Zoek.exe v5.0.0.1 Updated 03-November-2015 Tool run by Lisa on wo 04-11-2015 at 11:17:41,68. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Lisa\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 4-11-2015 11:19:34 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Optimizer Pro deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\PROGRA~3\300616 deleted successfully C:\PROGRA~3\374311380 deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Lisa\AppData\Local\CrashDumps deleted successfully C:\Users\Lisa\AppData\Local\NetworkTiles deleted successfully C:\Users\Lisa\AppData\Local\WMTools Downloaded Files deleted successfully C:\Users\Thomas\AppData\Local\VirtualStore deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C3FE76BE-9337-4469-9C28-EC94B4C70764} deleted successfully HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CA04E1ED-391D-4A8B-8404-3CF03704C407} deleted successfully HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{CA04E1ED-391D-4A8B-8404-3CF03704C407} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CA04E1ED-391D-4A8B-8404-3CF03704C407} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="explorer.exe" ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Optimizer Pro not found C:\PROGRA~2\Raptr deleted C:\Program Files (x86)\Popcorn Time deleted C:\PROGRA~3\300716 deleted C:\PROGRA~3\DivX deleted C:\Users\Lisa\Documents\Optimizer Pro deleted C:\Users\Lisa\AppData\LocalLow\Conduit deleted C:\Users\Thomas\AppData\LocalLow\Conduit deleted C:\Users\Thomas\AppData\LocalLow\uTorrentBar_NL deleted C:\PROGRA~2\Age of Empires III - Complete Collection deleted C:\PROGRA~2\FoxTabFLVPlayer deleted C:\PROGRA~2\NCH Software\Components\NCHToolbars deleted C:\PROGRA~2\Conduit deleted C:\user.js deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted C:\PROGRA~3\Package Cache deleted C:\Users\Lisa\AppData\Local\node-webkit deleted C:\Users\Lisa\AppData\Local\Babylon deleted C:\Users\Lisa\AppData\Local\Conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Lisa\AppData\LocalLow\BabylonToolbar deleted C:\Users\Lisa\AppData\LocalLow\PriceGong deleted C:\Users\Thomas\AppData\LocalLow\PriceGong deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\WINDOWS\Syswow64\REN7E05.tmp deleted C:\WINDOWS\Syswow64\sho2C87.tmp deleted C:\WINDOWS\Syswow64\sho3264.tmp deleted C:\WINDOWS\Syswow64\sho41A1.tmp deleted C:\WINDOWS\Syswow64\sho71EB.tmp deleted C:\WINDOWS\Syswow64\sho9148.tmp deleted C:\WINDOWS\Syswow64\sho9F5A.tmp deleted C:\WINDOWS\Syswow64\shoFE5F.tmp deleted "C:\ProgramData\c1376a40c792d42209953108c2a4f36a5a2de5b2" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-10-30 12:40:16 6D7FDBF9CEAC51A76750FD38CF801F30 3584 ----a-w- C:\WINDOWS\SECOH-QAD.dll 2015-10-30 12:40:16 !HASH: COULD NOT OPEN FILE !!!!! 4608 ----a-w- C:\WINDOWS\SECOH-QAD.exe ====== C:\Users\Lisa\AppData\Local\Temp ==== ====== Java Cache ===== 2015-11-04 10:16:09 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-6d834a67 2015-11-04 10:16:09 05295E3E0E5E350214705E6F66D3F6E6 428 ----a-w- C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2015-11-04 10:16:09 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-3523f406 2015-11-04 10:16:12 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-4ba37bb8 ====== C:\WINDOWS\SysWOW64 ===== 2015-11-04 10:11:08 C39FB2F1EB2DF9F3820BD7775F3AFC81 97888 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-10-30 15:45:22 45D9695B6EB93F1C3476042BCDBB7393 19326464 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-30 15:45:18 3831B52EDBF77509F54CCD0F8BF0F9E1 18801664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2015-10-30 15:45:10 64A8573F80949FFA9E4EBCA8FB5A57EC 2878512 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-10-30 15:45:09 BE8311935A9510E81DCBEC28AE3C5F5B 961376 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-10-30 15:45:09 2C8071B34E18E20101380634260FC8E0 1918976 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-10-30 15:45:06 1D5D2A9485944E464B353506701E8CDC 2647040 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-10-30 15:45:04 7CE15ED2080881C4D303BC1A3C7E48BB 2049536 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-10-30 15:45:00 15044A5910E532DBA4D24A46FC6960A8 1380864 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-10-30 15:44:59 8F7E1B91CEA633D059EE9968D8F19808 2639872 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2015-10-30 15:44:57 7C2C2F9BA364DFC31B68C288C07B9D5D 464896 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-10-30 15:44:46 5BD7D14A4D8CCC765C9C52167553FA10 311296 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-10-30 15:44:46 552B5B720AF0C2DB4489CE711216F885 441344 ----a-w- C:\WINDOWS\SysWOW64\dlnashext.dll 2015-10-22 15:41:37 E2360B4A26DE496C86F5A6962A390945 12784 ----a-w- C:\WINDOWS\SysWOW64\detoured.dll 2015-10-22 15:41:37 B49C1F14F41A448091A2241F691A401C 96752 ----a-w- C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-10-22 15:41:37 8E277D344EA7926D6AC54E26E3EC4109 111088 ----a-w- C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-10-22 15:41:37 627E0E79F5EBC933D12F9EF1CE68B85B 122352 ----a-w- C:\WINDOWS\SysWOW64\mantle32.dll 2015-10-22 15:41:10 B7E4C07934F85379D6932B1DD66F4A7C 143048 ----a-w- C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-10-22 15:41:09 A98DA23A524803615B083CFCED1CE362 3471376 ----a-w- C:\WINDOWS\SysWOW64\atiumdva.cap 2015-10-22 15:41:09 602243BB86E7EFDE16C19774A47DC1E6 8009360 ----a-w- C:\WINDOWS\SysWOW64\atiumdva.dll 2015-10-22 15:41:01 DF9F60D343EAF2B507CC08AA2978ADB0 25320432 ----a-w- C:\WINDOWS\SysWOW64\atioglxx.dll 2015-10-22 15:40:58 29E0535B05F06C07CB6FC388BE6D96CA 81160 ----a-w- C:\WINDOWS\SysWOW64\atimpc32.dll 2015-10-22 15:40:55 F58CCDDA161577280061992EA0A2935C 152560 ----a-w- C:\WINDOWS\SysWOW64\atieah32.exe 2015-10-22 15:40:55 ADFDFF842548DE3EA0AD392F62ACA894 150512 ----a-w- C:\WINDOWS\SysWOW64\atigktxx.dll 2015-10-22 15:40:55 05CF830A126F522FD103AF23C893C0F6 78320 ----a-w- C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-10-22 15:40:53 B0BA9800BF9532CF0AA20853F506530F 10211008 ----a-w- C:\WINDOWS\SysWOW64\atidxx32.dll 2015-10-22 15:40:53 3EF0A076452C4B7859EB783276BE5EB2 60912 ----a-w- C:\WINDOWS\SysWOW64\aticalrt.dll 2015-10-22 15:40:51 BB21328957BD5C5D5595DDDE06F060BC 57840 ----a-w- C:\WINDOWS\SysWOW64\aticalcl.dll 2015-10-22 15:40:51 43A6369EB6449A3D20C69A59ED5D9EC6 14310896 ----a-w- C:\WINDOWS\SysWOW64\aticaldd.dll 2015-10-22 15:40:50 53650482B8E621276DC55E50C9FB2FEE 662392 ----a-w- C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-10-22 15:40:50 4DA7C563005ED02E185AAA5950BFF914 935408 ----a-w- C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-10-22 15:40:50 4DA7C563005ED02E185AAA5950BFF914 935408 ----a-w- C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-10-22 15:40:49 AB6BCBC31F0E3CC404482B83A08BFA91 68080 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.dll 2015-10-22 15:40:48 7C956D1E8E1BCE711BF3B9661AC29D2C 7683096 ----a-w- C:\WINDOWS\SysWOW64\amdxc32.dll 2015-10-22 15:40:48 3CA834F1341AAAB23C6684F4B86BB0B4 81168 ----a-w- C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-10-22 15:40:47 50A1F30C906F8DA69FE0F3B95B324936 807424 ----a-w- C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-10-22 15:40:46 A8AFEC11C457D037602921C6645D8679 1004032 ----a-w- C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-10-22 15:40:35 D1872F9ED1204EDA52BB057FCDDB7FD2 22327280 ----a-w- C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-10-22 15:40:34 F364E165D4355EC6F583F56337E8E66D 48112 ----a-w- C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-10-22 15:40:34 EE7839510F62BD05C4EE3255A5E44608 5216240 ----a-w- C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-10-22 15:40:34 ABB0C97F50A9E1B18E59E8CF0FF633E7 524272 ----a-w- C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-10-22 15:40:34 2848874238853882765CCBE3CBD24856 39712768 ----a-w- C:\WINDOWS\SysWOW64\amdocl.dll 2015-10-22 15:40:34 0C888D3732569435E7C9F057762C80C1 132080 ----a-w- C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-10-22 15:40:33 B085FA7C4F775B992A1AA7FCA6ABF81B 198640 ----a-w- C:\WINDOWS\SysWOW64\amdgfxinfo32.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-11-04 10:12:17 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\Sysnative\REN4BF0.tmp 2015-11-04 09:52:18 DBD541469062361A754106E857410FE4 16148 ----a-w- C:\WINDOWS\Sysnative\LISA-HP_Lisa_HistoryPrediction.bin 2015-10-30 15:45:33 7FAE452A3926AD368F7535F4F01825EA 21871616 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2015-10-30 15:45:30 FAEF347B0536E0AC61E43DAA40A6673B 24595968 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-10-30 15:45:12 4DA298E26DC2D3DACBD9E3E54E62885E 1392480 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2015-10-30 15:45:11 AF1EF2853B3343CF3EF6E16EE892853B 2418688 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2015-10-30 15:45:11 2E71E6B389976FD78609A1AB44F7EEB1 2179584 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2015-10-30 15:45:10 2B9702F8834ADF2EF4AC369876B40424 3621248 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-10-30 15:45:09 E7F64B9E2DBDBA1CCC0CFE242D7BBF5D 1795072 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2015-10-30 15:45:09 48E6788535E2DCE95C46A6E048C68740 541024 ----a-w- C:\WINDOWS\Sysnative\mcupdate_GenuineIntel.dll 2015-10-30 15:45:07 E4203AC09D4242C5849A36E4250C1504 3248128 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2015-10-30 15:45:06 D76A6C338A81C3B14AD37B22AA422B4B 713216 ----a-w- C:\WINDOWS\Sysnative\usermgr.dll 2015-10-30 15:45:06 4C86961C71396D2BA39DAD9783437546 1068032 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2015-10-30 15:45:05 9893111B27B906ADB596EED84A505177 2987520 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2015-10-30 15:45:04 0FC4FA53C3F666CD7AFB138A978D3CB8 2675200 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll 2015-10-30 15:45:03 41529E49F3A2218E9F689F6814114BF6 1602560 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-10-30 15:45:02 C527C9231D39BF69611F5F8C80C36140 579072 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe 2015-10-30 15:45:02 504EC8E161E57742C3EA93E6DBCD5097 627712 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2015-10-30 15:45:01 714E84B757FADBAF75BF5CAF2617FA03 333312 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2015-10-30 15:44:56 4FAA3F23CB419B76B337CC77839FAD73 502272 ----a-w- C:\WINDOWS\Sysnative\dlnashext.dll 2015-10-30 15:44:55 EA354224BAD970CF0F438E6567F26A49 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll 2015-10-30 15:44:45 87BC4E77F2BDCF8D2AF8971095CF60C6 453120 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Usb.dll 2015-10-30 15:44:45 64F32C5DDA316F1091CD7B24826443FA 76800 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2015-10-22 15:41:37 E0223FC2E25F8FD20BA98C43A3EB3875 136176 ----a-w- C:\WINDOWS\Sysnative\mantle64.dll 2015-10-22 15:41:37 C29C4A27E4342E0BA20A44110BD0A4A9 12784 ----a-w- C:\WINDOWS\Sysnative\detoured.dll 2015-10-22 15:41:37 B322FAF7EA5B7C9CB3087A67CF38B5F5 103408 ----a-w- C:\WINDOWS\Sysnative\mantleaxl64.dll 2015-10-22 15:41:37 2C1A1C89C457BE0FBBF08B354525B5E8 111600 ----a-w- C:\WINDOWS\Sysnative\hsa-thunk64.dll 2015-10-22 15:41:36 A7406B7710720E7E3EBC8DCE5C5FB084 243696 ----a-w- C:\WINDOWS\Sysnative\clinfo.exe 2015-10-22 15:41:10 EFA5E3D55F1CC185BC690B7D79D015A9 100816 ----a-w- C:\WINDOWS\Sysnative\ativce02.dat 2015-10-22 15:41:10 B974290EEE645249EE212FF62DD0824A 177344 ----a-w- C:\WINDOWS\Sysnative\ativce03.dat 2015-10-22 15:41:06 91EFA02EE006B2450A8811CBE6B9067D 8982440 ----a-w- C:\WINDOWS\Sysnative\atiumd6a.dll 2015-10-22 15:41:06 486D6985E7B7826DBBEAE12755851027 3437632 ----a-w- C:\WINDOWS\Sysnative\atiumd6a.cap 2015-10-22 15:41:04 5C66F7C236E4D9D8BCCF30539D2622EE 199664 ----a-w- C:\WINDOWS\Sysnative\atitmm64.dll 2015-10-22 15:41:01 E75356D0EB4FDA69E6B8BE2CE4472F48 341488 ----a-w- C:\WINDOWS\Sysnative\ATIODE.exe 2015-10-22 15:41:01 B92E2A90479F26851F3A667F737202CA 59888 ----a-w- C:\WINDOWS\Sysnative\ATIODCLI.exe 2015-10-22 15:40:58 18A356C6918227118C7FAAD3A783E657 87992 ----a-w- C:\WINDOWS\Sysnative\atimpc64.dll 2015-10-22 15:40:58 0D1F2A3DEAC5A365455BA7B6908C31F8 38384 ----a-w- C:\WINDOWS\Sysnative\atimuixx.dll 2015-10-22 15:40:58 079A314DF0EEFF8FE4C9B6C3A2B2DA53 30776304 ----a-w- C:\WINDOWS\Sysnative\atio6axx.dll 2015-10-22 15:40:55 D00A534AB1C76C39C90CF638BC835513 168944 ----a-w- C:\WINDOWS\Sysnative\atieah64.exe 2015-10-22 15:40:55 B55C390C176B5CA015CB32ADD30C0EEA 165360 ----a-w- C:\WINDOWS\Sysnative\atig6txx.dll 2015-10-22 15:40:55 8860AB9D866558AD6C9199D00AB47302 83952 ----a-w- C:\WINDOWS\Sysnative\atig6pxx.dll 2015-10-22 15:40:55 05CF830A126F522FD103AF23C893C0F6 78320 ----a-w- C:\WINDOWS\Sysnative\atiglpxx.dll 2015-10-22 15:40:53 C7E982EAA979D18DEB226A248720139C 71152 ----a-w- C:\WINDOWS\Sysnative\aticalrt64.dll 2015-10-22 15:40:52 FCF6247DD8E81AE0BB3F998C02467193 15725552 ----a-w- C:\WINDOWS\Sysnative\aticaldd64.dll 2015-10-22 15:40:51 ABFE805A2E487E3F97C1EB854D91C537 375792 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.exe 2015-10-22 15:40:51 6D7B0581A79E974ED1EAE580FF56F918 64496 ----a-w- C:\WINDOWS\Sysnative\aticalcl64.dll 2015-10-22 15:40:50 53650482B8E621276DC55E50C9FB2FEE 662392 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.blb 2015-10-22 15:40:49 A869265CB33F2D187D8535B431EB33A7 9355016 ----a-w- C:\WINDOWS\Sysnative\amdxc64.dll 2015-10-22 15:40:49 62C4D5F0ACE4402FDB326C0061B15E37 73712 ----a-w- C:\WINDOWS\Sysnative\OpenCL.dll 2015-10-22 15:40:48 F79159D9C59C04B1B1835663A8BEB687 88000 ----a-w- C:\WINDOWS\Sysnative\amdpcom64.dll 2015-10-22 15:40:47 B844EBA6ED1666309C9D74345647057F 1070592 ----a-w- C:\WINDOWS\Sysnative\amdocl_ld64.exe 2015-10-22 15:40:47 3B40AFF6A70B690D6B0C79DEADBFCD32 1196032 ----a-w- C:\WINDOWS\Sysnative\amdocl_as64.exe 2015-10-22 15:40:43 697EAF53EA488B19D8245CB1497D7C27 47794160 ----a-w- C:\WINDOWS\Sysnative\amdocl64.dll 2015-10-22 15:40:36 0C0FF26B1EB94AEC34419160E1414AF9 27544560 ----a-w- C:\WINDOWS\Sysnative\amdocl12cl64.dll 2015-10-22 15:40:34 EFEAD78305EFC47DC166C50C9173D5D9 6686192 ----a-w- C:\WINDOWS\Sysnative\amdmantle64.dll 2015-10-22 15:40:34 DDEB20626133878B0CE79CCE29B031B9 833800 ----a-w- C:\WINDOWS\Sysnative\amdicdxx.dat 2015-10-22 15:40:34 C6660406048233BD239D39536B2731BE 631280 ----a-w- C:\WINDOWS\Sysnative\amdlvr64.dll 2015-10-22 15:40:34 77DEB6EC97F9C0AF9F66975DD7719839 471312 ----a-w- C:\WINDOWS\Sysnative\amdmiracast.dll 2015-10-22 15:40:34 6FB849D1149A39E3FE9E4B840212A7A7 143344 ----a-w- C:\WINDOWS\Sysnative\amdhdl64.dll 2015-10-22 15:40:34 098AA68FB1C99B6868304B90340A1149 59376 ----a-w- C:\WINDOWS\Sysnative\amdmmcl6.dll 2015-10-22 15:40:33 9C17107270BBD4E51F5B5EBA8F9F60BB 213488 ----a-w- C:\WINDOWS\Sysnative\amdgfxinfo64.dll 2015-10-22 15:40:33 4B10D8998C824DD84AD597F9E058F6F0 175648 ----a-w- C:\WINDOWS\Sysnative\amde31a.dat ====== C:\WINDOWS\Sysnative\drivers ===== 2015-10-30 15:44:55 C8CC2A8C528F01869A5EEF211B6A7F9A 459104 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys 2015-10-22 15:40:50 AC64440ED4AC767EBF140F9793619E3F 52208 ----a-w- C:\WINDOWS\Sysnative\drivers\ati2erec.dll 2015-10-13 18:00:17 0A368247A900656CC0678117DFC3A87C 498016 ----a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-10-30 12:39:58 -------- d-----w- C:\Program Files\KMSpico ======= C:\PROGRA~2 ===== 2015-11-04 10:11:39 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-11-03 19:07:40 -------- d-----w- C:\PROGRA~2\Microsoft Office 2015-11-03 17:28:50 -------- d-----w- C:\PROGRA~2\trend micro 2015-10-15 13:14:23 -------- d-----w- C:\PROGRA~2\WinRAR ======= C: ===== ====== C:\Users\Lisa\AppData\Roaming ====== 2015-11-04 10:34:00 -------- d-----w- C:\Users\Lisa\AppData\Local\NetworkTiles 2015-11-01 12:44:36 -------- d-----w- C:\Users\Lisa\AppData\Local\Casino.com 2015-10-21 20:50:36 -------- d-----w- C:\Users\Lisa\AppData\Local\PopcornTimeDesktop 2015-10-15 11:43:45 -------- d-----w- C:\Users\Lisa\AppData\Local\PunkBuster ====== C:\Users\Lisa ====== 2015-11-04 10:11:23 -------- d-----w- C:\Users\Lisa\.oracle_jre_usage 2015-10-21 20:50:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-10-15 13:14:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-07 10:57:56 8E77D04470B04F9FE2E7092AFD843BC9 24 ----a-w- C:\Users\Lisa\D2890A0A8E375CF886E7D66FF63D4771.dat 2015-10-07 10:52:55 -------- d-----w- C:\Users\Lisa\OSBot ====== C: exe-files == 2015-11-04 10:10:53 FAE99E011922F5BE4CB2160E316D057B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmiregistry.exe 2015-11-04 10:10:53 FA5E33B54BD044F489BA4281B3D6ED95 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\servertool.exe 2015-11-04 10:10:53 CC0CF93D2BF12A423DA4134FFB9C324D 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssvagent.exe 2015-11-04 10:10:53 BBC68E5519B11A74B8208AA7B85F3B80 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\rmid.exe 2015-11-04 10:10:53 B61623580A304714A4E2FE6A5E73327F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\pack200.exe 2015-11-04 10:10:53 940EE00C074A46D638A756723964D65D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\orbd.exe 2015-11-04 10:10:53 857117663B1F28ABBA4E1C6110A09282 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\policytool.exe 2015-11-04 10:10:53 6211595DD15306DFD8E07B95E6F2984D 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\tnameserv.exe 2015-11-04 10:10:53 4D2DDC988E4F67E7E07E78954FBEED2D 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\unpack200.exe 2015-11-04 10:10:52 AA79E5830F4B6C29A5A976891ED0E86B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jjs.exe 2015-11-04 10:10:52 56DCBCE6CF84B5F12185AF6DB7B85EB2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\keytool.exe 2015-11-04 10:10:52 2AA43B8A44341F90DCCFAE38107BA484 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2launcher.exe 2015-11-04 10:10:52 1A859E08A65ECBA7B687ACAED5EA5080 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\ktab.exe 2015-11-04 10:10:52 1933BBD87F9759CC2D7DC2909C4CA0CD 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\klist.exe 2015-11-04 10:10:52 0AD21325149141252F05B32F7809F441 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\kinit.exe 2015-11-04 10:10:51 B6DBE62611DA178B2CA578BC2B7BBA30 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javacpl.exe 2015-11-04 10:10:51 A53E431775DF91EA016AF5817DF26B41 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaw.exe 2015-11-04 10:10:51 50CC4A65F784A51813A169EA33CF319A 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\javaws.exe 2015-11-04 10:10:50 8ED50DA4BAE0046E05BEC0110CF20B17 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java-rmi.exe 2015-11-04 10:10:50 66B01DCB41FBE8C3CAB13D3F8ED4FA58 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jabswitch.exe 2015-11-04 10:10:50 4547FB479010206D8BEA10B2694C5C6D 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\bin\java.exe 2015-11-04 10:09:45 2A50FBC2CC9C29A85A900CB8E806CCBD 584288 ----a-w- C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\IE\V6258F3Q\JavaSetup8u65.exe 2015-11-04 10:01:20 9D10F99A6712E28F8ACD5641E3A7EA6B 149352 ----a-w- C:\Users\Lisa\AppData\Local\Temp\ose00000.exe 2015-11-03 17:28:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Lisa.exe 2015-11-01 12:45:05 A00CD9D2D4C53263004AD4D50208A58A 1842176 ----a-w- C:\Users\Lisa\AppData\Local\Casino.com\internalCasinoSetupUninstall1446381900977_na_nl.exe 2015-11-01 12:44:44 BAFC821C1133EC0205BE563F4D73B62D 96568 ------w- C:\Users\Lisa\AppData\Local\Casino.com\replace.exe 2015-11-01 12:44:44 A258A067373821658CDB461B85BF2705 73528 ------w- C:\Users\Lisa\AppData\Local\Casino.com\wow_helper.exe 2015-11-01 12:44:44 365E156F264B4C9E593B337E44DE8EDB 384312 ------w- C:\Users\Lisa\AppData\Local\Casino.com\casino_browser.exe 2015-11-01 12:44:42 A4E0887E3B9471D7F59726EBE5891BD9 3198776 ------w- C:\Users\Lisa\AppData\Local\Casino.com\casino.exe 2015-10-30 12:40:16 !HASH: COULD NOT OPEN FILE !!!!! 4608 ----a-w- C:\Windows\SECOH-QAD.exe === C: other files == 2015-11-04 10:10:54 577B724A8DB4380F8B8F0098D1C9A722 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_65\lib\deploy\ffjcext.zip 2015-10-30 15:44:55 C8CC2A8C528F01869A5EEF211B6A7F9A 459104 ----a-w- C:\Windows\System32\drivers\netio.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3322603491-3953907146-2366997150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe /c" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Spotify Web Helper"="C:\Users\Lisa\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Spotify"="C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"="C:\Users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe /c" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Spotify Web Helper"="C:\Users\Lisa\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Spotify"="C:\Users\Lisa\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /ANDREA_BF_BYPASS" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-07-2015 19:13] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 08:58] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 08:58] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3322603491-3953907146-2366997150-1001UA.job --a-------- C:\Users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe [01-09-2015 22:47] C:\WINDOWS\tasks\HPCeeScheduleForLisa.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3322603491-3953907146-2366997150-1001Core" [C:\Users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3322603491-3953907146-2366997150-1001UA" [C:\Users\Lisa\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForLisa" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\WINDOWS\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{AED2A0A6-F290-40BB-AC4C-21A880651465}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{1E72E72E-7028-41A2-B303-3E4AA1BD6142}" ["c:\users\lisa\appdata\local\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{ABA7A38C-1AC2-4E29-ACD5-90C29B26413D}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{CEFC76A3-30E3-48F1-9B3C-5C105A0F7D03}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25-03-2011 15:59] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [25-03-2011 15:59] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Lisa\AppData\Local\Temp\ccex.crx[] gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12-10-2015 09:31] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] YouTube - Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo AVG Web TuneUp - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Google Search - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi AdBlock - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom Arcane Legends - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibmlkgieigeddcedpbijnpojheoddido Chrome Web Store Payments - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf DealPly - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Google Wallet - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo> - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", ==== Chromium Fix ====================== C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={960CA38A-8B01-43A5-80EF-8672988B7866}&mid=dd91a226322947cd9d332be39dcd8143-359aef289c0c83fc09c6c0b221f9e94e66f5fc08&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2015-05-17 22:40:56&v=4.1.6.294&pid=wtu&sg=&sap=hp" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6479C116-8A97-478D-BAF5-A330BB275B7D} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" {A4E66FB4-7BEC-459F-A94F-D9175FAB2540} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Thomas\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\IE\5ZVG9LFR will be deleted at reboot C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\IE\MHW8ZNBK will be deleted at reboot C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\IE\V6258F3Q will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Lisa\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=11728 folders=461 4531220555 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Lisa\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\IE\5ZVG9LFR" not found "C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\IE\MHW8ZNBK" not found "C:\Users\Lisa\AppData\Local\Microsoft\Windows\INetCache\IE\V6258F3Q" not found ==== EOF on wo 04-11-2015 at 12:29:25,55 ======================