Zoek.exe v5.0.0.0 Updated 10-December-2014 Tool run by rian on do 11/12/2014 at 9:03:51,47. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\rian\Downloads\onderhoud\zoek.exe.scr [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-09-183912.log 413131 bytes C:\zoek-results2014-12-10-134436.log 428208 bytes C:\zoek-results2014-12-10-145430.log 444913 bytes ==== Empty Folders Check ====================== C:\Users\rian\AppData\Local\PackageStaging deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Origin\Origin.exe C:\Program Files (x86)\Origin\OriginClientService.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Windows\AutoKMS deleted "C:\Windows\SysNative\tasks\AutoKMS" deleted ==== System Specs ====================== Operating System: Microsoft Windows 8.1 6.3.9600 64 bits Manufacturer: Acer - Model: Aspire XC-105 Install Date: 4/05/2014 12:17:33 Last Boot: 10/12/2014 15:53:57 Processor: AMD A4-5000 APU with Radeon(TM) HD Graphics Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 3517 MB (free 1728 MB - 49) Computername: HERIJGERS Domain: WORKGROUP User: rian (Non-Administrator account) Local Disk: C:\ - NTFS - 456 GB (free 342 GB) Local Disk: D:\ - NTFS - 456 GB (free 143 GB) CD \ DVD Drive: E:\ Bootdevice: \Device\HarddiskVolume2 Windows update: Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Internet Explorer Version: 11.0.9600.17416 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) Flash Player version: 15.0.0.246 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-10 12:31:46 9295A92234721EC22B52BEC178F924A6 152 ----a-w- C:\Windows\$PREFFILE 2014-11-26 15:47:23 727B4519FE9919447108CBEC4768F34A 54272 ----a-w- C:\Windows\twain_32.dll 2014-11-26 15:45:48 85D47EB257B06094F052E0C8AEFA3BEE 2501368 ----a-w- C:\Windows\explorer.exe 2014-11-26 15:45:44 73E19BE0E0ECD88616B5762F621B0226 11264 ----a-w- C:\Windows\write.exe 2014-11-26 15:45:43 959A31D0CD013CEA0C66DB7C03BCBDDF 221184 ----a-w- C:\Windows\notepad.exe 2014-11-26 15:45:34 4D9DA155B7B449964E14FC32124CC601 128512 ----a-w- C:\Windows\splwow64.exe 2014-11-26 15:45:12 B934411DFE7DEACFA95A1255A48133C9 17408 ----a-w- C:\Windows\hh.exe 2014-11-26 15:45:12 80E856B1AFAEB6195EADAAD65945147C 1001472 ----a-w- C:\Windows\HelpPane.exe 2014-11-26 15:44:39 B67DB709F5FDAA89CA6C2CB6C1E39B3B 154624 ----a-w- C:\Windows\regedit.exe 2014-11-26 15:43:48 335C38783B3F1B383ECAC17DB3705895 9728 ----a-w- C:\Windows\winhlp32.exe ====== C:\Users\rian\AppData\Local\Temp ==== 2014-12-10 21:29:22 7E7EB7AFF595774E5E500B34058CC1A7 192512 ----a-w- C:\Users\rian\AppData\Local\Temp\sfamcc00001.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-09 05:57:57 CA2F560921B7B8BE1CF555A5A18D54C3 348160 ----a-w- C:\Windows\SysWOW64\msvcr71.dll 2014-12-09 05:57:57 1FD3F9722119BDF7B8CFF0ECD1E84EA6 1060864 ----a-w- C:\Windows\SysWOW64\mfc71.dll 2014-12-08 20:25:55 38645A046EF5A4F44F25C08151BE4616 45 ----a-w- C:\Windows\SysWOW64\_WKERNEL.SYL 2014-12-08 20:25:18 F8D176DB5B14AED7C9B25E0640226BD1 258352 ----a-w- C:\Windows\SysWOW64\unicows.dll 2014-12-08 20:25:18 7BDB3B1F1303F0370D7E4CE82AD73D37 56496 ----a-w- C:\Windows\SysWOW64\wbhelp2.dll 2014-12-08 20:25:18 4BAF561A4819F0EDF96C6FD903A5694F 544768 ----a-w- C:\Windows\SysWOW64\wbocx.ocx 2014-12-08 20:25:17 CF295F9A323B1EC8B196E598636E78E4 439 ----a-w- C:\Windows\SysWOW64\shfolder.inf 2014-12-08 20:25:17 B9C2EB1291BACAF8D979D7DF06D1E4EE 33968 ----a-w- C:\Windows\SysWOW64\anim.dll 2014-12-08 20:25:17 7D4A0D6C685107AC1B5089806CD4273B 4608 ----a-w- C:\Windows\SysWOW64\W95INF32.DLL 2014-12-08 20:25:17 7210D5407A2D2F52E851604666403024 2272 ----a-w- C:\Windows\SysWOW64\W95INF16.DLL ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-08 16:35:52 C172DA008543DE152050C179F1857434 11776 ----a-w- C:\Windows\Sysnative\rtl120.bpl ====== C:\Windows\Sysnative\drivers ===== 2014-12-09 12:50:51 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\Sysnative\drivers\EsgScanner.sys 2014-11-26 15:47:17 BC8A79C625568DDB7DCA49D0C2741A64 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-11-26 15:47:08 A2468CC3509394A33C4C32F99563D845 54784 ----a-w- C:\Windows\Sysnative\drivers\wpcfltr.sys 2014-11-26 15:46:00 E1BB0B6F00F470B451AB45EA13EBA0B3 1552704 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2014-11-26 15:46:00 982B9495F70FEEA269C48F18E960EFDE 389952 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2014-11-26 15:45:33 008F7CED69FD5B30CBDE1E03C6F36A27 445440 ----a-w- C:\Windows\Sysnative\drivers\nwifi.sys 2014-11-26 15:45:32 F3C060444777A59FC63D920719E43CCD 115712 ----a-w- C:\Windows\Sysnative\drivers\bridge.sys 2014-11-26 15:45:32 B337B1F1E82A83E20A1743E008E25C0F 17408 ----a-w- C:\Windows\Sysnative\drivers\rasacd.sys 2014-11-26 15:45:31 D7A41959BB3A8510F1BAC36F5CEC1874 144384 ----a-w- C:\Windows\Sysnative\drivers\rmcast.sys 2014-11-26 15:45:30 8CECC8DA55F3274181FD1EA28AD76664 43008 ----a-w- C:\Windows\Sysnative\drivers\ndiscap.sys 2014-11-26 15:45:27 42FF4975D032CAE558AE4BB8448F6E5A 48128 ----a-w- C:\Windows\Sysnative\drivers\netbios.sys 2014-11-26 15:45:26 FC0141B4A5AD6D637D883C1A89FC45C5 151040 ----a-w- C:\Windows\Sysnative\drivers\pacer.sys 2014-11-26 15:45:26 269882812E9A68FFF1AFE1283D428322 126464 ----a-w- C:\Windows\Sysnative\drivers\NdisImPlatform.sys 2014-11-26 15:45:25 9746BA79DE0CA5EB5104406A9ED62D01 11776 ----a-w- C:\Windows\Sysnative\drivers\rootmdm.sys 2014-11-26 15:45:25 83868EB2924E6BC21A54337C65D614D1 47104 ----a-w- C:\Windows\Sysnative\drivers\qwavedrv.sys 2014-11-26 15:45:25 82821F4EEC776B4CF11695A38F3ABA46 24576 ----a-w- C:\Windows\Sysnative\drivers\ndistapi.sys 2014-11-26 15:45:24 E8FFD8BE3C50E7A71C5FBB87BDD1128E 96768 ----a-w- C:\Windows\Sysnative\drivers\agilevpn.sys 2014-11-26 15:45:24 DDD7F92A83F74D1476B71FBA9530A8DC 72192 ----a-w- C:\Windows\Sysnative\drivers\ndproxy.sys 2014-11-26 15:45:24 BAB713B409258DB7B5D9F9693F802B0E 136512 ----a-w- C:\Windows\Sysnative\drivers\wfplwfs.sys 2014-11-26 15:45:24 6FC047578785B0435F4E2660946D1ADC 74240 ----a-w- C:\Windows\Sysnative\drivers\mpsdrv.sys 2014-11-26 15:45:24 6505C9E72910F91D4C317EECF22D1DE6 80896 ----a-w- C:\Windows\Sysnative\drivers\wanarp.sys 2014-11-26 15:45:24 51B3AC0560848CD6D65AC2033E293113 66560 ----a-w- C:\Windows\Sysnative\drivers\mslldp.sys 2014-11-26 15:45:24 41F631007A158FEBB67F0E2AD1601BBA 93696 ----a-w- C:\Windows\Sysnative\drivers\rassstp.sys 2014-11-26 15:45:23 3083926D1CC5B56EA0786527B557DD1B 103424 ----a-w- C:\Windows\Sysnative\drivers\Ndu.sys 2014-11-26 15:45:14 615DFD97DEA56CE1C3A52185A3038FF8 921920 ----a-w- C:\Windows\Sysnative\drivers\refs.sys 2014-11-26 15:45:08 415DD71628795197F7AFC176CBADC74E 82944 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2014-11-26 15:45:01 13BEA6C882D4D877A5A85CA149C86BC1 40960 ----a-w- C:\Windows\Sysnative\drivers\scfilter.sys 2014-11-26 15:44:56 D7B4859227B02BCC1055B279A63C937F 226304 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2014-11-26 15:44:56 481286719402E4BAEFEA0604AB1B5113 113664 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2014-11-26 15:44:56 13EFD41E351F31E087283CF66C29A25E 373568 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-11-26 15:44:37 A57A897E3F87B8E9F30A627C42779A76 21824 ----a-w- C:\Windows\Sysnative\drivers\tbs.sys 2014-11-26 15:44:35 A7C31B168F371E8E6796219F23E354DB 61248 ----a-w- C:\Windows\Sysnative\drivers\fsdepends.sys 2014-11-26 15:44:35 5F66B7BB330AA80067FC66149A692620 33600 ----a-w- C:\Windows\Sysnative\drivers\wimmount.sys 2014-11-26 15:43:46 6276AC2AA203CF47811F6EFBBD214FBF 202752 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2014-11-26 15:43:46 31233271EDE50D1BBB220F78AFA60486 405504 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2014-11-26 15:43:46 00D8AC8E3053290BDE6EA2FB6810D2FC 678400 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2014-11-26 15:43:45 CA3F19E4B0765135B0F3C99384C535B9 177472 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-11-26 15:43:45 114AAF528D3D87D306F3682E618E8091 563976 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2014-11-26 15:43:44 D1D82F007A079A4D623DBD1F36EF30A1 102208 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2014-11-26 15:43:44 C1FB505A73FA2E9019D32444AB33B75A 354112 ----a-w- C:\Windows\Sysnative\drivers\fltMgr.sys 2014-11-26 15:43:44 4E829B18D5BAEC29893792A3C671A847 100672 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-11-26 15:43:44 2787A73C848128C950385CB3A63A6B91 337728 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2014-11-26 15:43:43 21FE65E2E67C4E31EE95CBD1F91C4B24 1114432 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2014-11-26 15:43:40 BF8205666BA2F9C2ABFA821DB8230C12 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-11-26 15:43:40 BAFF6122CFC9F95CA175AD8C348179A4 88896 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys 2014-11-26 15:43:40 7F68063A5A0461E02BC860CE0E6BFDDC 2025792 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-11-26 15:43:40 468273F7089A3A33D149955F0F203FA4 2485056 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-11-26 15:43:40 0E046FF5823B95326D10CF1B4AF23541 39424 ----a-w- C:\Windows\Sysnative\drivers\nsiproxy.sys 2014-11-26 15:43:39 24A8DFC07E4BAF29AEA26E383D4CC886 86336 ----a-w- C:\Windows\Sysnative\drivers\pdc.sys 2014-11-26 15:43:39 20185BEB7512EDE4EFECDFA148AC9F99 29696 -c--a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-11-26 15:43:36 0F030491BA4A27BD46F8B8ACEEE83F1A 44544 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2014-11-26 15:43:35 F00B189ECA74DDF408AD934ADDC72477 89088 -c--a-w- C:\Windows\Sysnative\drivers\drmk.sys 2014-11-26 15:43:35 C76097CA941FA7CAFEDB1E557969025C 272384 -c--a-w- C:\Windows\Sysnative\drivers\portcls.sys 2014-11-26 15:43:35 C37F4930795B771400C63C3C87E7A6C2 1198080 -c--a-w- C:\Windows\Sysnative\drivers\bthport.sys 2014-11-26 15:43:35 67343511D80BF3D6D9EEDB5BA8D0B06B 57856 -c--a-w- C:\Windows\Sysnative\drivers\bthhfenum.sys 2014-11-26 15:43:35 5C8F604F6DC74177CDD8372D7B1ADFF0 212736 -c--a-w- C:\Windows\Sysnative\drivers\usbvideo.sys 2014-11-26 15:43:35 1104A31260CCF4318C884E0AE6C513BF 53248 -c--a-w- C:\Windows\Sysnative\drivers\bthenum.sys 2014-11-26 15:43:35 08EA90955AED2D959EE67DF6EDF0E2B6 81920 -c--a-w- C:\Windows\Sysnative\drivers\BTHUSB.SYS 2014-11-26 15:43:35 0139248F6B95CF0D837B5B46A2722D40 98304 -c--a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2014-11-26 15:43:35 00C594D5A1DBD22AD8B2902B9F6EFF94 14528 -c--a-w- C:\Windows\Sysnative\drivers\drmkaud.sys 2014-11-26 15:43:34 EF31713EE4C7CCFE4049F7E7F15645A2 69952 ----a-w- C:\Windows\Sysnative\drivers\vpci.sys 2014-11-26 15:43:34 E796AE43DDD1844281DB4D57294D17C0 533824 -c--a-w- C:\Windows\Sysnative\drivers\acpi.sys 2014-11-26 15:43:34 D4DCE03870314D3354F3501F9DDD4123 87040 ----a-w- C:\Windows\Sysnative\drivers\netvsc63.sys 2014-11-26 15:43:34 D24B1945ED1F9C96DA786DBBF1E983CE 415040 -c--a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2014-11-26 15:43:34 C06E8481E068F170A258441639AC5792 551232 -c--a-w- C:\Windows\Sysnative\drivers\vhdmp.sys 2014-11-26 15:43:34 B02118A776C368F7EE1A8CC81378D265 153920 -c--a-w- C:\Windows\Sysnative\drivers\dumpsd.sys 2014-11-26 15:43:34 A770340FC02B999EF0DE6C2A6BC8437C 39744 -c--a-w- C:\Windows\Sysnative\drivers\intelpep.sys 2014-11-26 15:43:34 A53E798C06D729CCF8459968B4372F6E 89368 ----a-w- C:\Windows\Sysnative\drivers\vmbkmcl.sys 2014-11-26 15:43:34 8B9486B64E5FC17FB9CC04CA10B77A34 49944 ----a-w- C:\Windows\Sysnative\drivers\vmstorfl.sys 2014-11-26 15:43:34 7B7C482CF48E6EE33664340D1A78E6FE 238912 -c--a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2014-11-26 15:43:34 511AD3FF957A0127E6BD336FF6F89C38 97048 ----a-w- C:\Windows\Sysnative\drivers\vmbus.sys 2014-11-26 15:43:34 10A78656BF6126245631705E45F9B9CF 61208 ----a-w- C:\Windows\Sysnative\drivers\winhv.sys 2014-11-26 15:43:33 FAA564A13576F9284546BF016D27B551 467776 -c--a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2014-11-26 15:43:33 D887446F3F6051C60C26F4FD1FC8D43F 107520 -c--a-w- C:\Windows\Sysnative\drivers\i8042prt.sys 2014-11-26 15:43:33 A1D4D34A56DF1D5122CDB265038A2E72 59712 -c--a-w- C:\Windows\Sysnative\drivers\kbdclass.sys 2014-11-26 15:43:33 96B01F117057FB4DAE0FF919ACB55770 26112 -c--a-w- C:\Windows\Sysnative\drivers\sermouse.sys 2014-11-26 15:43:33 91223A2AE2955B3E0DA3DB79C3A897A6 30208 -c--a-w- C:\Windows\Sysnative\drivers\mouhid.sys 2014-11-26 15:43:33 807F8CF3E973305FC435C61CBBEE2A49 189248 -c--a-w- C:\Windows\Sysnative\drivers\UCX01000.SYS 2014-11-26 15:43:33 65454187E0F8B6C0DCECB0287D06EC43 14144 -c--a-w- C:\Windows\Sysnative\drivers\swenum.sys 2014-11-26 15:43:33 4A34D7084B862A92F3ABC4969166B3D3 32256 -c--a-w- C:\Windows\Sysnative\drivers\kbdhid.sys 2014-11-26 15:43:33 2A2F8D5284E59815169A88F1FC9CEE28 51008 -c--a-w- C:\Windows\Sysnative\drivers\mouclass.sys 2014-11-26 15:43:33 1A20F03700D2B2ED775E38D751EF2F63 324928 -c--a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS 2014-11-12 07:52:00 DE8D12B4C3F55FA2C5E9774314F6C58A 258368 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2014-11-12 07:51:59 4AD874CDC812EC156265E451B6B09DAB 114496 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2014-11-12 07:51:58 0359607177E5E9F6041136CC0A5CB0B6 35320 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys ====== C:\Windows\Tasks ====== 2014-12-09 13:35:49 D59CEB142DC72B5E52EE1F7D66D5176A 3592 ----a-w- C:\Windows\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3407601407-1100001478-5146501-1006 2014-12-09 12:51:59 F944E9D7C0CD17306DB4A69D9B6907A4 3324 ----a-w- C:\Windows\Sysnative\Tasks\SpyHunter4Startup 2014-12-09 08:41:44 -------- d-----w- C:\Windows\Sysnative\Tasks\Safer-Networking 2014-12-03 20:03:05 ABB961CD8838B777EAA39C8877AFE1F1 3832 ----a-w- C:\Windows\Sysnative\Tasks\Opera scheduled Autoupdate 1414785505 2014-11-21 08:33:15 970F89FF9C082704CF00A956EB401523 2852 ----a-w- C:\Windows\Sysnative\Tasks\Driver Booster SkipUAC (rian) 2014-11-12 22:45:52 4A537F4940F6215E7F53D1BA2A6D4937 1084 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-12 22:45:51 3C61F57B94EE691F72CDBA8F7AA44B97 1080 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-10 09:00:29 -------- d-----w- C:\Program Files\Microsoft Silverlight 2014-12-09 07:47:05 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-12-10 12:35:43 -------- d-----w- C:\PROGRA~2\Opera 2014-12-10 12:31:08 -------- d-----w- C:\PROGRA~2\eMule0.60 2014-12-10 09:00:29 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2014-12-09 14:11:36 -------- d-----w- C:\PROGRA~2\Eusing Free Registry Cleaner 2014-12-09 10:16:04 -------- d-----w- C:\PROGRA~2\Dll-Files.com Fixer 2014-12-09 07:24:40 -------- d-----w- C:\PROGRA~2\DLLEscort 2014-12-09 05:23:10 -------- d-----w- C:\PROGRA~2\DLLSuite 2014-12-08 20:25:16 -------- d-----w- C:\PROGRA~2\WinUtilities 2014-12-08 18:18:05 -------- d-----w- C:\PROGRA~2\AVG 2014-12-02 10:23:18 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit 2014-11-20 19:21:23 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-11-20 19:21:20 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== 2014-12-08 15:13:53 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag ====== C:\Users\rian\AppData\Roaming ====== 2014-12-10 17:50:23 -------- d-----w- C:\Users\rian\AppData\Roaming\dekovir 2014-12-10 14:53:23 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-12-10 14:53:22 -------- d-----w- C:\Users\march_000\AppData\Local\Temp 2014-12-10 14:53:22 -------- d-----w- C:\Users\Gast\AppData\Local\Temp 2014-12-10 14:53:22 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-12-10 14:53:22 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-12-10 14:53:21 -------- d-----w- C:\Users\rian\AppData\Local\Temp 2014-12-10 12:32:15 -------- d-----w- C:\Users\rian\AppData\Local\eMule0.60 2014-12-10 12:31:42 -------- d-----w- C:\Users\rian\AppData\Roaming\mulehome 2014-12-09 14:11:48 -------- d-----w- C:\Users\rian\AppData\Roaming\Eusing 2014-12-09 14:11:42 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner 2014-12-09 13:31:34 -------- d-----w- C:\Users\march_000\AppData\Local\BMExplorer 2014-12-09 13:31:22 -------- d-----w- C:\Users\march_000\AppData\Roaming\AVG2015 2014-12-09 13:31:18 -------- d-----w- C:\Users\march_000\AppData\Local\Avg2015 2014-12-09 13:31:14 -------- d-----w- C:\Users\march_000\AppData\Roaming\Atheros 2014-12-09 13:27:01 -------- d-----r- C:\Users\march_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-12-09 13:27:01 -------- d-----r- C:\Users\march_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-12-09 13:26:55 -------- d-----w- C:\Users\march_000\AppData\Roaming\Identities 2014-12-09 13:25:30 -------- d-----w- C:\Users\rian\AppData\Local\AOP SDK 2014-12-09 13:24:54 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\acer 2014-12-09 13:22:36 -------- d-----w- C:\Users\march_000\AppData\Local\clear.fi 2014-12-09 13:20:28 -------- d-----w- C:\Users\march_000\AppData\Roaming\Adobe 2014-12-09 13:20:11 -------- d-----w- C:\Users\march_000\AppData\Local\Packages 2014-12-09 13:20:09 -------- d-s---w- C:\Users\march_000\AppData\Locallow\Microsoft 2014-12-09 13:19:44 -------- d-s---w- C:\Users\march_000\AppData\Roaming\Microsoft 2014-12-09 13:19:44 -------- d-----w- C:\Users\march_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-09 13:19:44 -------- d-----w- C:\Users\march_000\AppData\Roaming\IObit 2014-12-09 13:19:44 -------- d-----w- C:\Users\march_000\AppData\Local\Microsoft Help 2014-12-09 13:19:44 -------- d-----w- C:\Users\march_000\AppData\Local\Microsoft 2014-12-09 13:19:44 -------- d-----r- C:\Users\march_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-12-09 13:19:44 -------- d-----r- C:\Users\march_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-09 13:19:44 -------- d-----r- C:\Users\march_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-12-09 12:52:04 -------- d-----w- C:\Users\rian\AppData\Roaming\Enigma Software Group 2014-12-09 04:56:38 -------- d-----w- C:\Users\rian\AppData\Roaming\QuickScan 2014-12-09 04:45:19 -------- d-----w- C:\Users\Gast\AppData\Roaming\AVG2015 2014-12-09 04:45:18 -------- d-----w- C:\Users\Gast\AppData\Local\Avg2015 2014-12-08 22:31:49 -------- d-----w- C:\Users\Gast\AppData\Roaming\Identities 2014-12-08 18:24:41 -------- d-----w- C:\Users\rian\AppData\Roaming\AVG2015 2014-12-08 18:24:04 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2014-12-08 18:23:00 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2014-12-08 18:22:58 -------- d-----w- C:\Users\rian\AppData\Roaming\TuneUp Software 2014-12-08 18:18:06 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2014-12-08 18:14:33 -------- d-----w- C:\Users\rian\AppData\Local\Avg2015 2014-12-07 08:18:34 -------- d-----w- C:\Users\rian\AppData\Roaming\Absolutist 2014-12-06 13:51:07 -------- d-----w- C:\Users\rian\AppData\Local\art_of_mosaics 2014-12-06 13:27:07 -------- d-----w- C:\Users\rian\AppData\Local\fantasy_mosaics_bigfish 2014-12-06 10:17:36 -------- d-----w- C:\Users\rian\AppData\Roaming\Scholastic 2014-12-06 08:28:43 -------- d-----w- C:\Users\rian\AppData\Local\fantasy_mosaics_5_iwin 2014-12-06 08:02:34 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fantasy Mosaics 5 2014-12-06 07:42:55 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fearful Tales Hansel and Gretel CE 2014-12-05 16:32:05 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Christmas Stories 2 - A Christmas Carol Collectors Edition 2014-12-05 16:20:03 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Christmas Stories - Nutcracker CE 2014-12-04 10:35:38 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Christmas Stories 3 - Hans Christian Andersens Tin Soldier CE 2014-12-04 10:07:50 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Delicious 10 - Emilys New Beginning 2014-12-04 10:06:40 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haunted Train 2 - Frozen in Time [BETA] 2014-12-04 10:05:52 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Graven - The Purple Moon Prophecy 2014-12-04 10:01:51 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Object Crosswords 2 2014-12-01 10:44:59 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files 11 - Dire Grove, Sacred Grove CE 2014-12-01 09:54:11 -------- d-----w- C:\Users\rian\AppData\Roaming\.mono 2014-12-01 09:53:48 -------- d-----w- C:\Users\rian\AppData\Locallow\Audiosurf_ LLC 2014-11-27 17:07:50 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GemistDownloader 2014-11-27 17:07:50 -------- d-----w- C:\Users\rian\AppData\Roaming\GemistDownloader 2014-11-27 17:06:04 -------- d-sh--w- C:\Users\rian\AppData\Locallow\EmieBrowserModeList 2014-11-27 17:06:04 -------- d-sh--w- C:\Users\rian\AppData\Local\EmieBrowserModeList 2014-11-26 23:12:17 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\rian\AppData\Locallow\ChangeTaskbarRect 2014-11-20 19:21:42 -------- d-----w- C:\Users\rian\AppData\Local\Skype 2014-11-20 19:21:36 -------- d-----w- C:\Users\rian\AppData\Roaming\Skype 2014-11-20 12:29:14 -------- d-----w- C:\Users\rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dark Parables 8 - The Little Mermaid and the Purple Tide CE ====== C:\Users\rian ====== 2014-12-11 07:16:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity 2000 Special Edition 2014-12-10 21:31:03 -------- d-----w- C:\ProgramData\IsolatedStorage 2014-12-10 12:31:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule0.60 2014-12-10 09:28:38 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2014-12-10 09:00:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-12-09 14:32:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Express 2014-12-09 14:32:11 -------- d-----w- C:\ProgramData\Reimage Express 2014-12-09 13:39:02 -------- d-----r- C:\Users\march_000\OneDrive 2014-12-09 13:27:01 -------- d-----r- C:\Users\march_000\Searches 2014-12-09 13:27:00 -------- d-----r- C:\Users\march_000\Contacts 2014-12-09 13:22:35 -------- d-----w- C:\Users\march_000\PicStream 2014-12-09 13:20:04 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\march_000\ntuser.ini 2014-12-09 13:19:43 -------- d--h--w- C:\Users\march_000\AppData 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Videos 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Saved Games 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Pictures 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Music 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Links 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Favorites 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Downloads 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Documents 2014-12-09 13:19:43 -------- d-----r- C:\Users\march_000\Desktop 2014-12-09 12:51:58 -------- d-----w- C:\Users\rian\Start Menu 2014-12-09 08:56:55 -------- d-----w- C:\ProgramData\F-Secure 2014-12-09 07:25:00 -------- d-----w- C:\ProgramData\dllescort 2014-12-09 05:59:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-12-08 20:25:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities 2014-12-08 18:22:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-12-08 18:18:45 -------- d-----w- C:\ProgramData\AVG2015 2014-12-08 14:34:15 -------- d-----w- C:\ProgramData\Mozilla 2014-12-05 16:26:37 -------- d-----w- C:\ProgramData\Elephant Games 2014-11-20 19:21:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-11-20 19:21:11 -------- d-----w- C:\ProgramData\Skype ====== C: exe-files == 2014-12-11 07:16:45 82CB9B2D994AE88269DD0DD1FD6C66DB 854848 ----a-w- C:\Program Files (x86)\Common Files\EAInstaller\SimCity 2000 Special Edition\Cleanup.exe 2014-12-10 12:31:46 1859C01FF8E0D1E29D4370E7F7E3119D 170094 ----a-w- C:\Program Files (x86)\eMule0.60\Uninstall.exe 2014-12-09 21:47:27 0C03930EAEB2C336A067451192677F28 10120 ----a-w- C:\Users\rian\AppData\Local\Apps\2.0\QLXAH1OX.0HP\JDJDO1E7.AX0\goog...app_4fe91ede9f9bdca3_0001.0003_40d068f05e117fe3\clickonce_bootstrap.exe 2014-12-09 16:41:02 7D84840FA3270CF869F547F6D6A8B9FE 10501632 ----a-w- C:\Users\rian\AppData\Local\Packages\Facebook.Facebook_8xx8rvfyw5nnt\AC\Microsoft\CLR_v4.0\NativeImages\Facebook\eff57947f2d527a4d30599471bd8a2a4\Facebook.ni.exe 2014-12-09 15:56:04 C7DDBE92A00E051072348AE0E1A34BA9 1685080 ----a-w- C:\Users\rian\AppData\Roaming\BitTorrent\updates\7.9.2_36804.exe 2014-12-09 14:11:39 2007651DC1FAE8424315704CE488138C 1497600 ----a-w- C:\Program Files (x86)\Eusing Free Registry Cleaner\Regcleaner.exe 2014-12-09 14:11:37 973567B98CDFC147DF4E60471D9DF072 153088 ----a-w- C:\Program Files (x86)\Eusing Free Registry Cleaner\UNWISE.EXE 2014-12-09 13:25:29 A9415E7F263F2C68FE9E67469E779373 7168 ----a-w- C:\OEM\ClientOperationTest.exe 2014-12-09 12:52:04 B4CD9E8513C17C32224C70330A235296 3044736 ----a-w- C:\Users\rian\AppData\Roaming\Enigma Software Group\sh_installer.exe 2014-12-09 10:16:04 E0A99916EDED6A038184315A63F3E31B 907808 ----a-w- C:\Program Files (x86)\Dll-Files.com Fixer\CleanSchedule.exe 2014-12-09 10:16:04 A470C36CB7D9C087595DFD43D2F90A6F 8753696 ----a-w- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe 2014-12-09 10:16:04 9EF142477059947973AF58AF60B87215 1604513 ----a-w- C:\Program Files (x86)\Dll-Files.com Fixer\unins000.exe 2014-12-09 07:47:06 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\rian.exe 2014-12-09 07:24:40 BAF5030684ADE8C3AD84A4D41EEE89D6 380416 ----a-w- C:\Program Files (x86)\DLLEscort\DLLTool.exe 2014-12-09 05:27:23 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\rian\AppData\Local\Apps\2.0\QLXAH1OX.0HP\JDJDO1E7.AX0\inst...app_4fe91ede9f9bdca3_0001.0003_42ceeda68833d423\GoogleUpdateSetup.exe 2014-12-09 05:27:23 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\rian\AppData\Local\Apps\2.0\QLXAH1OX.0HP\JDJDO1E7.AX0\goog...app_4fe91ede9f9bdca3_0001.0003_40d068f05e117fe3\GoogleUpdateSetup.exe 2014-12-09 05:27:23 87EB5AFD21E52CB08883E04605B55829 880784 ----a-w- C:\Users\rian\AppData\Local\Apps\2.0\QLXAH1OX.0HP\JDJDO1E7.AX0\clic...exe_4fe91ede9f9bdca3_0001.0003_none_b1328e123920ace1\GoogleUpdateSetup.exe 2014-12-09 05:27:23 0C03930EAEB2C336A067451192677F28 10120 ----a-w- C:\Users\rian\AppData\Local\Apps\2.0\QLXAH1OX.0HP\JDJDO1E7.AX0\inst...app_4fe91ede9f9bdca3_0001.0003_42ceeda68833d423\clickonce_bootstrap.exe 2014-12-08 20:25:38 6AAA15FD9D359CCB99C11283B64A8785 269080 ----a-w- C:\Program Files (x86)\WinUtilities\ToolContextMenus.exe 2014-12-08 20:25:38 1DA5AF0F77D66BD88C47B1EB02961051 387864 ----a-w- C:\Program Files (x86)\WinUtilities\DiskAnalytics.exe 2014-12-08 20:25:37 E02111782E77A2BBF0E48A0C38C94280 240408 ----a-w- C:\Program Files (x86)\WinUtilities\ToolWinTools.exe 2014-12-08 20:25:37 DBDDF87995D45CFE19D617D395641194 391960 ----a-w- C:\Program Files (x86)\WinUtilities\ToolHistoryCleaner.exe 2014-12-08 20:25:37 CA7755E6F31CDE15F79C76DDA63CA6BB 183064 ----a-w- C:\Program Files (x86)\WinUtilities\ToolSysControl.exe 2014-12-08 20:25:37 960A7ED9703BB0E65153D223344E3C6D 314136 ----a-w- C:\Program Files (x86)\WinUtilities\ToolUndelete.exe 2014-12-08 20:25:37 8F4E22E0EFB5CB3C4DF7BD377DCBA14A 531224 ----a-w- C:\Program Files (x86)\WinUtilities\ToolRegDefrag.exe 2014-12-08 20:25:37 83583CB94ACCC51A9C2ADC5016BD8B5C 465688 ----a-w- C:\Program Files (x86)\WinUtilities\ToolSchedule.exe 2014-12-08 20:25:37 605C28EEFB5FB64556E5B393D7D0EE65 215832 ----a-w- C:\Program Files (x86)\WinUtilities\ToolDocProtector.exe 2014-12-08 20:25:37 5DE31576603D8ADD2C371EDCA540765B 473880 ----a-w- C:\Program Files (x86)\WinUtilities\ToolSysInfo.exe 2014-12-08 20:25:37 578C0AB67BC93C0F81702CF3F7C7B870 629528 ----a-w- C:\Program Files (x86)\WinUtilities\ToolRegistryCleaner.exe 2014-12-08 20:25:37 512DC8744D8A448AC6C35805434F7B27 551704 ----a-w- C:\Program Files (x86)\WinUtilities\ToolStartupCleaner.exe 2014-12-08 20:25:37 459448CF989CC7DE0AA8400B1A0B1EBA 322328 ----a-w- C:\Program Files (x86)\WinUtilities\ToolRegBackup.exe 2014-12-08 20:25:37 43614E1B575AD47A6E807D268BC25821 285464 ----a-w- C:\Program Files (x86)\WinUtilities\ToolRegistrySearch.exe 2014-12-08 20:25:37 3D1A2C34269D19BB2A6D5F5283D7726F 408344 ----a-w- C:\Program Files (x86)\WinUtilities\ToolSecureDelete.exe 2014-12-08 20:25:37 3A2C1669AF76995FECEF3B2D7ADBD7BA 310040 ----a-w- C:\Program Files (x86)\WinUtilities\ToolSafeUninstall.exe 2014-12-08 20:25:37 2496F1637CFB3D5590DE1E60DA170EB7 1698584 ----a-w- C:\Program Files (x86)\WinUtilities\WinUtil.exe 2014-12-08 20:25:37 073C18ADA1BC47EB0AD6D1B1BAD4482D 301848 ----a-w- C:\Program Files (x86)\WinUtilities\ToolMemoryOptimizer.exe 2014-12-08 20:25:36 F8F84B13F443FA8B17223EE55EC399CB 248600 ----a-w- C:\Program Files (x86)\WinUtilities\ToolBHORemover.exe 2014-12-08 20:25:36 E5CB825F4A2BBEDDB79135B0E76B93D2 305944 ----a-w- C:\Program Files (x86)\WinUtilities\ToolFileLock.exe 2014-12-08 20:25:36 B51F247588AE1FD6B982B50CBFC91A16 334616 ----a-w- C:\Program Files (x86)\WinUtilities\ToolFileSplitter.exe 2014-12-08 20:25:36 B4AD3F370EEE1D37F88DE45130AFD4E0 80664 ----a-w- C:\Program Files (x86)\WinUtilities\CloseApps.exe 2014-12-08 20:25:36 A7A8AEEE585F5830A086CEA8DF945EE2 461592 ----a-w- C:\Program Files (x86)\WinUtilities\ToolDiskDefrag.exe 2014-12-08 20:25:36 65A54D017B31CEC3D68F025370BDC002 219928 ----a-w- C:\Program Files (x86)\WinUtilities\AppAutoShutdown.exe 2014-12-08 20:25:36 48FE4DF03BBD6B13E80FA641FD43D44D 596760 ----a-w- C:\Program Files (x86)\WinUtilities\ToolFindDuplicate.exe 2014-12-08 20:25:36 44A0F4B68908040589F252C67CB01795 596760 ----a-w- C:\Program Files (x86)\WinUtilities\ToolDiskCleaner.exe 2014-12-08 20:25:19 824AB83870B432D16E2507F0330CD65B 109336 ----a-w- C:\Program Files (x86)\WinUtilities\app\AppFileLock.exe 2014-12-08 20:25:16 973D1A898E8B6CE427DF3AA4A28E24F4 830408 ----a-w- C:\Program Files (x86)\WinUtilities\unins000.exe 2014-12-08 20:09:17 2261A35EB927C59B870368057436289B 983016 ----a-w- C:\Program Files (x86)\Origin\OriginUninstall.exe 2014-12-08 20:09:16 8703DA402DE75EE272B9679F34469D2B 1900400 ----a-w- C:\Program Files (x86)\Origin\OriginClientService.exe 2014-12-08 20:09:16 697F7D0EAD8F3B4C86039233B694AEB0 1678192 ----a-w- C:\Program Files (x86)\Origin\OriginCrashReporter.exe 2014-12-08 20:09:16 2BE76A5220CD3B4AB659A2632F5A6D29 9537368 ----a-w- C:\Program Files (x86)\Origin\OriginER.exe 2014-12-08 20:09:03 0F29059DD47E5E385E957473B2710D15 3618648 ----a-w- C:\Program Files (x86)\Origin\Origin.exe 2014-12-08 20:09:02 D3299B540FC7A3D522E5F8D8E1994063 1632104 ----a-w- C:\Program Files (x86)\Origin\EAProxyInstaller.exe 2014-12-08 20:09:02 34C8E7ADA3EB8090E51C35BB0B4FFD38 14176 ----a-w- C:\Program Files (x86)\Origin\igoproxy64.exe 2014-12-08 20:09:00 F920621A848115ADE15E7F0922130401 96632 ----a-w- C:\Program Files (x86)\Origin\legacyPM\EACoreServer.exe 2014-12-08 20:09:00 F2C037BE90E479A72FBDBC34BF7A1647 1628032 ----a-w- C:\Program Files (x86)\Origin\legacyPM\EAProxyInstaller.exe 2014-12-08 20:09:00 7F94D00603AC062768B31EDB41C3DB6A 830832 ----a-w- C:\Program Files (x86)\Origin\legacyPM\OriginLegacyCLI.exe 2014-12-08 20:09:00 736DFBE85CE56FF569E9B2B626FE4B76 471416 ----a-w- C:\Program Files (x86)\Origin\legacyPM\PatchProgress.exe 2014-12-08 20:09:00 56AD75E5527EA5F36203CE79C54664E4 1332648 ----a-w- C:\Program Files (x86)\Origin\legacyPM\OriginUninstall.exe 2014-12-08 20:09:00 459825F17783BFC987ACCFB7AABAABA3 402800 ----a-w- C:\Program Files (x86)\Origin\legacyPM\MessageDlg.exe 2014-12-08 19:51:32 204EE740E2346B471E738B2D49F79811 28481968 ----a-w- C:\ProgramData\IObit\ASCDownloader\ASC8\IObit Malware Fighter 2.exe 2014-12-08 19:21:12 7D951724DDFF5F69C5BE2216F9CB06C8 573763 ----a-w- C:\Users\rian\Downloads\onderhoud\setup.exe 2014-12-08 19:21:12 7965A705310C1904D9C1FD385ED8C948 847872 ----a-w- C:\Users\rian\Downloads\onderhoud\WinDlg.exe 2014-12-08 17:33:11 845772176454E94242940F0F837D4080 1453056 ----a-w- C:\Users\rian\AppData\Local\Packages\9237A78D.UtopiaNL_1ktct3xw650ga\AC\Microsoft\CLR_v4.0\NativeImages\Utopia\f59394bdc32135f1e07e4987931eb35b\Utopia.ni.exe 2014-12-05 14:09:21 0BBE843D82EA943A42E7E317AD695020 37060672 ----a-w- C:\ProgramData\IObit\ASCDownloader\Advanced SystemCare.exe 2014-12-05 13:50:27 1112EB9592F53D522C85A20B24A93BA6 64563328 ----a-w- C:\ProgramData\IObit\ASCDownloader\ASC8\Advanced SystemCare Ultimate.exe === C: other files == 2014-12-11 08:35:59 A29030FB93B2E48EDD124749881406CE 943211 ----a-w- C:\Users\rian\AppData\Local\Temp\sysspec\SysSpec.zip 2014-12-09 13:23:03 ADAC5AEBED45F396CF70856C09C4FB7A 34561186 ----a-w- C:\Users\march_000\AppData\Local\clear.fi\Docs.zip 2014-12-09 12:50:51 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\System32\drivers\EsgScanner.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3407601407-1100001478-5146501-1001\Software\Microsoft\Windows\CurrentVersion\Run] "FileHippo.com"="C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "FileHippo.com"="C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" "hkey"="HKCU" "item"="CCleaner64" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Origin Client Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ReimageRealTimeProtector] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SpyHunter 4 Service] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/12/2014 18:34] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/05/2014 05:29] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/05/2014 05:29] C:\Windows\tasks\Uninstaller_SkipUac_Administrator.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\Windows\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\Driver Booster Beta SkipUAC (rian)" [C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (rian)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Hotkey Utility" ["C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"] "C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1414785505" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F24C25FC-1CCF-4347-982C-F2C81A266339}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22] nfengeggddojhakldhlpjdlddgkkjkdd - No path found[] Google Docs - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Advanced SystemCare Surfing Protection - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd Google Wallet - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Overplay VPN - Smart DNS - rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppfhinbcmhcheacoggemfmoblcgdbfmk ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {A3F3044D-5E53-4720-ABD4-88DDCC9CCE91} (www.google.be) Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\syswow64\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - TODO: - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\rian\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\rian\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\rian\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\rian\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gast\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\rian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3826 folders=593 816078122 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\march_000\AppData\Local\Temp emptied successfully C:\Users\rian\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\rian\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 11/12/2014 at 10:16:55,52 ======================