
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Rizzotto on do 15/05/2014 at 10:30:02,61.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rizzotto\Desktop\zoek.exe [Scan all users]  [Checkboxes used]

==== System Restore Info ======================

15/05/2014 10:30:46 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Users\Rizzotto\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 7907 MB
CPU Info: AMD E2-1800 APU with Radeon(tm) HD Graphics
CPU Speed: 1730,7 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: AMD Radeon HD 7340 Graphics | AMD Radeon HD 7340 Graphics
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR5BWB222 Wireless-netwerkadapter | Realtek PCIe GBE Family-controller
CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH82N
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  455,9GB | D:  457,0GB | G:  298,1GB
Hard Disks - Free: C:  406,0GB | D:  456,8GB | G:  236,3GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE |  | ACRSYS - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer Aspire XC100
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Google Chrome	34.0.1847.116
Internet Explorer Version: 11.0.9600.17107 
Mozilla Firefox version: 29.0.1 (x86 nl)
Google Chrome version: 34.0.1847.116
Flash Player version: 13.0.0.214

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Rizzotto\AppData\Local\Temp ====
2014-05-01 17:19:58	FA1CA316B64D4C99E9E70DB42E2DBD52	845296	----a-w-	C:\Users\Rizzotto\AppData\Local\Temp\ytd_sysmenu_setup.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-05-14 15:55:26	1DEC681B79501A714F0D3FA2787183C3	305152	----a-w-	C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 15:55:07	9A11476467400E32083BCBF7A06EFF18	11792384	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 15:55:06	3F0DB8120F65E3223B4EAF6CA4CDB3C5	754688	----a-w-	C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 15:55:05	DC72DC452793C9622E6F056B89F9302C	123904	----a-w-	C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 15:55:05	D8C63F333D4A8D8433849A9ADC092BE9	31232	----a-w-	C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 15:55:05	AB3A013BA1C50B2309E5BF8136600656	828928	----a-w-	C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 15:55:05	8DA8026471B3470085B4AFB9C77BF45F	25088	----a-w-	C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 15:55:05	82119579B000F62D96B083BC6A246C07	80896	----a-w-	C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 15:55:05	51B615EF9408277FEF586EB97583844E	666624	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 15:55:05	0542A44401EA9451D82D3DF4BF3BD871	419928	----a-w-	C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 15:54:54	EB5347F6149D3FF25F4D609A21A3BD67	17382912	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 15:54:53	FBCF3F01177953EBF1E735643621CCF5	69632	----a-w-	C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 15:54:46	BA4FA107EF9A728C58A81B2EFCD6FE2B	26784	----a-w-	C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 15:54:46	6923D6FAB7CBA8D82BD792182B4F3DE4	80032	----a-w-	C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 15:54:27	B5507F49CB2E2516746BD55B9F671925	18679728	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2014-05-12 18:39:46	0DC5AF80D059DEC792B665ED598C6567	536576	----a-w-	C:\WINDOWS\SysWOW64\sqlite3.dll
2014-05-02 04:25:00	B5B3334F177CED627C2D7FE38235B6B1	2724864	----a-w-	C:\WINDOWS\SysWOW64\mshtml.tlb
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-05-14 15:55:26	326715361A7D1C65983BFE920990E4EF	308224	----a-w-	C:\WINDOWS\Sysnative\wusa.exe
2014-05-14 15:55:08	7E609FBF50774CC5A239420FE34EBB9C	3464192	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2014-05-14 15:55:08	739F99ADA1F0A4188F683918809FE7AC	13288960	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2014-05-14 15:55:08	3DF281C1553A6124DEF875C19D46AC0D	190976	----a-w-	C:\WINDOWS\Sysnative\storewuauth.dll
2014-05-14 15:55:06	AF1BC4F5421023D59F1D472C1A4E01CF	921088	----a-w-	C:\WINDOWS\Sysnative\WSShared.dll
2014-05-14 15:55:06	850FC6B2E385766B9972CDBE947989F6	381440	----a-w-	C:\WINDOWS\Sysnative\WUSettingsProvider.dll
2014-05-14 15:55:06	4FB80968811FAD6E88ABFAA98E51305C	1705472	----a-w-	C:\WINDOWS\Sysnative\wucltux.dll
2014-05-14 15:55:05	FD3638782572A8281BCF12520F6579F4	79872	----a-w-	C:\WINDOWS\Sysnative\WSReset.exe
2014-05-14 15:55:05	E9F333234A5641E2FEF2F5240BDD56B8	35328	----a-w-	C:\WINDOWS\Sysnative\wuapp.exe
2014-05-14 15:55:05	E859E9B4A0300F56C94D2C69F6F65657	827392	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2014-05-14 15:55:05	C383B71BAAC22CCE37B99339AEB62F1E	93696	----a-w-	C:\WINDOWS\Sysnative\wudriver.dll
2014-05-14 15:55:05	7F15F3E0F847D90EB3A2124258E6B1DC	54776	----a-w-	C:\WINDOWS\Sysnative\wuauclt.exe
2014-05-14 15:55:05	766DCDC7032C4C98E47B8A9F71239E38	555736	----a-w-	C:\WINDOWS\Sysnative\twinapi.appcore.dll
2014-05-14 15:55:05	736046C9AFD66BA29BA61ACD582E7A7B	137728	----a-w-	C:\WINDOWS\Sysnative\wuwebv.dll
2014-05-14 15:55:05	68CB2B575F0C67BB14590D1471285287	201728	----a-w-	C:\WINDOWS\Sysnative\ubpm.dll
2014-05-14 15:55:05	5F74A7DB62F6D560B0C858A096A37B59	1054208	----a-w-	C:\WINDOWS\Sysnative\twinui.appcore.dll
2014-05-14 15:55:05	1EC3AACDB335533A7470245C683ACF94	56320	----a-w-	C:\WINDOWS\Sysnative\wups.dll
2014-05-14 15:54:56	A920E1336F9FEA95477763E2CC15891B	84992	----a-w-	C:\WINDOWS\Sysnative\mshtmled.dll
2014-05-14 15:54:55	797E2E5C309AFF76990D5B7AF457EACA	23544320	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2014-05-14 15:54:46	D178F55D53B9A10FFBDC134C95517846	28320	----a-w-	C:\WINDOWS\Sysnative\mrt100.dll
2014-05-14 15:54:46	A750229C96A406EE123F43916053F142	86688	----a-w-	C:\WINDOWS\Sysnative\mrt_map.dll
2014-05-14 15:54:25	06070D4CC64300D473C55ABDC887B63C	21225584	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2014-05-02 04:24:54	94C59DD02BC7EA0E421055B9946CA861	2724864	----a-w-	C:\WINDOWS\Sysnative\mshtml.tlb
====== C:\WINDOWS\Sysnative\drivers =====
2014-04-20 00:11:00	9054B51D656282CFF395F9F22E369DCC	173568	----a-w-	C:\WINDOWS\Sysnative\drivers\mqac.sys
2014-04-19 19:55:05	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_silabser_01009.Wdf
2014-04-19 19:53:12	B816D865910E8F5B7E12D593EC584D91	72192	----a-w-	C:\WINDOWS\Sysnative\drivers\silabser.sys
2014-04-19 19:53:12	75F3C451D41B35089E92D368EE190ACA	52224	----a-w-	C:\WINDOWS\Sysnative\drivers\silabenm.sys
2014-04-18 13:01:56	E92276DB995B7E75DA9B9DD271058A8E	237336	----a-w-	C:\WINDOWS\Sysnative\drivers\avgidsdrivera.sys
====== C:\WINDOWS\Tasks ======
2014-04-19 23:24:36	B92D367773D766EC46F6B31724957EEE	1082	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-19 23:24:36	4C58F2A57D0DC9E565276D13C704B62F	1078	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-19 23:24:36	2DE39BC7F59FEEDB343EC5CA7F8F456B	3818	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-04-19 23:24:36	0F18939839A4610FC8338FBFE1EE31C0	4054	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-04-17 23:23:00	D70268A890117CBB951309A4DB5484C7	3126	----a-w-	C:\WINDOWS\Sysnative\Tasks\{362988DF-C7F7-428D-96C9-FFAEC7678F9C}
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-04-22 09:22:00	--------	d-----w-	C:\Program Files\Speccy
2014-04-21 09:32:32	--------	d-----w-	C:\Program Files\WinRAR
2014-04-20 17:15:54	--------	d-----w-	C:\Program Files\iPod
2014-04-20 17:15:53	--------	d-----w-	C:\Program Files\iTunes
2014-04-20 17:15:12	--------	d-----w-	C:\Program Files\Bonjour
2014-04-20 08:45:58	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-05-07 21:21:57	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2014-05-07 21:21:56	--------	d-----r-	C:\PROGRA~2\Skype
2014-04-30 13:39:35	--------	d-----w-	C:\PROGRA~2\i-Funbox DevTeam
2014-04-22 19:23:04	--------	d-----w-	C:\PROGRA~2\DreamBoxEdit
2014-04-21 11:10:04	--------	d-----w-	C:\PROGRA~2\Spotnet
2014-04-20 17:15:53	--------	d-----w-	C:\PROGRA~2\iTunes
2014-04-20 17:15:12	--------	d-----w-	C:\PROGRA~2\Bonjour
2014-04-20 08:20:38	--------	d-----w-	C:\PROGRA~2\Google
2014-04-20 00:15:00	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2014-04-19 23:29:07	--------	d-----w-	C:\PROGRA~2\Easy Speed Check
2014-04-18 18:20:17	--------	d-----w-	C:\PROGRA~2\AVG
======= C: =====
2014-04-20 08:58:21	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Recovery.txt
====== C:\Users\Rizzotto\AppData\Roaming ======
2014-05-15 08:09:35	--------	d-----r-	C:\Users\Rizzotto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 08:09:35	--------	d-----r-	C:\Users\Rizzotto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-07 21:22:19	--------	d-----w-	C:\Users\Rizzotto\AppData\Local\Skype
2014-05-07 21:22:08	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\Skype
2014-05-05 11:43:00	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\TeamViewer
2014-04-30 13:39:44	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\iFunbox_UserCache
2014-04-27 20:07:59	B7915B576F2AF36DC62A5DB567F9B3EE	600	----a-w-	C:\Users\Rizzotto\AppData\Local\PUTTY.RND
2014-04-25 07:44:23	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2014-04-25 07:44:23	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
2014-04-25 07:44:22	--------	d-----w-	C:\Users\Rizzotto\AppData\Local\Temp
2014-04-22 19:23:05	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DreamBoxEdit
2014-04-22 06:58:49	--------	d-----w-	C:\Users\Rizzotto\AppData\Local\Adobe
2014-04-21 12:48:22	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\uTorrent
2014-04-21 09:32:45	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\WinRAR
2014-04-21 09:32:35	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-04-20 17:16:35	--------	d-----w-	C:\Users\Rizzotto\AppData\Local\Apple Computer
2014-04-20 08:13:23	--------	d-----w-	C:\Users\Rizzotto\AppData\Local\VirtualStore
2014-04-20 00:03:52	--------	d-sh--w-	C:\Users\Rizzotto\AppData\Locallow\EmieUserList
2014-04-20 00:03:52	--------	d-sh--w-	C:\Users\Rizzotto\AppData\Locallow\EmieSiteList
2014-04-20 00:03:51	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\Adobe
2014-04-20 00:02:35	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\AVG2014
2014-04-20 00:02:35	--------	d-----w-	C:\Users\Rizzotto\AppData\Roaming\ATI
2014-04-20 00:02:35	--------	d-----w-	C:\Users\Rizzotto\AppData\Local\ATI
2014-04-20 00:02:11	--------	d-sh--w-	C:\Users\Rizzotto\AppData\Local\EmieUserList
2014-04-20 00:02:11	--------	d-sh--w-	C:\Users\Rizzotto\AppData\Local\EmieSiteList
2014-04-18 18:25:10	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014
2014-04-18 18:24:55	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg2014
2014-04-18 18:20:18	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg2014
2014-04-18 18:13:33	--------	d-----w-	C:\Users\Rizzotto\AppData\Local\Avg2014
2014-04-17 19:21:48	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Fighters
====== C:\Users\Rizzotto ======
2014-05-15 08:09:35	--------	d-----r-	C:\Users\Rizzotto\Saved Games
2014-05-15 08:09:35	--------	d-----r-	C:\Users\Rizzotto\Links
2014-05-15 08:09:34	--------	d-----r-	C:\Users\Rizzotto\Contacts
2014-05-13 09:51:10	E278D67DFBCC8BB765A5C0EA94F7B0CF	7149920	----a-w-	C:\Users\Rizzotto\Desktop\iTools.exe
2014-05-12 18:37:46	9C038759E5993C0B3BFD8F2192C12747	1325827	----a-w-	C:\Users\Rizzotto\Desktop\adwcleaner.exe
2014-05-07 21:21:57	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-07 21:21:52	--------	d-----w-	C:\ProgramData\Skype
2014-04-30 13:39:40	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2014-04-30 12:43:14	--------	d-----r-	C:\Users\Rizzotto\Videos
2014-04-30 12:43:14	--------	d-----r-	C:\Users\Public\Videos
2014-04-30 12:43:14	--------	d-----r-	C:\Users\Public\Pictures
2014-04-24 10:15:10	7220FAD57A4B3D9D9755C51198CC0386	174	--sh--w-	C:\Users\Public\desktop.ini
2014-04-24 10:15:10	--------	d-----r-	C:\Users\Public\Documents
2014-04-24 10:15:09	--------	d-----r-	C:\Users\Rizzotto\Documents
2014-04-21 11:10:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet
2014-04-21 11:10:04	--------	d-----w-	C:\ProgramData\Spotnet
2014-04-21 10:59:25	--------	d-----r-	C:\Users\Public\Music
2014-04-20 17:22:04	--------	d-----r-	C:\Users\Rizzotto\Pictures
2014-04-20 17:16:46	--------	d-----r-	C:\Users\Rizzotto\Music
2014-04-20 17:16:29	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-20 17:15:53	--------	d-----w-	C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-20 00:11:24	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS
2014-04-20 00:02:19	--------	d-----w-	C:\Users\Public\Desktop
2014-04-20 00:02:12	--------	d-----r-	C:\Users\Rizzotto\Favorites
2014-04-20 00:02:11	--------	d-----r-	C:\Users\Rizzotto\Searches
2014-04-20 00:02:06	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Rizzotto\ntuser.ini
2014-04-19 23:25:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-04-19 23:25:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-19 21:22:01	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2014-04-18 18:24:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-16 14:01:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

====== C: exe-files ==
2014-05-14 15:55:26	326715361A7D1C65983BFE920990E4EF	308224	----a-w-	C:\Windows\System32\wusa.exe
2014-05-14 15:55:26	1DEC681B79501A714F0D3FA2787183C3	305152	----a-w-	C:\Windows\SysWOW64\wusa.exe
2014-05-14 15:55:05	FD3638782572A8281BCF12520F6579F4	79872	----a-w-	C:\Windows\System32\WSReset.exe
2014-05-14 15:55:05	E9F333234A5641E2FEF2F5240BDD56B8	35328	----a-w-	C:\Windows\System32\wuapp.exe
2014-05-14 15:55:05	D8C63F333D4A8D8433849A9ADC092BE9	31232	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2014-05-14 15:55:05	BE1FAE2B208F1E0B38FD4EF353D067C8	25304	----a-w-	C:\Windows\WinStore\WSHost.exe
2014-05-14 15:55:05	7F15F3E0F847D90EB3A2124258E6B1DC	54776	----a-w-	C:\Windows\System32\wuauclt.exe
2014-05-13 22:26:06	DD5B5B10BB387F7A7D4B60323163C93B	1268560	----a-w-	C:\Users\Rizzotto\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
2014-05-13 09:51:10	E278D67DFBCC8BB765A5C0EA94F7B0CF	7149920	----a-w-	C:\Users\Rizzotto\Desktop\iTools.exe
2014-05-12 18:37:46	9C038759E5993C0B3BFD8F2192C12747	1325827	----a-w-	C:\Users\Rizzotto\Desktop\adwcleaner.exe
=== C: other files ==
2014-05-14 15:37:37	6BBE2E0B1CC5ABB35EA9FFE894EA90DC	6381	----a-w-	C:\Users\Rizzotto\Desktop\mcs_config.zip
2014-05-11 15:18:34	425A96193BBCEB5A4E31D7F76A09866F	695874	----a-w-	C:\Windows\Temp\avgdiag2\ec39ac14-0e08-411a-949d-d45ae5bc1d04\out\ec39ac14-0e08-411a-949d-d45ae5bc1d04[92a0fcba-bdfe-47d2-9d7a-3de12d4b74eb].zip
2014-05-11 12:45:55	BED43F7AF6A4846281858E15AE52908F	653624	----a-w-	C:\Users\Rizzotto\Desktop\maps\Slender MAP .zip
2014-05-10 21:05:45	6453120D29CEB7FD8F74B0359F83D0D4	303279	----a-w-	C:\Users\Rizzotto\Desktop\maps\Christmass callendar PE (1).zip
2014-05-10 20:33:21	9D79B7DE6572DBFDAEE7F5F9AB2929D0	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1430638768-1313984737-3149426251-1002\$ITJAXHR.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1430638768-1313984737-3149426251-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"Real Hide IP"="C:\Program Files (x86)\RealHideIP\RealHideIP.exe"
"FDPRO-516"="C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO"
"Easy Speed PC"="C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe"
"EasySpeedCheck"="C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe"
"uTorrent"="C:\Users\Rizzotto\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"Real Hide IP"="C:\Program Files (x86)\RealHideIP\RealHideIP.exe"
"FDPRO-516"="C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO"
"Easy Speed PC"="C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe"
"EasySpeedCheck"="C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe"
"uTorrent"="C:\Users\Rizzotto\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="   "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Folders ======================

2014-04-22 06:59:21	2150	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2014 20:23]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/04/2014 10:20]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/04/2014 10:20]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1cf498b3aded8d4" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{D691C4CF-196A-42D1-A708-A0FEC2721B6A}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\4mpanrw5.default
- leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Rizzotto\AppData\Roaming\Mozilla\Firefox\Profiles\4mpanrw5.default
A58DE0A570148AF5FF3512B2A340D09F	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11/04/2014 19:46]

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Real Hide IP] C:\Program Files (x86)\RealHideIP\RealHideIP.exe
O4 - HKCU\..\Run: [FDPRO-516] C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO
O4 - HKCU\..\Run: [Easy Speed PC] C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe
O4 - HKCU\..\Run: [EasySpeedCheck] C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Rizzotto\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:    
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

==== C:\zoek_backup content ======================

C:\zoek_backup (files=251 folders=102 101258326 bytes)

==== EOF on do 15/05/2014 at 10:38:44,24 ======================