- C:\Windows\Sysnative\msi.dll ====== C:\Windows\Sysnative\drivers ===== 2014-11-21 19:57:06 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-21 19:56:37 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-21 19:56:37 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-11-17 10:38:57 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-21 22:09:24 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-11-22 06:44:16 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Geenen\AppData\Roaming ====== 2014-11-22 06:44:50 -------- d-----w- C:\Users\Geenen\AppData\Roaming\Oracle 2014-11-20 18:25:37 F8858C620D6D490088D791C0CA82EE11 66816 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-20 11:07:30 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-11-20 11:07:30 -------- d-----w- C:\Users\Geenen\AppData\Roaming\QuickScan 2014-11-19 16:10:48 -------- d-sh--w- C:\Users\Geenen\AppData\Local\EmieBrowserModeList 2014-11-19 16:09:43 -------- d-sh--w- C:\Users\Geenen\AppData\Locallow\EmieBrowserModeList ====== C:\Users\Geenen ====== 2014-11-22 06:43:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-21 22:09:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Geenen\Desktop\RSITx64.exe 2014-11-21 19:54:27 33398D340008A0577507FCA7FD443622 19828376 ----a-w- C:\Users\Geenen\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-20 22:01:13 6504113C2218667814D4F54847BA046A 2140160 ----a-w- C:\Users\Geenen\Downloads\adwcleaner_4.101.exe ====== C: exe-files == 2014-11-22 06:43:24 EAFDA2D17FF6CC0B2AFEE21E9134EBF8 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-11-22 06:43:24 DB769E9AE525963168BD4B60BFBF55EB 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-11-22 06:43:24 CBE8C6FAEDBA9A2C2577133F0321CBD8 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-11-22 06:43:24 BFEC01FEA21A749C43DE15F1644E7900 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-11-22 06:43:24 BDB4ABB929ADBC7B98E1087830809564 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-11-22 06:43:24 9FF29AE2E75939EFF8A390AD51F5FEFF 50088 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-11-22 06:43:24 9D9A28606B59C3D8D8FD1F7704AAAD81 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-11-22 06:43:24 93F297984DB0561694F6454A3066D542 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-11-22 06:43:24 74222EDB01CF2D9865D8AC1EEE7C5B63 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-11-22 06:43:24 6DCF8B667B6C9AD851B2B5CB256521ED 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-11-22 06:43:23 EEFD7F935D944118FED39D3041352990 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-11-22 06:43:23 DBDB1A25291B2D18C614F5CA963156A8 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-11-22 06:43:23 C935769C537A94BC026BD813015DA450 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-11-22 06:43:23 93CFE0C1473D2220FBDA2A9C08848F34 75688 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-11-22 06:43:23 6A4970A237A9FE01A36C4181E2A8C1B0 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-11-22 06:43:22 E04E87CDF6CA797BA7C8EA45228FE9E0 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-11-22 06:43:22 DD8E9CE0BDF8CE1131004673D9C5444D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-11-22 06:43:22 D3BC8953C21770FC147064B0BAE78063 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-11-22 06:43:22 B9F9FD6188CC732F19DB69CAE5CC597C 272808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-11-22 06:43:22 3594C0ABBFFE10B3CF95714B8B3C89A4 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-11-22 06:43:22 095826BCBBFA5C09C72463A82612B23C 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-11-22 06:40:08 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Geenen\AppData\LocalLow\Sun\Java\jre1.7.0_71\lzma.exe 2014-11-21 22:09:25 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Geenen.exe 2014-11-21 22:09:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Geenen\Desktop\RSITx64.exe 2014-11-21 21:15:59 E0E2FE836FD209FBE336DE720032DA99 96768 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2014-11-21 21:15:59 8B4A087962B4411D7FF2A91F6CAE1EBA 54432 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2014-11-21 21:15:59 8B4A087962B4411D7FF2A91F6CAE1EBA 54432 ----a-w- C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe 2014-11-21 21:15:59 41094C32DD59E2E56EE7AFCB0AB917B3 130208 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2014-11-21 21:15:59 37EBCD76164A25F87E61D2158145FA42 59392 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2014-11-20 22:01:13 6504113C2218667814D4F54847BA046A 2140160 ----a-w- C:\Users\Geenen\Downloads\adwcleaner_4.101.exe 2014-11-20 18:41:19 C5F7025532E55CAC3CD4E61D6AF5BE9D 587709 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PGGVGO4S\Setup[1].exe 2014-11-20 16:35:24 142373A6130734A1ECEE7F94D7642183 174638 ------w- C:\Users\Geenen\AppData\Local\Temp\is45637729\554974_stp\Generic_vo.exe 2014-11-20 12:03:29 FEC982BA51F153746561E12B0E01BE84 591236 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRXRH0J0\Setup[2].exe 2014-11-20 11:23:50 A93F4ED88C591A85BFF3B48E974B7D77 591236 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QRXRH0J0\Setup[1].exe 2014-11-20 10:47:46 3F4C24738D918F79E5737C4768BEAD09 5981328 ----a-w- C:\Users\Geenen\AppData\Local\Temp\optprosetup.exe 2014-11-20 10:47:35 D426485FB122354E762F247F76077291 297704 ----a-w- C:\Users\Geenen\AppData\Local\Temp\BackupSetup.exe 2014-11-20 10:47:31 B0F7EA48B4A259549B7797F37155C221 286714 ----a-w- C:\Users\Geenen\AppData\Local\Temp\67E9tmp\vopackage.exe 2014-11-20 10:47:31 B0F7EA48B4A259549B7797F37155C221 286714 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOOHDJY8\VOPackage[1].exe 2014-11-20 10:47:30 AF37247590F4E4B8A8A214A091EA6067 73816 ----a-w- C:\Users\Geenen\AppData\Local\Temp\67D9tmp\cloud_backup_setup.exe 2014-11-20 10:47:30 AF37247590F4E4B8A8A214A091EA6067 73816 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOOHDJY8\Cloud_Backup_Setup[1].exe 2014-11-20 10:47:30 833F4C61A4DBABC7F02DAF75F5BC3302 6160376 ----a-w- C:\Users\Geenen\AppData\Local\Temp\67EAtmp\optimizerpro.exe 2014-11-20 10:47:30 627B86891E317801163DC94940723D74 1019752 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOOHDJY8\pricehorse_1.3.13.12_cn[1].exe 2014-11-20 10:47:29 7307F9113B1ECE5A40C032D1B5CFD101 3363488 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOOHDJY8\setup_mbot_be[1].exe 2014-11-20 10:47:29 64D8E2ECCB0E5B7DDB76991F473806CE 290696 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOOHDJY8\lly_omiga-plus[1].exe 2014-11-20 10:47:27 833F4C61A4DBABC7F02DAF75F5BC3302 6160376 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AOOHDJY8\OptimizerPro[1].exe 2014-11-20 10:46:51 BA1414B8FF1788F92DD8DFDA2BB2D7EB 720216 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YYR10FNL\Player.exe 2014-11-19 16:11:15 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Geenen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-11-19 16:11:15 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Users\Geenen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-11-19 16:11:15 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Users\Geenen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-11-19 16:11:07 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Users\Geenen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-11-19 16:11:06 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Users\Geenen\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-11-19 16:11:06 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Users\Geenen\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-11-19 16:11:05 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Users\Geenen\AppData\Local\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-11-19 16:10:57 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\Geenen\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2014-11-17 11:29:53 5B4ED5734945619EE3BCDB9825D2F526 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe 2014-11-17 11:29:51 06036279056145E0F08FC095CB789E6A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe 2014-11-17 11:01:40 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe 2014-11-17 11:01:18 EDD3E562684CB4C50704B471BEAB1F86 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe 2014-11-17 11:01:18 CB8C1CC4F46FBAC78150754D77460C73 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe 2014-11-17 11:01:18 7161E8E31B7FD3B1CE083C2CA5FD5F44 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe 2014-11-17 11:01:16 F172AD4E906D97ED8F071896FC6789DC 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe 2014-11-17 11:01:09 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe 2014-11-17 10:36:57 B569522A58F9B53B20D16516D26E0DD8 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-11-17 10:36:44 B5724D61C7CB3FC9BACD9F8E58A77A03 468992 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-11-17 10:36:44 2E1CAA313AAE151B8D6E81C0075DE88C 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-11-17 10:36:38 591C6FD1541BAFAEEE82B1F5831C8532 815280 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-11-17 10:36:27 0A2FA344ABBE0D160CE9773256A42B21 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-11-17 10:36:20 F00FC8AF1B04C4611F92BC3DA01A2F49 813744 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe === C: other files == 2014-11-22 06:43:25 EC9D939B904C3A942484AFB3293AA413 18714 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2014-11-21 21:13:16 EDC6E9C057C9D7F83EEA22B4CEF5DCAD 145792 ----a-w- C:\Windows\System32\vbox\E1G6032E.sys 2014-11-21 21:12:54 5E0F78391D5A93592FEB62B56DFE8A3B 372680 ----a-w- C:\Windows\System32\vbox\VBoxVideoW8.sys 2014-11-21 21:12:51 6EC1453C5049470D4E7EE0402D7DD9CA 368048 ----a-w- C:\Windows\System32\vbox\VBoxVideoWddm.sys 2014-11-21 21:12:50 5F81A8BD7D6BBD599A34315AF48154DC 146080 ----a-w- C:\Windows\System32\vbox\VBoxVideo.sys 2014-11-21 21:12:49 2F2C8D72AF8B502BF23E970EB23724DE 123432 ----a-w- C:\Windows\System32\vbox\VBoxMouse.sys 2014-11-21 21:12:48 07399D74C7FE4D087FDBB6D3143ED007 155880 ----a-w- C:\Windows\System32\vbox\VBoxGuest.sys 2014-11-21 19:57:06 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-21 19:56:37 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-11-21 19:56:37 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-11-21 19:32:55 914A168FACFA3BCEAA48C7BB3588A7A6 469691 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\gomekmidlodglbbmalcneegieacbdmki.zip 2014-11-20 21:52:30 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\{49ae76ad-645b-4dfe-b2a8-4eb27c480fc7}.zip 2014-11-20 21:52:30 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\{3ca45906-ef10-4e4e-9be4-b444d220fcb0}.zip 2014-11-20 21:52:30 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\{37e92fb8-76bf-445a-b12d-158d787680d4}.zip 2014-11-20 21:52:24 DA09FF066F70B02CF853991BF7AEA130 19105 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\lncdobdbibdgoiohgnflmjajfphcnakg.zip 2014-11-20 21:52:23 659150185B5E1018CD14EC1D6E64F0E1 19381 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\aglngmpdpfckceocdbbfhkjjpklfggkd.zip 2014-11-20 10:48:21 3472FCF6FFD8970EA4861BCC9AFA6F05 2883457 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PGGVGO4S\2[1].zip 2014-11-20 10:47:43 27071E83EEF5D7729FAB3E19F4586990 2140116 ----a-w- C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LLVY75QS\1[1].zip 2014-11-17 10:42:33 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\{c0abba07-b636-47b8-b9e1-bb96d7cd4831}.zip 2014-11-17 10:42:19 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Geenen\AppData\Local\Temp\avastBCLTMP\{335f9a62-fe4b-40cd-b4ed-bb4de21dc95d}.zip 2014-11-17 10:38:57 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3361971770-3593541603-1513510909-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ONconnectService"="C:\Program Files (x86)\ONconnect\resources\service\win\ONconnect_service.exe" "EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent" "Google Update"="C:\Users\Geenen\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\Geenen\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "GoogleChromeAutoLaunch_2A192215D45005C53C58C43C435254F9"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" [HKEY_USERS\S-1-5-21-3361971770-3593541603-1513510909-1531\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" "PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ONconnectService"="C:\Program Files (x86)\ONconnect\resources\service\win\ONconnect_service.exe" "EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent" "Google Update"="C:\Users\Geenen\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\Geenen\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" "GoogleChromeAutoLaunch_2A192215D45005C53C58C43C435254F9"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "fssui"="C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe -autorun" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AutoStartNPSAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AutoStartNPSAgent" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Samsung New PC Studio\\NPSAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\hpqSRMon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="hpqSRMon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqSRMon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM Startup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ISUSPM Startup" "hkey"="HKCU" "command"="C:\\PROGRA~2\\COMMON~1\\INSTAL~1\\UPDATE~1\\isuspm.exe -startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Online Backup" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\qttask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Geenen\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Geenen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Geenen\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Geenen\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" ==== Startup Folders ====================== 2014-07-19 16:21:29 2388 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Philips GoGear SA4RGA_V2 Device Manager.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/11/2014 11:46] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/04/2012 21:04] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/04/2012 21:04] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3361971770-3593541603-1513510909-1000Core.job --a------ C:\Users\Geenen\AppData\Local\Google\Update\GoogleUpdate.exe [01/05/2014 07:12] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3361971770-3593541603-1513510909-1000UA.job --a------ C:\Users\Geenen\AppData\Local\Google\Update\GoogleUpdate.exe [01/05/2014 07:12] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"] "C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"] "C:\Windows\SysNative\tasks\Express Files Updater" [C:\Program Files (x86)\ExpressFiles\EFupdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3361971770-3593541603-1513510909-1000Core" [C:\Users\Geenen\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3361971770-3593541603-1513510909-1000UA" [C:\Users\Geenen\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{128ED9CF-539F-4F3D-900F-7DB8126B8B68}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{36B92605-C201-4DB1-BEC3-34082BC725EA}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/5.0.0.152.367/nl/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [21/11/2014 22:00] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [03/10/2011 18:29] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21/11/2014 21:59] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Geenen\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] deal2dealit - Geenen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglngmpdpfckceocdbbfhkjjpklfggkd Avast Online Security - Geenen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki purple bubble - Geenen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmghocjeejojcpccmopfnhcdibglmf Currency Converter - Geenen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg deal2dealit - Tess\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglngmpdpfckceocdbbfhkjjpklfggkd avast Online Security - Tess\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Currency Converter - Tess\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg Google Wallet - Tess\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "https://www.google.be/", "startup_urls": [ "http://www.google.be/" ], ==== Chromium Fix ====================== C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.windfinder.com_0.localstorage deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.windfinder.com_0.localstorage-journal deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_malwarebytes-anti-malware.nl.softonic.com_0.localstorage deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_malwarebytes-anti-malware.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_the-sims-3.nl.softonic.com_0.localstorage deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_the-sims-3.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglngmpdpfckceocdbbfhkjjpklfggkd deleted successfully C:\Users\Tess\AppData\Local\Google\Chrome\User Data\Default\Extensions\aglngmpdpfckceocdbbfhkjjpklfggkd deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg deleted successfully C:\Users\Tess\AppData\Local\Google\Chrome\User Data\Default\Extensions\lncdobdbibdgoiohgnflmjajfphcnakg deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lncdobdbibdgoiohgnflmjajfphcnakg_0.localstorage deleted successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lncdobdbibdgoiohgnflmjajfphcnakg_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Search Bar"="http://www.bing.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{7FAF3F05-D9BE-458C-83CA-B60E54CEE233}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" {7FAF3F05-D9BE-458C-83CA-B60E54CEE233} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7NNVC_nlBE562" {7FAF3F05-D9BE-458C-83CA-B60E54CEE233} Google Url="http://www.google.com/search?q={searchTerms}&rlz=1I7NNVC_nlBE562" ==== Reset Google Chrome ====================== C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Tess\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Tess\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3361971770-3593541603-1513510909-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-3361971770-3593541603-1513510909-1531\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_CURRENT_USER\Software\Policies\Google deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Tess\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tess\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8QHR94BL will be deleted at reboot C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKELA1AB will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Geenen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Tess\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1002 folders=119 35510821 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Geenen\AppData\Local\Temp will be emptied at reboot C:\Users\Tess\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Geenen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8QHR94BL" deleted "C:\Users\Geenen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HKELA1AB" not found "C:\Users\Geenen\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EGETJU3C\a248.e.akamai.net" not found "C:\Users\Tess\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GPRSH3Z6\assets.videostrip.com" not found ==== EOF on za 22/11/2014 at 10:18:49,53 ======================