Zoek.exe v5.0.0.0 Updated 26-March-2015 Tool run by krist on do 26/03/2015 at 20:22:31,01. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\krist\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 26/03/2015 20:28:11 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\kluys_000\AppData\Local\VirtualStore deleted successfully C:\Users\krist\AppData\Local\Adobe deleted successfully C:\Users\Robin\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\SetStretch.VBS deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-170456058-1142922209-2974173215-1001 deleted C:\windows\SysNative\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat deleted C:\windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-03-18 10:54:56 C4B680AA8A352611D0C70E680A87E367 43112 ----a-w- C:\Windows\avastSS.scr 2015-03-11 14:06:40 C10A66189DC8C090E7C84873EDCEBC88 2501368 ----a-w- C:\Windows\explorer.exe 2015-03-11 12:25:56 80E856B1AFAEB6195EADAAD65945147C 1001472 ----a-w- C:\Windows\HelpPane.exe 2015-03-11 12:22:26 959A31D0CD013CEA0C66DB7C03BCBDDF 221184 ----a-w- C:\Windows\notepad.exe 2015-03-11 12:20:42 B67DB709F5FDAA89CA6C2CB6C1E39B3B 154624 ----a-w- C:\Windows\regedit.exe 2015-03-11 12:20:27 4D9DA155B7B449964E14FC32124CC601 128512 ----a-w- C:\Windows\splwow64.exe 2015-03-11 12:20:16 727B4519FE9919447108CBEC4768F34A 54272 ----a-w- C:\Windows\twain_32.dll 2015-03-11 12:16:30 B934411DFE7DEACFA95A1255A48133C9 17408 ----a-w- C:\Windows\hh.exe 2015-03-11 12:16:26 335C38783B3F1B383ECAC17DB3705895 9728 ----a-w- C:\Windows\winhlp32.exe 2015-03-11 12:16:22 73E19BE0E0ECD88616B5762F621B0226 11264 ----a-w- C:\Windows\write.exe ====== C:\Users\krist\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-03-14 17:10:44 BF04E252967D6AA5779A24DD6BBDA7D0 178144 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-14 17:10:44 AFBB78BD6C387FFA4F3AE18B2BB983ED 792032 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-03-18 10:55:08 6568873240CDAA472C936B1EB92154E8 364472 ----a-w- C:\Windows\Sysnative\aswBoot.exe ====== C:\Windows\Sysnative\drivers ===== 2015-03-11 14:09:07 D296D0F0DB2CD1504F90405603664493 264000 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2015-03-11 14:09:06 9F4DF0043965808973023A9B51A11136 114496 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2015-03-11 14:09:06 1751F6B031ADAC34724511057D2E455D 44024 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2015-03-11 14:07:49 6D3A2565E01B3E4B0F1BEDB0D4B00B3F 1113920 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2015-03-11 14:07:46 DC66AE45816614D2999DCD3834DCCC4E 167424 -c--a-w- C:\Windows\Sysnative\drivers\rfcomm.sys 2015-03-11 14:07:46 42F88B57CAE42FC10059C887B3FCFCEA 97792 -c--a-w- C:\Windows\Sysnative\drivers\hidbth.sys 2015-03-11 14:07:45 BC8A79C625568DDB7DCA49D0C2741A64 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2015-03-11 12:30:27 65454187E0F8B6C0DCECB0287D06EC43 14144 -c--a-w- C:\Windows\Sysnative\drivers\swenum.sys 2015-03-11 12:28:17 468273F7089A3A33D149955F0F203FA4 2485056 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2015-03-11 12:28:17 13EFD41E351F31E087283CF66C29A25E 373568 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2015-03-11 12:28:17 00C594D5A1DBD22AD8B2902B9F6EFF94 14528 -c--a-w- C:\Windows\Sysnative\drivers\drmkaud.sys 2015-03-11 12:28:12 7F68063A5A0461E02BC860CE0E6BFDDC 2025792 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2015-03-11 12:26:28 E1BB0B6F00F470B451AB45EA13EBA0B3 1552704 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2015-03-11 12:25:55 E796AE43DDD1844281DB4D57294D17C0 533824 -c--a-w- C:\Windows\Sysnative\drivers\acpi.sys 2015-03-11 12:25:54 982B9495F70FEEA269C48F18E960EFDE 389952 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2015-03-11 12:25:46 00D8AC8E3053290BDE6EA2FB6810D2FC 678400 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2015-03-11 12:25:19 31233271EDE50D1BBB220F78AFA60486 405504 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-03-11 12:24:47 C06E8481E068F170A258441639AC5792 551232 -c--a-w- C:\Windows\Sysnative\drivers\vhdmp.sys 2015-03-11 12:24:26 D24B1945ED1F9C96DA786DBBF1E983CE 415040 -c--a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2015-03-11 12:24:21 2787A73C848128C950385CB3A63A6B91 337728 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2015-03-11 12:24:09 6276AC2AA203CF47811F6EFBBD214FBF 202752 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-03-11 12:24:04 C1FB505A73FA2E9019D32444AB33B75A 354112 ----a-w- C:\Windows\Sysnative\drivers\fltMgr.sys 2015-03-11 12:23:44 D7B4859227B02BCC1055B279A63C937F 226304 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2015-03-11 12:23:36 FAA564A13576F9284546BF016D27B551 467776 -c--a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2015-03-11 12:22:56 C37F4930795B771400C63C3C87E7A6C2 1198080 ----a-w- C:\Windows\Sysnative\drivers\bthport.sys 2015-03-11 12:22:24 481286719402E4BAEFEA0604AB1B5113 113664 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2015-03-11 12:22:15 C76097CA941FA7CAFEDB1E557969025C 272384 -c--a-w- C:\Windows\Sysnative\drivers\portcls.sys 2015-03-11 12:22:15 BF8205666BA2F9C2ABFA821DB8230C12 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2015-03-11 12:21:46 4E829B18D5BAEC29893792A3C671A847 100672 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-03-11 12:21:34 BAFF6122CFC9F95CA175AD8C348179A4 88896 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys 2015-03-11 12:21:24 BAB713B409258DB7B5D9F9693F802B0E 136512 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys 2015-03-11 12:21:18 E8FFD8BE3C50E7A71C5FBB87BDD1128E 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys 2015-03-11 12:21:04 41F631007A158FEBB67F0E2AD1601BBA 93696 ----a-w- C:\Windows\Sysnative\drivers\rassstp.sys 2015-03-11 12:20:56 FC0141B4A5AD6D637D883C1A89FC45C5 151040 ----a-w- C:\Windows\Sysnative\drivers\pacer.sys 2015-03-11 12:20:54 008F7CED69FD5B30CBDE1E03C6F36A27 445440 ----a-w- C:\Windows\Sysnative\drivers\nwifi.sys 2015-03-11 12:20:53 D1D82F007A079A4D623DBD1F36EF30A1 102208 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-03-11 12:20:48 F00B189ECA74DDF408AD934ADDC72477 89088 -c--a-w- C:\Windows\Sysnative\drivers\drmk.sys 2015-03-11 12:20:42 A7C31B168F371E8E6796219F23E354DB 61248 ----a-w- C:\Windows\Sysnative\drivers\fsdepends.sys 2015-03-11 12:20:41 A1D4D34A56DF1D5122CDB265038A2E72 59712 -c--a-w- C:\Windows\Sysnative\drivers\kbdclass.sys 2015-03-11 12:20:28 A53E798C06D729CCF8459968B4372F6E 89368 ----a-w- C:\Windows\Sysnative\drivers\vmbkmcl.sys 2015-03-11 12:20:14 6505C9E72910F91D4C317EECF22D1DE6 80896 ----a-w- C:\Windows\Sysnative\drivers\wanarp.sys 2015-03-11 12:20:05 615DFD97DEA56CE1C3A52185A3038FF8 921920 ----a-w- C:\Windows\Sysnative\drivers\refs.sys 2015-03-11 12:19:33 511AD3FF957A0127E6BD336FF6F89C38 97048 ----a-w- C:\Windows\Sysnative\drivers\vmbus.sys 2015-03-11 12:19:30 EF31713EE4C7CCFE4049F7E7F15645A2 69952 ----a-w- C:\Windows\Sysnative\drivers\vpci.sys 2015-03-11 12:19:30 10A78656BF6126245631705E45F9B9CF 61208 ----a-w- C:\Windows\Sysnative\drivers\winhv.sys 2015-03-11 12:19:29 8B9486B64E5FC17FB9CC04CA10B77A34 49944 ----a-w- C:\Windows\Sysnative\drivers\vmstorfl.sys 2015-03-11 12:19:27 269882812E9A68FFF1AFE1283D428322 126464 ----a-w- C:\Windows\Sysnative\drivers\NdisImPlatform.sys 2015-03-11 12:19:14 6FC047578785B0435F4E2660946D1ADC 74240 ----a-w- C:\Windows\Sysnative\drivers\mpsdrv.sys 2015-03-11 12:18:55 A2468CC3509394A33C4C32F99563D845 54784 ----a-w- C:\Windows\Sysnative\drivers\wpcfltr.sys 2015-03-11 12:18:55 1A20F03700D2B2ED775E38D751EF2F63 324928 -c--a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS 2015-03-11 12:18:52 F3C060444777A59FC63D920719E43CCD 115712 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys 2015-03-11 12:18:52 0E046FF5823B95326D10CF1B4AF23541 39424 ----a-w- C:\Windows\Sysnative\drivers\nsiproxy.sys 2015-03-11 12:18:48 807F8CF3E973305FC435C61CBBEE2A49 189248 -c--a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS 2015-03-11 12:18:44 5F66B7BB330AA80067FC66149A692620 33600 ----a-w- C:\Windows\Sysnative\drivers\wimmount.sys 2015-03-11 12:18:44 2A2F8D5284E59815169A88F1FC9CEE28 51008 -c--a-w- C:\Windows\Sysnative\drivers\mouclass.sys 2015-03-11 12:18:32 A57A897E3F87B8E9F30A627C42779A76 21824 ----a-w- C:\Windows\Sysnative\drivers\tbs.sys 2015-03-11 12:18:11 5C8F604F6DC74177CDD8372D7B1ADFF0 212736 -c--a-w- C:\Windows\Sysnative\drivers\usbvideo.sys 2015-03-11 12:17:32 DDD7F92A83F74D1476B71FBA9530A8DC 72192 ----a-w- C:\Windows\Sysnative\drivers\ndproxy.sys 2015-03-11 12:16:59 D4DCE03870314D3354F3501F9DDD4123 87040 ----a-w- C:\Windows\Sysnative\drivers\netvsc63.sys 2015-03-11 12:16:56 415DD71628795197F7AFC176CBADC74E 82944 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-03-11 12:16:42 42FF4975D032CAE558AE4BB8448F6E5A 48128 ----a-w- C:\Windows\Sysnative\drivers\netbios.sys 2015-03-11 12:16:06 13BEA6C882D4D877A5A85CA149C86BC1 40960 ----a-w- C:\Windows\Sysnative\drivers\scfilter.sys 2015-03-11 12:15:59 4A34D7084B862A92F3ABC4969166B3D3 32256 -c--a-w- C:\Windows\Sysnative\drivers\kbdhid.sys 2015-03-11 12:15:58 D887446F3F6051C60C26F4FD1FC8D43F 107520 -c--a-w- C:\Windows\Sysnative\drivers\i8042prt.sys 2015-03-11 12:15:58 D7A41959BB3A8510F1BAC36F5CEC1874 144384 ----a-w- C:\Windows\Sysnative\drivers\rmcast.sys 2015-03-11 12:15:58 91223A2AE2955B3E0DA3DB79C3A897A6 30208 -c--a-w- C:\Windows\Sysnative\drivers\mouhid.sys 2015-03-11 12:15:58 51B3AC0560848CD6D65AC2033E293113 66560 ----a-w- C:\Windows\Sysnative\drivers\mslldp.sys 2015-03-11 12:15:58 1104A31260CCF4318C884E0AE6C513BF 53248 ----a-w- C:\Windows\Sysnative\drivers\bthenum.sys 2015-03-11 12:15:57 96B01F117057FB4DAE0FF919ACB55770 26112 -c--a-w- C:\Windows\Sysnative\drivers\sermouse.sys 2015-03-11 12:15:57 8CECC8DA55F3274181FD1EA28AD76664 43008 ----a-w- C:\Windows\Sysnative\drivers\ndiscap.sys 2015-03-11 12:15:57 67343511D80BF3D6D9EEDB5BA8D0B06B 57856 -c--a-w- C:\Windows\Sysnative\drivers\bthhfenum.sys 2015-03-11 12:15:57 08EA90955AED2D959EE67DF6EDF0E2B6 81920 ----a-w- C:\Windows\Sysnative\drivers\BTHUSB.SYS 2015-03-11 12:15:56 B337B1F1E82A83E20A1743E008E25C0F 17408 ----a-w- C:\Windows\Sysnative\drivers\rasacd.sys 2015-03-11 12:15:56 9746BA79DE0CA5EB5104406A9ED62D01 11776 ----a-w- C:\Windows\Sysnative\drivers\rootmdm.sys 2015-03-11 12:15:56 83868EB2924E6BC21A54337C65D614D1 47104 ----a-w- C:\Windows\Sysnative\drivers\qwavedrv.sys 2015-03-11 12:15:56 82821F4EEC776B4CF11695A38F3ABA46 24576 ----a-w- C:\Windows\Sysnative\drivers\ndistapi.sys 2015-03-11 12:15:56 3083926D1CC5B56EA0786527B557DD1B 103424 ----a-w- C:\Windows\Sysnative\drivers\Ndu.sys 2015-03-11 12:15:56 20185BEB7512EDE4EFECDFA148AC9F99 29696 -c--a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2015-03-11 12:15:56 0139248F6B95CF0D837B5B46A2722D40 98304 -c--a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2015-03-05 16:31:31 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-03-01 10:29:41 BC18D5B42B19564BA09156410E1FB9BE 93528 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys 2015-03-01 10:29:41 BA4B999D245287608A79C92CDAE6F3C1 29168 ----a-w- C:\Windows\Sysnative\drivers\aswHwid.sys 2015-03-01 10:29:41 8CDA894FA86D03FB43063D5FD85EFCAE 136752 ----a-w- C:\Windows\Sysnative\drivers\aswStm.sys 2015-03-01 10:29:41 713AFFD4E38553AEF04617C985B4030B 65736 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys 2015-03-01 10:29:41 669F6B37965756E407B447272B5EE39F 1047320 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys 2015-03-01 10:29:41 3A145C94A519E52FE7E99460DD0DF53C 441728 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys 2015-03-01 10:29:41 245D3A0670491E1F88759EC45C9F7314 88408 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys 2015-03-01 10:29:41 11644D8399F4AC8BB12C2364DCB87CB4 268640 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys ====== C:\Windows\Tasks ====== 2015-03-03 18:58:16 4EB4337E353AD757983A12323FB246B6 5058 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for MIJNPC-kluys_000 mijnpc 2015-03-01 14:34:56 E3072C7111E6316C79C81B31E15119D6 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-01 14:34:56 884F630B4369A23C95ACE545C6ABCAB0 3828 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2015-03-01 10:30:30 0C4D825399A78F31EFD6D167B84BB346 4182 ----a-w- C:\Windows\Sysnative\Tasks\avast! Emergency Update 2015-03-01 10:29:57 E91D85772BF4C9B5A5F5148C57C02320 4050 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-03-01 10:29:57 0B98CEE3A6CEC6E1D55F5E146E8408D3 1078 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-01 10:29:56 9FD20A0BC9F3D6BE0B82DB60AAE8F2E8 3814 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-03-01 10:29:55 DF913F1A2DFB33B6EF0E41C4EBEA1B0B 1074 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-26 14:01:04 -------- d-----w- C:\Program Files\trend micro 2015-03-22 11:25:35 -------- d-----w- C:\Program Files\Microsoft Office ======= C:\PROGRA~2 ===== 2015-03-22 11:29:37 -------- d-----w- C:\PROGRA~2\Microsoft Works 2015-03-22 11:29:01 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 2015-03-22 11:25:29 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 8 2015-03-01 10:29:54 -------- d-----w- C:\PROGRA~2\Google ======= C: ===== ====== C:\Users\krist\AppData\Roaming ====== 2015-03-22 11:24:37 -------- d-----w- C:\Users\krist\AppData\Local\Microsoft Help 2015-03-22 09:52:56 -------- d-----w- C:\Users\krist\AppData\Roaming\BitTorrent 2015-03-21 14:14:06 -------- d-----w- C:\Users\kluys_000\AppData\Locallow\Brother 2015-03-21 14:14:06 -------- d-----r- C:\Users\kluys_000\AppData\Roaming\Brother 2015-03-16 18:13:12 -------- d-----w- C:\Users\kluys_000\AppData\Roaming\Identities 2015-03-14 18:42:25 -------- d-----w- C:\Users\krist\AppData\Roaming\Identities 2015-03-08 10:28:42 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft 2015-03-07 20:52:51 -------- d-----w- C:\Users\Robin\AppData\Local\Unity 2015-03-07 20:52:50 -------- d-----w- C:\Users\Robin\AppData\Locallow\Unity 2015-03-07 10:22:10 -------- d-----w- C:\Users\Robin\AppData\Local\Popcorn-Time 2015-03-07 10:20:09 -------- d-----w- C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-03-07 10:18:55 -------- d-----w- C:\Users\Robin\AppData\Local\Popcorn Time 2015-03-05 16:57:21 -------- d-----w- C:\Users\kluys_000\AppData\Roaming\Mozilla 2015-03-05 16:57:21 -------- d-----w- C:\Users\kluys_000\AppData\Local\Mozilla 2015-03-02 16:36:36 -------- d-----w- C:\Users\kluys_000\AppData\Local\Google 2015-03-01 10:35:12 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google 2015-03-01 10:29:54 -------- d-----w- C:\Users\krist\AppData\Local\Google ====== C:\Users\krist ====== 2015-03-26 13:58:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\krist\Downloads\RSITx64.exe 2015-03-22 11:31:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-03-22 11:24:31 -------- d-----w- C:\ProgramData\Microsoft Help 2015-03-22 09:52:14 C93C775C0C2D608CE080D5C4D1489F61 1744472 ----a-w- C:\Users\krist\Downloads\BitTorrent.exe 2015-03-01 10:30:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C: exe-files == 2015-03-26 14:01:05 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\krist.exe 2015-03-26 13:58:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\krist\Downloads\RSITx64.exe 2015-03-22 11:13:52 95B8A4245A6CD37D36E56FAE5A23E2B1 463152 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\setup.exe 2015-03-22 11:13:52 95B8A4245A6CD37D36E56FAE5A23E2B1 463152 ----a-r- C:\Users\krist\Downloads\MicroSoft Office 2007 With Key -THADOGG\setup.exe 2015-03-22 11:13:09 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\ose.exe 2015-03-22 11:13:09 5A432A042DAE460ABE7199B758E8606C 145184 ----a-r- C:\Users\krist\Downloads\MicroSoft Office 2007 With Key -THADOGG\Enterprise.WW\ose.exe 2015-03-22 11:11:07 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-w- C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\DW20.EXE 2015-03-22 11:11:07 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-r- C:\Users\krist\Downloads\MicroSoft Office 2007 With Key -THADOGG\Office.en-us\DW20.EXE 2015-03-22 11:10:54 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-w- C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\dwtrig20.exe 2015-03-22 11:10:54 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-r- C:\Users\krist\Downloads\MicroSoft Office 2007 With Key -THADOGG\Office.en-us\dwtrig20.exe 2015-03-22 09:54:15 C93C775C0C2D608CE080D5C4D1489F61 1744472 ----a-w- C:\Users\krist\AppData\Roaming\BitTorrent\updates\7.9.2_38914.exe 2015-03-22 09:54:06 C93C775C0C2D608CE080D5C4D1489F61 1744472 ----a-w- C:\Users\krist\AppData\Roaming\BitTorrent\BitTorrent.exe 2015-03-22 09:52:14 C93C775C0C2D608CE080D5C4D1489F61 1744472 ----a-w- C:\Users\krist\Downloads\BitTorrent.exe 2015-03-21 14:40:45 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files (x86)\Google\Update\Install\{6CFDD9EC-47D6-451C-9226-391A9F1353FF}\41.0.2272.101_41.0.2272.89_chrome_updater.exe 2015-03-21 14:40:45 A38E9C48F13C11CAB641A0C91F8F12A1 885840 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.101\41.0.2272.101_41.0.2272.89_chrome_updater.exe === C: other files == 2015-03-22 09:53:02 F2F18BC5529FFD6B9B22B18972E10202 68 ----a-w- C:\Users\krist\AppData\Local\Temp\HYD7E78.tmp.1427017982\HTA\install.1427017982.zip 2015-03-22 09:52:39 F2F18BC5529FFD6B9B22B18972E10202 68 ----a-w- C:\Users\krist\AppData\Local\Temp\HYD2125.tmp.1427017959\HTA\install.1427017959.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-170456058-1142922209-2974173215-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe" "mcpltui_exe"="C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe /platui /runkey" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)] "C:\Windows\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)] "C:\Windows\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\Windows\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\Windows\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{942DB1F5-4343-4D82-A4D1-F381FD562759}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{C1BF641A-33AB-4C8F-8BDE-743A5FD76205}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{EB463A5C-AF3C-40F3-BD0A-7FD259523F75}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18/03/2015 11:55] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\krist\AppData\Roaming\Mozilla\Firefox\Profiles\glal6yxx.default - Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\krist\AppData\Roaming\Mozilla\Firefox\Profiles\glal6yxx.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 43583AB4DFD406F4C188342F41B1F91C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[18/03/2015 11:54] fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[28/01/2015 15:25] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[18/03/2015 11:54] Google Slides - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap SiteAdvisor - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Avast Online Security - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Gmail - kluys_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap SiteAdvisor - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Avast Online Security - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - krist\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia QR Creator - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm Google Slides - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Angry Birds - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj Theme Creator - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc Google Docs - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf UJAM - Make your music. - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdiogojbmdncjdpljocafnigiokgmci Loupe Collage - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc YOUZEEK Free Music - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce Audiotool - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk YouTube - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Facebook - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm Drumtrackz - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cciklmellmkeeeibdekdkbacdllgfbpa Tanki Online - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnamgoimgnbgkabfjkikldbfdhhfhdo The Game Effect - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnmilalfobndenadgejhchfcpijninel Google Search - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Who Will Win? - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpaiblchfaogbjgidhhhmcnffldpcggp WGT Golf Challenge - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg PartyCloud DJ - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\defekohaofmambflfpfoojkmfdpcbgko Tampermonkey - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo Google - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm Pixlr-o-matic - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj Gmail Offline - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk Google Calendar - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Avast SafePrice - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Weather - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fapbbpdnlcmiolkdfjnnjhabmcndadad Dj Theme - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fecjhapeglnljekkahlhmogpddnhehkh Google Sheets - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap stuning piano - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhadokgapefdgacimelpfnnmdcbfmjdc SiteAdvisor - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Stupeflix Video Maker - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkdmcfnoimoilncpjchamnenebopocem Mixify Turntables - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flbjgnhcjdkihdiidhimgkcbmdbamkob Create your own QR Codes This App generates QR Codes from free text URLs phone numbers SMS messages or contacts vcard. - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb Digital Clock - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo Planetarium - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp Cut the Rope - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj mixselekta - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcfpdmpaojpobjdmpenfckomoclideh Avast Online Security - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki FabCam - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl Vimeo Couch Mode - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkdhkejcnlmkfdodbkdkelefnkobfif Pixlr Express - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmjpdlmjopaeginhldhiokeidchjid Google Play Music - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg Knok | Family Travel - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iehdddmijbgofffjjmhkodckmnombhmf Apocalypse City - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifkogipjfpemebgfjelkfoifapppddeh Cycling the Alps - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh Color Piano - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmigmmflfcbhdpdgbkkeojchjhhphnh Dropbox - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl Tiberium Alliances - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe Counts - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp Traffic Slam Arena - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbpgpimaaapjeliigmiienliknmgnip Grow Valley - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlbpdhjgojjnomnogeodamgnhipmadmc Build your airport service and land airplanes\u003Cbr>your passengers will be pleased as punch - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap Grepolis - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog Until AM Web App - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk Google Play - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi Build with Chrome - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbbbhbjeecagnlfgggogfclkdjamoapf Cube - A game about Google Maps - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbcoijfpdfchaihokncghkbplhiiehko Pix Pixel Mixer - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbjiacdnbellpbhocabghholhnlboibg PetersenMusic - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\leebmgdhkkcncjhknbamolimapkhokid Webcam Toy - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade AudioSauna - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae Google Maps - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Rain Alarm - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\meaikaglpfemjncbioflellmppndgmok Plants vs Zombies - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina Party List Dj (playlist music player) - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnbjmlkceipalmoohcalibhlonbbllli Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk Plumber - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncifjflcpinecddacogflfpfochbokpj BeGone - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk Curling - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp Google Wallet - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda GIFPAL - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch Deezer - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh Picky Wallpapers - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj Netstagram is a easy and useful way to connect Instagram from any PC Tablet or Phone. - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojclphfkljfgdbggobfllbnochlnlhei Rollip - Photo Effects - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooikhmcdpofogemaldinihdhidaokcmp Psykopaint - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil Header Hacker - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\phnffahgegfkcobeaapbenpmdnkifigc Gmail - Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\kluys_000\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "http://www.google.com/" ] C:\Users\krist\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "http://www.google.com/" ] C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "startup_urls": [ "http://www.google.com/", "http://start.mysearchdial.com/?f=1&a=dnldmsd&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEyEtBtAyDzzyByD0AyD0BtN0D0Tzu0CyDyEtAtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1Q1G1I1Q1H1B1Q&cr=199665092&ir=" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-170456058-1142922209-2974173215-1001\Software\Mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\kluys_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\kluys_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\krist\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\krist\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Robin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Robin\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\kluys_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\kluys_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\krist\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\krist\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Robin\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Robin\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\kluys_000\AppData\Local\Mozilla\Firefox\Profiles\h9bc2gh5.default\cache2 emptied successfully C:\Users\krist\AppData\Local\Mozilla\Firefox\Profiles\glal6yxx.default\cache2 emptied successfully C:\Users\Robin\AppData\Local\Mozilla\Firefox\Profiles\kwukbqbi.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\kluys_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\krist\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=16 folders=8 40522185 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\kluys_000\AppData\Local\Temp emptied successfully C:\Users\krist\AppData\Local\Temp will be emptied at reboot C:\Users\Robin\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\krist\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 26/03/2015 at 21:24:44,70 ======================