Zoek.exe v5.0.0.0 Updated 23-09-2015 Tool run by Elien on vr 25/09/2015 at 20:48:03,63. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Elien\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 25/09/2015 20:57:57 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\Fotoservice deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\VideoLAN deleted successfully C:\PROGRA~2\Winamp deleted successfully C:\Program Files\Google deleted successfully C:\Users\Elien\AppData\Roaming\Opera Software deleted successfully C:\Users\Elien\AppData\Roaming\system deleted successfully C:\Users\Elien\AppData\Roaming\xxx deleted successfully C:\Users\Elien\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7D1C21CB-B4C7-4600-9262-FC7ED0EEB280} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\SearchScopes\{877753CD-0A34-4471-9214-1AC5F202E07B} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Fotoservice not found C:\PROGRA~2\VideoLAN not found C:\PROGRA~2\Winamp not found C:\PROGRA~3\A-PDF deleted C:\Program Files (x86)\Ask.com deleted C:\dd136e60554baac5703022f0ce2f deleted C:\Users\Elien\AppData\LocalLow\Conduit deleted C:\Users\Elien\AppData\LocalLow\Vuze_Remote deleted C:\PROGRA~2\GUT63A3.tmp deleted C:\PROGRA~2\GUM63A2.tmp deleted C:\PROGRA~2\Universal Document Converter deleted C:\PROGRA~2\BitLord deleted C:\PROGRA~2\Babylon deleted C:\PROGRA~2\Conduit deleted C:\Users\Elien\AppData\Roaming\DefaultTab deleted C:\Users\Elien\AppData\Roaming\OpenCandy deleted C:\PROGRA~3\Ask deleted C:\PROGRA~3\{44AFD825-9603-4521-9447-A6E1C5CA2F3D} deleted C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted C:\PROGRA~3\Trymedia deleted C:\Users\Elien\AppData\Local\CRE deleted C:\Users\Elien\AppData\Local\APN deleted C:\Users\Elien\AppData\Local\Conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord deleted C:\Users\Elien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted C:\Users\Elien\AppData\LocalLow\AskToolbar deleted C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-09-25 18:21:46 F0ECBDA4D2FD129FF15C299AF8462FC8 43112 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Elien\AppData\Local\Temp ==== 2015-09-25 18:39:17 78F768C4E0BD116AAF5EE41D760F899D 71168 ----a-w- C:\Users\Elien\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvgx70l.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-09-25 18:43:53 C05114B0BDF2470F7F4A1B2128540062 97888 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-09-25 18:22:22 36F4012709319D4D2F8858DAF2C3117E 378880 ----a-w- C:\Windows\Sysnative\aswBoot.exe ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-09-23 17:40:07 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-09-25 18:44:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Elien\AppData\Roaming ====== 2015-09-25 18:26:13 -------- d-----w- C:\Users\Elien\AppData\Roaming\Sun 2015-09-25 18:24:38 -------- d-----w- C:\Users\Elien\AppData\Locallow\Oracle 2015-09-22 18:15:59 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\Elien\AppData\Local\resmon.resmoncfg ====== C:\Users\Elien ====== 2015-09-25 18:43:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-09-25 18:26:09 -------- d-----w- C:\Users\Elien\.oracle_jre_usage 2015-09-25 18:23:43 CD8D0B237F2A599D4376FDFBA1460503 584288 ----a-w- C:\Users\Elien\Downloads\jxpiinstall.exe 2015-09-23 17:38:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Elien\Downloads\RSITx64.exe 2015-09-02 15:46:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C: exe-files == 2015-09-25 18:43:54 BC949C957CEB9FAFDF0F3949CDDF1A72 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-09-25 18:43:54 7080B965215703EA1340C3C4903C7D73 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-09-25 18:43:54 5DC0128E8A2017E82289191820C736A5 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-09-25 18:43:29 E408E46C5DD2D03A7474AA12BAABEFEE 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\klist.exe 2015-09-25 18:43:29 D94C31E9C9C9A1273CC67DC6FFAF9984 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\policytool.exe 2015-09-25 18:43:29 BDFF5086FC1F20E631A070EEF43A7BEC 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\tnameserv.exe 2015-09-25 18:43:29 B9DE149653ED8B9C5C6CB68131AB66D2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jjs.exe 2015-09-25 18:43:29 B804A4E31F4BAD4D5BA05FE684756BA2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\servertool.exe 2015-09-25 18:43:29 7A0DE452F677EF2971C7B75B0267B6ED 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssvagent.exe 2015-09-25 18:43:29 6A5A2FDB6D09E02A3283C55237DA10F6 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\unpack200.exe 2015-09-25 18:43:29 606A24A64E164B345A79F8F22A5DAC6F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\pack200.exe 2015-09-25 18:43:29 5A503CFE5B553A9721A469FCC9CE8562 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmiregistry.exe 2015-09-25 18:43:29 3292748E640429C2682484BD23D43F6B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmid.exe 2015-09-25 18:43:29 30387BE3E5D04FE969B731441C89D2D8 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\ktab.exe 2015-09-25 18:43:29 21B5D297A9191E4D833BB39456CEDAD0 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\kinit.exe 2015-09-25 18:43:29 0FCF9F3D9518B90FB58CC950FA33998C 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2launcher.exe 2015-09-25 18:43:29 0F6E0DD1263ACB2A1AC559BB7742B54D 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\keytool.exe 2015-09-25 18:43:29 08427EADE480F21412696582170B1167 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\orbd.exe 2015-09-25 18:43:28 BC949C957CEB9FAFDF0F3949CDDF1A72 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\java.exe 2015-09-25 18:43:28 8C6BDB56CD4DEED1AF2790D37B54CFE9 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe 2015-09-25 18:43:28 86CC77A8189758834CF83F7F2FEA5162 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\java-rmi.exe 2015-09-25 18:43:28 7080B965215703EA1340C3C4903C7D73 274016 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaws.exe 2015-09-25 18:43:28 5DC0128E8A2017E82289191820C736A5 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe 2015-09-25 18:43:28 262BBCE84B9C8784CC5A5E1975898022 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jabswitch.exe 2015-09-25 18:23:43 CD8D0B237F2A599D4376FDFBA1460503 584288 ----a-w- C:\Users\Elien\Downloads\jxpiinstall.exe 2015-09-25 18:18:44 4719799B56E0B4BEE6C62552FC7FC7E0 936016 ----a-w- C:\Users\Elien\AppData\Local\Google\Update\Install\{F3FD3EC7-A1E6-4F79-82F1-81C034B8D581}\45.0.2454.101_45.0.2454.99_chrome_updater.exe 2015-09-25 18:18:44 4719799B56E0B4BEE6C62552FC7FC7E0 936016 ----a-w- C:\Users\Elien\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.101\45.0.2454.101_45.0.2454.99_chrome_updater.exe 2015-09-23 17:40:07 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Elien.exe 2015-09-23 17:38:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Elien\Downloads\RSITx64.exe 2015-09-22 10:11:14 ECD8723FBA32A1CB7A9F3A8DF874809A 43383376 ----a-w- C:\Users\Elien\AppData\Local\Google\Update\Install\{7E800B7C-A0AF-4DA6-8660-CCD1B5706332}\45.0.2454.99_chrome_installer.exe 2015-09-22 10:11:12 ECD8723FBA32A1CB7A9F3A8DF874809A 43383376 ----a-w- C:\Users\Elien\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.99\45.0.2454.99_chrome_installer.exe 2015-09-22 10:05:17 FAC17E42199598C0352B9F5DC2EFFC85 88392 ----atw- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe 2015-09-22 10:05:17 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateSetup.exe 2015-09-22 10:05:17 77352A5A0833B1CA3B771148DA535CB6 88392 ----atw- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe 2015-09-22 10:05:17 61A77DDEF5E8D85E8B0955C4E5127B39 88392 ----atw- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateBroker.exe 2015-09-22 10:05:08 E337785DA1958E9AB02DDB2369EF46E8 307016 ----atw- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleCrashHandler64.exe 2015-09-22 10:05:08 BFDCC0375C492C524E78647CEED3F77D 130888 ----atw- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe 2015-09-22 10:05:08 A72BB48D9014A7D7C05F02F595F52D60 245576 ----atw- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleCrashHandler.exe 2015-09-22 10:04:38 053EEEE1ABAE53F044F1E386E22AE525 144200 ----atw- C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\GoogleUpdate.exe 2015-09-22 10:04:37 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Users\Elien\AppData\Local\Google\Update\Install\{DCE9ECCE-B0DC-455F-86ED-6D8CF989784C}\GoogleUpdateSetup.exe 2015-09-22 10:04:37 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Users\Elien\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.15\GoogleUpdateSetup.exe 2015-09-19 17:40:52 FAC17E42199598C0352B9F5DC2EFFC85 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe 2015-09-19 17:40:52 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateSetup.exe 2015-09-19 17:40:52 77352A5A0833B1CA3B771148DA535CB6 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateWebPlugin.exe 2015-09-19 17:40:52 61A77DDEF5E8D85E8B0955C4E5127B39 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateBroker.exe 2015-09-19 17:40:22 E337785DA1958E9AB02DDB2369EF46E8 307016 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe 2015-09-19 17:40:22 BFDCC0375C492C524E78647CEED3F77D 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdateComRegisterShell64.exe 2015-09-19 17:40:22 A72BB48D9014A7D7C05F02F595F52D60 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe 2015-09-19 17:40:11 053EEEE1ABAE53F044F1E386E22AE525 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleUpdate.exe 2015-09-19 17:40:09 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\Install\{5BC66CCC-C1E3-48BC-80B0-F16D2B305ECA}\GoogleUpdateSetup.exe 2015-09-19 17:40:07 D9A15F83CB6E5901A63F24CD7D58DBAF 929872 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.15\GoogleUpdateSetup.exe === C: other files == 2015-09-25 18:43:29 4E221C69F3B103481534D1B6CB6A90DD 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Windows\CurrentVersion\Run] [HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS5.5ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5.5ServiceManager\\CS5.5ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS5ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter3] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ControlCenter3" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Brother\\ControlCenter3\\brctrcen.exe /autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EzPrint] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EzPrint" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Lexmark 3600-4600 Series\\ezprint.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Photos Backup] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Photos Backup" "hkey"="HKCU" "command"="\"C:\\Users\\Elien\\AppData\\Local\\Programs\\Google\\Google Photos Backup\\Google Photos Backup.exe\" /autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Elien\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\lxdxmon.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="lxdxmon.exe" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Lexmark 3600-4600 Series\\lxdxmon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RockMelt Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RockMelt Update" "hkey"="HKCU" "command"="\"C:\\Users\\Elien\\AppData\\Local\\RockMelt\\Update\\RockMeltUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinampAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinampAgent" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Winamp\\winampa.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/09/2015 12:07] C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [23/07/2015 13:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 07:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/09/2015 07:34] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001Core1cc56554545eaa0.job --a------ C:\Users\Elien\AppData\LoC:al\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001UA1cc7c503fedf4f1.job --a------ C:\Users\Elien\AppData\LoC:al\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001Core.job --a------ [Undetermined Task] C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001UA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Elien-PC-Elien" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DTChk" [C:\Users\Public\Util\DTChk.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001Core" [C:\Users\Elien\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001Core1cc56554545eaa0" [C:\Users\Elien\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001UA1cc7c503fedf4f1" [C:\Users\Elien\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Installation App Launcher" ["C:\Program Files (x86)\Lexmark 3600-4600 Series\ezprint.exe"] "C:\Windows\SysNative\tasks\RockMeltUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001Core" [C:\Users\Elien\AppData\Local\RockMelt\Update\RockMeltUpdate.exe] "C:\Windows\SysNative\tasks\RockMeltUpdateTaskUserS-1-5-21-3337886690-3336357716-2502399067-1001UA" [C:\Users\Elien\AppData\Local\RockMelt\Update\RockMeltUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2015-06-18 12:38:40 -------- d-----w- C:\PROGRA~3\Dropbox ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [25/09/2015 20:21] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Elien\AppData\Roaming\Mozilla\Firefox\Profiles\quqsb1su.default-1439717094031 F92FC494F7E9760802180B5493DD4F90 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 1A62BB86D17B8DC0D4339BACC8D60635 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash D2B5242013356AF422A42B9FAA4056C2 - C:\Users\Elien\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin A74B2B17FCE088C437312F9E1F6E0324 - C:\Users\Elien\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll - RockMelt Update 7D127425BBE91DF37448A7F44C1DDA52 - C:\Users\Elien\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll - Google Update 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Elien\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin D94C362E750F8C283BF52537D3DF28B5 - C:\Users\Elien\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\Elien\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Fake Chromium Profiles Check ====================== Fake profile C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23/04/2015 08:24] ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Elien\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Users\Elien\AppData\Local\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] Bookmark Manager - Elien\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Cool Clock - Elien\AppData\Local\Google\Chrome\User Data\Default\Extensions\icegcmhgphfkgglbljbkdegiaaihifce Google Wallet - Elien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Vuze Remote - Elien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk placeholder2 - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\agadihenlcjgjjhnajddgobicmbpngpi Google Search - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\cplkhagjhgkacpkklpaaoljbakccjhen Babylon Chrome OCR - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb placeholder1 - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\djihoaicgeemaakdmcipnoligphjeodh RSS - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\hingdkbmmeejjbjmlbdjbcagfeakbadm placeholder3 - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\jdhhipdmgegbgpflcpjkapoiefpjeobh Why Login? - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\kifbifhcmjgogbdlmblmjemdlincicmb Invite - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\mlegghhkdpgkhjpnmepdkcojenppefpe Suggestions - Elien\AppData\Local\RockMelt\User Data\Default\Extensions\oboniecbbnpgmmklbojhljbmmkfilckg ==== Chromium Fix ====================== C:\Users\Elien\AppData\Local\RockMelt\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully C:\Users\Elien\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ojpijjmpahflnipadmlpgbjmagmjchkk_0.localstorage deleted successfully C:\Users\Elien\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ojpijjmpahflnipadmlpgbjmagmjchkk_0 deleted successfully C:\Users\Elien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.mysearchresults.com/?c=3520&t=01" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_nlBE375" {D121C8FA-5888-450F-A2A3-2652E78ABE7B} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully HKEY_USERS\S-1-5-21-3337886690-3336357716-2502399067-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Elien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Elien\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Elien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Elien\AppData\Local\Mozilla\Firefox\Profiles\quqsb1su.default-1439717094031\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Elien\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Elien\AppData\Local\RockMelt\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1237 folders=242 550661059 bytes) ==== Empty Temp Folders ====================== C:\Users\AppData\AppData\Local\temp emptied successfully C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Elien\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\TEMP\AppData\Local\temp emptied successfully C:\Users\UpdatusUser\AppData\Local\temp emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Elien\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Elien\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Elien\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk" not found "C:\Users\Elien\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\833L84KW\core.insightexpressai.com" not found "C:\Users\Elien\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\833L84KW\static1.syndication.vmma.be" not found ==== EOF on za 26/09/2015 at 8:52:03,32 ======================