
Zoek.exe v5.0.0.0 Updated 17-February-2015
Tool run by Frank on wo 18-02-2015 at 18:26:17,45.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Anja\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

18-2-2015 18:29:45 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Enigma Software Group deleted successfully
C:\PROGRA~2\ALM deleted successfully
C:\PROGRA~2\Freemake deleted successfully
C:\PROGRA~2\fssg deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\PROGRA~2\QuestBrowser deleted successfully
C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully
C:\Users\Anja\AppData\Local\KPN deleted successfully
C:\Users\Frank\AppData\Local\KPN deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LiveUpdateSvc deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files\Enigma Software Group not found
C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found
C:\Program Files\IObit\LiveUpdate deleted
C:\Program Files\UniDeals deleted
C:\Program Files\UniDeealsi deleted
C:\ProgramData\fnhphijlighpibmnnbgkdakeajdkncpo deleted
C:\ProgramData\{b0b7ca13-0f82-504c-b0b7-7ca130f8284c} deleted
C:\Windows\system32\appdata deleted
C:\Program Files\TorrentSearch deleted
C:\Users\Anja\AppData\Roaming\ProductData deleted
C:\Users\Frank\AppData\Roaming\ProductData deleted
C:\PROGRA~2\ProductData deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Frank\AppData\Local\CRE deleted
C:\Users\Frank\AppData\Local\Pokki deleted
C:\Users\Anja\AppData\LocalLow\IObit Apps deleted
C:\Users\Anja\AppData\LocalLow\imeshmediabartb deleted
C:\Users\Anja\AppData\LocalLow\ADSRemoval deleted
C:\Users\Frank\AppData\LocalLow\ADSRemoval deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\IObit Apps deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Search Settings deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Frank\AppData\Local\Temp ====
2015-02-16 19:18:49	1AE8423085F6658BFC71D3961BDACC67	2005328	----a-w-	C:\Users\Frank\AppData\Local\Temp\~4AE7\iSafeDownloader.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2015-02-18 11:00:45	E284CFD490A1F2E03A8BE0B4C09A3DEE	74240	----a-w-	C:\Windows\System32\TSWbPrxy.exe
2015-02-18 11:00:39	0C9988BDA3CEC3C421B773982C5E2EC6	5703168	----a-w-	C:\Windows\System32\mstscax.dll
2015-02-17 19:10:24	F37167FCDB661FD4B54CAD4755ABDD61	32256	----a-w-	C:\Windows\System32\TsUsbGDCoInstaller.dll
2015-02-17 19:10:20	D60E27D4BD5A91FCD17D2CB27F86738E	12800	----a-w-	C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-17 19:10:17	AB5EFB103DB01C1912C9D2F545EA5621	17920	----a-w-	C:\Windows\System32\wksprtPS.dll
2015-02-17 19:10:17	A90F47CDCC0898733596B5070039FC15	14336	----a-w-	C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-17 19:10:17	8DEEE20D8D30E9B0FBDCA31E58A027BD	53248	----a-w-	C:\Windows\System32\tsgqec.dll
2015-02-17 19:10:17	5E676B296B762E211D83B87635F2C330	855552	----a-w-	C:\Windows\System32\rdvidcrl.dll
2015-02-17 19:10:17	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\System32\mstsc.exe
2015-02-17 19:10:17	2EFB1279E7BEA7D12D9F4D6508D27880	50176	----a-w-	C:\Windows\System32\MsRdpWebAccess.dll
2015-02-17 19:10:17	0FC6922517964E9D90DE84DC86F63E40	350208	----a-w-	C:\Windows\System32\wksprt.exe
2015-02-12 20:19:33	DDE994E9159497D0D5AB2CDF66D1EAD6	76800	----a-w-	C:\Windows\System32\wdi.dll
2015-02-12 20:19:33	A580CFFC56EE72550B803AED2EFD5442	27136	----a-w-	C:\Windows\System32\powertracker.dll
2015-02-12 20:19:33	1115D5A98043254A0E787F888FC273C0	635904	----a-w-	C:\Windows\System32\perftrack.dll
2015-02-12 12:08:41	4FD3763F3917201856B0CBCE310003EA	4300800	----a-w-	C:\Windows\System32\jscript9.dll
2015-02-12 12:08:41	01BD2653F2185218837CF4A175617F8A	620032	----a-w-	C:\Windows\System32\jscript9diag.dll
2015-02-11 11:55:15	15E13FB1C22A47A128965287194D1906	2380288	----a-w-	C:\Windows\System32\win32k.sys
2015-02-11 11:55:12	F2A743912D404A8866362836CFE7A648	686080	----a-w-	C:\Windows\System32\adtschema.dll
2015-02-11 11:55:12	4775E1A0E15BF148098C35A19135F881	1061376	----a-w-	C:\Windows\System32\lsasrv.dll
2015-02-11 11:55:11	F29BC66CE4A5507A49FB20744A056E61	22016	----a-w-	C:\Windows\System32\secur32.dll
2015-02-11 11:55:11	CEFE50761B7681715C66AE3488363985	100352	----a-w-	C:\Windows\System32\sspicli.dll
2015-02-11 11:55:11	BF08DE8E4FA1F143D41B3241F7FCE5F6	22528	----a-w-	C:\Windows\System32\lsass.exe
2015-02-11 11:55:11	ACF312F6CCFC9249F739BF439DD4B80C	15872	----a-w-	C:\Windows\System32\sspisrv.dll
2015-02-11 11:55:11	4E6934926B4C923CC0FF61C6D77814EF	50176	----a-w-	C:\Windows\System32\auditpol.exe
2015-02-11 11:55:11	43791D2F736C4E9BE9FE0B33A1E92A5D	60416	----a-w-	C:\Windows\System32\msobjs.dll
2015-02-11 11:55:11	36F152AE2F64B12771A44EA77124332B	146432	----a-w-	C:\Windows\System32\msaudite.dll
2015-02-11 11:54:42	6D227897A458DA8A9518DACDC88F1947	3917760	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-02-11 11:54:42	62C93E47A424A8EC79F3CF1719A2DCC6	3972544	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2015-02-11 11:54:31	A208DAC2932649CFF82A6A684D8BB1F6	571904	----a-w-	C:\Windows\System32\oleaut32.dll
2015-02-11 11:54:30	F57E1D225AE5C2C8F475A99BFDF018F4	1167520	----a-w-	C:\Windows\System32\aitstatic.exe
2015-02-11 11:54:30	EEA1C649DBE9628150207BC563DA77F2	482304	----a-w-	C:\Windows\System32\generaltel.dll
2015-02-11 11:54:30	76293EF1A6BFCCBD901107E514E48624	886784	----a-w-	C:\Windows\System32\aeinv.dll
2015-02-11 11:54:30	48D5B4FC2235E069A444C105B65D40BD	767488	----a-w-	C:\Windows\System32\appraiser.dll
2015-02-11 11:54:30	1C562DF669A412EF40A9871C8856AEE4	621056	----a-w-	C:\Windows\System32\invagent.dll
2015-02-11 11:54:30	048FD5432E4C2B42EE39FD9F54ED162F	325632	----a-w-	C:\Windows\System32\devinv.dll
2015-02-11 11:54:29	EE0759179FC7EB0012AF1A69C8AAE185	202752	----a-w-	C:\Windows\System32\aepdu.dll
2015-02-11 11:54:29	0389CAF21A50D13A90D2699750D499B5	159744	----a-w-	C:\Windows\System32\aepic.dll
2015-02-11 11:54:27	B63A6FF4339C9B701A93D3973C7FB6D2	550912	----a-w-	C:\Windows\System32\kerberos.dll
2015-02-11 11:54:27	7C893DBA0A58855A99DA68B751FD223B	248832	----a-w-	C:\Windows\System32\schannel.dll
2015-02-11 11:54:26	F3F6BE20A03215209B61CA85B4A83E1F	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2015-02-11 11:54:26	C256EFD3655EC782F8094E96094E8F9E	17408	----a-w-	C:\Windows\System32\credssp.dll
2015-02-11 11:54:26	A12D64A94EC57079C2D96A741CB4FF53	172032	----a-w-	C:\Windows\System32\wdigest.dll
2015-02-11 11:54:26	7D94A9161E8432B8521E60E064B1D737	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2015-02-11 11:54:26	3BB446DE24501FEA5FDB9A9DB23A22AE	221184	----a-w-	C:\Windows\System32\ncrypt.dll
2015-02-11 11:54:18	E1A4D24281526DDFEA418F729CDA9DC6	30720	----a-w-	C:\Windows\System32\iernonce.dll
2015-02-11 11:54:18	B0F7BD3492C2D60A70F15AEADCE1E2A6	47616	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2015-02-11 11:54:18	94B1F7CE1AAA5542923E0AD63C4D0050	60416	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-02-11 11:54:18	73AFBF165241EB4502CD15107AA12CBA	684544	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-02-11 11:54:18	71189E2787179666BDCD1374AE92BF62	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-02-11 11:54:17	FD6AF61AF029B9BC2CF4EFF57CDD5821	710144	----a-w-	C:\Windows\System32\ieapfltr.dll
2015-02-11 11:54:17	EF05E63ACC834470A07A2E73D519B5FA	418304	----a-w-	C:\Windows\System32\dxtmsft.dll
2015-02-11 11:54:17	C4F2424A0671907FD3AC44EBE43C3C66	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-11 11:54:17	8FBC9680719ACDA9351B67D906C682F4	688640	----a-w-	C:\Windows\System32\msfeeds.dll
2015-02-11 11:54:17	8E8137569741D3693F88DDF94CC38C20	1307136	----a-w-	C:\Windows\System32\urlmon.dll
2015-02-11 11:54:17	74EA6C792F57E453261DA210C1BCEB53	342712	----a-w-	C:\Windows\System32\iedkcs32.dll
2015-02-11 11:54:17	55A84600EAAF8F1D3F0E6206E2EF6D48	47104	----a-w-	C:\Windows\System32\jsproxy.dll
2015-02-11 11:54:17	47B26D89EF9973E2DD586D0C827F61A9	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2015-02-11 11:54:17	28B2D3CB1B4306D476200D80AF7D87AD	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-02-11 11:54:16	F285D499EC42969D963CA49EADA63218	1888256	----a-w-	C:\Windows\System32\wininet.dll
2015-02-11 11:54:16	AD3F5926EC2C1F21FB45D1CDED6E2A47	2052608	----a-w-	C:\Windows\System32\inetcpl.cpl
2015-02-11 11:54:16	6F10743069DFFC56DEE079204960844E	168960	----a-w-	C:\Windows\System32\msrating.dll
2015-02-11 11:54:16	5FB7E9786F70F4072663746072C9E6CE	62464	----a-w-	C:\Windows\System32\iesetup.dll
2015-02-11 11:54:16	44791AA90DF93DD79E63ED3A38657964	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2015-02-11 11:54:15	994E7459260D315573DD72783D1B78A7	478208	----a-w-	C:\Windows\System32\ieui.dll
2015-02-11 11:54:15	78A1A938D51D4F83A772123B93EE1612	12829184	----a-w-	C:\Windows\System32\ieframe.dll
2015-02-11 11:54:15	6FA05244FD2E40A3DC08337146B3C425	285696	----a-w-	C:\Windows\System32\dxtrans.dll
2015-02-11 11:54:14	D87759889FE7BCAE4461439139E62BAA	76288	----a-w-	C:\Windows\System32\mshtmled.dll
2015-02-11 11:54:14	180168942E4A133C55E7BBF17DA3C142	1155072	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2015-02-11 11:54:13	9A91F9B5035F54C2D0BA92CF9B16EE34	2277888	----a-w-	C:\Windows\System32\iertutil.dll
2015-02-11 11:54:13	3B9EF1B8E154D202D32A7765E2F33554	64000	----a-w-	C:\Windows\System32\MshtmlDac.dll
2015-02-11 11:54:12	61C74D794C14E9FC94D93F5F0F72A3F9	19740160	----a-w-	C:\Windows\System32\mshtml.dll
2015-02-11 11:54:11	9DEE691C8FDBC2DE6957F1AE873C78FC	503296	----a-w-	C:\Windows\System32\vbscript.dll
2015-02-11 11:53:33	0C96A745A76C7DD75C5503E86D968E49	1174528	----a-w-	C:\Windows\System32\crypt32.dll
2015-02-11 11:53:32	E365C7B3EBB96451D3C9DF6B6B6900C2	179200	----a-w-	C:\Windows\System32\wintrust.dll
2015-02-11 11:53:32	623E143F2DF17C0106A9988F5D7DC878	143872	----a-w-	C:\Windows\System32\cryptsvc.dll
2015-02-11 11:53:28	B3BC38B886CA53C92D52EF724A9F0D45	308224	----a-w-	C:\Windows\System32\scesrv.dll
2015-02-11 11:53:27	793F6658ED65839FDB2957A4884CB63C	1230336	----a-w-	C:\Windows\System32\WindowsCodecs.dll
====== C:\Windows\system32\drivers =====
2015-02-17 19:10:19	C6A5FBD4977305E1FA23E02C042DB463	49152	----a-w-	C:\Windows\System32\drivers\TsUsbFlt.sys
2015-02-11 11:55:12	F516F1167EFBBC5ABC90687C94497869	369968	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-02-11 11:55:12	EF88BAC2B489D9C46F4E41ACF0219CD0	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-02-11 11:55:12	49D70660EE8266988C1F99A0297A1430	136640	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-02-09 15:25:46	113384367C3999E084FE156B18C7625E	16128	----a-w-	C:\Windows\System32\drivers\gtkdrv.sys
====== C:\Windows\Tasks ======
2015-02-16 19:28:25	BEE94D13A3CEF5977760710F87830506	3258	----a-w-	C:\Windows\system32\Tasks\Trojan Killer
2015-02-16 16:07:47	13CE15C9D41740D2C849ABB89B98B8D7	2874	----a-w-	C:\Windows\system32\Tasks\Uninstaller_SkipUac_Anja
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-17 20:30:43	--------	d-----w-	C:\Program Files\trend micro
2015-02-17 19:20:13	--------	d-----w-	C:\Program Files\GridinSoft Trojan Killer
2015-02-15 15:17:43	--------	d-----w-	C:\Program Files\Custom RSS News
=======  =====
====== C:\Users\Frank\AppData\Roaming ======
2015-02-16 20:14:19	--------	d-----w-	C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-16 15:15:56	--------	d-----w-	C:\Users\Frank\AppData\Roaming\Intel Corporation
2015-02-16 15:09:49	--------	d-----w-	C:\Users\Frank\AppData\Roaming\ATI
2015-02-15 22:25:24	--------	d-----w-	C:\Users\Frank\AppData\Local\mquadr.at
2015-02-15 22:15:53	--------	d-sh--w-	C:\Users\Anja\AppData\Local\EmieBrowserModeList
2015-01-25 10:54:42	--------	d-sh--w-	C:\Users\Anja\AppData\Locallow\EmieBrowserModeList
====== C:\Users\Frank ======
2015-02-17 20:30:12	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Anja\Downloads\RSIT.exe
2015-02-17 19:20:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
2015-02-17 19:19:17	F34BAEF61E952A0DBDF12FD67309DE78	61577584	----a-w-	C:\Users\Anja\Downloads\gtk-2.2.6.4-setup (1).exe
2015-02-17 15:42:58	F34BAEF61E952A0DBDF12FD67309DE78	61577584	----a-w-	C:\Users\Anja\Downloads\gtk-2.2.6.4-setup.exe
2015-02-16 19:27:48	--------	d-----w-	C:\ProgramData\GridinSoft
2015-02-16 16:31:15	--------	d-----w-	C:\Users\Frank\Start Menu

====== C: exe-files ==
2015-02-18 16:07:25	FA53C5D2B6C3F64D53CD7ED774ACFADD	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$I0NJLME.exe
2015-02-18 16:07:25	A94B25B0FF3B64AA667E2428DFDE4FB1	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IC6B1T6.exe
2015-02-18 16:07:25	8E4FA12FF0B448BA745C10A2BB166931	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$ID5RKC4.exe
2015-02-18 16:07:25	659C5440823066FFF66D1C5267AE20E8	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IQAX7T5.exe
2015-02-18 16:07:24	94DAB40BEB27BC0B78367D5AC65BB423	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$I91R8LM.exe
2015-02-18 16:07:24	23C25E78CD93C99B671E4097A28A3838	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IM89H36.exe
2015-02-18 11:00:45	E284CFD490A1F2E03A8BE0B4C09A3DEE	74240	----a-w-	C:\Windows\System32\TSWbPrxy.exe
2015-02-17 20:30:43	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Frank.exe
2015-02-17 20:30:12	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Anja\Downloads\RSIT.exe
2015-02-17 19:19:17	F34BAEF61E952A0DBDF12FD67309DE78	61577584	----a-w-	C:\Users\Anja\Downloads\gtk-2.2.6.4-setup (1).exe
2015-02-17 19:10:20	D60E27D4BD5A91FCD17D2CB27F86738E	12800	----a-w-	C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-17 19:10:17	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\System32\mstsc.exe
2015-02-17 19:10:17	0FC6922517964E9D90DE84DC86F63E40	350208	----a-w-	C:\Windows\System32\wksprt.exe
2015-02-17 17:57:31	B5998562E394D9DB672D012D4E670790	2112512	----a-w-	C:\Users\Anja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PG73EY3\adwcleaner_4.110.exe
2015-02-17 17:34:14	F52FF9553903EDECF136FCC90303D6DC	3026176	----a-w-	C:\Users\Anja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PG73EY3\TrojanKillerInstallerST.exe
2015-02-17 15:42:58	F34BAEF61E952A0DBDF12FD67309DE78	61577584	----a-w-	C:\Users\Anja\Downloads\gtk-2.2.6.4-setup.exe
2015-02-16 19:26:41	F34BAEF61E952A0DBDF12FD67309DE78	61577584	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$RM89H36.exe
2015-02-16 19:20:38	BD40CF04C215DD43ABB1B778EBEB4926	1167400	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$R91R8LM.exe
2015-02-16 19:18:49	1AE8423085F6658BFC71D3961BDACC67	2005328	----a-w-	C:\Users\Frank\AppData\Local\Temp\~4AE7\iSafeDownloader.exe
2015-02-16 19:18:25	BD40CF04C215DD43ABB1B778EBEB4926	1167400	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$RC6B1T6.exe
2015-02-16 19:16:25	B4CD9E8513C17C32224C70330A235296	3044736	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$R0NJLME.exe
2015-02-16 19:13:21	55BA68218A5BA7A7FCE6E16535640B04	3044736	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$RQAX7T5.exe
2015-02-16 16:30:11	3D97AC796AF200D83F72B8435E15E6AB	3044736	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$RD5RKC4.exe
=== C: other files ==
2015-02-18 16:07:25	8D6A211AE5D7E95AEF078327A68A149B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IP5QN8N.zip
2015-02-18 16:07:25	7F7C83E6E51CB13B0AF28A0BF589725B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IY9ZBIN.zip
2015-02-18 16:07:25	2340A756E785A5C569DB623658550689	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$I1ZIE1L.zip
2015-02-18 16:07:24	7A9CCE23D667669984909A8D4AECCA58	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IWY5ALU.zip
2015-02-17 19:10:20	7E6E0797EB91F1D63641058416044313	26880	----a-w-	C:\Windows\System32\DriverStore\FileRepository\tsgenericusbdriver.inf_x86_neutral_9002d2f3f0cfc5e0\TsUsbGD.sys
2015-02-17 19:10:19	C6A5FBD4977305E1FA23E02C042DB463	49152	----a-w-	C:\Windows\System32\drivers\TsUsbFlt.sys
2015-02-15 17:46:44	A254C993334344489105D6D03CB7DBA9	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IJBIWL1.com
2015-02-15 17:46:44	96C2B2DD1F3E477CC5B4387B167F7425	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IRK35SO.com
2015-02-15 17:46:43	9E5E8C594BACA71155DAF506EC0CD571	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$I2KDIJN.com
2015-02-15 17:46:43	5968E5E79F9D55269DAFD18B6F582334	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$ITAYMEB.com
2015-02-15 17:46:40	DF9E22412D2FBC5967309F442A361A67	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$IWP9AUJ.com
2015-02-14 07:52:31	77A40FC467F1A121448E7BCC56D3CEB9	41820771	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$RY9ZBIN.zip
2015-02-14 07:52:23	07859A115382125A172D98389212EB46	38919547	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$RP5QN8N.zip
2015-02-14 07:52:13	35456C7CAD9E173E5852650A43C70710	100947538	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$R1ZIE1L.zip
2015-02-13 18:01:33	A447C37DBDEDE5DBB6188FDEB6335635	156535639	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2897132998-3550645008-1714694653-1001\$RWY5ALU.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2897132998-3550645008-1714694653-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Advanced SystemCare Ultimate"="C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe /Auto"
"Spotify Web Helper"="C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-21-2897132998-3550645008-1714694653-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Advanced SystemCare Ultimate"="C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe /Auto"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"WinampAgent"="C:\Program Files\Winamp\winampa.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"KPN Assistent"="C:\Program Files\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto"
"EvtMgr6"="c:\program files\logitech\setpointp\setpoint.exe /launchgaming"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Advanced SystemCare Ultimate"="C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe /Auto"
"Spotify Web Helper"="C:\Users\Frank\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"command"="c:\\program files\\common files\\adobe\\oobe\\pdapp\\uwa\\updaterstartuputility.exe"
"hkey"="HKLM"
"item"="AdobeAAMUpdater-1.0"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"command"="c:\\program files\\hp\\hp software update\\hpwuschd2.exe"
"hkey"="HKLM"
"item"="HP Software Update"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAStorIcon]
"command"="c:\\program files\\intel\\intel(r) rapid storage technology\\iastoricon.exe"
"hkey"="HKLM"
"item"="IAStorIcon"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"command"="\"c:\\users\\frank\\appdata\\roaming\\spotify\\spotify.exe\" /uri spotify:autostart"
"hkey"="HKCU"
"item"="Spotify"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"command"="c:\\users\\frank\\appdata\\roaming\\spotify\\data\\spotifywebhelper.exe"
"hkey"="HKLM"
"item"="Spotify Web Helper"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"command"="c:\\program files\\common files\\java\\java update\\jusched.exe"
"hkey"="HKLM"
"item"="SunJavaUpdateSched"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"command"="c:\\program files\\tomtom home 2\\tomtomhomerunner.exe"
"hkey"="HKCU"
"item"="TomTomHOME.exe"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"command"="\"c:\\users\\frank\\appdata\\roaming\\utorrent\\utorrent.exe\"  /minimized"
"hkey"="HKCU"
"item"="uTorrent"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Folders ======================

2014-12-03 18:01:09	1942	----a-w-	C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 2540 series.lnk
2013-07-30 14:56:31	2737	----a-w-	C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk
2014-04-13 08:12:32	2313	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PolderbitS Audio Driver Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-2015 17:13]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10-03-2013 13:36]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10-03-2013 13:36]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Medioncomputer-Anja" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Medioncomputer-Frank" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\system32\tasks\ASC7U_SkipUac_Frank" [C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASC.exe /SkipUac]
"C:\Windows\system32\tasks\ASC7_AutoCare" [C:\Program Files\IObit\Advanced SystemCare Ultimate 7\AutoCare.exe]
"C:\Windows\system32\tasks\ASC7_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare Ultimate 7\Monitor.exe]
"C:\Windows\system32\tasks\ASCAntivirusScan" [C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASC.exe /Scheduler 0]
"C:\Windows\system32\tasks\ASCAntivirusScan2" [C:\Program Files\IObit\Advanced SystemCare Ultimate 7\ASC.exe /Scheduler 1]
"C:\Windows\system32\tasks\Driver Booster SkipUAC (Frank)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\system32\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\system32\tasks\Google Updater and Installer" [C:\Users\Frank\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\system32\tasks\SmartDefrag3_Update" [C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe]
"C:\Windows\system32\tasks\Trojan Killer" ["C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe"]
"C:\Windows\system32\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\system32\tasks\Uninstaller_SkipUac_Anja" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\system32\tasks\Uninstaller_SkipUac_Frank" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{163A2681-7AA8-4841-8FD5-4FCAB42A35FE}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [02-08-2013 16:17]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Frank\AppData\Roaming\TomTom\HOME\Profiles\km61902o.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com

==== Firefox Plugins ======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Default\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Drive - Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Anja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully
C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully
C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully
C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://nu.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://nu.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{2F555DBC-40A7-407E-BCEF-8DD37152CB57}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{2F555DBC-40A7-407E-BCEF-8DD37152CB57} Google  Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{11F6D5AB-263F-388E-74DE-E3DECD390E3F} deleted successfully

==== Empty IE Cache ======================

C:\Users\Anja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Anja\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Frank\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Anja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VE545157 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Anja\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=591 folders=62 31864206 bytes)

==== Empty Temp Folders ======================

C:\Users\Anja\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Frank\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Frank\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Anja\AppData\Local\Temp\FXSAPIDebugLogFile.txt" not deleted
"C:\Users\Anja\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VE545157" deleted

==== EOF on wo 18-02-2015 at 19:04:28,58 ======================