Zoek.exe v5.0.0.0 Updated 06-February-2015 Tool run by Henk on Sat 02/07/2015 at 14:00:25.78. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UYNJRGW\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 2/7/2015 2:04:25 PM Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\uunniisalleS not found C:\Program Files (x86)\Semantic inspector not found C:\Program Files (x86)\youtubeadblocker not found C:\Program Files (x86)\uniiSaales not found C:\Program Files (x86)\uunisaleS not found C:\ProgramData\{4381324b-2def-d806-4381-1324b2dec92c} not found C:\Program Files (x86)\WSE_Vosteran not found C:\PROGRA~2\Allin1Convert_8h deleted C:\Users\Henk\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q deleted C:\Users\Henk\AppData\Local\PriceFountain deleted C:\Users\Henk\AppData\Local\SoftonicAssistant deleted C:\Windows\SysNative\roboot64.exe deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\PROGRA~3\pclunst.exe deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Henk\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-01-18 16:41:01 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== 2015-01-21 17:42:44 CCD6A67B2E7D4FC5BBDA10851DDD2A14 2948 ----a-w- C:\Windows\Sysnative\Tasks\{2C753178-322F-4DD9-BD52-1AB1F0C4ED36} 2015-01-21 17:41:32 CCD6A67B2E7D4FC5BBDA10851DDD2A14 2948 ----a-w- C:\Windows\Sysnative\Tasks\{48C87EB5-12D1-40CF-AF14-6CF1B38EEE19} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-18 14:54:52 -------- d-----w- C:\Program Files\Adblock Plus for IE ======= C:\PROGRA~2 ===== 2015-01-25 13:26:45 -------- d-----w- C:\PROGRA~2\Unchecky 2015-01-10 17:14:59 -------- d-----w- C:\PROGRA~2\VideoLAN ======= C: ===== ====== C:\Users\Henk\AppData\Roaming ====== 2015-01-26 22:24:13 -------- d-----w- C:\Users\Henk\AppData\Roaming\dvdcss 2015-01-21 17:55:05 -------- d-----w- C:\Users\Henk\AppData\Local\ElevatedDiagnostics 2015-01-18 14:54:52 -------- d-----w- C:\Users\Henk\AppData\Locallow\Adblock Plus for IE 2015-01-18 14:23:29 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg 2015-01-18 14:22:39 -------- d-----w- C:\Users\Henk\AppData\Roaming\AVG 2015-01-18 14:22:30 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg 2015-01-18 14:22:27 -------- d-----w- C:\Users\Henk\AppData\Local\Avg 2015-01-18 14:20:16 -------- d-----w- C:\Users\Henk\AppData\Roaming\uTorrent 2015-01-10 17:15:32 -------- d-----w- C:\Users\Henk\AppData\Roaming\vlc ====== C:\Users\Henk ====== 2015-01-25 13:26:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky 2015-01-25 13:26:46 -------- d-----w- C:\ProgramData\Unchecky 2015-01-18 14:21:59 -------- d-----w- C:\ProgramData\AVG 2015-01-10 17:15:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN ====== C: exe-files == 2015-02-06 17:55:59 D11B8A7C7B2DB5665B70401A9F5C0B16 1086280 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\Installer\setup.exe 2015-02-06 17:55:59 D11B8A7C7B2DB5665B70401A9F5C0B16 1086280 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\Installer\chrmstp.exe 2015-02-06 17:55:54 B127C9F8DF50968E317ECE4E632B3B87 1137992 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\delegate_execute.exe 2015-02-06 17:55:54 6A8D29E38FCC6A5B4A7B8F15593524B4 1950536 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\nacl64.exe 2015-02-06 17:52:47 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files (x86)\Google\Update\Install\{07187306-C780-4943-9CCC-242BC7D4D8DD}\40.0.2214.111_40.0.2214.94_chrome_updater.exe 2015-02-06 17:52:47 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.111\40.0.2214.111_40.0.2214.94_chrome_updater.exe 2015-02-06 16:30:33 FB6E5930FB42DE77597A9FE676BD69B1 102 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_3.52_windows_x86_64.exe 2015-02-05 23:03:02 FB6E5930FB42DE77597A9FE676BD69B1 102 ----a-w- C:\ProgramData\BOINC\slots\2\minirosetta_3.52_windows_x86_64.exe 2015-02-05 14:58:07 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WN05N05S\RSITx64.exe 2015-02-04 11:54:29 FF1AC73491E703FB01E2952455F20AAB 843592 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\chrome.exe 2015-02-04 11:54:29 BBF868C6962C5815E66E977065E4F2D5 1086280 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\Installer\setup.exe 2015-02-04 11:54:29 BBF868C6962C5815E66E977065E4F2D5 1086280 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\Installer\chrmstp.exe 2015-02-04 11:54:25 49BEE2276F744E4F2FEE0AA96E3C18B9 1137992 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\delegate_execute.exe 2015-02-04 11:54:25 176AA0F85CA6BE6FBB33FAA3FBC62D05 1950536 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\nacl64.exe 2015-02-04 11:53:23 CF9BA33C05F698644E790FF80AB96295 41175632 ----a-w- C:\Program Files (x86)\Google\Update\Install\{57C260C9-816F-49E6-B761-3A3FC06E0D2C}\40.0.2214.94_chrome_installer.exe 2015-02-03 21:52:05 0739ACE3F8013D65099AE1656214142B 795728 ----a-w- C:\Program Files (x86)\Google\Update\Install\{89C90233-C3CB-40E8-BCFF-A0FE9E11B388}\40.0.2214.94_40.0.2214.93_chrome_updater_b.exe 2015-02-03 21:46:29 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe 2015-02-03 21:46:29 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe 2015-02-03 21:46:29 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe 2015-02-03 21:46:28 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe 2015-02-03 21:46:19 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe 2015-02-03 21:46:19 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe 2015-02-03 21:46:18 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe 2015-02-03 21:46:18 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe 2015-02-03 21:46:14 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Install\{42EA7ABC-48BE-4CDC-ACB5-40D5CF267748}\GoogleUpdateSetup.exe 2015-02-03 21:46:13 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe 2015-02-03 14:18:47 7D52C0157969270551EAEB4B48615DED 18376624 ----a-w- C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RYS33X2V\PhotoScape_V3.6.2.exe === C: other files == 2015-02-06 17:55:50 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\default_apps\youtube.crx 2015-02-06 17:55:50 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\default_apps\search.crx 2015-02-06 17:55:50 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\default_apps\drive.crx 2015-02-06 17:55:50 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\default_apps\gmail.crx 2015-02-06 17:55:50 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.111\default_apps\docs.crx 2015-02-06 17:30:58 119DFE841D408129510AFDDD725DC5E5 5392562 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\2015_2_6_mini_t144_folding.zip 2015-02-06 16:30:33 680DEEC1AECCD8E88B5F0647849F987F 117 ----a-w- C:\ProgramData\BOINC\slots\0\input_rb_02_05_53376_98964__t000__0_C1_robetta.zip 2015-02-06 13:47:49 7078F166361CFA32591B8C6212FDB521 29038373 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\input_rb_02_05_53376_98964__t000__0_C1_robetta.zip 2015-02-05 23:03:02 E3D21316168E0D1C5E9D8FB0F485236F 109 ----a-w- C:\ProgramData\BOINC\slots\2\fold_and_dock_foldit_2000199_1068_data.zip 2015-02-05 23:03:02 3CC040403B303E929B037A8EC12E8CD3 99 ----a-w- C:\ProgramData\BOINC\slots\2\minirosetta_database.zip 2015-02-05 20:12:52 3CC040403B303E929B037A8EC12E8CD3 99 ----a-w- C:\ProgramData\BOINC\slots\0\minirosetta_database.zip 2015-02-05 19:47:46 6292E6BD425BC085BF720A04C4A26488 1893959 ----a-w- C:\ProgramData\BOINC\projects\boinc.bakerlab.org_rosetta\fold_and_dock_foldit_2000199_1068_data.zip 2015-02-04 11:54:20 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\default_apps\youtube.crx 2015-02-04 11:54:20 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\default_apps\search.crx 2015-02-04 11:54:20 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\default_apps\drive.crx 2015-02-04 11:54:20 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\default_apps\gmail.crx 2015-02-04 11:54:20 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\40.0.2214.94\default_apps\docs.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "ToolwizCareFree"="C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "ToolwizCareFree"="C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "boinctray"="C:\Program Files\BOINC\boinctray.exe" "boincmgr"="C:\Program Files\BOINC\boincmgr.exe /a /s" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Camera ScreenSaver] "command"="C:\\Windows\\AsScrProlog.exe" "hkey"="HKLM" "item"="ASUS Camera ScreenSaver" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AmIcoSinglun64" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\boinctray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="boinctray" "hkey"="HKLM" "command"="\"C:\\Program Files\\BOINC\\boinctray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IgfxTray" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxtray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesPreload" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Persistence" "hkey"="HKLM" "command"="C:\\Windows\\system32\\igfxpers.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToolwizCareFree] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ToolwizCareFree" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\ToolwizCareFree\\ToolwizCares.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateLBPShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateP2GoShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk] "item"="FancyStart daemon" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\FancyStart daemon.lnk" "backup"="C:\\Windows\\pss\\FancyStart daemon.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Windows\\INSTAL~1\\{60D66~1\\_DCE9A~1.EXE" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02/04/2015 11:31 PM] C:\Windows\tasks\GlaryInitialize 5.job --a------ C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [09/15/2014 08:43 AM] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/21/2014 11:23 PM] C:\Windows\tasks\GU5SkipUAC.job --a------ C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [09/15/2014 08:44 AM] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASPG" [C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\ToolwizCareFree" [C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{925797A9-3700-4171-A726-7BCFE88A51AF}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\{16F54697-F825-4A6B-908E-EDF6B140AFC3}" [msiexec.exe] "C:\Windows\SysNative\tasks\{2C753178-322F-4DD9-BD52-1AB1F0C4ED36}" [C:\Program Files (x86)\VideoLAN\VLC\vlc.exe] "C:\Windows\SysNative\tasks\{30CCAC32-22C6-47C3-A09C-3A01BE5AB535}" [C:\Users\Henk\Downloads\PhotoScape_V3.6.1.exe] "C:\Windows\SysNative\tasks\{48C87EB5-12D1-40CF-AF14-6CF1B38EEE19}" [C:\Program Files (x86)\VideoLAN\VLC\vlc.exe] "C:\Windows\SysNative\tasks\{D67BA874-36D0-4B55-B14B-2DBFF9D79850}" [msiexec.exe] "C:\Windows\SysNative\tasks\{F4369C41-ED7F-4E2B-988C-8BEB6228A17E}" [C:\Program Files (x86)\AVG\AVG2015\avgui.exe] ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Henk\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} Unknown Url="Not_Found" {F22BF39D-90D3-42DE-B574-2C0957B9A54D} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-4197950391-4282120674-3398511618-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UYNJRGW will be deleted at reboot C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WN05N05S will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=85 folders=71 26363064 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Henk\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Henk\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UYNJRGW" not found "C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WN05N05S" not found "C:\Users\Henk\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\98NNG77S\heias.com" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on Sat 02/07/2015 at 15:07:32.09 ======================