Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version) Tool run by priatel on 17/06/2018 at 12:04:17.09. Microsoft Windows 10 Professionnel 10.0.17134 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\priatel\Documents\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 17/06/2018 12:07:02 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\1cuE890 deleted successfully C:\PROGRA~2\f09E6CB deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\rit152F deleted successfully C:\Program Files\AVAST Software deleted successfully C:\Program Files\Hornil deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\priatel\AppData\Roaming\360CloudEnterprise deleted successfully C:\Users\priatel\AppData\Roaming\360CloudUI deleted successfully C:\Users\priatel\AppData\Roaming\Hornil deleted successfully C:\Users\priatel\AppData\Roaming\Kingsoft deleted successfully C:\Users\priatel\AppData\Roaming\Malwarebytes deleted successfully C:\Users\priatel\AppData\Roaming\Media Player Classic deleted successfully C:\Users\priatel\AppData\Roaming\uTorrent deleted successfully C:\Users\Administrateur\AppData\Local\ActiveSync deleted successfully C:\Users\priatel\AppData\Local\ActiveSync deleted successfully C:\Users\priatel\AppData\Local\CrashDumps deleted successfully C:\Users\priatel\AppData\Local\DBG deleted successfully C:\Users\priatel\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\priatel\AppData\Local\EmieSiteList deleted successfully C:\Users\priatel\AppData\Local\EmieUserList deleted successfully C:\Users\priatel\AppData\Local\PDFCreator deleted successfully C:\Users\priatel\AppData\Local\PeerDistRepub deleted successfully C:\Users\priatel\AppData\Local\PlaceholderTileLogoFolder deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\priatel\AppData\Roaming\Profiles\r6oiqh9d.default\prefs.js: user_pref("browser.startup.homepage", "https://online.bulbank.bg/page/default.aspx?xml_id=/bg-BG/.loginAll"); Added to C:\Users\priatel\AppData\Roaming\Profiles\r6oiqh9d.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\priatel\AppData\Roaming\FossaMail\Profiles\x5b8gcx4.default\prefs.js: Added to C:\Users\priatel\AppData\Roaming\FossaMail\Profiles\x5b8gcx4.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default\prefs.js: user_pref("browser.newtab.url", ""); Added to C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); Deleted from C:\Users\priatel\AppData\Roaming\Thunderbird\Profiles\mldnlzt1.default\prefs.js: Added to C:\Users\priatel\AppData\Roaming\Thunderbird\Profiles\mldnlzt1.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\priatel\AppData\Roaming\Profiles\r6oiqh9d.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_062018_1253_.backup ProfilePath: C:\Users\priatel\AppData\Roaming\FossaMail\Profiles\x5b8gcx4.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_062018_1253_.backup ProfilePath: C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default user.js not found ---- Lines searchengine removed from prefs.js ---- user_pref("extensions.eshield.SearchEngineDescription", "eShield Production - without TOR & SYC V10 (Clone 11431)"); user_pref("extensions.eshield.SearchEngineIcon", "http://mirror.mirror-files.com/tnt2/10999/eShield_16.ico"); user_pref("extensions.eshield.SearchEngineName", ""); ---- FireFox user.js and prefs.js backups ---- prefs_062018_1253_.backup ProfilePath: C:\Users\priatel\AppData\Roaming\Thunderbird\Profiles\mldnlzt1.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_062018_1253_.backup Configuration IP de Windows Cache de r¨¦solution DNS vid¨¦. ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\1cuE890 not found C:\PROGRA~2\f09E6CB not found C:\PROGRA~2\rit152F not found C:\PROGRA~2\MediaFire Desktop deleted C:\Users\priatel\AppData\Roaming\calibre deleted C:\Users\priatel\AppData\LocalLow\{16F7DABD-E092-A73D-D231-AA32F1DD29AC} deleted C:\Users\priatel\AppData\LocalLow\{393CB9B7-C752-1741-49EA-66C520E27C01} deleted C:\Users\priatel\AppData\Local\Howard deleted C:\PROGRA~2\baidu deleted C:\Users\priatel\AppData\Roaming\ProductData deleted C:\PROGRA~3\Kingsoft deleted C:\PROGRA~3\eBay deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} deleted C:\PROGRA~3\{D76294E6-03B8-4971-AF2E-3F846161A690} deleted C:\PROGRA~3\Package Cache deleted C:\Users\priatel\AppData\Local\cache deleted C:\Users\wangzhisong deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\WINDOWS\Syswow64\SBC816E.tmp deleted C:\WINDOWS\SysWOW64\AniGIF.ocx deleted C:\Users\priatel\AppData\Roaming\Profiles\r6oiqh9d.default\jetpack deleted C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default\extensions\firefox@tampermonkey.net.xpi deleted C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default\jetpack deleted C:\Users\priatel\ZHPCleaner.exe deleted C:\Users\priatel\ZHPDiag3.exe deleted C:\Users\priatel\AppData\Roaming\Profiles\r6oiqh9d.default\extensions\abs@avira.com deleted "C:\Users\priatel\AppData\Local\{B5C56542-E121-467C-A9C0-9A2A74EC0587}" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\Dashlane.exe" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\DashlanePlugin.exe" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\msvcp140.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\vcruntime140.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.5.14.0.21388.dll" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.5.14.0.21388.dll" deleted "C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe" deleted "C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5\service.log" not deleted "C:\Users\priatel\AppData\Roaming\Dashlane" deleted "C:\PROGRA~2\PDF Architect 5 Manager" not deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}" deleted "C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components" deleted "C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5" not deleted ==== Orphaned Tasks deleted from Registry ====================== Games deleted MediaFire Desktop deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\priatel\AppData\Roaming\Profiles\r6oiqh9d.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\priatel\AppData\Roaming\FossaMail\Profiles\x5b8gcx4.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\priatel\AppData\Roaming\Thunderbird\Profiles\mldnlzt1.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "fdm_ffext@freedownloadmanager.org"="C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.13" [29/09/2016 00:40] ==== Firefox Extensions ====================== ProfilePath: C:\Users\priatel\AppData\Roaming\Profiles\r6oiqh9d.default - Dashlane - %ProfilePath%\extensions\jetpack-extension@dashlane.com.xpi - signTextJS - %ProfilePath%\extensions\jid1-AXn9cXcB4fD1QQ@jetpack.xpi ProfilePath: C:\Users\priatel\AppData\Roaming\FossaMail\Profiles\x5b8gcx4.default - Edit email subject - %ProfilePath%\extensions\EditMailSubject@jcp.convenant - Franais Language Pack - %ProfilePath%\extensions\langpack-fr@fossamail.org.xpi - Undetermined - %ProfilePath%\extensions\{9c21158b-2c76-4d0a-980a-c51fc9cefaa7}.xpi ProfilePath: C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default - __MSG_extName__ - %ProfilePath%\extensions\abs@avira.com.xpi - Dashlane - %ProfilePath%\extensions\jetpack-extension@dashlane.com.xpi - signTextJS - %ProfilePath%\extensions\jid1-AXn9cXcB4fD1QQ@jetpack.xpi - signTextJS plus - %ProfilePath%\extensions\jid1-FkPKYIvh3ElkQO@jetpack.xpi ProfilePath: C:\Users\priatel\AppData\Roaming\Thunderbird\Profiles\mldnlzt1.default - Edit email subject - %ProfilePath%\extensions\EditMailSubject@jcp.convenant - Undetermined - %ProfilePath%\extensions\{9c21158b-2c76-4d0a-980a-c51fc9cefaa7}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\priatel\AppData\Roaming\Mozilla\Firefox\Profiles\q57h66mp.default - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll - [?] ECEEF689E846789867C772B9D88FB1F6 - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer 62B6D85DCFF874618BD3202815CB7768 - C:\Users\priatel\AppData\Roaming\baidu\BaiduYunGuanjia\npyunwebdetect.dll - BaiduYunGuanjia Application - C:\Program Files x86\DivX\DivX OVS Helper\npovshelper.dll - [?] - C:\Program Files x86\DivX\DivX Web Player\npdivx32.dll - [?] - C:\Program Files x86\Java\jre1.8.0_151\bin\dtplugin\npdeployJava1.dll - [?] - C:\Program Files x86\Java\jre1.8.0_151\bin\plugin2\npjp2.dll - [?] - C:\Program Files x86\Microsoft Silverlight\5.1.50907.0\npctrlui.dll - [?] - C:\Program Files x86\Microsoft Silverlight\5.1.50907.0\npctrl.dll - [?] - C:\Program Files x86\Windows Live\Photo Gallery\NPWLPG.dll - [?] - C:\Program Files x86\Google\Update\1.3.33.7\npGoogleUpdate3.dll - [?] - C:\Program Files x86\VLC\npvlc.dll - [?] - C:\Program Files x86\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - [?] ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\priatel\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\priatel\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== Google Chrome Version: 67.0.3396.87 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - No path found[] flliilndjeohchalpbbcdekjklbdgfkk - No path found[] Mint - priatel\AppData\Local\Clover\User Data\Default\Extensions\afdieklldgjmfbpoadannloonlmhaphl Abaca Green Theme for Google Chrome - priatel\AppData\Local\Clover\User Data\Default\Extensions\amaggbpijomajanpglkhfibppkcadcnb Clash Of Clans Theme - priatel\AppData\Local\Clover\User Data\Default\Extensions\amnpjpbefjdgngkfapdpnenmefoelfko cth - priatel\AppData\Local\Clover\User Data\Default\Extensions\bcnbjponlbjcgihbmhegpkdcojjcdbob chrometheme - priatel\AppData\Local\Clover\User Data\Default\Extensions\cjealocnajbcllllfammpdnfmbcoggnk Kairi - priatel\AppData\Local\Clover\User Data\Default\Extensions\ddhedkkejndlbefbmjcckokebaegfjhh Red - priatel\AppData\Local\Clover\User Data\Default\Extensions\dkbllkjhebdijkgalcehfegheiooljbl Team naRWBYto - priatel\AppData\Local\Clover\User Data\Default\Extensions\fjfdooopbfdoddlkpkloeagckggnihde Soft colors - priatel\AppData\Local\Clover\User Data\Default\Extensions\fjpkgfbbcglejhhjfeofppooachkcobp Orange - priatel\AppData\Local\Clover\User Data\Default\Extensions\gbfmijebaacjjphpmkehghaackojoepa brushed - priatel\AppData\Local\Clover\User Data\Default\Extensions\jhnejjgkhbbicdopkhmhogcdlponeemb Autumn Leaves - priatel\AppData\Local\Clover\User Data\Default\Extensions\jhoflfkapcfhnnoacnooeplmocgnjjdj Box of Love - priatel\AppData\Local\Clover\User Data\Default\Extensions\jkkikimpnipkjmcipgfijgpoaghofgem Wipe - priatel\AppData\Local\Clover\User Data\Default\Extensions\kaiajkjbjioppebabidbfghlocjdjdba Chelsea Grin - Desolation of Eden (Theme) - priatel\AppData\Local\Clover\User Data\Default\Extensions\lafppmmmaoebnkbihbhgahnjdbmnlfae Commande ECHO d¨¦sactiv¨¦e. - priatel\AppData\Local\Clover\User Data\Default\Extensions\mmbopejmecffphfildckjianbjaidfhh Inuyasha - priatel\AppData\Local\Clover\User Data\Default\Extensions\nffmdkkohdajaaoacngnminhmkjofjfj Clear&Colorful - priatel\AppData\Local\Clover\User Data\Default\Extensions\ocpicjoidcajencjhfgiapbcojeample Summer - priatel\AppData\Local\Clover\User Data\Default\Extensions\oemacbejclokebminabbehnloidomgog Test - priatel\AppData\Local\Clover\User Data\Default\Extensions\ogfljihaeohhfdpocadcjlkjclppenoo Baseball Season - priatel\AppData\Local\Clover\User Data\Default\Extensions\opmpoionnkbihapejfaadpaddamhbabk Tampermonkey - priatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo WhatFont - priatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm Lock Tab - priatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnikalcnjojfkpleicbncjmnieimjlfe Chrome Media Router - priatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Startpages ====================== C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Preferences 131A2CE4C8C73FFB13C6B8CCEE54A5EF2CF20BA"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.fr/"]},"settings_reset_prompt":{"prompt_wave":20171115}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.fr/" "Default_Search_URL"="http://www.google.com" "Use Search Asst"="yes" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="https://www.google.fr/" "Use Search Asst"="no" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{8619A924-5565-4c3f-9ECD-94E22D3238DF}" HKCU\SearchScopes\359F463CC29D46FAAAF662B2A8A77D6E - http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=BST HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{8619A924-5565-4c3f-9ECD-94E22D3238DF} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 ==== Reset Google Chrome ====================== C:\Users\priatel\AppData\Local\Clover\User Data\Default\Preferences was reset successfully C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\priatel\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully C:\Users\priatel\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully C:\Users\priatel\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully C:\Users\priatel\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully C:\Users\priatel\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3872582775-3569875467-1216850393-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_USERS\S-1-5-21-3872582775-3569875467-1216850393-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_USERS\S-1-5-21-3872582775-3569875467-1216850393-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully HKEY_USERS\S-1-5-21-3872582775-3569875467-1216850393-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully HKEY_USERS\S-1-5-21-3872582775-3569875467-1216850393-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B236E3E-80B2-4322-B6A2-529D751B7FB1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\priatel\Desktop\Activate SmartView.lnk - C:\Program Files (x86)\DeviceVM\SmartView\SmartViewActivate.exe C:\Users\priatel\Desktop\Dexpot.lnk - C:\Program Files (x86)\Dexpot\dexpot.exe C:\Users\priatel\Desktop\Download Accelerator Plus (DAP).lnk - C:\Program Files (x86)\DAP\DAP.exe C:\Users\priatel\Desktop\Games.lnk - C:\Users\priatel\Desktop\My DAP Downloads.lnk - C:\Users\priatel\Documents\My DAP Downloads C:\Users\priatel\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe C:\Users\priatel\Desktop\SpeedBit Video Accelerator.lnk - C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe C:\Users\priatel\Desktop\?Torrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Canon CanoScan LiDE 120 Manuel ¨¤ l'¨¦cran.lnk - C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON CANOSCAN LIDE 120\French\Info.egv" C:\Users\Public\Desktop\Canon Quick Menu.lnk - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Driver Booster 5.lnk - C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe C:\Users\Public\Desktop\Google Earth Pro.lnk - C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files\PDFCreator\PDFCreator.exe C:\Users\Public\Desktop\Smart Security Interface.lnk - C:\Program Files (x86)\Charismathics\Smart Security Interface\SmartcardUtility64.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\priatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\priatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\priatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screenpresso.lnk - C:\Users\priatel\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk - C:\WINDOWS\system32\magnify.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\internet explorer\iexplore.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\WINDOWS\system32\notepad.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane\Uninstaller.lnk - C:\Users\priatel\AppData\Roaming\Dashlane\5.14.0.21388\bin\DashlaneUninstall.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DSTool\DSTool.lnk - C:\Program Files (x86)\DSTool\DSTool.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DSTool\Readme.lnk - C:\Program Files (x86)\DSTool\doc\Readme.html C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DSTool\Uninstall.lnk - C:\Program Files (x86)\DSTool\uninstall.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk - C:\WINDOWS\system32\cmd.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\powershell.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk - C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe C:\Users\priatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise ¨¤ jour de Windows 10.lnk - C:\Windows10Upgrade\Windows10UpgraderApp.exe /ClientID "Win10Upgrade:VNL:NHV13SIH:{}" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk - C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk - C:\WINDOWS\System32\Control.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk - C:\WINDOWS\Speech\Common\sapisvr.exe -SpeechUX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk - C:\WINDOWS\system32\mspaint.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk - C:\WINDOWS\system32\quickassist.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\WINDOWS\system32\mstsc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk - C:\WINDOWS\system32\psr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk - C:\WINDOWS\system32\xpsrchvw.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk - C:\WINDOWS\system32\charmap.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk - C:\WINDOWS\system32\comexp.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk - C:\WINDOWS\system32\compmgmt.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk - C:\WINDOWS\system32\dfrgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk - C:\WINDOWS\system32\cleanmgr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk - C:\WINDOWS\system32\eventvwr.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk - C:\WINDOWS\system32\iscsicpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk - C:\WINDOWS\syswow64\odbcad32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk - C:\WINDOWS\system32\odbcad32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk - C:\WINDOWS\system32\perfmon.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk - C:\WINDOWS\system32\printmanagement.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk - C:\WINDOWS\system32\perfmon.exe /res C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk - C:\WINDOWS\system32\services.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk - C:\WINDOWS\system32\msinfo32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk - C:\WINDOWS\system32\taskschd.msc /s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk - C:\WINDOWS\system32\WF.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 120 Manual\Canon CanoScan LiDE 120 Manuel ¨¤ l'¨¦cran.lnk - C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe "C:\PROGRAM FILES (X86)\Canon\IJ Manual\CANON CANOSCAN LIDE 120\French\Info.egv" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\IJ Scan Utility\IJ Scan Utility.lnk - C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\Quick Menu\Quick Menu.lnk - C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charismathics\Smart Security Interface\Certificate Registration.lnk - C:\WINDOWS\Installer\{5848FF6A-0451-49DF-A937-A04AD2E543FF}\NewShortcut2.290FD54E_1E37_40CC_B82F_0BC4B94C52B7.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charismathics\Smart Security Interface\Documentation.lnk - C:\Program Files (x86)\Charismathics\Smart Security Interface\CSSI_EN.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charismathics\Smart Security Interface\Extension Tool.lnk - C:\Program Files (x86)\Charismathics\Smart Security Interface\CSSIExtension64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Charismathics\Smart Security Interface\Smart Security Interface.lnk - C:\Program Files (x86)\Charismathics\Smart Security Interface\SmartcardUtility64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5\Driver Booster 5.lnk - C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5\D¨¦sinstaller Driver Booster 5.lnk - C:\Program Files (x86)\IObit\Driver Booster\5.4.0\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /home C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_171\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_171\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises ¡§¡è jour.lnk - C:\Program Files (x86)\Java\jre1.8.0_171\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe /LOG C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\D¨¦sinstaller Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller Help.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\Revo Uninstaller Help.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Groupy.lnk - C:\Program Files (x86)\Stardock\Groupy\GroupyConfig.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Certificate Registration.lnk - C:\WINDOWS\Installer\{5848FF6A-0451-49DF-A937-A04AD2E543FF}\NewShortcut1.290FD54E_1E37_40CC_B82F_0BC4B94C52B7.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk - C:\WINDOWS\system32\taskmgr.exe /7 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free (Administrator).lnk - C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free Help.lnk - C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free\TreeSize Free.lnk - C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe /NOADMIN C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VLC\vlc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVACOM 3G USB Modem\Uninstall.lnk - C:\Program Files (x86)\VIVACOM 3G USB Modem\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIVACOM 3G USB Modem\VIVACOM 3G USB Modem.lnk - C:\Program Files (x86)\VIVACOM 3G USB Modem\VIVACOM 3G USB Modem.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk - C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CoolingTech.lnk - C:\Program Files (x86)\CoolingTech\Cooling.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FossaMail.lnk - C:\Program Files (x86)\FossaMail\FossaMail.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Geany.lnk - C:\Program Files (x86)\Geany\bin\geany.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MeinPlatz.lnk - C:\Program Files (x86)\MeinPlatz\MeinPlatz.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Magician.lnk - C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\?Torrent.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\°Ù¶ÈÍøÅÌ.lnk - C:\Users\priatel\AppData\Roaming\baidu\BaiduYunGuanjia\baidunetdisk.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\WINDOWS\system32\control.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\QQä¯ÀÀÆ÷.lnk - C:\Users\priatel\AppData\Roaming\Tencent\QQBrowserDefault\QQBrowser.exe -sc=startmenupinedshortcut -fixlaunch=0 C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dexpot - Virtual desktops for Windows.lnk - C:\Users\priatel\Documents\dossiers des portals\portail communs 1\dexpot.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FossaMail.lnk - C:\Program Files (x86)\FossaMail\FossaMail.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\priatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Screenpresso - Raccourci.lnk - C:\Program Files (x86)\screenpresso\Screenpresso.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\priatel\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\priatel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\priatel\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Edge Cache ====================== Edge Cache Emptied Successfully ==== Empty Chrome Cache ====================== C:\Users\priatel\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=11830 folders=1055 1039019702 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrateur\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully C:\Users\priatel\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\PDF Architect 5 Manager\PDF Architect 5\service.log" deleted "C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found "C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found "C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted "C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted "C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted "C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted "C:\Users\priatel\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted "C:\PROGRA~2\PDF Architect 5 Manager" deleted "C:\Users\priatel\AppData\Local\Temp\Temporary Internet Files" deleted ==== EOF on 17/06/2018 at 13:13:58.12 ======================