Zoek.exe v5.0.0.0 Updated 08-December-2014 Tool run by julian on di 09-12-2014 at 16:01:34,32. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\julian\AppData\Local\Temp\Rar$DIa0.078\zoek.exe.com [Scan all users] [Script inserted] ==== System Restore Info ====================== 9-12-2014 16:02:51 Zoek.exe System Restore Point Created Succesfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\Logitech deleted successfully C:\PROGRA~2\VideoCnv deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\stinger deleted successfully C:\PROGRA~3\cheapdeal deleted successfully C:\Users\julian\AppData\Roaming\337Games deleted successfully C:\Users\julian\AppData\Roaming\Awesomium deleted successfully C:\Users\julian\AppData\Local\WarThunder deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90561a5e-5e0e-4b2a-9b27-131c3c0dcfe2} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{192AF9C6-C24-43FE-852D-31EED8C4E22} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{198987C0-1A13-4DAC-9710-681131114C88} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1de6689e-37ff-4872-bb88-0c3c125025de} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20d3868c-edfe-4933-9484-a547b68d0a3a} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27bcfc15-720d-4cfc-a0c1-c430debcd384} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46A84219-D793-42EF-A09E-DDE01784EC} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6369583-2EB6-4849-A0AC-AC4BBC1DBFF} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A117674C-AF5D-4113-BD3C-43C2A8020A} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aaea3022-7bcd-42ec-83a4-b0e64a198145} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFDFFC70-B45-469C-9CD6-6D6EFFB224D7} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c629143b-47d3-4844-b256-5af11d02d6e5} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8457FD5-D6A1-4A28-AF91-338414441781} deleted successfully HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7D099C0-D361-426D-B7B3-C3453345A9E5} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{90561a5e-5e0e-4b2a-9b27-131c3c0dcfe2} deleted successfully HKEY_CLASSES_ROOT\CLSID\{90561a5e-5e0e-4b2a-9b27-131c3c0dcfe2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90561a5e-5e0e-4b2a-9b27-131c3c0dcfe2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1de6689e-37ff-4872-bb88-0c3c125025de} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{20d3868c-edfe-4933-9484-a547b68d0a3a} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27bcfc15-720d-4cfc-a0c1-c430debcd384} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aaea3022-7bcd-42ec-83a4-b0e64a198145} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c629143b-47d3-4844-b256-5af11d02d6e5} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Tools for .Net 3.5 Adobe Flash Player 15 ActiveX Adobe Flash Player 15 Plugin Adobe Reader XI - Nederlands AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Media Foundation Decoders AMD Wireless Display v3.0 Apple Application Support Apple Mobile Device Support Apple Software Update Application Profiles ASIO4ALL Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia ASM106x SATA Host Controller Driver Auto Screenshot Maker 3.0 AzureTools.Notifications Battle.net Battlefield 4T BattlefieldT Hardline Beta Battlelog Web Plugins beautydeals Behaviors SDK (XAML) for Visual Studio BitTorrent Blend for Visual Studio 2013 Blend for Visual Studio 2013 ENU resources Blend for Visual Studio SDK for .NET 4.5 Blend for Visual Studio SDK for Silverlight 5 Bonjour Build Tools - amd64 Build Tools - x86 Build Tools Language Resources - amd64 Build Tools Language Resources - x86 Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CEVO CS:GO Client Beta version 1.0 cheapdeal Compl‚ment Messenger Counter-Strike: Global Offensive Counter-Strike: Source Counter-Strike: Source Beta Curse D3DX10 DayZ Dead Island Game of the Year- Diablo III DivX Setup Dota 2 Dotfuscator and Analytics Community Edition Dragon Nest Europe EA SPORTST FIFA 15 Demo Entity Framework Tools for Visual Studio 2013 ESN Sonar Feed2AllApp FIFA 14 Firebird SQL Server - MAGIX Edition Firefall FL Studio 11 FlowStone FL 3.0 Gadwin PrintScreen Galerie de photos Windows Live Garry's Mod Google Chrome Google Update Helper Gyazo 2.2 Hearthstone Hi-Rez Studios Authenticate and Update Service Hotspot Shield 3.42 IIS 8.0 Express IIS Express Application Compatibility Database for x64 IIS Express Application Compatibility Database for x86 IL Shared Libraries INFERNO Insurgency Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client iTunes Java 7 Update 67 Java 8 Update 25 Java Auto Updater Java(TM) 7 Update 5 (64-bit) JavaScript Tooling Junk Mail filter update League of Legends Loadout LocalESPC Dev12 LocalESPCui for en-us Dev12 Logitech Gaming Software Logitech Gaming Software 8.55 MAGIX Music Maker 16 Premium Download Version MAGIX Screenshare MAGIX Speed burnR McAfee Internet Security McAfee SiteAdvisor Media Buzz Media Player Codec Pack 4.2.5 Media View Mesh Runtime Messenger Companion Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) Microsoft .NET Framework 4.5.1 SDK Microsoft Advertising SDK for Windows 8.1 - ENU Microsoft Advertising Service Extension for Visual Studio Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU Microsoft ASP.NET MVC 4 Runtime Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU Microsoft ASP.NET Web Pages 2 Runtime Microsoft C++ REST SDK for Visual Studio 2013 Microsoft Exchange Web Services Managed API 2.0 Microsoft Expression Blend SDK for .NET 4 Microsoft Help Viewer 2.1 Microsoft Identity Extensions Microsoft LightSwitch for Visual Studio 2013 Core Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU Microsoft LightSwitch for Visual Studio 2013 v4.0 Tools Microsoft LightSwitch for Visual Studio 2013 v4.0 ToolsRes - ENU Microsoft LightSwitch v4.0 SDK Microsoft NuGet - Visual Studio 2013 Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) Microsoft Office Home and Business 2010 - Nederlands Microsoft Office Klik-en-Klaar 2010 Microsoft Portable Library Multi-Targeting Pack Microsoft Portable Library Multi-Targeting Pack Language Pack - enu Microsoft Report Viewer Add-On for Visual Studio 2013 Microsoft SharePoint 2013 Developer Tools for Visual Studio Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package Microsoft SharePoint 2013 Developer Tools for Visual Studio ENU Language Pack Microsoft Silverlight Microsoft Silverlight 5 SDK Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft SQL Server Data Tools - enu (12.0.30919.1) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft System CLR Types for SQL Server 2012 Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Team Foundation Server 2013 Object Model (x64) Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU Microsoft Visual C++ ARM Libraries Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources Microsoft Visual C++ x64-arm Cross Compilers Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources Microsoft Visual C++ x64-x86 Cross Compilers Microsoft Visual C++ x64 Libraries Microsoft Visual C++ x64 Native Compilers - ENU Resources Microsoft Visual C++ x64 Native Compilers Microsoft Visual C++ x86 Libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005 Microsoft Visual C++ 2013 32bit Compilers - ENU Resources Microsoft Visual C++ 2013 Compilers - ENU Resources Microsoft Visual C++ 2013 Compilers Microsoft Visual C++ 2013 Core Libraries Microsoft Visual C++ 2013 Extended Libraries Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86-x64 Compilers Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Visual Studio 2013 Devenv Microsoft Visual Studio 2013 Devenv Resources Microsoft Visual Studio 2013 Performance Collection Tools - ENU Microsoft Visual Studio 2013 Performance Collection Tools Microsoft Visual Studio 2013 Preparation Microsoft Visual Studio 2013 Profiling Tools Microsoft Visual Studio 2013 Shell (Minimum) Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies Microsoft Visual Studio 2013 Shell (Minimum) Resources Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU Microsoft Visual Studio 2013 VsGraphics Helper Dependencies Microsoft Visual Studio Professional 2013 - ENU Microsoft Visual Studio Professional 2013 Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources Microsoft Web Deploy 3.5 Microsoft Web Developer Tools 2013 - Visual Studio 2013 Minecraft 1.5 Minecraft Black Edition - UPDATE 2013 1.4.7 Minecraft Black Edition 1.5 Minecraft1.5.2 MorphVOX Pro MotioninJoy Gamepad tool 0.7.1001 Mozilla Firefox 33.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nexon Game Manager Norton Identity Safe Nosgoth Notepad++ NVIDIA PhysX Open XML SDK 2.5 for Microsoft Office Origin Overwolf Pando Media Booster PAYDAY 2 PC Angel (tm) Recovery Installer PlanetSide 2 Popcorn Time PreEmptive Analytics Visual Studio Components Prerequisites for SSDT PVZ Garden Warfare Python Tools Redirection Template Razer Game Booster Razer Synapse 2.0 Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Rust Samsung AllShare Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) SharePoint Client Components Skype Click to Call SkypeT 6.21 Smite Source SDK Base 2006 Speccy Spotify Steam System Requirements Lab CYRI System Requirements Lab Detection System Requirements Lab for Intel Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Team Explorer for Microsoft Visual Studio 2013 Team Fortress 2 Team Fortress 2 Beta TeamSpeak 3 Client TeamViewer 9 TERA Text-To-Speech-Runtime The Expendabros Ubisoft Game Launcher Unturned Update for (KB2504637) Uplay VC80CRTRedist - 8.0.50727.6195 Visual F# 3.1 SDK Visual F# 3.1 VS Visual Studio 2013 Prerequisites - ENU Language Pack Visual Studio 2013 Prerequisites Visual Studio Extensions for Windows Library for JavaScript VLC media player War Thunder Launcher 1.0.1.376 Warframe WCF Data Services 5.6.0 Runtime WCF Data Services Tools for Microsoft Visual Studio 2013 WCF RIA Services V1.0 SP2 Windows App Certification Kit Native Components Windows App Certification Kit x64 Windows Azure Mobile Services SDK Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Runtime Intellisense Content - en-us Windows Software Development Kit Windows Software Development Kit DirectX x64 Remote Windows Software Development Kit DirectX x86 Remote Windows Software Development Kit for Windows Store Apps Windows Software Development Kit for Windows Store Apps DirectX x64 Remote Windows Software Development Kit for Windows Store Apps DirectX x86 Remote Windows XP Targeting with C++ Wing Commander III WinRAR 5.11 (64-bit) Workflow Manager Client 1.0 Workflow Manager Tools 1.0 for Visual Studio World of Tanks Xiph.Org Open Codecs 0.85.17777 ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Windows\system32\hasplms.exe C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Popcorn Time\Updater.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe D:\dead island\Steam.exe C:\Program Files (x86)\Origin\Origin.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files (x86)\Gyazo\GyStation.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\julian\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Users\julian\AppData\Roaming\Curse Client\Bin\Curse.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe D:\dead island\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe D:\dead island\bin\steamwebhelper.exe D:\dead island\steamapps\common\Counter-Strike Global Offensive\csgo.exe D:\dead island\GameOverlayUI.exe D:\dead island\bin\steamwebhelper.exe D:\dead island\bin\steamwebhelper.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fa6789c5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fa6789c5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Rock Turner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Rock Turner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util Rock Turner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util Rock Turner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Rock Turner deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update Rock Turner deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102 user.js not found ---- Lines delta removed from prefs.js ---- user_pref("browser.search.defaultenginename", "delta-homes"); user_pref("browser.search.selectedEngine", "delta-homes"); ---- Lines quick_start removed from prefs.js ---- user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- FireFox user.js and prefs.js backups ---- prefs_09-12-2014_1616_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90561a5e-5e0e-4b2a-9b27-131c3c0dcfe2}] ==== Deleting Files \ Folders ====================== C:\ProgramData\cheapdeal not found "C:\Windows\Installer\df898d.msi" not found "C:\Windows\Installer\df8985.msi" not found C:\ProgramData\beautydeals deleted C:\PROGRA~3\eab9cee92c7d5f4 deleted C:\PROGRA~2\Hotspot Shield deleted C:\Users\julian\AppData\Roaming\MAGIX deleted C:\Users\julian\AppData\Roaming\Hotspot Shield deleted C:\PROGRA~3\Hotspot Shield deleted C:\PROGRA~3\WPM deleted C:\PROGRA~3\MAGIX deleted C:\PROGRA~3\Package Cache deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted C:\AI_RecycleBin deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\Hotspot Shield deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102\extensions\staged deleted C:\Users\Public\Desktop\Hotspot Shield.lnk deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 16340 MB CPU Info: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz CPU Speed: 3500,9 MHz Sound Card: Speakers (Realtek High Definiti | 1 - PL2377 (AMD High Definition | Realtek Digital Output (Realtek | Realtek Digital Output(Optical) | Display Adapters: AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Anchorfree HSS VPN Adapter #2 | Anchorfree HSS VPN Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (F: | ) F: Optiarc DVD RW AD-5280S Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 104,8GB | D: 931,5GB | E: 14,5GB | Q: 0,0MB Hard Disks - Free: C: 4,1GB | D: 638,9GB | E: 8,2GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 02/16/12 | ALASKA - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. P8Z77-M PRO Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: McAfee Antivirus en antispyware On-access scanning disabled (Outdated) Anti-Spyware: McAfee Antivirus en antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: McAfee Firewall disabled Default Browser: Google Chrome 38.0.2125.111 Internet Explorer Version: 11.0.9600.17420 Mozilla Firefox version: 33.1 (x86 nl) Google Chrome version: 38.0.2125.111 Adobe Reader version: 11.0.0.379 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.239 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\julian\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-11-12 10:00:53 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-11-09 17:24:36 -------- d-----w- C:\PROGRA~2\CEVO ======= C: ===== ====== C:\Users\julian\AppData\Roaming ====== ====== C:\Users\julian ====== 2014-12-08 16:42:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64 (1).exe 2014-12-08 16:41:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64.exe 2014-11-09 17:27:20 -------- d-----w- C:\ProgramData\Celavimus 2014-11-09 17:24:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client ====== C: exe-files == 2014-12-08 16:42:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64 (1).exe 2014-12-08 16:41:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\julian\Downloads\RSITx64.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1649581024-2079683328-5313355-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="D:\dead island\Steam.exe -silent" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "Spotify Web Helper"="C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "BitTorrent"="C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify"="C:\Users\julian\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "AllShareAgent"="C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe" "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll,DllRegisterServer" "B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll"="C:\Windows\system32\rundll32.exe C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll,DllRegisterServer" "ST Recovery Launcher"="%WINDIR%\SMINST\VistaLauncher.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="D:\dead island\Steam.exe -silent" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "Spotify Web Helper"="C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "BitTorrent"="C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe /MINIMIZED" "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Spotify"="C:\Users\julian\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ==== Startup Folders ====================== 2014-10-22 09:02:38 1053 ----a-w- C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26-11-2014 17:53] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-08-2014 15:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-08-2014 15:34] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cff2c634185632.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-08-2014 15:34] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cff2c634185632" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GyazoUpdateTaskMachine" ["C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F937758F-92F3-48EA-9E6D-B5BFCC43B011}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{029673D1-7AD4-4F1E-A4B9-EF9ACE288557}" [C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe] "C:\Windows\SysNative\tasks\{13B3863B-1477-432C-99A3-BB6F0FFA0DAA}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{1C415C97-203F-4C70-8D38-644F068AEAF4}" [C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe] "C:\Windows\SysNative\tasks\{1D2062FB-8D38-457C-B545-7C757BCDF582}" [C:\Users\julian\Desktop\games2\Grand Theft Auto IV full game PC + Multiplayer ^^nosTEAM^^\Grand Theft Auto IV\LaunchGTAIV.exe] "C:\Windows\SysNative\tasks\{345D33D5-54F7-4050-8CD6-1898FDAB318B}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{5D4E1B59-06CF-4374-8EFE-7D5FC482D592}" [C:\Program Files (x86)\Skype\Phone\Skype.exe] "C:\Windows\SysNative\tasks\{7FE1AA34-0B4A-4EEE-9921-8D8F7D4966E5}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{83A96BC4-1DE2-4C38-9E48-C4243152416B}" [C:\Program Files (x86)\Skype\Phone\Skype.exe] "C:\Windows\SysNative\tasks\{91E752DC-09F4-43F2-A5A6-D03654C4CB12}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe] "C:\Windows\SysNative\tasks\{A07D3C39-8B6E-4907-8145-1E5DA38F0D1D}" [C:\Users\julian\Desktop\games2\I Am Alive PC full game single-player ^^nosTEAM^^\I Am Alive\play-I-AM-Alive.exe] "C:\Windows\SysNative\tasks\{A0CAF408-DF20-410F-B641-76B0FED8F827}" [C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe] "C:\Windows\SysNative\tasks\{B0293800-DF23-472A-A108-6EC4906342CE}" [C:\Riot Games\League of Legends\lol.launcher.exe] "C:\Windows\SysNative\tasks\{E860B412-B717-42E4-8FB9-B68659EA4878}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe] "C:\Windows\SysNative\tasks\{FDC3DEA1-A692-4560-874F-B8EE5E01C7AB}" [C:\Users\julian\Desktop\games2\I Am Alive PC full game single-player ^^nosTEAM^^\I Am Alive\play-I-AM-Alive.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2014-07-14 18:44:07 -------- d-----w- C:\PROGRA~3\WarThunder 2014-07-29 18:36:08 -------- d-----w- C:\PROGRA~3\PMB Files 2014-07-29 18:36:59 -------- d-----w- C:\PROGRA~3\Riot Games 2014-08-23 19:29:30 -------- d-----w- C:\PROGRA~3\Screaming Bee 2014-09-21 16:08:21 -------- d-----w- C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-26 21:30:01 -------- d-----w- C:\PROGRA~3\Gyazo 2014-10-17 13:25:48 -------- d-----w- C:\PROGRA~3\Hi-Rez Studios 2014-11-09 17:27:20 -------- d-----w- C:\PROGRA~3\Celavimus ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [20-11-2014 14:31] ==== Firefox Extensions ====================== ProfilePath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102 - shortcut - %ProfilePath%\extensions\shortcutff@gmail.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Hotspot Shield Extension - %AppDir%\browser\extensions\afproxy@anchorfree.com - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102 6D657ABADF217DBB17CF0A0AF44A7E29 - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll - Nexon Game Controller ==== Deleted Firefox Extensions ====================== C:\Users\julian\AppData\Roaming\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102\extensions\shortcutff@gmail.com deleted C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com deleted ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\julian\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\julian\AppData\Local\Comodo\Dragon deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 17:22] nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\Exts\Chrome.crx[31-05-2013 02:49] Google Docs - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Battlefield Heroes - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh Google Search - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tampermonkey - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Lounge Assistant - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml SiteAdvisor - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho AdBlock - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Skype Click to Call - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Extended Protection - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo Gmail - julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driverfinderpro.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driverfinderpro.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_steamidfinder.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_steamidfinder.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.clickansave.net_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.clickansave.net_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_media.mtvnservices.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_media.mtvnservices.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.omiga-plus.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.omiga-plus.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0613&utm_campaign=installer&utm_content=ds&from=wpm0613&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128&ts=1402575993&type=default&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Search Page"="http://www.qone8.com/web/?type=ds&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Search Page"="http://www.qone8.com/web/?type=ds&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== shortcuts on Users Desktops ====================== C:\Users\julian\Desktop\BitTorrent.lnk - C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\julian\Desktop\Curse.lnk - C:\Users\julian\AppData\Roaming\Curse Client\Bin\Curse.exe C:\Users\julian\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128 C:\Users\julian\Desktop\League of Legends.lnk - D:\games\lol.launcher.exe C:\Users\julian\Desktop\Logitech Gaming Software 8.40.lnk - C:\Program Files (x86)\Logitech Gaming Software\LCore.exe C:\Users\julian\Desktop\Spotify.lnk - C:\Users\julian\AppData\Roaming\Spotify\spotify.exe C:\Users\julian\Desktop\Steam.lnk - D:\dead island\steam.exe C:\Users\julian\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win64.exe C:\Users\julian\Desktop\games\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe C:\Users\julian\Desktop\games\Battlefield 4(64 bit).lnk - C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe C:\Users\julian\Desktop\games\Battlefield 4.lnk - C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe C:\Users\julian\Desktop\games\Battlefield Hardline Beta.lnk - D:\films\BFH Beta\bfh.exe C:\Users\julian\Desktop\games\Dragon Nest Europe.lnk - C:\Program Files (x86)\SDGi Europe\Dragon Nest Europe\DNLauncher.exe C:\Users\julian\Desktop\games\Hearthstone.lnk - C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe C:\Users\julian\Desktop\games\PlanetSide 2 PSG.lnk - C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe C:\Users\julian\Desktop\games\PlanetSide 2.lnk - D:\games\LaunchPad.exe C:\Users\julian\Desktop\games\Play League of Legends.lnk - D:\games\lol.launcher.exe C:\Users\julian\Desktop\games\PVZ Garden Warfare.lnk - D:\films\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe C:\Users\julian\Desktop\games\TERA.lnk - D:\games\TERA\tera-launcher.exe C:\Users\julian\Desktop\games\WarThunder.lnk - D:\games\WarThunder\launcher.exe C:\Users\julian\Desktop\games\Wing Commander III.lnk - D:\films\Wing Commander III\Game\Game\DOSBox\DOSBox.exe C:\Users\julian\Desktop\games\World of Tanks.lnk - D:\games\World_of_Tanks\WOTLauncher.exe C:\Users\julian\Desktop\games2\FL Studio 11.lnk - C:\Program Files (x86)\Image-Line\FL Studio 11\FL.exe C:\Users\julian\Desktop\games2\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\julian\Desktop\programmas\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\julian\Desktop\programmas\DivX Converter (2).lnk - C:\Program Files (x86)\DivX\DivX Converter\DivXConverterLauncher.exe C:\Users\julian\Desktop\programmas\DivX Converter.lnk - C:\Program Files (x86)\DivX\DivX Converter\DivXConverterLauncher.exe C:\Users\julian\Desktop\programmas\DivX Movies (2).lnk - C:\Users\julian\Videos\DivX Movies C:\Users\julian\Desktop\programmas\DivX Movies.lnk - C:\Users\julian\Videos\DivX Movies C:\Users\julian\Desktop\programmas\DivX Player (2).lnk - C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe C:\Users\julian\Desktop\programmas\DivX Player.lnk - C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe C:\Users\julian\Desktop\programmas\G930 configureren.lnk - C:\Program Files (x86)\Logitech\G930\G930.exe C:\Users\julian\Desktop\programmas\Inferno.lnk - C:\Program Files (x86)\Cooler Master\INFERNO\Inferno.exe C:\Users\julian\Desktop\programmas\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\julian\Desktop\programmas\Logitech Gaming Software 8.40.lnk - C:\Program Files (x86)\Logitech Gaming Software\LCore.exe C:\Users\julian\Desktop\programmas\Logitech Gaming Software 8.55.lnk - C:\Program Files\Logitech Gaming Software\LCore.exe C:\Users\julian\Desktop\programmas\MorphVOX Pro.lnk - C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphVOXPro.exe C:\Users\julian\Desktop\programmas\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\julian\Desktop\programmas\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe C:\Users\julian\Desktop\programmas\Overwolf.lnk - C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe C:\Users\julian\Desktop\programmas\Razer Game Booster.lnk - C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe C:\Users\julian\Desktop\programmas\Razer Synapse 2.0.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launch C:\Users\julian\Desktop\programmas\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\julian\Desktop\programmas\Spotify.lnk - C:\Users\julian\AppData\Roaming\Spotify\spotify.exe C:\Users\julian\Desktop\programmas\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe C:\Users\julian\Desktop\programmas\TeamViewer 9.lnk - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Users\julian\Desktop\programmas\VLC media player (2).lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\julian\Desktop\programmas\VLC media player (3).lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\julian\Desktop\programmas\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\julian\Desktop\programmas\Windows Live Movie Maker.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe C:\Users\julian\Desktop\troep\Gadwin PrintScreen.lnk - C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Users\julian\Desktop\troep\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\julian\Desktop\troep\Microsoft Word 2010.lnk - C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE "Microsoft Word 2010 9014006204130000" C:\Users\julian\Desktop\troep\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe C:\Users\julian\Desktop\troep\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\julian\Desktop\troep\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\julian\Desktop\troep\players+prog\goede\Samsung AllShare.lnk - C:\Program Files (x86)\Samsung\AllShare\AllShare.exe C:\Users\julian\Desktop\troep\players+prog\goede\Speccy.lnk - C:\Program Files\Speccy\Speccy64.exe C:\Users\julian\Desktop\troep\players+prog\goede\Steam.lnk - D:\dead island\Steam.exe C:\Users\julian\Desktop\troep\players+prog\goede\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Users\julian\Desktop\troep\players+prog\stomme\Uplay.lnk - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\CEVO Client (CSGO).lnk - C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClient.exe C:\Users\Public\Desktop\DS3 Tool.lnk - C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe C:\Users\Public\Desktop\FIFA 14.lnk - C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe C:\Users\Public\Desktop\FIFA 15 Demo.lnk - D:\films\FIFA 15 DEMO\fifa15_demo.exe C:\Users\Public\Desktop\Gyazo GIF.lnk - C:\Program Files (x86)\Gyazo\GyazoGIF.exe C:\Users\Public\Desktop\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk - D:\films\HiRezGamesDiagAndSupport.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\McAfee Internet Security.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe C:\Users\Public\Desktop\Popcorn Time.lnk - C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe --no-proxy-server C:\Users\Public\Desktop\Smite.lnk - D:\films\HiRezLauncherUI.exe game=300 product=17 ==== shortcuts in Users Start Menu ====================== C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk - C:\Users\julian\AppData\Roaming\Curse Client\Bin\Curse.exe C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\julian\AppData\Roaming\Spotify\spotify.exe C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk - C:\Users\julian\AppData\Roaming\Curse Client\Bin\Curse.exe /startup C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Wat is nieuw in de meest recente versie.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\Users\julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client\CEVO Client (CSGO).lnk - C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClient.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo\FIFA 15 Demo.lnk - D:\films\FIFA 15 DEMO\fifa15_demo.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo\Leesmij.lnk - D:\films\FIFA 15 DEMO\Support\readme\Leesmij.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo\Licentieovereenkomst voor eindgebruikers van FIFA 15 Demo.lnk - D:\films\FIFA 15 DEMO\Support\eula\nl_NL_eula.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 15 Demo\Technische ondersteuning.lnk - D:\films\FIFA 15 DEMO\Support\EA Help\Technische ondersteuning.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\EA SPORTS™ FIFA 15 Demo.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo GIF.lnk - C:\Program Files (x86)\Gyazo\GyazoGIF.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo Settings.lnk - C:\Program Files (x86)\Gyazo\GyStation.exe /option C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Hi-Rez Diagnostics and Support.lnk - D:\films\HiRezGamesDiagAndSupport.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Smite.lnk - D:\films\HiRezLauncherUI.exe game=300 product=17 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios\Uninstall All Hi-Rez Games.lnk - D:\films\HiRezGamesDiagAndSupport.exe uninstall=all C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Internet Security.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Error Reporter.lnk - C:\Program Files (x86)\Origin\OriginER.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe --no-proxy-server C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Wat is nieuw in de meest recente versie.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk - C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128 C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo GIF.lnk - C:\Program Files (x86)\Gyazo\GyazoGIF.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128 C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung AllShare.lnk - C:\Program Files (x86)\Samsung\AllShare\AllShare.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128 C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\LeagueofLegends.lnk - C:\Users\julian\Desktop\games\LeagueofLegends.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BitTorrent.lnk - C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://start.qone8.com/?type=sc&ts=1401478426&from=ild&uid=SAMSUNGXSSDX830XSeries_S0XYNEAC638128 C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gyazo GIF.lnk - C:\Program Files (x86)\Gyazo\GyazoGIF.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gyazo.lnk - C:\Program Files (x86)\Gyazo\Gyazowin.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe ==== shortcuts After Repair ====================== C:\Users\julian\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\julian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\237AA359BFA99C94484AF769ACA080AD deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AED1B7A5-67A5-84A5-B646-E3541CE0BB5F} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MediaBuzzV1mode2771 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully ==== HijackThis Entries ====================== O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\coIEPlg.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer O4 - HKLM\..\RunOnce: [ST Recovery Launcher] %WINDIR%\SMINST\VistaLauncher.exe O4 - HKCU\..\Run: [Steam] "D:\dead island\Steam.exe" -silent O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\julian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [BitTorrent] "C:\Users\julian\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Gadwin PrintScreen] "C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash O4 - HKCU\..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Spotify] "C:\Users\julian\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: Curse.lnk = julian\AppData\Roaming\Curse Client\Bin\Curse.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing) O23 - Service: Celavimus Client Host (celavimushost) - altPUG LLC - C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing) O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\films\HiPatchService.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service: Overwolf Updater Service (OverwolfUpdaterService) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\21LIP96J will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX1494SE will be deleted at reboot C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX62CWCF will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\julian\AppData\Local\Mozilla\Firefox\Profiles\lo8rxuqr.default-1392750794102\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\julian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2474 folders=812 1588045058 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\julian\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\julian\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\21LIP96J" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FX1494SE" not found "C:\Users\julian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX62CWCF" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on di 09-12-2014 at 16:26:09,22 ======================