Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Pieter-Jan on wo 31/12/2014 at 12:19:43,19. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Pieter-Jan\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 31/12/2014 12:21:15 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\FTB deleted successfully C:\PROGRA~2\ManyCam deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\The Swapper deleted successfully C:\PROGRA~2\TheRoom deleted successfully C:\PROGRA~3\ALM deleted successfully C:\Users\Pieter-Jan\AppData\Roaming\ASUS deleted successfully C:\Users\Pieter-Jan\AppData\Roaming\Publish Providers deleted successfully C:\Users\Pieter-Jan\AppData\Roaming\WinZipper deleted successfully C:\Users\Pieter-Jan\AppData\Roaming\WM Recorder deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C7491BE-A2A7-447D-9C35-D4ABC2D9C6A} deleted successfully HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C7491BE-A2A7-447D-9C35-D4ABC2D9C6A} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9625E652-55F4-4A83-AFBA-14B8BAC31377} deleted successfully HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9625E652-55F4-4A83-AFBA-14B8BAC31377} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABAED903-4205-498F-969D-5B70BF14BD95} deleted successfully HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ABAED903-4205-498F-969D-5B70BF14BD95} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E001E061-8D5-470B-9DE5-DCCED8C8C611} deleted successfully HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E001E061-8D5-470B-9DE5-DCCED8C8C611} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\ProgramData\IePluginServices\PluginService.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Program Files (x86)\WinZipper\winzipersvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ASUS\P4G\InsOnSrv.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Windows\Prey\wpxsvc.exe C:\Windows\Prey\current\bin\node.exe C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe C:\Windows\Prey\versions\1.3.4\node_modules\triggers\bin\lightevt.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files\ASUS\P4G\InsOnWMI.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\BuildNotificationApp.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe C:\Users\Pieter-Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe C:\Users\Pieter-Jan\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Pieter-Jan\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winzipersvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command] @="C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\IePluginServices deleted C:\Users\Pieter-Jan\AppData\Roaming\Curse Advertising deleted C:\PROGRA~2\Skillbrains deleted C:\PROGRA~2\WSE_Astromenda deleted C:\PROGRA~2\SupTab deleted C:\PROGRA~2\globalUpdate deleted C:\install.exe deleted C:\Users\Pieter-Jan\AppData\Roaming\WB.CFG deleted C:\Users\Pieter-Jan\AppData\Roaming\WSE_Astromenda deleted C:\Users\Pieter-Jan\AppData\Roaming\Astromenda deleted C:\Users\Pieter-Jan\AppData\Roaming\OpenCandy deleted C:\PROGRA~3\SetStretch.VBS deleted C:\PROGRA~3\WindowsMangerProtect deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\EmailNotifier deleted C:\Users\Pieter-Jan\AppData\Local\Astromenda deleted C:\Users\Pieter-Jan\AppData\Local\globalUpdate deleted C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\windows\SysNative\tasks\update-sys deleted C:\Windows\tasks\update-S-1-5-21-3799622816-576845321-18875002-1001.job deleted C:\Windows\tasks\update-sys.job deleted C:\Windows\tasks\WSE_Astromenda.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\Pieter-Jan\AppData\Local\dsisetup1875611562.exe deleted C:\Users\Pieter-Jan\AppData\Local\dsisetup3854955312.exe deleted "C:\PROGRA~2\WinZipper\eshellctx64.dll" deleted "C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.dll" deleted "C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe" deleted "C:\PROGRA~2\WinZipper" not deleted "C:\Users\Pieter-Jan\AppData\Local\Skillbrains" deleted "C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot" deleted "C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot\5.1.4.17" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8076 MB CPU Info: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz CPU Speed: 2395,2 MHz Sound Card: Luidsprekers (Razer Surround Au | Luidsprekers (TRITTON AX 180 He | Speakers (Realtek High Definiti | Line 1 (Virtual Audio Cable) | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 | Intel(R) HD Graphics 4600 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1536 X 864 - 32 bit Network: Network Present Network Adapters: Bluetooth Device (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Intel(R) Dual Band Wireless-N 7260 | Realtek PCIe GBE Family Controller | LogMeIn Hamachi Virtual Ethernet Adapter CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8E1 Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 181,7GB | F: 931,5GB Hard Disks - Free: C: 81,8GB | F: 541,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. N56JN Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Anti-Virus On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Anti-Virus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Internet Explorer Version: 11.0.9600.17351 Google Chrome version: 39.0.2171.95 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.246 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\PIETER~1\AppData\Local\Temp ==== 2014-12-31 00:49:07 E944E685F4BCBF26716434A71FC268ED 521968 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\RzUpdateManager.exe 2014-12-31 00:49:07 C9F4C5EC2811783F4FE709ECE859C3A0 5632 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\zh-CN\RzUpdateManager.resources.dll 2014-12-31 00:49:07 BC875BD42807EC5B751C42A9F8CB8515 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\ko-KR\RzSynapse.resources.dll 2014-12-31 00:49:07 B68E31F7F0C30C30D70EE957EA89E23F 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\pt-BR\RzSynapse.resources.dll 2014-12-31 00:49:07 AF80CB745DFDE0CE453E4FA49CC802C5 6144 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\zh-CHT\RzUpdateManager.resources.dll 2014-12-31 00:49:07 A02E41C543CEC60717BDDF8FCD905CB0 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\ja-JP\RzSynapse.resources.dll 2014-12-31 00:49:07 9F391D862909EE486EC161E6F7F6495C 509952 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\RzUpdateManagerUI.dll 2014-12-31 00:49:07 8B45CC9AEEBD1E9726F28C8546573874 6144 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\de-DE\RzUpdateManager.resources.dll 2014-12-31 00:49:07 85D67F05B1FE309E675BBA258D57E238 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\ru-RU\RzSynapse.resources.dll 2014-12-31 00:49:07 842391620022814CB6A5CAE40E95FCD9 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\de-DE\RzSynapse.resources.dll 2014-12-31 00:49:07 81767E1E90FEA2D5BAC73FE4CD8733F7 6144 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\pt-BR\RzUpdateManager.resources.dll 2014-12-31 00:49:07 7665DDB1B5ADC171BC22C5FDFFD77FD4 6656 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\ru-RU\RzUpdateManager.resources.dll 2014-12-31 00:49:07 700254E16190A6216EF8B21299CADAFC 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\fr-FR\RzSynapse.resources.dll 2014-12-31 00:49:07 6DED8FCBF5F1D9E422B327CA51625E24 462336 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\Ionic.Zip.dll 2014-12-31 00:49:07 6A368ABB260429C9F6B3D6CCA5969510 6144 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\ko-KR\RzUpdateManager.resources.dll 2014-12-31 00:49:07 54035945559EAB768FBA58E8982E35FB 6144 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\ja-JP\RzUpdateManager.resources.dll 2014-12-31 00:49:07 4CF67217CE1FE210095BCE5991B116E0 6144 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\es-ES\RzUpdateManager.resources.dll 2014-12-31 00:49:07 430F8E6430DB594DDD848A85462148D6 315392 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\RzStorage.dll 2014-12-31 00:49:07 3F5159095C9F3BFC67E54C0857282067 80896 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\RzUpdate.dll 2014-12-31 00:49:07 37D104AE71320595358E4516A5FDB049 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\zh-CHT\RzSynapse.resources.dll 2014-12-31 00:49:07 33E1DE8CA73E3C8B853B2BB9E94A38BF 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\zh-CN\RzSynapse.resources.dll 2014-12-31 00:49:07 27635AF91013CC0766D0450E651E5162 4608 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\es-ES\RzSynapse.resources.dll 2014-12-31 00:49:07 1619E5994E2C0A8BF6C03700E782F69B 112640 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\RzCommon.dll 2014-12-31 00:49:07 080E8ED076C713BCFC8076A050DC3AB7 6144 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\fr-FR\RzUpdateManager.resources.dll 2014-12-31 00:48:07 B4151DA250B8BFA0EB61D875C4F43310 307200 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzStorage.dll 2014-12-31 00:48:07 90BC548092D741B73AE25AD7D889156E 104448 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzCommon.dll 2014-12-31 00:48:07 766D46FAC89CC817640CBAF50BDDF52D 70656 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzStorageIO.dll 2014-12-31 00:48:07 34309971CCC626F2BF17F003F85CE527 125784 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzSettingsConverter.exe 2014-12-27 13:31:42 3E9B2A232E90FA98DFE3F0866E201883 204800 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\drm_dyndata_7380014.dll ====== Java Cache ===== 2014-12-31 11:18:15 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Pieter-Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-25466596 2014-12-31 11:18:12 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Pieter-Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-1594323f 2014-12-31 11:18:12 CC4B6C05FB01A8DD6750AD3A596DC186 99 ----a-w- C:\Users\Pieter-Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2014-12-31 11:18:12 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Pieter-Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-411a58ae 2014-12-06 09:54:15 FCE549C95F3578DF675773341880E2EF 104 ----a-w- C:\Users\Pieter-Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\52fa8915-5c50eb8d 2014-12-06 09:54:04 9078074A874CC1B0B19970838359DD70 343474 ----a-w- C:\Users\Pieter-Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\57adbb1f-27b25f05 2014-12-31 11:18:13 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Pieter-Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-230ce2c8 ====== C:\Windows\SysWOW64 ===== 2014-12-31 11:17:52 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-12-19 03:22:14 F41A641093AF1F0536A5D67CE7F91691 9728 ----a-w- C:\Windows\SysWOW64\RzStats.IPC.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-12-31 00:30:23 FEF60A37301E1F5A3020FA3487FB2CD7 129600 ----a-w- C:\Windows\Sysnative\drivers\rzpnk.sys 2014-12-31 00:30:17 F17F84511E7DFDEEAB646F0699A006D7 37184 ----a-w- C:\Windows\Sysnative\drivers\rzpmgrk.sys 2014-12-13 16:01:04 9EA41C1F650A7DA597557297F3AEE720 45112 ---ha-w- C:\Windows\Sysnative\drivers\Hamdrv.sys ====== C:\Windows\Tasks ====== 2014-12-28 09:49:13 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task 2014-12-18 11:20:17 2AEF893483872607CEF1355B36BC5706 3768 ----a-w- C:\Windows\Sysnative\Tasks\Pieter-Jan Merge 2014-12-18 11:20:16 7877A2D25465E177821DCDE58A3E00F8 3752 ----a-w- C:\Windows\Sysnative\Tasks\Pieter-Jan 2014-12-18 11:19:26 E909BA68F3C9DBF3E279448A1ACA2BFF 3532 ----a-w- C:\Windows\Sysnative\Tasks\Seagate_Install_Launch 2014-12-12 13:36:00 82048C33310514F6C7A9803C4D6B52DB 3184 ----a-w- C:\Windows\Sysnative\Tasks\{7DD0CC31-99D0-4D14-AD77-EBAA16CA4E9D} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-31 01:33:42 -------- d-----w- C:\Program Files\trend micro 2014-12-03 12:30:30 -------- d-----w- C:\Program Files\Factorio ======= C:\PROGRA~2 ===== 2014-12-31 11:17:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-12-31 11:17:45 -------- d-----w- C:\PROGRA~2\Java 2014-12-23 14:05:22 -------- d-----w- C:\PROGRA~2\WinZipper 2014-12-18 15:33:43 -------- d-----w- C:\PROGRA~2\Heroes of the Storm 2014-12-18 11:32:43 -------- d-----w- C:\PROGRA~2\Stardock 2014-12-18 11:27:33 -------- d-----w- C:\PROGRA~2\Dexpot 2014-12-18 11:19:14 -------- d-----w- C:\PROGRA~2\Seagate 2014-12-06 13:14:21 -------- d-----w- C:\PROGRA~2\Microsoft Games for Windows - LIVE ======= C: ===== ====== C:\Users\Pieter-Jan\AppData\Roaming ====== 2014-12-31 00:38:15 -------- d-----w- C:\Users\Pieter-Jan\AppData\Local\RzStats 2014-12-30 20:52:15 -------- d-----w- C:\Users\Pieter-Jan\AppData\Local\Purplizer 2014-12-22 16:54:36 1BBDA0E4F8AFB975E63313FF4425B005 1456 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Adobe Save for Web 13.0 Prefs 2014-12-22 11:48:57 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Warner Bros. Interactive Entertainment 2014-12-22 11:15:05 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-12-22 11:15:05 -------- d-----w- C:\Users\Pieter-Jan\AppData\Local\Ubisoft Game Launcher 2014-12-20 17:23:23 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Apps 2014-12-20 17:23:23 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2014-12-18 11:32:44 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Stardock 2014-12-18 11:27:37 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Dexpot 2014-12-18 11:27:33 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot 2014-12-18 11:19:31 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Nero 2014-12-18 11:15:07 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Seagate 2014-12-12 23:25:09 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Trine2 2014-12-12 22:26:34 -------- d-----w- C:\Users\Pieter-Jan\AppData\Local\join.me 2014-12-07 18:53:49 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\TERA 2014-12-07 18:52:13 -------- d-----w- C:\Users\Pieter-Jan\AppData\Local\Gameforge4d 2014-12-06 12:54:01 -------- d-----w- C:\Users\Pieter-Jan\AppData\Local\Rockstar Games 2014-12-06 12:53:45 -------- d--h--r- C:\Users\Pieter-Jan\AppData\Roaming\SecuROM 2014-12-06 12:53:00 -------- d-----w- C:\Users\Pieter-Jan\AppData\Local\Origin 2014-12-06 09:18:04 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Leadertech 2014-12-03 12:30:30 -------- d-----w- C:\Users\Pieter-Jan\AppData\Roaming\Factorio 2014-12-02 16:25:49 873768EBA9DDAE3D039F2EFA49BD8A97 10 ----a-w- C:\Users\Pieter-Jan\AppData\Local\DSI.DAT ====== C:\Users\Pieter-Jan ====== 2014-12-31 11:17:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-31 11:16:30 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Pieter-Jan\Downloads\chromeinstall-8u25 (1).exe 2014-12-31 11:09:07 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Pieter-Jan\Downloads\chromeinstall-8u25.exe 2014-12-31 01:31:07 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Pieter-Jan\Downloads\RSITx64.exe 2014-12-31 00:50:40 -------- d-----w- C:\ProgramData\RzMaelstromVAD_1.1.58.1854 2014-12-31 00:26:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2014-12-21 23:54:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 2014-12-19 22:06:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2014-12-18 15:43:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm 2014-12-18 11:36:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock 2014-12-18 11:34:42 -------- d-----w- C:\ProgramData\Stardock 2014-12-18 11:19:15 -------- d-----w- C:\ProgramData\Nero 2014-12-18 11:19:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0 2014-12-18 11:15:07 -------- d-----w- C:\ProgramData\Seagate 2014-12-13 18:50:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer 2014-12-07 18:52:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-12-06 15:54:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ 2014-12-06 13:16:53 -------- d-sh--w- C:\ProgramData\SecuROM 2014-12-06 13:14:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace 2014-12-03 12:30:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio ====== C: exe-files == 2014-12-31 11:17:51 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-12-31 11:17:51 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-12-31 11:17:51 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-12-31 11:17:48 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-12-31 11:17:48 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-12-31 11:17:48 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-12-31 11:17:48 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-12-31 11:17:48 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-12-31 11:17:48 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-12-31 11:17:48 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-12-31 11:17:48 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-12-31 11:17:48 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-12-31 11:17:48 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-12-31 11:17:48 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-12-31 11:17:48 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-12-31 11:17:48 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-12-31 11:17:48 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-12-31 11:17:48 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-12-31 11:17:48 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-12-31 11:17:48 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-12-31 11:17:48 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-12-31 11:17:48 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-12-31 11:17:48 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-12-31 11:17:48 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-12-31 11:16:30 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Pieter-Jan\Downloads\chromeinstall-8u25 (1).exe 2014-12-31 11:15:33 B29C266FC8CD928A6697E6A6799A88B3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3799622816-576845321-18875002-1001\$INFK43S.exe 2014-12-31 11:09:07 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Pieter-Jan\Downloads\chromeinstall-8u25.exe 2014-12-31 01:33:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Pieter-Jan.exe 2014-12-31 01:33:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$Recycle.Bin\S-1-5-21-3799622816-576845321-18875002-1001\$RNFK43S.exe 2014-12-31 01:31:07 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Pieter-Jan\Downloads\RSITx64.exe 2014-12-31 00:50:41 EC757D6C5475023FEA27F45DFDAE0C83 42889 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\Razer Surround\Razer Surround_Uninstaller.exe 2014-12-31 00:49:17 9B0ECE4E951ACB99555D53C8A5B6BAC2 45320760 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Surround_Configurator_v1.15.07.exe 2014-12-31 00:49:11 512955AFD5D93047B17B9C028F9F7534 4252824 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Surround_Driver_v1.05.10.exe 2014-12-31 00:49:07 E944E685F4BCBF26716434A71FC268ED 521968 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\Razer\RzUpdater\RzUpdateManager.exe 2014-12-31 00:48:09 E44136763C94320D0B0033A7294C218C 32942 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerLycosaConfig\RazerLycosaConfig_Uninstaller.exe 2014-12-31 00:48:07 34309971CCC626F2BF17F003F85CE527 125784 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Temp\RzUpdater\CompressionExtraction\RzSettingsConverter.exe 2014-12-31 00:47:48 E2B56B4B5F24D86CB86347F494803FF9 13540752 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Lycosa_Config_v1.09.01.exe 2014-12-31 00:37:12 995B607EA524AE24A41DE46AC9C6C0BE 217304 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe 2014-12-31 00:30:24 2685BC40CBD22B5FE8875C99214F7469 42215 ----a-w- C:\ProgramData\Razer\Synapse\RzStats\Uninstall\Uninstall.exe 2014-12-31 00:30:24 2685BC40CBD22B5FE8875C99214F7469 42215 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RzStats\Razer_RzStats_Uninstall.exe 2014-12-31 00:30:15 D2E1D6C6FEEEBFC64111A6641F65A4ED 32930 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerImperator2012Config\RazerImperator2012Config_Uninstaller.exe 2014-12-31 00:30:14 6A351CB7A1390B4E79E37E54D15C01EE 46399 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\Razer_Common_Driver\RazerCommonDriverUninstaller.exe 2014-12-31 00:29:55 FF49B47515BBA03510BE96F8B6B11D0F 32206 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerFonts\RazerFonts_Uninstaller.exe 2014-12-31 00:29:48 2FE92E06140E3417E0882F9487A935E6 3780832 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_RzStats_v1.01.37.exe 2014-12-31 00:29:06 F10AEC58CED9F11C20EF662BC5EDF3C4 32531224 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_InGame_Engine_v1.0.12.4336.exe 2014-12-31 00:28:58 FDF095560C681D9041F502C7D718400A 6323744 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\RzGSS_Setup_v1.0.6.2588.exe 2014-12-31 00:28:45 F8127CD19FD265E85833607126BA9529 10412848 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Imperator2012_Config_v1.07.01.exe 2014-12-31 00:28:34 5077C0E75A43546B66CCCDEC0FF0070D 7402320 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Common_Driver_v1.29.03.exe 2014-12-31 00:28:19 E5459DCBDEBF8B31DB9E581B9FFA61E0 10898272 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\CommonConfigInstaller_v2.38.21.exe 2014-12-31 00:28:01 F85BBDA1E03586F64E60C29F45E4DB90 11669848 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_SynapseFonts_v1.00.01.exe 2014-12-31 00:27:14 3CA0F0D244A8620A20D8A30E7D4F1B1B 33036 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerCommonConfig\RazerCommonConfig_Uninstaller.exe 2014-12-29 16:52:16 F2590ED08C8D5FD62D3CF29E828F93B0 7168 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\system\windows\bin\autowcxp.exe 2014-12-29 16:52:16 F2590ED08C8D5FD62D3CF29E828F93B0 7168 ----a-w- C:\Windows\Prey\current\lib\system\windows\bin\autowcxp.exe 2014-12-29 16:52:16 F00EA296DDA78FE0D3E830F680737664 63336 ----a-w- C:\Windows\Prey\versions\1.3.4\node_modules\triggers\bin\lightevt.exe 2014-12-29 16:52:16 F00EA296DDA78FE0D3E830F680737664 63336 ----a-w- C:\Windows\Prey\current\node_modules\triggers\bin\lightevt.exe 2014-12-29 16:52:16 EDEA40350C40AEEC70B1A67339BF19AF 78344 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\conf\gui\windows\prey-config.exe 2014-12-29 16:52:16 EDEA40350C40AEEC70B1A67339BF19AF 78344 ----a-w- C:\Windows\Prey\current\lib\conf\gui\windows\prey-config.exe 2014-12-29 16:52:16 E0F25019195B8417F0F2BDA2D337EEE4 611854 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\system\windows\bin\wpxsvc.exe 2014-12-29 16:52:16 E0F25019195B8417F0F2BDA2D337EEE4 611854 ----a-w- C:\Windows\Prey\current\lib\system\windows\bin\wpxsvc.exe 2014-12-29 16:52:16 A66F6F3DC44F655363706721DFEFF458 666136 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\agent\actions\lock\windows\prey-lock.exe 2014-12-29 16:52:16 A66F6F3DC44F655363706721DFEFF458 666136 ----a-w- C:\Windows\Prey\current\lib\agent\actions\lock\windows\prey-lock.exe 2014-12-29 16:52:16 937951B8AA44C1923BBE515CBBF117A4 16896 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\agent\providers\webcam\windows\prey-webcam.exe 2014-12-29 16:52:16 937951B8AA44C1923BBE515CBBF117A4 16896 ----a-w- C:\Windows\Prey\current\lib\agent\providers\webcam\windows\prey-webcam.exe 2014-12-29 16:52:16 8A874AF5C543A7FA5A4BEF61E7A1C842 294912 ----a-w- C:\Windows\Prey\versions\1.3.4\node_modules\satan\lib\win32\nssm.exe 2014-12-29 16:52:16 8A874AF5C543A7FA5A4BEF61E7A1C842 294912 ----a-w- C:\Windows\Prey\current\node_modules\satan\lib\win32\nssm.exe 2014-12-29 16:52:16 774E2F3B0213A6FFFB38AA7FEE35BC1D 8704 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\system\windows\bin\autowc.exe 2014-12-29 16:52:16 774E2F3B0213A6FFFB38AA7FEE35BC1D 8704 ----a-w- C:\Windows\Prey\current\lib\system\windows\bin\autowc.exe 2014-12-29 16:52:16 60C63951CA4D44E5C1FEA23FB0B9BDDD 363552 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\agent\actions\alert\win32\flash.exe 2014-12-29 16:52:16 60C63951CA4D44E5C1FEA23FB0B9BDDD 363552 ----a-w- C:\Windows\Prey\current\lib\agent\actions\alert\win32\flash.exe 2014-12-29 16:52:16 5FC9E0662B7F33FA44E32BC1C3E9AF57 583464 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\system\windows\bin\safexec.exe 2014-12-29 16:52:16 5FC9E0662B7F33FA44E32BC1C3E9AF57 583464 ----a-w- C:\Windows\Prey\current\lib\system\windows\bin\safexec.exe 2014-12-29 16:52:16 3BE8889FB0C72DB756E88AC069E8BFD8 40960 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\agent\providers\screenshot\windows\preyshot.exe 2014-12-29 16:52:16 3BE8889FB0C72DB756E88AC069E8BFD8 40960 ----a-w- C:\Windows\Prey\current\lib\agent\providers\screenshot\windows\preyshot.exe 2014-12-29 16:52:16 2C6B51B65E8077B0DE692DB52DB68666 347483 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\agent\actions\alarm\bin\mpg123.exe 2014-12-29 16:52:16 2C6B51B65E8077B0DE692DB52DB68666 347483 ----a-w- C:\Windows\Prey\current\lib\agent\actions\alarm\bin\mpg123.exe 2014-12-29 16:52:16 1D13D2F41B615F6FBBCAD04BB01AC289 157696 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\agent\providers\webcam\windows\snapshot.exe 2014-12-29 16:52:16 1D13D2F41B615F6FBBCAD04BB01AC289 157696 ----a-w- C:\Windows\Prey\current\lib\agent\providers\webcam\windows\snapshot.exe 2014-12-29 16:52:15 60F2CDFC1B3F184AD08059ED145C5380 5792480 ----a-w- C:\Windows\Prey\versions\1.3.4\bin\node.exe 2014-12-29 16:52:15 60F2CDFC1B3F184AD08059ED145C5380 5792480 ----a-w- C:\Windows\Prey\current\bin\node.exe 2014-12-28 09:49:09 516C021FEBEDE2962C9252DF85606C76 382168 ----a-w- C:\ProgramData\Adobe\ARM\S\27731\AdobeARMHelper.exe 2014-12-26 15:25:26 493FD1B738AFB3AC457BC1DF631BDAB9 22528 ----a-w- C:\Users\Pieter-Jan\Desktop\JTS3ServerMod\JTS3ServerMod-Windows.exe 2014-12-26 15:25:26 396FE2BBE2A08277DF96C41B9E7A2FF4 26112 ----a-w- C:\Users\Pieter-Jan\Desktop\JTS3ServerMod\JTS3ServerMod-Windows_NoWindow.exe 2014-12-25 16:09:25 23DFCB6080F212C5645942B9BAC4CA8B 150237272 ----a-w- C:\ProgramData\Overwolf\Setup\0.81.36.0\OverwolfSetup.exe === C: other files == 2014-12-31 11:17:48 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-12-31 11:14:05 2C89A3169DE2C95D23F18D470D8CEEDB 1885 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Purplizer\certificates\x509\tls_peers\xmpp2.overwolf.com 2014-12-31 00:47:48 2CE287886E91C89009A488008D922EAD 356484 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_LycosaConverter_v2.00.01.zip 2014-12-31 00:30:23 FEF60A37301E1F5A3020FA3487FB2CD7 129600 ----a-w- C:\Windows\System32\drivers\rzpnk.sys 2014-12-31 00:30:17 F17F84511E7DFDEEAB646F0699A006D7 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys 2014-12-30 22:30:56 D3C2288BB2A9F11D60DD2D23A4EABEA8 1713 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Purplizer\certificates\x509\tls_peers\xmpp1.overwolf.com 2014-12-30 13:21:57 8C4C9A4898859E0838312000943A4712 25115 ----a-w- C:\Users\Pieter-Jan\Downloads\Ondertitel.com-282-The.Spy.Next.Door.2010.R6.DVDRip.XviD-ViSiON.zip 2014-12-30 13:21:37 E07F30EA5A1FD4DD79C12AD29B90EF49 24322 ----a-w- C:\Users\Pieter-Jan\Downloads\Spy.Next.Door.The.2010(Ned.DVD).zip 2014-12-29 18:40:29 53AADA9BB5F67A09BFB54719E71E3447 41971 ----a-w- C:\Users\Pieter-Jan\AppData\Local\Overwolf\Temp\7feecdb1b0f346b6a8c77db8208cb4fb.zip 2014-12-29 16:52:16 E1EEE1C5F2467A7316741CB390BC315C 1413 ----a-w- C:\Windows\Prey\versions\1.3.4\lib\agent\providers\hardware\ramcheck.vbs 2014-12-29 16:52:16 E1EEE1C5F2467A7316741CB390BC315C 1413 ----a-w- C:\Windows\Prey\current\lib\agent\providers\hardware\ramcheck.vbs ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Windows\CurrentVersion\Run] "BuildNotification12"="C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\BuildNotificationApp.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "LightShot"="C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot\Lightshot.exe" "Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent" "Spotify"="C:\Users\Pieter-Jan\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Pieter-Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_0F6CCAB1E12ACBC25EE419C632CD8BD7"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "mapdisk"="C:\Users\Pieter-Jan\Documents\ArmAWork\mapdisk.bat" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BuildNotification12"="C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\BuildNotificationApp.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "LightShot"="C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot\Lightshot.exe" "Overwolf"="C:\Program Files (x86)\Overwolf\Overwolf.exe -silent" "Spotify"="C:\Users\Pieter-Jan\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Pieter-Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_0F6CCAB1E12ACBC25EE419C632CD8BD7"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "mapdisk"="C:\Users\Pieter-Jan\Documents\ArmAWork\mapdisk.bat" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\PROGRA~2\\SupTab\\SEARCH~1.DLL" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Fences"="C:\Program Files (x86)\Stardock\Fences\Fences.exe /startup" ==== Startup Folders ====================== 2014-12-20 17:23:29 0 ----a-w- C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/12/2014 18:40] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/07/2014 23:26] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/07/2014 23:26] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files\ASUS\P4G\InsOnCfg.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe] "C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\Windows\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"] "C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Officejet 6600" ["C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Overwolf Updater Task" [C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\ASUS\P4G\IntlDPST.exe] "C:\Windows\SysNative\tasks\Pieter-Jan" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe] "C:\Windows\SysNative\tasks\Pieter-Jan Merge" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe"] "C:\Windows\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\Windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{764F5446-6BFD-4EFE-85B8-B8255FAFBBB7}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "content_blocker@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com" [17/12/2014 14:31] ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions blbkdnmdcafmfhinpmnlhhddbepgkeaa - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa[] bopakagnckmlgajfccecajhnimjiiedh - No path found[] dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx[21/10/2013 18:49] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx[21/10/2013 18:49] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx[17/12/2014 14:30] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22] noajmlkipclmeolfcnflkjhijkigpfjh - C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx[] pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] BTTV - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped Google Docs - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Battlefield Heroes - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh Google Search - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj AdBlock - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Dangerous Websites Blocker - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Virtual Keyboard - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh AVG Secure Search - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Google Wallet - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Security Protection - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh Select City - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma Astromenda New Tab - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae Gmail - Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cambiaresearch.com_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cambiaresearch.com_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_noajmlkipclmeolfcnflkjhijkigpfjh_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfkfdlcdbajamklbneflfbcmfgddmpae_0.localstorage deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pfkfdlcdbajamklbneflfbcmfgddmpae_0.localstorage-journal deleted successfully C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.delta-homes.com/?type=hp&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H" "Search Page"="http://search.delta-homes.com/web/?type=ds&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H&q={searchTerms}" "Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H" "Default_Search_URL"="http://search.delta-homes.com/web/?type=ds&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H&q={searchTerms}" "Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H" "Start Page"="http://www.delta-homes.com/?type=hp&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H" "Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H&q={searchTerms}" "Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H" "Start Page"="http://www.delta-homes.com/?type=hp&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H" "Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-3799622816-576845321-18875002-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Pieter-Jan\Desktop\.lnk - C:\Users\Pieter-Jan\Desktop\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSACCESS.EXE C:\Users\Pieter-Jan\Desktop\Customize Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe /FromDesktop C:\Users\Pieter-Jan\Desktop\Dexpot.lnk - C:\Program Files (x86)\Dexpot\dexpot.exe C:\Users\Pieter-Jan\Desktop\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE C:\Users\Pieter-Jan\Desktop\FTB.lnk - C:\Users\Pieter-Jan\Desktop\Games\FTB\launcher^FTB_Launcher.jar C:\Users\Pieter-Jan\Desktop\LaunchGTAIV.exe - Snelkoppeling (2).lnk - F:\Games\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe -availablevidmem 30.0 C:\Users\Pieter-Jan\Desktop\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\POWERPNT.EXE C:\Users\Pieter-Jan\Desktop\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe /secondary C:\Users\Pieter-Jan\Desktop\Spotify.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Spotify\spotify.exe C:\Users\Pieter-Jan\Desktop\TERA.lnk - F:\Games\GameforgeLive\GameforgeLive.exe "F:\Games\GameforgeLive\Games\GBR_eng\TERA\tera-launcher.exe" -start TERA C:\Users\Pieter-Jan\Desktop\Uplay.lnk - F:\Games\Ubisoft Game Launcher\Uplay.exe C:\Users\Pieter-Jan\Desktop\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE C:\Users\Pieter-Jan\Desktop\µTorrent.lnk - C:\Users\Pieter-Jan\Desktop\Games\DS3 Tool.lnk - C:\Program Files (x86)\MotioninJoy\ds3\DS3_Tool.exe C:\Users\Pieter-Jan\Desktop\Games\Hearthstone.lnk - C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe C:\Users\Pieter-Jan\Desktop\Games\Strife.lnk - C:\Program Files (x86)\Strife\bin\strife.exe C:\Users\Pieter-Jan\Desktop\Games\The Room.lnk - C:\Program Files (x86)\TheRoom\TheRoom.exe C:\Users\Pieter-Jan\Desktop\School\FileZilla Client.lnk - C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe C:\Users\Pieter-Jan\Desktop\School\Informatica\Bouwstenen 2014\Bouwstenen 2014\obj\Debug\Bouwstenen 2014.exe - Snelkoppeling.lnk - C:\Users\Pieter-Jan\Desktop\School\Informatica\Bouwstenen 2014\Bouwstenen 2014\obj\Debug\Bouwstenen 2014.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe C:\Users\Public\Desktop\Factorio.lnk - C:\Program Files (x86)\Factorio\bin\x64\Factorio.exe C:\Users\Public\Desktop\FileZilla Client.lnk - C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.delta-homes.com/?type=sc&ts=1419343475&from=wpm12233&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H C:\Users\Public\Desktop\Guild Wars 2.lnk - F:\Games\Guild Wars 2\Gw2.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\MorphVOX Junior.lnk - C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphVOXJr.exe C:\Users\Public\Desktop\Origin.lnk - F:\Games\Origin\Origin.exe C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk - F:\Games\Euro Truck Simulator 2 Multiplayer\launcher.exe C:\Users\Public\Desktop\Play League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe C:\Users\Public\Desktop\Seagate Dashboard 2.0.lnk - C:\Windows\Installer\{F1D8690F-06B3-4100-9949-398EA253AC61}\ScDashBoardDesktop_942064A30E474CC8BCA1C6511C4CD457.exe C:\Users\Public\Desktop\SimCity™.lnk - C:\Users\Public\Desktop\Steam.lnk - F:\Games\Steam\Steam.exe C:\Users\Public\Desktop\World of Warcraft.lnk - F:\Games\WoW\World of Warcraft\World of Warcraft Launcher.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\join.me.lnk - C:\Users\Pieter-Jan\AppData\Local\join.me\join.me.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Spotify\spotify.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Arma 2 Operation Arrowhead\BattlEye\Uninstall BattlEye.lnk - F:\Games\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City Life RPG\CL3 Launcher\CL3 Launcher.lnk - C:\Program Files (x86)\City Life RPG\CL3 Launcher\CL3Launcher.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\City Life RPG\CL3 Launcher\Uninstall CL3 Launcher.lnk - C:\Program Files (x86)\City Life RPG\CL3 Launcher\CL3 Launcher uninst.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dexpot\Dexpot.lnk - C:\Program Files (x86)\Dexpot\dexpot.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk - C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\controls.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Installer\{127B5371-1802-4EDD-A25A-A43BF761D383}\_515C967999ACF34D680722.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\PBOConsole v.1.4 beta.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Installer\{127B5371-1802-4EDD-A25A-A43BF761D383}\_375C418B133CEF0A0287C6.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\PBOManager v.1.4 beta.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Installer\{127B5371-1802-4EDD-A25A-A43BF761D383}\_27D2DA8966B16C2CB05C24.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PBO Manager\version.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Installer\{127B5371-1802-4EDD-A25A-A43BF761D383}\_ECEEA3BA64A97A3354E92E.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk - F:\Games\Ubisoft Game Launcher\Uninstall.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk - F:\Games\Ubisoft Game Launcher\Uplay.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Converter Pro\Uninstall WM Converter Pro.lnk - C:\Program Files (x86)\WM Converter Pro\uninstall.exe "/U:C:\Program Files (x86)\WM Converter Pro\Uninstall\uninstall.xml" C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WM Converter Pro\WM Converter Pro.lnk - C:\Program Files (x86)\WM Converter Pro\WM Converter.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-registratie.lnk - C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Tools\BI's Tools drive\Remove BI's Tools Drive.lnk - C:\Users\Pieter-Jan\Documents\ArmAWork\UnInstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Tools\BinMake\Show ReadMe file.lnk - C:\Program Files (x86)\Bohemia Interactive\Tools\BinMake\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Tools\BinMake\Uninstall BinMake.lnk - C:\Program Files (x86)\Bohemia Interactive\Tools\BinMake\UnInstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Tools\TexView 2\Show ReadMe file.lnk - C:\Program Files (x86)\Bohemia Interactive\Tools\TexView 2\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Tools\TexView 2\texMerge.lnk - C:\Program Files (x86)\Bohemia Interactive\Tools\TexView 2\texMerge.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Tools\TexView 2\TexView 2.lnk - C:\Program Files (x86)\Bohemia Interactive\Tools\TexView 2\TexView2.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive\Tools\TexView 2\Uninstall TexView 2.lnk - C:\Program Files (x86)\Bohemia Interactive\Tools\TexView 2\UnInstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 Multiplayer\Play Euro Truck Simulator 2 Multiplayer.lnk - F:\Games\Euro Truck Simulator 2 Multiplayer\launcher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Factorio\Uninstall.lnk - C:\Program Files (x86)\Factorio\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk - C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk - C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Gameforge Live.lnk - F:\Games\GameforgeLive\GameforgeLive.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\TERA.lnk - F:\Games\GameforgeLive\GameforgeLive.exe "F:\Games\GameforgeLive\Games\GBR_eng\TERA\tera-launcher.exe" -start TERA C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Uninstall Gameforge Live.lnk - F:\Games\GameforgeLive\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live\Uninstall TERA.lnk - F:\Games\GameforgeLive\Games\GBR_eng\TERA\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2\Guild Wars 2.lnk - F:\Games\Guild Wars 2\Gw2.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm\Heroes of the Storm.lnk - C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Update.lnk - C:\Program Files (x86)\HP\HP Software Update\hpwucli.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet 6600\HP Officejet 6600.lnk - C:\Program Files (x86)\HP\HP Officejet 6600\Bin\HP Officejet 6600.exe -Start UDCDevicePage C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /i {8B4E75B8-6788-481D-B8D5-143EF17DC06A} REMOVE=ALL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace\Games for Windows Marketplace.lnk - C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse 2.0\Razer Synapse 2.0.lnk - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe -launch C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee\MorphVOX Junior\MorphVOX Junior.lnk - C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphVOXJr.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee\MorphVOX Junior\Uninstall MorphVOX Junior.lnk - C:\Windows\SysWOW64\msiexec.exe /x{E6C7380F-15DD-445E-BA02-B7A180BA0A5A} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard 2.0\Seagate Dashboard 2.0.lnk - C:\Windows\Installer\{F1D8690F-06B3-4100-9949-398EA253AC61}\ScDashBoardDesktop_B87504CE5AD94575AAA0494D8F67D841.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\Leesmij.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\Licentieovereenkomst voor eindgebruikers van SimCity™.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\SimCity™.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™\Technische ondersteuning.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype voor bureaublad.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock\Fences.lnk - C:\Program Files (x86)\Stardock\Fences\Fences.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Audio Repeater (KS).lnk - C:\Program Files (x86)\Virtual Audio Cable\audiorepeater_ks.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Audio Repeater (MME).lnk - C:\Program Files (x86)\Virtual Audio Cable\audiorepeater.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Control panel.lnk - C:\Program Files (x86)\Virtual Audio Cable\vcctlpan.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Homepage.lnk - C:\Program Files (x86)\Virtual Audio Cable\homepage.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\License Agreement.lnk - C:\Program Files (x86)\Virtual Audio Cable\license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Readme.lnk - C:\Program Files (x86)\Virtual Audio Cable\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\Uninstall Virtual Audio Cable.lnk - C:\Program Files (x86)\Virtual Audio Cable\setup64.exe -u C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable\User manual.lnk - C:\Program Files (x86)\Virtual Audio Cable\vac.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft\World of Warcraft.lnk - F:\Games\WoW\World of Warcraft\World of Warcraft Launcher.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://isearch.omiga-plus.com/?type=sc&ts=1405455118&from=ild&uid=SamsungXSSDX840XEVOX250GB_S1DBNSAF528878H C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Play League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TeamSpeak 3 Client.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Vegas Pro 13.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\vegas130.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VS Express 2013 for Desktop.lnk - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Pieter-Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [BuildNotification12] "C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\BuildNotificationApp.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [LightShot] C:\Users\Pieter-Jan\AppData\Local\Skillbrains\lightshot\Lightshot.exe O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent O4 - HKCU\..\Run: [Spotify] "C:\Users\Pieter-Jan\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Pieter-Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [mapdisk] "C:\Users\Pieter-Jan\Documents\ArmAWork\mapdisk.bat" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_0F6CCAB1E12ACBC25EE419C632CD8BD7] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe O4 - Startup: CurseClientStartup.ccip O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Cron Service (CronService) - Fork, Ltd. - C:\Windows\Prey\wpxsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - F:\Games\Origin\OriginClientService.exe O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Razer Surround Audio Service (RzMaelstromVADStreamingService) - Unknown owner - C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamSpeak 3 Bot - Dirk Sarodnick (TS3-Bot) - Dirk Sarodnick - C:\Program Files (x86)\Dirk Sarodnick\TeamSpeak 3 Bot\TS3-Bot.Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\IE\4GLQDOXP will be deleted at reboot C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\IE\5N3TG8CH will be deleted at reboot C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\IE\NVKAWYEH will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Pieter-Jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1030 folders=446 796682112 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Pieter-Jan\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\PIETER~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\WinZipper" not found "C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\IE\4GLQDOXP" not found "C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\IE\5N3TG8CH" not found "C:\Users\Pieter-Jan\AppData\Local\Microsoft\Windows\INetCache\IE\NVKAWYEH" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on wo 31/12/2014 at 12:35:23,72 ======================