Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Mario on zo 30/03/2014 at 22:36:06,96. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Mario\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 30/03/2014 22:37:28 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully C:\Users\Mario\AppData\Roaming\Solvusoft deleted successfully C:\Users\Mario\AppData\Roaming\uTorrent deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3220450260-1119719698-775342540-1002\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "UpdReg"=- ==== Deleting Files \ Folders ====================== C:\Users\Mario\AppData\Roaming\Solvusoft not found C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\Package Cache deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\Users\Mario\Downloads\SoftonicDownloader_voor_testdisk.exe deleted C:\windows\SysNative\tasks\Play Now Radio deleted C:\WINDOWS\Syswow64\SearchProtect deleted "C:\Windows\Updreg.EXE" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCall.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla17.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla18.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla18.exe" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla19.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla2.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla20.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla21.dll" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseCustomCalla21.exe" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP\WiseData.ini" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCall.dll" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla.dll" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla17.dll" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla18.dll" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla18.exe" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla19.dll" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla2.dll" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla20.dll" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseCustomCalla21.exe" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP\WiseData.ini" deleted "C:\Users\Mario\AppData\Local\playnowradio\playnowradio\1.3.4.22\playnowradio.exe" deleted "C:\WINDOWS\0028CB34D5D3460FB308A39A095A5E01.TMP" deleted "C:\WINDOWS\AF54923662584AC6A0435B5B89C6EB61.TMP" deleted "C:\Users\Mario\AppData\Local\playnowradio" deleted "C:\Users\Mario\AppData\Local\playnowradio\playnowradio" deleted "C:\Users\Mario\AppData\Local\playnowradio\playnowradio\1.3.4.22" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-03-03 11:09:26 4478918C7D60EC932016E144086E249F 86016 ----a-w- C:\WINDOWS\unvise32qt.exe ====== C:\Users\Mario\AppData\Local\Temp ==== ====== Java Cache ===== 2014-03-03 17:41:16 CC6E9514EB4CDA3DCC10FD3E41F6E488 38695 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\3c092800-765ed481 2014-03-03 17:41:18 491A522FE5FDBCF8644D377DD8835A69 996 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\313fa54d-75cc4419 2014-03-03 17:41:16 15E302EE8F2DD35D7DF22AD735ABF300 959 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\6113188d-3157ea86 2014-03-03 17:41:19 5C854920C0A85D7AFC4DD060F24975D8 1250 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\56d98312-55626b41 2014-03-03 17:41:16 3AEEA6BB8048B91F7CC97C4A485DAF15 5572 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\60950052-4bb30c64 2014-03-03 17:41:19 F21293A89447535DED1ACE1DB11E525C 8994 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\41623942-6971982d 2014-03-03 17:41:18 BC4D4E9E63174ACC460E32C13B05A019 976 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\1d006795-7bd3330f 2014-03-03 17:41:18 F7B56521AF3EC98F08B6556EA2AD1A33 1172 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\74683c17-4bd3e1d4 2014-03-03 17:41:18 5265F42B77405ECFBFEEF450DB487E66 1079 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\59942698-659accee 2014-03-03 17:41:17 922755E6459E92D7EF07F66CCB586E02 963 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\4ddd649b-708d2691 2014-03-03 17:41:17 D3673B12B649845C967C70BB1B92CD47 832 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\684a639b-16377d18 2014-03-03 17:41:09 7CEF5B8F36B1A888125C03E1B7285CEE 72709 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\a246e5b-3e1bcc44 2014-03-03 17:41:20 5B473D8CB7863CE4FACF3B5394D60D7F 27041 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\6c53e81d-119c369d 2014-03-03 17:41:19 9DE6834A26D9CB5CA4701F647C4F1302 1100 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\78fb1ca2-120cd6a2 2014-03-03 17:41:18 643CCA2976EB46F8695BB3DBE5ABE4E5 1115 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\15dd2764-5a09f2d2 2014-03-03 17:41:17 CF47277F98769774649104DAEAAE08E7 1155 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\7cfefe4-4b88c051 2014-03-03 17:41:19 A07B9C3A23EFC0F2E1545A10C3649DC1 1227 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\12debd25-6a8b7d81 2014-03-03 17:41:15 72E1438C65746AAD1E11CA9339C5123D 293401 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\105e3d28-2c576902 2014-03-03 17:41:17 7B666E0728E2B5DFB527689EF601295E 1010 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\4b4b8469-37e07885 2014-03-03 17:41:18 A8C13F8FED3AACE92D8B3DCB49C52FD0 1316 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\4f9e8929-6b3908f3 2014-03-03 17:41:08 988765FB6FCE3CB5B69EB0319FBE9641 7510 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\6818e29-69aac22e 2014-03-03 17:41:17 687C6445DA4A12234BF492E58B8E0A6C 978 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4664d6ab-1b0ed6f5 2014-03-03 17:41:19 E2D4380218F5CD2481A11F36261CFFA3 1340 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\34f28e6d-23957e64 2014-03-03 17:41:18 CA5AD6413734F13010D27FFC622773F4 1021 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7b6e62ad-648d2290 2014-03-03 17:41:16 BD32BB6944788E5ABF97610DD870A32F 947 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\337466e-7452ee23 2014-03-03 17:41:19 A57CBE0BEA65DF95E8484B4EEC2089FF 353 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\445eb8b0-51dddbcf 2014-03-03 17:41:08 9EE0949F5301B1EA03F6E646EE39B7E9 91 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\4d67cb72-6.0.lap 2014-03-03 17:41:17 8D2D375636269C770643B81CCABB4F05 1059 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\2bd0ba78-566b8678 2014-03-03 17:41:19 C2100E5459F2AA4E68C62C06753EC6F8 17269 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\6713e3f9-79a385d1 2014-03-03 17:41:17 F50272E90CF9C3862BADA9CF789942C0 1052 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\29e9aafa-547c106b 2014-03-03 17:41:18 9DAA5B08427A1673035F49A71EEC2E7E 1066 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\37a1d0ba-50f2a986 2014-03-03 17:41:20 DE94B09DEAF3EFC2F4E0A03D1204394E 10518 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\6365a2fb-57ae6385 2014-03-03 17:41:18 D571DF964B4815E63F1528CEB944D912 1002 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\f4eb43b-5db5354c 2014-03-03 17:41:17 72F2595A9B9B4663DAF2D3B1700767CF 1072 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\6d59dcbc-21b08253 2014-03-03 17:41:16 8AA63D3DF86D1C9DF4240B6F5CBF44A9 1816 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\57ca4abf-2e84ab41 2014-03-03 17:41:18 5C73405A849666E9BA4A0C9461EAFFD0 1312 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\718be147-4649856e 2014-03-03 17:41:17 5C3CB359A8173D3D242059F01DDB0A95 822 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\245d4b08-383cc932 2014-03-03 17:41:17 FF06789CF0D59AE8540574854890CDA6 738 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\a24ecc8-17ab6fe9 2014-03-04 09:58:24 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-7b98c5b0 2014-03-04 09:58:24 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Mario\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-762cbed4 ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-03-19 14:46:41 077B5B85978784C55ABF26C15222E6F0 421208 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT ====== C:\WINDOWS\Sysnative\drivers ===== 2014-03-13 12:28:08 CEBD9CDAADA11FAECCA82E4C06BCDD8E 248240 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2014-03-13 12:28:08 07D19A55CD27B330534D2DDEA60D5FC6 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys ====== C:\WINDOWS\Tasks ====== 2014-03-10 15:25:43 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\OfficeSoftwareProtectionPlatform 2014-03-03 18:15:49 4C1039D0AB99E3EF45EE0D0BD341F09D 3120 ----a-w- C:\WINDOWS\Sysnative\Tasks\{5E2F82C6-0B49-4708-BB8F-B48CF7A0DE48} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-03-30 13:12:09 -------- d-----w- C:\Program Files\Adblock Plus for IE 2014-03-30 13:06:06 -------- d-----w- C:\Program Files\trend micro 2014-03-10 15:57:50 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2014-03-10 15:57:42 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2014-03-10 15:57:36 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2014-03-10 15:57:12 -------- d-----w- C:\Program Files\Microsoft Office 2014-03-10 14:24:03 -------- d-----w- C:\Program Files\Garmin GPS Plugin 2014-03-07 11:04:24 -------- d-----w- C:\Program Files\WinRAR ======= C:\PROGRA~2 ===== 2014-03-29 11:24:38 -------- d-----w- C:\PROGRA~2\Enigma Software Group 2014-03-29 11:24:14 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard 2014-03-25 11:24:02 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-03-11 15:21:27 -------- d-----w- C:\PROGRA~2\STMicroelectronics 2014-03-11 15:21:16 -------- d-----w- C:\PROGRA~2\MiTAC 2014-03-10 15:18:29 -------- d-----w- C:\PROGRA~2\UltraISO 2014-03-10 15:18:29 -------- d-----w- C:\PROGRA~2\COMMON~1\EZB Systems 2014-03-10 14:24:03 -------- d-----w- C:\PROGRA~2\Garmin GPS Plugin 2014-03-10 14:22:45 -------- d-----w- C:\PROGRA~2\Garmin 2014-03-10 12:19:34 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2014-03-10 12:19:34 -------- d-----w- C:\PROGRA~2\Adobe 2014-03-07 11:10:56 -------- d-----w- C:\PROGRA~2\DX-Ball 2014-03-03 17:40:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-03-03 17:40:46 -------- d-----w- C:\PROGRA~2\Java 2014-03-03 11:08:47 -------- d-----w- C:\PROGRA~2\QuickTime ======= C: ===== 2014-03-29 11:27:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Mario\AppData\Roaming ====== 2014-03-30 13:12:09 -------- d-----w- C:\Users\Mario\AppData\Locallow\Adblock Plus for IE 2014-03-27 11:53:11 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google 2014-03-25 11:24:09 -------- d-----w- C:\Users\Mario\AppData\Roaming\Mozilla 2014-03-25 11:24:09 -------- d-----w- C:\Users\Mario\AppData\Local\Mozilla 2014-03-18 14:22:01 -------- d-----w- C:\Users\Default\AppData\Roaming\TuneUp Software 2014-03-18 14:22:01 -------- d-----w- C:\Users\Default User\AppData\Roaming\TuneUp Software 2014-03-17 10:28:22 -------- d-----w- C:\Users\Mario\AppData\Locallow\Adobe 2014-03-11 15:21:04 -------- d-----w- C:\Users\Mario\AppData\Roaming\InstallShield 2014-03-11 15:02:31 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Apps 2014-03-11 15:01:58 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio 2014-03-10 18:00:25 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-03-10 18:00:25 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-03-10 17:05:25 -------- d-----w- C:\Users\Mario\AppData\Local\FileViewPro 2014-03-10 17:05:22 -------- d-----w- C:\Users\Mario\AppData\Roaming\IsolatedStorage 2014-03-10 17:04:51 -------- d-----w- C:\Users\Mario\AppData\Local\Programs 2014-03-10 15:24:13 -------- d-----w- C:\Users\Mario\AppData\Local\Microsoft Help 2014-03-10 14:22:39 -------- d-----w- C:\Users\Mario\AppData\Roaming\Garmin 2014-03-10 13:35:58 -------- d-----w- C:\Users\Mario\AppData\Locallow\Temp 2014-03-10 12:19:09 -------- d-----w- C:\Users\Mario\AppData\Local\Adobe 2014-03-07 11:10:56 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DX-Ball Game 2014-03-07 11:04:26 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-03-06 15:39:46 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-03-03 17:40:26 -------- d-----w- C:\Users\Mario\AppData\Locallow\Sun ====== C:\Users\Mario ====== 2014-03-30 13:04:49 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Mario\Desktop\RSITx64.exe 2014-03-30 12:55:38 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Mario\Downloads\ccsetup412.exe 2014-03-28 10:38:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-03-25 11:24:02 -------- d-----w- C:\ProgramData\Mozilla 2014-03-25 11:23:42 4ABD34FBA47FD1449E051804092785DC 282936 ----a-w- C:\Users\Mario\Downloads\Firefox Setup Stub 28.0.exe 2014-03-23 20:24:04 0AF68F198359DC51D8968F400C90ED8E 529744 ----a-w- C:\Users\Mario\Downloads\streamhunter_download.exe 2014-03-23 13:25:40 AD791FB30F514D890575F7162143765A 377144 ----a-w- C:\Users\Mario\Downloads\AliSetupInstaller_ATM.exe 2014-03-10 17:05:22 -------- d-----w- C:\ProgramData\IsolatedStorage 2014-03-10 15:57:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-03-10 15:24:10 -------- d-----w- C:\ProgramData\Microsoft Help 2014-03-10 15:18:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO 2014-03-10 12:19:24 -------- d-----w- C:\ProgramData\Adobe 2014-03-07 11:10:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DX-Ball Game 2014-03-07 11:04:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-03-03 17:40:50 -------- d-----w- C:\ProgramData\Sun 2014-03-03 17:40:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-03-03 11:08:55 -------- d-----w- C:\ProgramData\QuickTime 2014-03-03 11:08:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-03-03 11:08:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lingo 2 ====== C: exe-files == 2014-03-30 13:11:53 3264FC05C2A51D34D14BAE0C9ADE43E4 4741136 ----a-w- C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZX46ZYFG\adblockplusie-1.1.exe 2014-03-30 13:06:06 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Mario.exe 2014-03-30 13:04:49 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Mario\Desktop\RSITx64.exe 2014-03-30 12:55:38 565592D342E241EB6FCA351F9C810AE3 4787368 ----a-w- C:\Users\Mario\Downloads\ccsetup412.exe 2014-03-29 11:37:55 8949BF1C06605F61B463AC61B53489B4 259584 ----a-w- C:\Users\Mario\Downloads\SpyHunter v41654290 NL\Patch\spyhunter.4.3.32-patch.exe 2014-03-29 11:37:54 26C06783A4406DECCF66C7083A32350C 45638736 ----a-w- C:\Users\Mario\Downloads\SpyHunter v41654290 NL\spyhunterS4.exe 2014-03-29 11:26:51 8949BF1C06605F61B463AC61B53489B4 259584 ----a-w- C:\Program Files (x86)\Enigma Software Group\SpyHunter\spyhunter.4.3.32-patch.exe 2014-03-28 14:06:50 078F6EF4B617B54A801ACA1E6EEA1829 3401392 ----a-w- C:\Users\Mario\AppData\Local\NVIDIA\NvBackend\Packages\00005978\DAO.18142175.exe 2014-03-28 14:06:46 45540A0905A531536D9593EF2EA684B9 374240 ----a-w- C:\Users\Mario\AppData\Local\NVIDIA\NvBackend\Packages\00005967\updatus.18140283_RUNASUSER.exe 2014-03-28 10:37:48 C3DB57444AF9384192A5ABAE556D67D9 6089216 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe 2014-03-27 11:53:13 E093151047BBFFC0CD78D52F36490206 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateOnDemand.exe 2014-03-27 11:53:13 398F40FAE5ADA9521544393F1F67A17E 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateBroker.exe 2014-03-27 11:53:13 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateSetup.exe 2014-03-27 11:53:12 7E6B107120108B3A15BFECE0DE3201DB 228744 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe 2014-03-27 11:53:12 6EFC5F64258FE0D9DA3CCFA7FF4D84BD 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe 2014-03-27 11:53:12 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdate.exe 2014-03-27 11:53:12 0D5CE0E5AEC3ACC7930AB955334B8533 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe 2014-03-27 11:53:11 039DE3F65C7992994F788EAC8E79BF4F 884504 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.23.9\GoogleUpdateSetup.exe 2014-03-26 12:35:22 B22EE45C2C29D47D751B97771434A153 3417728 ----a-w- C:\Users\Mario\AppData\Local\NVIDIA\NvBackend\Packages\00005958\DAO.18128674.exe 2014-03-25 11:24:02 AEE4E9CC59CDEB55B1ECB0E596E796BE 119408 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2014-03-25 11:24:02 13EFFCD1B16F980CE675DAB4350BEF11 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2014-03-25 11:23:42 4ABD34FBA47FD1449E051804092785DC 282936 ----a-w- C:\Users\Mario\Downloads\Firefox Setup Stub 28.0.exe === C: other files == 2014-03-29 11:27:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat 2014-03-25 16:38:37 2FF5790EA63FD381A5533B481374075D 83124 ----a-w- C:\Users\Mario\Desktop\eigen tracks\EnameClassic.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3220450260-1119719698-775342540-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Mario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KLM"="C:\Program Files (x86)\MSI\KLM\KLM.exe" "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "BDRegion"="C:\Program Files (x86)\Cyberlink\Shared files\brs.exe" "BlueStacks Agent"="c:\Program Files (x86)\BlueStacks\HD-Agent.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\Mario\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\Mario\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll,C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Radio Manager"="C:\Program Files (x86)\SCM\Radio Manager.exe" "SCM"="C:\Program Files (x86)\SCM\SCM.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2013-04-24 00:26:18 2278 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Analyzer" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Processor" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chrome Look ====================== Google Docs - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Bubble Shooter Level Pack - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cclpcbfoiabkkbhlcdlkkjhledodjakp Pool - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb Last updated at time on date - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Windows Media Player Extension for HTML5 - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak 3D Galaxy Bowling - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\llojoebfpfheijcipgokjllohccfnkoo Google Maps - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk Google Wallet - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Cube Slam - Mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcoeeddamedegogbcmdbadnoifmfipn ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {FFF33279-925C-49A9-B865-87E15E56A68A} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3220450260-1119719698-775342540-1002\Software\Microsoft\Internet Explorer\SearchScopes\{FFF33279-925C-49A9-B865-87E15E56A68A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DKX1ILPB will be deleted at reboot C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F2TT1KNU will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=33 folders=12 7368457 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Mario\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Mario\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DKX1ILPB" not found "C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F2TT1KNU" not found ==== EOF on zo 30/03/2014 at 22:52:01,18 ======================