
Zoek.exe Version 4.0.0.5 Updated 09-November-2013
Tool run by Ben on zo 10/11/2013 at 15:01:39,36.
Microsoft Windows 8 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ben\Desktop\zoek\zoek.exe   [Script inserted] [Checkboxes used]

==== System Restore Info ======================

10/11/2013 15:06:18 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\ProgramData\Symantec deleted successfully
C:\Users\Ben\AppData\Roaming\hpqlog deleted successfully
C:\Users\Ben\AppData\Local\cache deleted successfully
C:\Users\Ben\AppData\Local\CutePDF Writer deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3390282599-4269443652-497120341-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{317E66A6-DE0F-711B-2941-5F43DA7954D1} deleted successfully
HKEY_USERS\S-1-5-21-3390282599-4269443652-497120341-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{317E66A6-DE0F-711B-2941-5F43DA7954D1} deleted successfully
HKEY_USERS\S-1-5-21-3390282599-4269443652-497120341-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{317E66A6-DE0F-711B-2941-5F43DA7954D1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{317E66A6-DE0F-711B-2941-5F43DA7954D1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3390282599-4269443652-497120341-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{317E66A6-DE0F-711B-2941-5F43DA7954D1} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.0.12 deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]\prefs.js:

Added to C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

---- FireFox user.js and prefs.js backups ---- 

user_20131011_1513_.backup
prefs_20131011_1513_.backup

ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]

---- FireFox user.js and prefs.js backups ---- 

user_20131011_1513_.backup
prefs_20131011_1513_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command]
@="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{317E66A6-DE0F-711B-2941-5F43DA7954D1}] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"AVG-Secure-Search-Update_0913b"=- 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"mobilegeni daemon"=- 

==== Deleting Files \ Folders ======================

"C:\Windows\Installer\f5e4d4a.msi" not found
C:\ProgramData\coontinouuetosoAve deleted
C:\Program Files (x86)\Mobogenie deleted
C:\Users\Ben\AppData\Roaming\NCdownloader deleted
C:\ProgramData\CyberlinkOutput.txt deleted
C:\ProgramData\StarApp deleted
C:\ProgramData\AVG Security Toolbar deleted
C:\ProgramData\AVG Nation toolbar deleted
C:\ProgramData\InstallMate deleted
C:\Users\Ben\AppData\Local\AVG Nation toolbar deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\coontinouuetosoAve deleted
C:\windows\SysNative\dmwu.exe deleted
C:\Users\Ben\AppData\LocalLow\AVG Nation toolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Nation toolbar deleted
C:\Windows\wininit.ini deleted
C:\Windows\Syswow64\jmdp deleted
C:\Windows\Syswow64\ARFC deleted
C:\Windows\Syswow64\WNLT deleted
C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted
"C:\Windows\tasks\AutoKMS.job" deleted
"C:\Windows\tasks\AutoKMSDaily.job" deleted
"C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla11.exe" deleted
"C:\PROGRA~2\AVG Nation toolbar\vprot.exe" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll" deleted
"C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP" deleted
"C:\PROGRA~2\AVG Nation toolbar" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.0.12" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.0.12" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-11-09 09:04:31	A9D56A34095AB80E85AD630B8405182A	81920	----a-w-	C:\Windows\eSellerateControl350.dll
2013-11-09 09:04:31	02127FDD91FDA05FA8B201A4171CC0E2	356352	----a-w-	C:\Windows\eSellerateEngine.dll
====== C:\Users\Ben\AppData\Local\Temp ====
2013-11-09 11:18:46	8BEB1A5BC7EF0E2A2D7EB44B74A2ADE7	24278649	----a-w-	C:\Users\Ben\AppData\Local\Temp\is1242154493\9215630_stp.EXE
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2013-11-09 09:04:31	D5405DD640E870B1DD4F5B4BD08865BB	1122304	----a-w-	C:\Windows\SysWOW64\libeay32.dll
2013-11-09 09:04:31	8EAE03A0F0BF13AF27702E29460D7B47	274432	----a-w-	C:\Windows\SysWOW64\ssleay32.dll
2013-11-09 03:52:12	A09B87198FFB8075358AB1466E5C7E29	14232	----a-w-	C:\Windows\SysWOW64\sh4native.exe
2013-11-08 23:08:31	4B0C0A8C960AF22761FB6A25D8A50DF2	447752	----a-w-	C:\Windows\SysWOW64\vp6vfw.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-10-14 13:03:04	37D85E873C9531A2F88DD9C63D3F8A9E	2233688	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-14 13:02:11	E2C933EDBC389386EBE6D2BA953F43D8	785624	----a-w-	C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-14 13:02:10	11876881E87BACEBBCEE41A037614D48	54488	----a-w-	C:\Windows\Sysnative\drivers\WdfLdr.sys
2013-10-14 13:02:09	AD91D1BBE5D3CF4501887DC1C09384FD	43008	----a-w-	C:\Windows\Sysnative\drivers\usbscan.sys
2013-10-14 13:02:09	9FDBA6982582A6F2354144980F641E7B	25600	----a-w-	C:\Windows\Sysnative\drivers\usbprint.sys
2013-10-14 13:02:09	346DEF1A9DB0B4133CE0FA38AAF565C0	32768	----a-w-	C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-14 13:02:09	2C2A9A4D53DC90A5195BB51F0A4B1E21	83968	----a-w-	C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-14 13:02:06	9EF7C01D3ACCBC243B5CB1A95865B2FF	210560	----a-w-	C:\Windows\Sysnative\drivers\usbvideo.sys
2013-10-14 13:02:06	427B6DB8C05A5A977E8C3525370A2595	99328	----a-w-	C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-14 13:02:01	F8C2A832DF9403F5EA8080CBDBDA95FB	623448	----a-w-	C:\Windows\Sysnative\drivers\usbhub.sys
2013-10-14 13:02:01	C976C4306F9AE133D6BBD47FDFC3BF92	120832	----a-w-	C:\Windows\Sysnative\drivers\usbccgp.sys
2013-10-14 13:02:01	B24FDEB1B18496F1B463782235AA3AF1	79192	----a-w-	C:\Windows\Sysnative\drivers\usbehci.sys
2013-10-14 13:02:01	9F83642C3709D1A4DD49EEE9F48F839D	21848	----a-w-	C:\Windows\Sysnative\drivers\usbd.sys
2013-10-14 13:02:01	7CB7E04259F323D051A10515B8863564	498008	----a-w-	C:\Windows\Sysnative\drivers\usbport.sys
2013-10-14 13:02:01	1ABF657259DB57F7E5558E4DF1357C0C	32256	----a-w-	C:\Windows\Sysnative\drivers\usbuhci.sys
2013-10-14 13:02:00	8DC398D7B8E02C929A2096E74A170970	337752	----a-w-	C:\Windows\Sysnative\drivers\USBXHCI.SYS
2013-10-14 13:01:59	B1E910DDC08A8536116214326124903C	447320	----a-w-	C:\Windows\Sysnative\drivers\USBHUB3.SYS
2013-10-14 13:01:59	061BA3EE0D2BE17944990544008CF190	213336	----a-w-	C:\Windows\Sysnative\drivers\UCX01000.SYS
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-11-10 07:07:04	--------	d-----w-	C:\Program Files\trend micro
2013-10-19 17:18:43	--------	d-----w-	C:\Program Files\Enigma Software Group
======= C:\PROGRA~2 =====
2013-11-08 23:08:21	--------	d-----w-	C:\PROGRA~2\Microsoft WSE
2013-11-08 22:58:40	--------	d-----w-	C:\PROGRA~2\Electronic Arts
2013-10-19 19:19:35	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2013-10-19 18:48:19	--------	d-----w-	C:\PROGRA~2\Enigma Software Group
2013-10-19 17:18:20	--------	d-----w-	C:\PROGRA~2\COMMON~1\Wise Installation Wizard
2013-10-19 10:06:19	--------	d-----w-	C:\PROGRA~2\AnyRail5NL
2013-10-18 14:23:02	--------	d-----w-	C:\PROGRA~2\Notepad++
======= C: =====
2013-11-09 03:50:26	8998F00E7D62F2A246C68427B0F35B10	598	----a-w-	C:\spyhunter.fix
2013-10-19 17:19:09	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
====== C:\Users\Ben\AppData\Roaming ======
2013-11-06 12:33:33	--------	d-----w-	C:\Users\Ben\AppData\Local\Mobogenie
2013-10-19 18:48:20	--------	d-----w-	C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-10-19 10:06:28	--------	d-----w-	C:\Users\Ben\AppData\Local\AnyRail
2013-10-18 14:23:04	--------	d-----w-	C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-10-18 14:23:02	--------	d-----w-	C:\Users\Ben\AppData\Roaming\Notepad++
2013-10-15 15:22:22	--------	d-----w-	C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends
====== C:\Users\Ben ======
2013-11-09 01:03:40	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2013-11-09 00:28:02	--------	d-----w-	C:\ProgramData\Electronic Arts
2013-11-06 12:33:33	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Ben\daemonprocess.txt
2013-10-19 19:19:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2013-10-19 10:06:35	--------	d-----w-	C:\ProgramData\DRail Modelspoor Software
2013-10-19 10:06:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyRail5NL
2013-10-19 07:58:15	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\Users\Ben\ntuser.pol
2013-10-19 07:58:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
2013-10-18 14:23:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-10-16 13:09:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP

====== C: exe-files ==
2013-11-10 14:00:40	5A178487E1C8AECE211D32A2CB57221E	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IQLSG51.exe
2013-11-10 14:00:14	254EBC33BEA62A9AB96F3DDE2BF79CB0	1269760	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RQLSG51.exe
2013-11-10 07:07:05	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Ben.exe
2013-11-09 02:26:56	0F740C87BC0B921A231353B8A866B5F2	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IZ6PE1R.exe
2013-11-09 02:26:42	F72DD18B7290862B072E9CED0E82359A	13276432	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RZ6PE1R.exe
2013-11-09 01:05:09	9AD0D44B41CDB7E0B0F89D84B85D0F42	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$I7B36AZ.exe
2013-11-09 01:05:09	42460CA4B880FB226AAD4C782FD9E305	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IN341X5.exe
2013-11-09 00:55:44	B6F3482930310FA28A8332225B7ECBCC	55616	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R7B36AZ.exe
2013-11-09 00:55:44	04532B59DBE91F9A831733BAFB3C1023	14510400	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RN341X5.exe
2013-11-09 00:22:15	B3E2459252ED0FF973CD63B516C8B9B4	11285776	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RK6YBG6\Crack\TS3.exe
2013-11-09 00:22:13	869C51A87817563644547C58308A7B66	10720392	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RK6YBG6\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe
2013-11-08 22:50:34	B79D1CA9B48F0264358817F5489A9BDA	28424	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Support\VP6\vp6install.exe
2013-11-08 22:50:34	93A13358898A54643ADBCA67D1533462	23510720	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Support\Redist\dotnetfx.exe
2013-11-08 22:50:34	5C82BE7AD1775B67916EE19C15B99331	2723264	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Support\Redist\vcredist_x86.exe
2013-11-08 22:50:33	F579E3F4188911414CED9E1F38ED8241	6667344	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Support\EADM\eadm-installer.exe
2013-11-08 22:50:33	E75121808E60B7806E38620AD3ABF345	528392	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Support\DirectX\DXSETUP.exe
2013-11-08 22:50:32	DE2DA8D8D55FD20E79D62FCD1FB93D4A	54544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Game\Bin\TSLHelper.exe
2013-11-08 22:49:05	B8F465616861BD66FA4F1239FDAD9F08	54544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Autorun.exe
2013-11-08 22:49:05	199576171AD8DDB10E2AADE61BBF87CB	398608	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R770FU0\The Sims 3 Setup\The Sims 3 Setup\Sims3Setup.exe
2013-11-08 20:38:55	ACAFD1763304245B5211043C486911E9	4600832	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RZ077WZ\Crack\TS3W.exe
2013-11-06 12:35:28	D21B6038B88C5C00785CC95607182F87	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IKPC52G.exe
2013-11-06 12:31:25	A7C2DDEC139E8DA364D52F2B8C7314B1	783232	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RKPC52G.exe
2013-11-05 23:16:37	14493D758036115D0E3180D232674B15	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IXL3BWP.exe
=== C: other files ==
2013-11-10 14:00:44	1C0D8A3503B726ACC1517651F9FE6D3A	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$ITB9LPU.zip
2013-11-10 14:00:40	B0B78757FE9BBBEB14CAB1F8E95C9860	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IKJ38E2.com
2013-11-10 14:00:14	90BD324DA65A123553AB4759378B6596	1394331	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RKJ38E2.com
2013-11-10 13:59:14	7A23DE7E1EA971BC76C1483A04826945	4038808	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RTB9LPU.zip
2013-11-09 07:36:38	D34C4E9AD904D622497C62EEB46E0374	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$I486HLH.zip
2013-11-07 20:31:00	6EE49D6F1B0C8F2D388ED111E8212C23	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$ILGY098.zip
2013-11-07 20:25:17	314370A1B433991992BF5460CFBC499E	5673469	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$R486HLH.zip
2013-11-07 20:25:02	E0209CA4B6FE4C1441F4F89B689BBF3A	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$ITU1ON9.zip
2013-11-07 20:25:02	3B7B4A2F5A1FA1BA9AF324784856585F	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IX8E0GQ.zip
2013-11-07 20:21:10	B5995FD835C16CAA0DA5218F98B31052	2242828	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RLGY098.zip
2013-11-07 20:19:33	314370A1B433991992BF5460CFBC499E	5673469	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RX8E0GQ.zip
2013-11-07 20:18:54	314370A1B433991992BF5460CFBC499E	5673469	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RTU1ON9.zip
2013-11-07 20:18:16	314370A1B433991992BF5460CFBC499E	5673469	----a-w-	C:\Users\Ben\Desktop\3DS\win32diskimager-v0.9-binary.zip
2013-11-07 20:11:25	FF4629F1BF4B0BC1B951A457CFB3F892	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$INU8GH4.zip
2013-11-07 20:11:25	FD7DA68847DE1A4C66CB0791BE6C23C2	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$ICH8Q34.zip
2013-11-07 20:11:25	787496DBD149AEF29C53F5D434251FE5	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IL9VUNA.zip
2013-11-07 20:11:25	5D93091FE7AE6E60DAD2C12A7096EEEE	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IZLBLVN.zip
2013-11-07 20:08:43	4A688ACB3C6DA27A92C71E5818868BCB	14746834	----a-w-	C:\Users\Ben\Desktop\3DS\GW_Release_1.2.zip
2013-11-07 19:42:53	DD4FC0B4F7F6900617DFD91AF89FBF6C	4925573	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RL9VUNA.zip
2013-11-07 19:40:06	646E2A1A563DACD7A1EBD9C3EBCE358D	46603	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RNU8GH4.zip
2013-11-07 19:36:09	16A6DF5A25041E05B3F5135C07DD42A9	2386369	----a-w-	C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VDUAW54H\1.42UpgradeDSTTi.zip
2013-11-07 19:34:11	BCF3287947580675F235A07845AD671C	2408846	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RZLBLVN.zip
2013-11-07 19:18:20	0FF2414CDBD7F6AF7E5594346D66A920	1360405	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RCH8Q34.zip
2013-11-06 12:49:48	E8DBE4A51144FCD015387D122E3B16EF	24722774	----a-w-	C:\Users\Ben\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.27.zip
2013-11-06 12:34:31	7DE7C03EADA380D888EC012AA9908A1C	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$IUVLM0P.zip
2013-11-06 12:32:22	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSQI7184\Coca-Cola[1].zip
2013-11-06 12:32:21	797B228C9D210D765AF1D525FC995075	26069	----a-w-	C:\$Recycle.Bin\S-1-5-21-3390282599-4269443652-497120341-1001\$RUVLM0P.zip
2013-11-06 12:28:53	A0D36BA9D078B86FF0CB1DE7535F41F6	217661	----a-w-	C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TSQI7184\porter_sans_block.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3390282599-4269443652-497120341-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Ben\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"vProt"="C:\Program Files (x86)\AVG Nation toolbar\vprot.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\Ben\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Folders ======================

2013-06-04 23:41:12	1296	----a-w-	C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2013-06-21 20:38:09	2099	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3390282599-4269443652-497120341-1001Core.job --a-------- C:\Users\Ben\AppData\LoC:al\FaC:ebook\Update\FaC:ebookUpdate.exe []
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3390282599-4269443652-497120341-1001UA.job --a-------- C:\Users\Ben\AppData\LoC:al\FaC:ebook\Update\FaC:ebookUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/05/2013 20:09]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/05/2013 20:09]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3390282599-4269443652-497120341-1001Core" [C:\Users\Ben\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3390282599-4269443652-497120341-1001UA" [C:\Users\Ben\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ExtDir: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Torntv 3 - %ExtDir%\trtv3@trtv.com.xpi

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\trtv3@trtv.com.xpi deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bicnnkjibmphdeigoodpjlcklcnaobdj - No path found[]
kdidombaedgpfiiedeimiebkmbilgmlc - No path found[]
nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Nation toolbar\ChromeExt\17.0.1.12\avg.crx[]
ogccgbmabaphcakpiclgcnmcnimhokcj - C:\Windows\SysWOW64\jmdp\SweetNT.crx[]

Google Docs - Ben - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ben - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Ben - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ben - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AVG Nation toolbar - Ben - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Google Wallet - Ben - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ben - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.qvo6.com_0.localstorage deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.qvo6.com_0.localstorage-journal deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_home.sweetim.com_0.localstorage deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_home.sweetim.com_0.localstorage-journal deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sweetim.com_0.localstorage deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sweetim.com_0.localstorage-journal deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138&q={searchTerms}"
"Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138"
"Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138"
"Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138&q={searchTerms}"
"Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138"
"Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138"
"Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{2787A152-D55A-4BDA-BBAA-F856C9D38C81} Unknown  Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} Unknown  Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3390282599-4269443652-497120341-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2787A152-D55A-4BDA-BBAA-F856C9D38C81} deleted successfully
HKEY_USERS\S-1-5-21-3390282599-4269443652-497120341-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on Users Desktops ======================

C:\Users\Ben\Desktop\Computer.lnk -  
C:\Users\Ben\Desktop\Farming Simulator 2011 .lnk - C:\Program Files (x86)\Farming Simulator 2011\FarmingSimulator2011.exe 
C:\Users\Ben\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138
C:\Users\Ben\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138
C:\Users\Ben\Desktop\Microsoft PowerPoint 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\pptico.exe 
C:\Users\Ben\Desktop\Microsoft Word 2010.lnk - C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe 
C:\Users\Ben\Desktop\MP3 Tunes v2.lnk - C:\Program Files (x86)\MP3Tunes v2\MP3Tunes.exe 
C:\Users\Ben\Desktop\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe 
C:\Users\Ben\Desktop\BEN\#Yolo Hotel\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\AnyRail 5 Handleiding.lnk - C:\Program Files (x86)\AnyRail5NL\AnyRail5NL.pdf 
C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe 
C:\Users\Public\Desktop\Bezoek eBay.be.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=nl_be&bd=all&c=131
C:\Users\Public\Desktop\Connected Music powered by Universal Music Group.lnk - C:\Program Files (x86)\Connected Music powered by Universal Music Group\Connected Music powered by Universal Music Group.exe 
C:\Users\Public\Desktop\De Sims� 3.lnk -  
C:\Users\Public\Desktop\HP Solution Center.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe 
C:\Users\Public\Desktop\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe 
C:\Users\Public\Desktop\RollerCoaster Tycoon� 3.lnk -  
C:\Users\Public\Desktop\Snapfish foto's.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://www.snapfish.com/hp_notebook_desktopicon_2013_nl_be
C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
C:\Users\Public\Desktop\World of Tanks.lnk - C:\Games\World_of_Tanks\WOTLauncher.exe 
C:\Users\Public\Desktop\�Torrent.lnk -  

==== shortcuts in Users Start Menu ======================

C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends\XAMPP\Uninstall.lnk - C:\xampp\Uninstall.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends\XAMPP\XAMPP Control Panel.lnk - C:\xampp\xampp-control.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends\XAMPP\XAMPP htdocs folder.lnk - C:\xampp\htdocs 
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk - C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk - C:\Windows\SysWOW64\msiexec.exe /X {4FC9DA9D-F608-454E-8191-D7EFFDCC5726}
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyRail5NL\AnyRail 5 Help.lnk - C:\Program Files (x86)\AnyRail5NL\AnyRail5NL.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyRail5NL\AnyRail 5 NL.lnk - C:\Program Files (x86)\AnyRail5NL\AnyRail5NL.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyRail5NL\AnyRail 5 PDF Handleiding.lnk - C:\Program Files (x86)\AnyRail5NL\AnyRail5NL.pdf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio\Camstudio-Recorder.lnk - C:\CamStudio 2.6b\Recorder.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio\Player.lnk - C:\CamStudio 2.6b\Player.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio\PlayerPlus.lnk - C:\CamStudio 2.6b\PlayerPlus.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio\SWF-Producer.lnk - C:\CamStudio 2.6b\Producer.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio\Uninstall CamStudio.lnk - C:\CamStudio 2.6b\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /i {645CF8E7-16ED-4827-BD89-94F2CE974396} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Users\Ben\Desktop\BEN\#Yolo Hotel 2013\Notepad++\notepad++.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\Uninstall XAMPP.lnk - C:\xamp\uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP Control Panel.lnk - C:\xamp\xampp-control.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP\XAMPP htdocs folder.lnk - C:\xamp\htdocs 

==== shortcuts in Quick Launch ======================

C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1383741167&from=oneinstaller&uid=ST1000LM024XHN-M101MBB_S2SWJ9KCC05138
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CyberLink YouCam.lnk - C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Libraries 
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP Utility Center.lnk - C:\HP\Data\HPUC\HPPU.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPConnectedRemoteMgmtUI.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteMgmtUI.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\Ben\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Ben\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Public\Desktop\Bezoek eBay.be.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe 
C:\Users\Public\Desktop\Snapfish foto's.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe 
C:\Users\Ben\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ben\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ben\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 10/11/2013 at 16:45:33,51 ======================