
Zoek.exe v5.0.0.0 Updated 28-12-2014
Tool run by Fred on di 30-12-2014 at 11:40:11,44.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Fred\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

30-12-2014 11:41:35 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Runtime Software deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\BlueStacksSetup deleted successfully
C:\Users\Fred\AppData\Roaming\TightVNC deleted successfully
C:\Users\Fred\AppData\Local\CrashDumps deleted successfully
C:\Users\Fred\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E73E7C5-9689-4F77-A1B9-93116038BD43} deleted successfully
HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{591D9965-1712-42A8-814D-7DB5A233B9EA} deleted successfully
HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60DBD85D-7085-466C-BE59-29E3E81086B2} deleted successfully
HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A19C4FD7-7840-484E-831B-134634834444} deleted successfully
HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1B453A2-141A-45EF-B066-80FC783763A} deleted successfully
HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5BDD4E5-6ED2-419F-8B8F-3C2F4F47F19A} deleted successfully
HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCDFE84F-9FA9-4674-8CC5-336CECECC3BB} deleted successfully
HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF82DACD-A730-4C89-92A8-8CD58BB59A1B} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\ffsg99z6.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_30-12-2014_1149_.backup

==== Deleting Files \ Folders ======================

C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\ffsg99z6.default\extensions \{b9db16a4-6edc-47ec-a1f4-b86292ed211d} not found
C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\ffsg99z6.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} deleted
C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\ffsg99z6.default\searchplugins\trovi-search.xml deleted
C:\PROGRA~2\globalUpdate deleted
C:\PROGRA~3\boost_interprocess deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Fred\AppData\Local\globalUpdate deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Fred\Documents\Updater deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-12-06 08:29:51	85D47EB257B06094F052E0C8AEFA3BEE	2501368	----a-w-	C:\WINDOWS\explorer.exe
2014-12-06 08:29:15	80E856B1AFAEB6195EADAAD65945147C	1001472	----a-w-	C:\WINDOWS\HelpPane.exe
2014-12-06 08:28:24	959A31D0CD013CEA0C66DB7C03BCBDDF	221184	----a-w-	C:\WINDOWS\notepad.exe
2014-12-06 08:28:11	B67DB709F5FDAA89CA6C2CB6C1E39B3B	154624	----a-w-	C:\WINDOWS\regedit.exe
2014-12-06 08:28:10	727B4519FE9919447108CBEC4768F34A	54272	----a-w-	C:\WINDOWS\twain_32.dll
2014-12-06 08:28:10	4D9DA155B7B449964E14FC32124CC601	128512	----a-w-	C:\WINDOWS\splwow64.exe
2014-12-06 08:27:59	B934411DFE7DEACFA95A1255A48133C9	17408	----a-w-	C:\WINDOWS\hh.exe
2014-12-06 08:27:59	73E19BE0E0ECD88616B5762F621B0226	11264	----a-w-	C:\WINDOWS\write.exe
2014-12-06 08:27:59	335C38783B3F1B383ECAC17DB3705895	9728	----a-w-	C:\WINDOWS\winhlp32.exe
====== C:\Users\Fred\AppData\Local\Temp ====
2014-12-30 07:32:53	97511FE2CA09CC2E06C3CD6519C3494E	43008	----a-w-	C:\Users\Fred\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcpeqiv.dll
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-12-16 16:03:07	7EAC336CFB845753DE556D8EEDD8BD58	129536	----a-w-	C:\WINDOWS\SysWOW64\poqexec.exe
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-12-16 16:03:19	E4A75F7BA48F4281405C782E3DB9F828	146432	----a-w-	C:\WINDOWS\Sysnative\poqexec.exe
====== C:\WINDOWS\Sysnative\drivers =====
2014-12-06 08:30:05	65454187E0F8B6C0DCECB0287D06EC43	14144	-c--a-w-	C:\WINDOWS\Sysnative\drivers\swenum.sys
2014-12-06 08:29:51	468273F7089A3A33D149955F0F203FA4	2485056	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2014-12-06 08:29:51	13EFD41E351F31E087283CF66C29A25E	373568	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2014-12-06 08:29:51	00C594D5A1DBD22AD8B2902B9F6EFF94	14528	-c--a-w-	C:\WINDOWS\Sysnative\drivers\drmkaud.sys
2014-12-06 08:29:50	7F68063A5A0461E02BC860CE0E6BFDDC	2025792	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2014-12-06 08:29:31	CA3F19E4B0765135B0F3C99384C535B9	177472	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2014-12-06 08:29:31	114AAF528D3D87D306F3682E618E8091	563976	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2014-12-06 08:29:30	21FE65E2E67C4E31EE95CBD1F91C4B24	1114432	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2014-12-06 08:29:23	E1BB0B6F00F470B451AB45EA13EBA0B3	1552704	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2014-12-06 08:29:15	E796AE43DDD1844281DB4D57294D17C0	533824	-c--a-w-	C:\WINDOWS\Sysnative\drivers\acpi.sys
2014-12-06 08:29:15	982B9495F70FEEA269C48F18E960EFDE	389952	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2014-12-06 08:29:13	00D8AC8E3053290BDE6EA2FB6810D2FC	678400	----a-w-	C:\WINDOWS\Sysnative\drivers\srv2.sys
2014-12-06 08:29:08	31233271EDE50D1BBB220F78AFA60486	405504	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2014-12-06 08:28:58	C06E8481E068F170A258441639AC5792	551232	-c--a-w-	C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2014-12-06 08:28:53	D24B1945ED1F9C96DA786DBBF1E983CE	415040	-c--a-w-	C:\WINDOWS\Sysnative\drivers\spaceport.sys
2014-12-06 08:28:52	2787A73C848128C950385CB3A63A6B91	337728	----a-w-	C:\WINDOWS\Sysnative\drivers\Classpnp.sys
2014-12-06 08:28:47	6276AC2AA203CF47811F6EFBBD214FBF	202752	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys
2014-12-06 08:28:46	C1FB505A73FA2E9019D32444AB33B75A	354112	----a-w-	C:\WINDOWS\Sysnative\drivers\fltMgr.sys
2014-12-06 08:28:40	D7B4859227B02BCC1055B279A63C937F	226304	----a-w-	C:\WINDOWS\Sysnative\drivers\WUDFRd.sys
2014-12-06 08:28:39	FAA564A13576F9284546BF016D27B551	467776	-c--a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2014-12-06 08:28:28	C37F4930795B771400C63C3C87E7A6C2	1198080	-c--a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2014-12-06 08:28:26	7B7C482CF48E6EE33664340D1A78E6FE	238912	-c--a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2014-12-06 08:28:23	481286719402E4BAEFEA0604AB1B5113	113664	----a-w-	C:\WINDOWS\Sysnative\drivers\WUDFPf.sys
2014-12-06 08:28:21	C76097CA941FA7CAFEDB1E557969025C	272384	-c--a-w-	C:\WINDOWS\Sysnative\drivers\portcls.sys
2014-12-06 08:28:21	BF8205666BA2F9C2ABFA821DB8230C12	428864	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2014-12-06 08:28:17	B02118A776C368F7EE1A8CC81378D265	153920	-c--a-w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2014-12-06 08:28:17	4E829B18D5BAEC29893792A3C671A847	100672	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecdd.sys
2014-12-06 08:28:16	BAFF6122CFC9F95CA175AD8C348179A4	88896	----a-w-	C:\WINDOWS\Sysnative\drivers\partmgr.sys
2014-12-06 08:28:16	BAB713B409258DB7B5D9F9693F802B0E	136512	----a-w-	C:\WINDOWS\Sysnative\drivers\wfplwfs.sys
2014-12-06 08:28:15	E8FFD8BE3C50E7A71C5FBB87BDD1128E	96768	----a-w-	C:\WINDOWS\Sysnative\drivers\agilevpn.sys
2014-12-06 08:28:13	FC0141B4A5AD6D637D883C1A89FC45C5	151040	----a-w-	C:\WINDOWS\Sysnative\drivers\pacer.sys
2014-12-06 08:28:13	D1D82F007A079A4D623DBD1F36EF30A1	102208	----a-w-	C:\WINDOWS\Sysnative\drivers\mountmgr.sys
2014-12-06 08:28:13	41F631007A158FEBB67F0E2AD1601BBA	93696	----a-w-	C:\WINDOWS\Sysnative\drivers\rassstp.sys
2014-12-06 08:28:13	008F7CED69FD5B30CBDE1E03C6F36A27	445440	----a-w-	C:\WINDOWS\Sysnative\drivers\nwifi.sys
2014-12-06 08:28:12	F00B189ECA74DDF408AD934ADDC72477	89088	-c--a-w-	C:\WINDOWS\Sysnative\drivers\drmk.sys
2014-12-06 08:28:11	A7C31B168F371E8E6796219F23E354DB	61248	----a-w-	C:\WINDOWS\Sysnative\drivers\fsdepends.sys
2014-12-06 08:28:11	A1D4D34A56DF1D5122CDB265038A2E72	59712	-c--a-w-	C:\WINDOWS\Sysnative\drivers\kbdclass.sys
2014-12-06 08:28:10	A53E798C06D729CCF8459968B4372F6E	89368	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbkmcl.sys
2014-12-06 08:28:10	6505C9E72910F91D4C317EECF22D1DE6	80896	----a-w-	C:\WINDOWS\Sysnative\drivers\wanarp.sys
2014-12-06 08:28:09	615DFD97DEA56CE1C3A52185A3038FF8	921920	----a-w-	C:\WINDOWS\Sysnative\drivers\refs.sys
2014-12-06 08:28:06	EF31713EE4C7CCFE4049F7E7F15645A2	69952	----a-w-	C:\WINDOWS\Sysnative\drivers\vpci.sys
2014-12-06 08:28:06	BC8A79C625568DDB7DCA49D0C2741A64	27456	----a-w-	C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys
2014-12-06 08:28:06	8B9486B64E5FC17FB9CC04CA10B77A34	49944	----a-w-	C:\WINDOWS\Sysnative\drivers\vmstorfl.sys
2014-12-06 08:28:06	511AD3FF957A0127E6BD336FF6F89C38	97048	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbus.sys
2014-12-06 08:28:06	269882812E9A68FFF1AFE1283D428322	126464	----a-w-	C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys
2014-12-06 08:28:06	10A78656BF6126245631705E45F9B9CF	61208	----a-w-	C:\WINDOWS\Sysnative\drivers\winhv.sys
2014-12-06 08:28:05	6FC047578785B0435F4E2660946D1ADC	74240	----a-w-	C:\WINDOWS\Sysnative\drivers\mpsdrv.sys
2014-12-06 08:28:04	F3C060444777A59FC63D920719E43CCD	115712	----a-w-	C:\WINDOWS\Sysnative\drivers\bridge.sys
2014-12-06 08:28:04	A770340FC02B999EF0DE6C2A6BC8437C	39744	-c--a-w-	C:\WINDOWS\Sysnative\drivers\intelpep.sys
2014-12-06 08:28:04	A57A897E3F87B8E9F30A627C42779A76	21824	----a-w-	C:\WINDOWS\Sysnative\drivers\tbs.sys
2014-12-06 08:28:04	A2468CC3509394A33C4C32F99563D845	54784	----a-w-	C:\WINDOWS\Sysnative\drivers\wpcfltr.sys
2014-12-06 08:28:04	807F8CF3E973305FC435C61CBBEE2A49	189248	-c--a-w-	C:\WINDOWS\Sysnative\drivers\UCX01000.SYS
2014-12-06 08:28:04	5F66B7BB330AA80067FC66149A692620	33600	----a-w-	C:\WINDOWS\Sysnative\drivers\wimmount.sys
2014-12-06 08:28:04	2A2F8D5284E59815169A88F1FC9CEE28	51008	-c--a-w-	C:\WINDOWS\Sysnative\drivers\mouclass.sys
2014-12-06 08:28:04	24A8DFC07E4BAF29AEA26E383D4CC886	86336	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2014-12-06 08:28:04	1A20F03700D2B2ED775E38D751EF2F63	324928	-c--a-w-	C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2014-12-06 08:28:04	0E046FF5823B95326D10CF1B4AF23541	39424	----a-w-	C:\WINDOWS\Sysnative\drivers\nsiproxy.sys
2014-12-06 08:28:00	DDD7F92A83F74D1476B71FBA9530A8DC	72192	----a-w-	C:\WINDOWS\Sysnative\drivers\ndproxy.sys
2014-12-06 08:28:00	D4DCE03870314D3354F3501F9DDD4123	87040	----a-w-	C:\WINDOWS\Sysnative\drivers\netvsc63.sys
2014-12-06 08:28:00	415DD71628795197F7AFC176CBADC74E	82944	----a-w-	C:\WINDOWS\Sysnative\drivers\appid.sys
2014-12-06 08:27:59	42FF4975D032CAE558AE4BB8448F6E5A	48128	----a-w-	C:\WINDOWS\Sysnative\drivers\netbios.sys
2014-12-06 08:27:58	D887446F3F6051C60C26F4FD1FC8D43F	107520	-c--a-w-	C:\WINDOWS\Sysnative\drivers\i8042prt.sys
2014-12-06 08:27:58	D7A41959BB3A8510F1BAC36F5CEC1874	144384	----a-w-	C:\WINDOWS\Sysnative\drivers\rmcast.sys
2014-12-06 08:27:58	B337B1F1E82A83E20A1743E008E25C0F	17408	----a-w-	C:\WINDOWS\Sysnative\drivers\rasacd.sys
2014-12-06 08:27:58	9746BA79DE0CA5EB5104406A9ED62D01	11776	----a-w-	C:\WINDOWS\Sysnative\drivers\rootmdm.sys
2014-12-06 08:27:58	96B01F117057FB4DAE0FF919ACB55770	26112	-c--a-w-	C:\WINDOWS\Sysnative\drivers\sermouse.sys
2014-12-06 08:27:58	95E695B056C0DAFDDF7E45FCB861BC0F	131328	-c--a-w-	C:\WINDOWS\Sysnative\drivers\BthA2DP.sys
2014-12-06 08:27:58	91223A2AE2955B3E0DA3DB79C3A897A6	30208	-c--a-w-	C:\WINDOWS\Sysnative\drivers\mouhid.sys
2014-12-06 08:27:58	8CECC8DA55F3274181FD1EA28AD76664	43008	----a-w-	C:\WINDOWS\Sysnative\drivers\ndiscap.sys
2014-12-06 08:27:58	83868EB2924E6BC21A54337C65D614D1	47104	----a-w-	C:\WINDOWS\Sysnative\drivers\qwavedrv.sys
2014-12-06 08:27:58	82821F4EEC776B4CF11695A38F3ABA46	24576	----a-w-	C:\WINDOWS\Sysnative\drivers\ndistapi.sys
2014-12-06 08:27:58	67343511D80BF3D6D9EEDB5BA8D0B06B	57856	-c--a-w-	C:\WINDOWS\Sysnative\drivers\bthhfenum.sys
2014-12-06 08:27:58	51B3AC0560848CD6D65AC2033E293113	66560	----a-w-	C:\WINDOWS\Sysnative\drivers\mslldp.sys
2014-12-06 08:27:58	4A34D7084B862A92F3ABC4969166B3D3	32256	-c--a-w-	C:\WINDOWS\Sysnative\drivers\kbdhid.sys
2014-12-06 08:27:58	3083926D1CC5B56EA0786527B557DD1B	103424	----a-w-	C:\WINDOWS\Sysnative\drivers\Ndu.sys
2014-12-06 08:27:58	20185BEB7512EDE4EFECDFA148AC9F99	29696	-c--a-w-	C:\WINDOWS\Sysnative\drivers\TsUsbGD.sys
2014-12-06 08:27:58	13BEA6C882D4D877A5A85CA149C86BC1	40960	----a-w-	C:\WINDOWS\Sysnative\drivers\scfilter.sys
2014-12-06 08:27:58	1104A31260CCF4318C884E0AE6C513BF	53248	-c--a-w-	C:\WINDOWS\Sysnative\drivers\bthenum.sys
2014-12-06 08:27:58	0F030491BA4A27BD46F8B8ACEEE83F1A	44544	----a-w-	C:\WINDOWS\Sysnative\drivers\usbscan.sys
2014-12-06 08:27:58	08EA90955AED2D959EE67DF6EDF0E2B6	81920	-c--a-w-	C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS
2014-12-06 08:27:58	0139248F6B95CF0D837B5B46A2722D40	98304	-c--a-w-	C:\WINDOWS\Sysnative\drivers\usbcir.sys
====== C:\WINDOWS\Tasks ======
2014-12-28 21:28:24	D7EF24BFDF7D7BBC5BBAD24684F17D65	1076	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 21:28:24	917EC6DF3848D7339F44B6EAE45A8F29	4048	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-12-28 21:28:23	55981CDD2734F7AE32D9333DD2093F96	3812	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-12-28 21:28:23	39AC3A31BFEBA1FAD1F92618821D9B00	1072	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-26 09:29:32	B63AD96D5AB77552EFDB7D2277C3B0CB	3886	----a-w-	C:\WINDOWS\Sysnative\Tasks\Adobe Acrobat Update Task
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-12-30 08:03:23	--------	d-----w-	C:\Program Files\trend micro
2014-12-02 20:33:06	--------	d-----w-	C:\Program Files\SketchUp
======= C:\PROGRA~2 =====
2014-12-05 19:47:14	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
======= C: =====
2014-12-28 14:22:58	!HASH: COULD NOT OPEN FILE !!!!!	0	--sha-w-	C:\DkHyperbootSync
====== C:\Users\Fred\AppData\Roaming ======
2014-12-28 21:29:33	--------	d-----w-	C:\Users\Fred\AppData\Locallow\Google
2014-12-04 16:35:57	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2014-12-04 16:35:57	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
====== C:\Users\Fred ======
2014-12-30 08:02:29	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Fred\Desktop\RSITx64.exe
2014-12-30 08:00:49	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Fred\Downloads\RSITx64.exe
2014-12-29 22:21:15	1ADBF6906166AD2D2457238F3FAA3016	4188536	----a-w-	C:\Users\Fred\Downloads\ccsetup501_slim.exe
2014-12-28 21:29:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-12-28 21:28:15	6F2578F9357A3A670A96B8737AB817EE	880784	----a-w-	C:\Users\Fred\Downloads\googleupdatesetup.exe
2014-12-02 20:33:38	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015

====== C: exe-files ==
2014-12-30 08:03:29	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Fred.exe
2014-12-30 08:02:29	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Fred\Desktop\RSITx64.exe
2014-12-30 08:00:49	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Fred\Downloads\RSITx64.exe
2014-12-29 22:21:15	1ADBF6906166AD2D2457238F3FAA3016	4188536	----a-w-	C:\Users\Fred\Downloads\ccsetup501_slim.exe
2014-12-29 20:01:43	CB404197AEC10A525509E0BF523B8158	433072	----a-w-	C:\Users\Fred\AppData\Local\NVIDIA\NvBackend\Packages\00006aea\CoProc update.19181379.exe
2014-12-28 21:28:54	21B21538E9AAC61AF12C0E2CE2F0AD7A	25469656	----a-w-	C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.2.2041\GoogleEarth-Win-Bundle-7.1.2.2041.1.exe
2014-12-28 21:28:40	205E775B4B2C165922203A390B115523	40747600	----a-w-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\39.0.2171.95\39.0.2171.95_chrome_installer.exe
2014-12-28 21:28:23	F172AD4E906D97ED8F071896FC6789DC	107912	----atw-	C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2014-12-28 21:28:23	F172AD4E906D97ED8F071896FC6789DC	107912	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
2014-12-28 21:28:23	EDD3E562684CB4C50704B471BEAB1F86	114568	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
2014-12-28 21:28:23	CB8C1CC4F46FBAC78150754D77460C73	230792	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
2014-12-28 21:28:23	7161E8E31B7FD3B1CE083C2CA5FD5F44	285064	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
2014-12-28 21:28:23	6F2578F9357A3A670A96B8737AB817EE	880784	----a-w-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
2014-12-28 21:28:23	5B4ED5734945619EE3BCDB9825D2F526	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
2014-12-28 21:28:23	06036279056145E0F08FC095CB789E6A	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
2014-12-28 21:28:15	6F2578F9357A3A670A96B8737AB817EE	880784	----a-w-	C:\Users\Fred\Downloads\googleupdatesetup.exe
2014-12-26 18:30:19	DCEF73D340D804BFABFBD9D187AC1408	431320	----a-w-	C:\Users\Fred\AppData\Local\NVIDIA\NvBackend\Packages\00006adc\CoProc update.19170798.exe
2014-12-26 09:29:24	516C021FEBEDE2962C9252DF85606C76	382168	----a-w-	C:\ProgramData\Adobe\ARM\S\16625\AdobeARMHelper.exe
2014-12-25 18:28:35	D3004680AE47410296ED5A6C1AF2373A	4692984	----a-w-	C:\Users\Fred\AppData\Local\NVIDIA\NvBackend\Packages\00006ad0\DAO.19168668.exe
2014-12-25 18:28:31	02E9A52C4E01DC51E521CA8E01769D57	431160	----a-w-	C:\Users\Fred\AppData\Local\NVIDIA\NvBackend\Packages\00006aae\CoProc update.19164737.exe
2014-12-23 20:27:32	CBD288A589D22A6BF4B3DC4B5F55275B	307606328	----a-w-	C:\ProgramData\NVIDIA Corporation\NetService\347.09-notebook-win8-win7-64bit-international-whql-g.exe
2014-12-23 20:27:12	464AD783ABE09717862B28275A8B30B3	4516512	----a-w-	C:\Users\Fred\AppData\Local\NVIDIA\NvBackend\Packages\00006aa0\DAO.19163139.exe
2014-12-23 20:27:09	8AC560B0FE1D9532C9980DF09CA74CA1	431176	----a-w-	C:\Users\Fred\AppData\Local\NVIDIA\NvBackend\Packages\00006a92\CoProc update.19159251.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"Spotify Web Helper"="C:\Users\Fred\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r"
"UpdReg"="C:\Windows\UpdReg.EXE"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"BDRegion"="C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
"BlueStacks Agent"="c:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"mcpltui_exe"="C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe /platui /runkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"
"Spotify Web Helper"="C:\Users\Fred\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"BtServer"="C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
"Radio Manager"="C:\Program Files (x86)\SCM\Radio Manager.exe"
"SCM"="C:\Program Files (x86)\SCM\SCM.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll"

==== Startup Folders ======================

2014-03-08 20:28:23	1415	----a-w-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
2014-10-26 19:33:00	1197	----a-w-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2014-11-02 09:07:25	1386	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-12-2014 18:50]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-12-2014 22:28]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Analyzer" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Anti-Theft\Norton Error Processor" [C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\SymErr.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\ffsg99z6.default
user_pref("browser.startup.homepage", "https://www.google.nl/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [21-12-2014 16:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\ffsg99z6.default
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- Undetermined - {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
- Undetermined - {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Undetermined - {4ED1F68A-5463-4931-9384-8FFF5ED91D92}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\ffsg99z6.default
9860727E477F17B88E39AF8B69B0407A	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll -	Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[30-10-2014 14:36]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{F4A62F72-E3B6-4582-8EBC-B78B19E8AC32}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{F4A62F72-E3B6-4582-8EBC-B78B19E8AC32} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1288988473-2608786766-2036905616-1002\Software\Microsoft\Internet Explorer\SearchScopes\{F4A62F72-E3B6-4582-8EBC-B78B19E8AC32} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fred\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Fred\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Fred\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Fred\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Fred\AppData\Local\Mozilla\Firefox\Profiles\ffsg99z6.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=88 folders=36 104521260 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Fred\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Fred\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 30-12-2014 at 11:55:11,47 ======================