
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by pc on ma 06-04-2015 at 20:36:30,75.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\pc\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

6-4-2015 20:39:31 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Comodo deleted successfully
C:\PROGRA~2\DriverWhiz deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\MyFree Codec deleted successfully
C:\Users\pc\AppData\Roaming\Snz deleted successfully
C:\Users\pc\AppData\Local\Samsung deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2641425330-4099986175-798816701-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_USERS\S-1-5-21-2641425330-4099986175-798816701-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C28240DE-B916-4D87-A3CF-96637234E3C} deleted successfully
HKEY_USERS\S-1-5-21-2641425330-4099986175-798816701-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF33F15A-8827-4F36-8AAE-21FEB396A313} deleted successfully
HKEY_USERS\S-1-5-21-2641425330-4099986175-798816701-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F08C8429-6C63-4FD8-B23A-2FB65A97F8D6} deleted successfully
HKEY_USERS\S-1-5-21-2641425330-4099986175-798816701-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F67E78EA-248B-4A61-BA50-C67798D1B57C} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Windows\SysWOW64\CTHELPER.EXE
C:\Program Files (x86)\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
c:\program files (x86)\teamviewer\TeamViewer_Desktop.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\pc\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"AsioThk32Reg"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Comodo not found
C:\PROGRA~2\DriverWhiz not found
C:\PROGRA~2\MyFree Codec not found
"C:\Users\pc\AppData\Roaming\xd2DAEqrIvvWqDXBh2p.exe" not found
C:\ProgramData\{B53633F4-53A8-4BAA-81BD-2830099F2459} deleted
C:\ProgramData\{F299F641-E758-4AF2-AEE2-1FF1FA99E411} deleted
C:\ProgramData\{DC597CF0-DB39-40C2-9F8C-CF9D0A386548} deleted
C:\ProgramData\{588D017F-D30B-4C08-8A10-1FEF7D039369} deleted
C:\ProgramData\{CA03436C-933D-4ADA-9E89-2C39CC03E904} deleted
C:\ProgramData\{792288EF-B822-4482-B541-7ED490D444F7} deleted
C:\ProgramData\{14F71F5E-7E38-4BE6-9307-DC81B8A419A5} deleted
C:\ProgramData\{D49FD676-115D-4DF5-B976-28952EB09BEB} deleted
C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC} deleted
C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B} deleted
C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE} deleted
C:\ProgramData\{6E467D89-1963-440B-84F9-852C8150E323} deleted
C:\ProgramData\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525} deleted
C:\ProgramData\{7B7672F5-5EA2-4D83-BC77-1AFCA8846266} deleted
C:\ProgramData\{6B3E9A08-404E-4FBF-A80D-1E9DA9E75171} deleted
C:\ProgramData\{4C01754A-32F9-4A34-8B9F-E06DD553B755} deleted
C:\ProgramData\{91377244-4B4E-4A81-9F72-FA41DECB3D8F} deleted
C:\ProgramData\{82B9F45C-9378-4B6C-B80A-338C197F3791} deleted
C:\ProgramData\{DFB8047B-FF22-438D-90BD-83E8B78F83D7} deleted
C:\ProgramData\{68233086-CF7D-452D-8519-A7815257EC6B} deleted
C:\ProgramData\{4A95D8FB-6FE5-4651-9C81-388A5F0CB306} deleted
C:\ProgramData\{E13AD921-F7D5-4901-BF24-AC8BF60E1EB6} deleted
C:\ProgramData\{589B734B-3C34-40B2-9EFD-8C2D12D479CE} deleted
C:\ProgramData\{AB38F02B-C891-457C-B8C8-DA9D96EFA317} deleted
C:\ProgramData\{B06671EB-304F-4BCB-A3C8-1D59B4FD236F} deleted
C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1} deleted
C:\ProgramData\{624486AF-AD5B-4BB3-BEEE-A0D2D4D112DF} deleted
C:\ProgramData\{B8AB470F-A90B-4652-A8F5-160A08FD7411} deleted
C:\ProgramData\{7FC6C6B3-C2D5-4F17-BBEF-A11135E1A668} deleted
C:\ProgramData\{8CD9955F-F554-4B5B-9EA3-370A45EF233C} deleted
C:\ProgramData\{69DF5CE1-2094-4539-A287-9DD19C7BD30B} deleted
C:\ProgramData\{CD0D90ED-2704-4043-9651-E90B134DD7DD} deleted
C:\ProgramData\{24EEDFDA-74B5-4E97-8334-5AEA44CD0095} deleted
C:\ProgramData\{AA5037F8-9B97-456B-847E-A64FEB3E393C} deleted
C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362} deleted
C:\ProgramData\{B7CF1107-3BD9-48BA-BC77-54B909022641} deleted
C:\ProgramData\{CCE3E562-124D-4D63-8AC7-EC849A579F07} deleted
C:\ProgramData\{35B46D49-85E2-40EA-8EC6-43B281EDD8E7} deleted
C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD} deleted
C:\ProgramData\{3006A797-CDFA-44FC-98EF-155579E2CDBF} deleted
C:\ProgramData\{C2A88E6D-FA3D-462B-BDFF-A09B1EFA8FBE} deleted
C:\Program Files (x86)\globalUpdate deleted
C:\Users\pc\AppData\Roaming\FBDownloader deleted
C:\Users\pc\AppData\Roaming\Intermediate deleted
C:\Users\pc\AppData\Roaming\SCheck deleted
C:\Users\pc\AppData\Roaming\Common deleted
C:\Users\pc\AppData\Local\globalUpdate deleted
"C:\Windows\tasks\xd2DAEqrIvvWqDXBh2p.job" deleted
"C:\TDSSKiller.3.0.0.44_05.04.2015_23.27.44_log.txt" deleted
"C:\Users\pc\AppData\Roaming\xd2DAEqrIvvWqDXBh2p" deleted
"C:\Windows\tasks\xd2DAEqrIvvWqDXBh2p.job" deleted
"C:\Windows\SysNative\tasks\xd2DAEqrIvvWqDXBh2p" deleted
"C:\ProgramData\cm-lock" not deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 16343 MB
CPU Info: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
CPU Speed: 3393,8 MHz
Sound Card: Luidsprekers (E-MU E-DSP Audio  | 
Display Adapters: NVIDIA GeForce GT 430 | NVIDIA GeForce GT 430 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 2x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Intel(R) 82579LM Gigabit Network Connection
CD / DVD Drives: 1x (H: | ) H: HL-DT-STDVDRAM GH24NS90
Ports: COM3 LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  111,7GB | D:  491,3GB | E:  440,2GB | F:  399,2GB | G:  440,2GB | I:  4,9GB | J:  48,9GB | K:  130,3GB | L:  48,8GB | N:  2794,4GB
Hard Disks - Free: C:  76,9GB | D:  455,2GB | E:  361,6GB | F:  390,3GB | G:  41,7GB | I:  4,8GB | J:  20,8GB | K:  50,7GB | L:  17,0GB | N:  1847,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 02/05/10 | ALASKA - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK Computer INC. P8Q67-M DO/TPM
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: COMODO Antivirus On-access scanning disabled (Outdated)
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: COMODO Defense+ disabled (Outdated)
Firewall: COMODO Firewall disabled
Default Browser: Firefox	37.0.1
Internet Explorer Version: 11.0.9600.17691 
Mozilla Firefox version: 37.0.1 (x86 nl)
Adobe Reader version: 11.0.10.32
Flash Player version: 17.0.0.134

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\pc\AppData\Local\Temp ====
2015-04-05 21:22:41	F76D4ECF94DC677C13061EAEE9D6745A	312832	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\IntlProvider.dll
2015-04-05 21:22:41	EC664AAB47C27667256DDFBD13986239	127488	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\OSProvider.dll
2015-04-05 21:22:41	CD564F5637BBBEB6E5F3464EDD573C80	438272	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\DmiProvider.dll
2015-04-05 21:22:41	CCF6EC908566900E9626DC3360B9E35E	112128	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\DismCorePS.dll
2015-04-05 21:22:41	A909643B215FC0587A043C9C15959D41	186368	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\DismProv.dll
2015-04-05 21:22:41	A77A8EB5E9BA6D63A121811F0830F565	302080	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\UnattendProvider.dll
2015-04-05 21:22:41	8DF4C8E300C8D32468F6141D22BBAF24	271360	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\SmiProvider.dll
2015-04-05 21:22:41	7B38D7916A7CD058C16A0A6CA5077901	271360	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\wdscore.dll
2015-04-05 21:22:41	739968678548BA15F6B9372E8760C012	444416	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\TransmogProvider.dll
2015-04-05 21:22:41	6EBC2138A3C9B3B7D1E69E0629B6C815	289792	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\DismCore.dll
2015-04-05 21:22:41	64B66A41B61D511E8EBE94625EC0E45A	53760	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\FolderProvider.dll
2015-04-05 21:22:41	516A5FCE06BB388499238A5F9286CB74	96768	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\DismHost.exe
2015-04-05 21:22:41	45FF4FA5CA5432BFCCDED4433FE2A85B	216576	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\MsiProvider.dll
2015-04-05 21:22:41	3A9C49943047DE6C6F8DC68CB986A0EC	183296	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\CompatProvider.dll
2015-04-05 21:22:41	2961AB067AE61440ADF11C4BFE085151	1672192	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\CbsProvider.dll
2015-04-05 21:22:41	27EC9795973FB7790059892EF2F363B1	107008	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\LogProvider.dll
2015-04-05 21:22:41	26981358EA5F82938387F6998F861978	471040	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\WimProvider.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2040-06-11 18:02:29	DC7024B085E7DFF450D53239D9518D8B	2892	----a-w-	C:\Windows\SysWOW64\audcon.sys
2015-04-06 15:44:05	46F29AEB5FC0F6E6BD477EBB4AE0EB42	621384	----a-w-	C:\Windows\SysWOW64\nvStreaming.exe
2015-04-04 15:48:56	0C9988BDA3CEC3C421B773982C5E2EC6	5703168	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-04-04 10:09:52	1C0E369575F387460E2A5F28269B2CC4	1247744	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-04-03 21:37:46	AB5EFB103DB01C1912C9D2F545EA5621	17920	----a-w-	C:\Windows\SysWOW64\wksprtPS.dll
2015-04-03 21:37:46	8DEEE20D8D30E9B0FBDCA31E58A027BD	53248	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
2015-04-03 21:37:46	2EFB1279E7BEA7D12D9F4D6508D27880	50176	----a-w-	C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-04-03 21:37:45	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\SysWOW64\mstsc.exe
2015-04-03 21:37:44	5E676B296B762E211D83B87635F2C330	855552	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-02 14:16:04	C1C7EFE18FAF1D77AC87D30A27895532	778928	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-02 14:16:04	6E949AEE540BB35FAB72DF84B2171A03	142512	----a-w-	C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-01 19:25:22	4C70334EFA0B82EEFC0B8B8AFA1A4C85	4	----a-w-	C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-04-06 15:42:19	EBDBE8037B0BE75B05CBC5DEEE49BA90	677888	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-04-06 15:42:19	E82D241A892C15FB42AB0A3D83C01ACA	414720	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-04-06 15:42:19	B3B9C29F90A10216F13113757BCACAD8	1107456	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-04-06 15:42:19	82009026471290E8A512D1FE2442FDFC	760832	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-04-06 15:42:19	75A43F9EA79BF721DC6D94980F85F87D	943616	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-04-06 15:42:19	7150E809474BBD4D4AD24B13FA2454E5	1239720	----a-w-	C:\Windows\Sysnative\aitstatic.exe
2015-04-06 15:42:19	4BA77DD4E4894EAF2BCB2D3E0A0B6F7A	30720	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-04-06 15:42:19	1C11E0739B2B354647D292FCDCB7AF8E	192000	----a-w-	C:\Windows\Sysnative\aepic.dll
2015-04-06 15:42:18	EBDE90C94A0671F05AAA0DF2A2139F43	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-04-04 15:50:14	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2015-04-04 15:48:56	6DD73E4E947DB3B0608321AE13210D94	6584320	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-04-04 10:09:52	DD85F00EC31F77315AE992B7B0411D65	1643520	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-04-03 21:38:32	DDED7C5558B3AE09F568945281A9A6D1	44544	----a-w-	C:\Windows\Sysnative\TsUsbGDCoInstaller.dll
2015-04-03 21:37:55	FEC6178962DFF33074D39CA907971405	12800	----a-w-	C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-03 21:37:55	108C257D765AAD2E6EC46557DA0B02BD	13824	----a-w-	C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe
2015-04-03 21:37:46	7BD2E6E2458A5B95F8341244C7FC7DD4	18944	----a-w-	C:\Windows\Sysnative\wksprtPS.dll
2015-04-03 21:37:46	5289A00E2D21BB3A7D6761646543ED5C	62976	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2015-04-03 21:37:46	149A388C17F04AD1F99B477A43BE1A9F	56832	----a-w-	C:\Windows\Sysnative\MsRdpWebAccess.dll
2015-04-03 21:37:45	8E75B1112C374EBDF18FD640DA2F0655	1147392	----a-w-	C:\Windows\Sysnative\mstsc.exe
2015-04-03 21:37:45	79EE5ECB4BE89343E4CF1E48F7769F59	420864	----a-w-	C:\Windows\Sysnative\wksprt.exe
2015-04-03 21:37:44	A4420969E5AB94856E5C0C02E6099D3F	1057280	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
====== C:\Windows\Sysnative\drivers =====
2015-04-03 21:37:54	E9981ECE8D894CEF7038FD1D040EB426	56832	----a-w-	C:\Windows\Sysnative\drivers\TsUsbFlt.sys
2015-03-11 18:31:48	A3D04EBF5227886029B4532F20D026F7	14464	----a-w-	C:\Windows\Sysnative\drivers\wdcsam64.sys
2015-03-11 08:30:11	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-11 08:30:11	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-11 08:30:10	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-03-11 08:29:57	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-11 08:29:57	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-03-11 08:29:56	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2015-04-03 22:36:26	FE37BBB26CAB43CBD6649AF5AF64DE3A	5026	----a-w-	C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for pc-PC-pc pc-PC
2015-04-01 18:25:32	B106C1EC6CF2AB5C15711FE91AC6DECE	680	----a-w-	C:\Windows\Tasks\trivia_games_updating_service.job
2015-04-01 18:25:32	7CD2E082FE2BCD1444B758B01375AA27	3706	----a-w-	C:\Windows\Sysnative\Tasks\trivia_games_updating_service
2015-04-01 18:25:11	B2B42EFB0BBE1661FD3336C87CFF370C	1318	----a-w-	C:\Windows\Tasks\trivia_games_notification_service.job
2015-04-01 18:25:11	0B09AFE3D336CA0BAD88B8035A06F2D5	4342	----a-w-	C:\Windows\Sysnative\Tasks\trivia_games_notification_service
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-06 14:40:48	--------	d-----w-	C:\Program Files\trend micro
2015-04-05 21:33:53	--------	d-----w-	C:\Program Files\Defraggler
======= C:\PROGRA~2 =====
2015-04-02 14:21:18	--------	d-----w-	C:\PROGRA~2\Mozilla Thunderbird
======= C: =====
2015-04-02 14:03:07	59071590099D21DD439896592338BF95	524288	--sha-w-	C:\ntuser.dat{2a34a8ef-d904-11e4-86f4-f46d046514f1}.TMContainer00000000000000000002.regtrans-ms
2015-04-02 14:03:07	2C6B8BCD8A6CE2FCA4A63125DA6455AB	524288	--sha-w-	C:\ntuser.dat{2a34a8ef-d904-11e4-86f4-f46d046514f1}.TMContainer00000000000000000001.regtrans-ms
2015-04-02 14:03:07	15624F2C8E29A9FFFA7344ABFB3BFA48	65536	--sha-w-	C:\ntuser.dat{2a34a8ef-d904-11e4-86f4-f46d046514f1}.TM.blf
2015-04-02 14:03:06	F837DB4840C280FE6866DCCD3F788493	262144	----a-w-	C:\ntuser.dat
2015-04-02 14:03:06	D7120A583717B1DA39EBD75DBC063759	65536	--sha-w-	C:\ntuser.dat{2a34a8eb-d904-11e4-86f4-f46d046514f1}.TM.blf
2015-04-02 14:03:06	59071590099D21DD439896592338BF95	524288	--sha-w-	C:\ntuser.dat{2a34a8eb-d904-11e4-86f4-f46d046514f1}.TMContainer00000000000000000002.regtrans-ms
2015-04-02 14:03:06	3C43A309F424288E95AF84520DC19016	524288	--sha-w-	C:\ntuser.dat{2a34a8eb-d904-11e4-86f4-f46d046514f1}.TMContainer00000000000000000001.regtrans-ms
====== C:\Users\pc\AppData\Roaming ======
2015-04-06 15:51:51	--------	d-----w-	C:\Users\pc\AppData\Local\NVIDIA
2015-04-06 15:44:22	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\NVIDIA
2015-04-04 17:03:43	--------	d-sh--w-	C:\Users\pc\AppData\Locallow\EmieUserList
2015-04-04 17:03:43	--------	d-sh--w-	C:\Users\pc\AppData\Locallow\EmieSiteList
2015-04-04 17:03:43	--------	d-sh--w-	C:\Users\pc\AppData\Locallow\EmieBrowserModeList
2015-04-04 16:02:21	--------	d-----w-	C:\Users\pc\AppData\Roaming\TeamViewer
2015-03-15 17:25:59	--------	d-----w-	C:\Users\pc\AppData\Locallow\Google
====== C:\Users\pc ======
2040-06-11 18:01:45	--------	d-----w-	C:\ProgramData\eLicenser
2015-04-06 18:28:57	!HASH: COULD NOT OPEN FILE !!!!!	0	----a-w-	C:\ProgramData\cm-lock
2015-04-06 14:38:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\pc\Desktop\RSITx64.exe
2015-04-04 15:28:00	9C5DAAED3B3C06DBC95228CC407B8B70	4197016	----a-w-	C:\Users\pc\Desktop\tdsskiller.exe
2015-04-02 15:03:54	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Desktop

====== C: exe-files ==
2015-04-06 15:52:55	87DCBA167D8823D8E8C11E7E6FFEB6CD	345928	----a-w-	C:\Users\pc\AppData\Local\NVIDIA\NvBackend\Packages\000070ad\DRS update.19355679.exe
2015-04-06 15:45:25	87DCBA167D8823D8E8C11E7E6FFEB6CD	345928	----a-w-	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\NVIDIA\NvBackend\Packages\000070ad\DRS update.19355679.exe
2015-04-06 15:44:26	17A61731826A7E0A96C8C59E84420EB4	414024	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{19CDAFCD-9FF5-4AEB-936F-CBFD9A00779F}\setup.exe
2015-04-06 15:44:24	17A61731826A7E0A96C8C59E84420EB4	414024	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{B030000C-66BF-4B07-B7E3-E9744E322CE1}\setup.exe
2015-04-06 15:44:22	AA36B62EC778855807AAA5801C3BB204	1794704	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
2015-04-06 15:44:22	7539B1CB5769EDFF7DA04CEA0B84F10F	189768	----a-w-	C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe
2015-04-06 15:44:05	90507D5E78F4B9ED9EA084BD5DCEA0D1	437576	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe
2015-04-06 15:44:05	740D7B71B4B8E49E7D4B6AAC61FEA441	8363848	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe
2015-04-06 15:44:05	49B1E5AF3AA400752A20BE169CB73DFA	410952	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2015-04-06 15:44:05	46F29AEB5FC0F6E6BD477EBB4AE0EB42	621384	----a-w-	C:\Windows\SysWOW64\nvStreaming.exe
2015-04-06 15:44:05	382963E094FD72B83E39035C1861B956	896328	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe
2015-04-06 15:44:05	2576168932F3B57EC873215BB5510A11	840008	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe
2015-04-06 15:44:05	1B0188C227FFCB5A7BD33E69B6C85F8D	1113928	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
2015-04-06 15:44:05	12B08A53FB5DA2DA4D0176F80DB3ECB0	2625864	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe
2015-04-06 15:44:05	0A0EF48D066B81C96242751E05AA6A1A	1914184	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
2015-04-06 15:44:03	17A61731826A7E0A96C8C59E84420EB4	414024	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE
2015-04-06 15:43:41	F0BF9948F38E30BD64020648F6D6B5C8	2337936	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5BE8FBF4-799C-49A6-A5C7-D2FF9C4D4114}\NvSplash.exe
2015-04-06 15:43:41	B12A490B9F29FC2A8DFAD0103B8B9448	76096	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5BE8FBF4-799C-49A6-A5C7-D2FF9C4D4114}\nvsetup.exe
2015-04-06 15:43:41	95C8DACC80EE738AA80BEB43D4EEA942	98120	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5BE8FBF4-799C-49A6-A5C7-D2FF9C4D4114}\NvSplashService.exe
2015-04-06 15:43:41	720393D27F6EE917F42301F9DF6C2876	2700104	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5BE8FBF4-799C-49A6-A5C7-D2FF9C4D4114}\GeForce_iCafe.exe
2015-04-06 15:43:41	28B812F6762C66D6061BA0B2251808F2	18970528	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{63EDFDAE-C649-4645-AB15-F22F495AC85C}\3DVision.exe
2015-04-06 15:43:41	27EE617A592AAF611EDC5E51AD8E413E	35989040	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5BE8FBF4-799C-49A6-A5C7-D2FF9C4D4114}\NvCplSetupEng.exe
2015-04-06 15:43:40	6E820BCB9F7A1CA23A9946F534E864CB	447304	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5BE8FBF4-799C-49A6-A5C7-D2FF9C4D4114}\dbInstaller.exe
2015-04-06 15:43:40	2AA9329D13971B65B6230E4FE8C5E349	85734912	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{5BE8FBF4-799C-49A6-A5C7-D2FF9C4D4114}\NvCplSetupInt.exe
2015-04-06 15:43:26	17A61731826A7E0A96C8C59E84420EB4	414024	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{ECC4DBD1-E0E5-4DD1-91EB-17FA04F59F84}\setup.exe
2015-04-06 15:42:19	F22794B93C9FC55A934C1544F9600B43	70832	----a-w-	C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-04-06 15:42:19	7150E809474BBD4D4AD24B13FA2454E5	1239720	----a-w-	C:\Windows\System32\aitstatic.exe
2015-04-06 15:42:18	8D06AAF1723B514C412187C5B8B67EEF	46752	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2015-04-06 15:42:18	4AC38FC4C6894B21698A99B9129B1EA4	161952	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2015-04-06 14:40:48	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\pc.exe
2015-04-06 14:38:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\pc\Desktop\RSITx64.exe
2015-04-05 21:22:41	516A5FCE06BB388499238A5F9286CB74	96768	----a-w-	C:\Users\pc\AppData\Local\Temp\7A06A663-471D-4315-815C-79F45420EAD2\DismHost.exe
2015-04-04 15:50:17	E32AAB3E477398B78E9D8F2418D1989C	658944	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-04-04 15:50:17	A6C3E3120AC125BABE410959083A0108	459264	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-04-04 15:50:17	86345D30828786E1CC6AF12DF769D136	392704	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2015-04-04 15:50:17	771215B601C7D7E88D015D974AF7BEC7	393216	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-04-04 15:50:17	29038FF696BB007224872DA9645EA324	353048	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2015-04-04 15:50:14	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\System32\TSWbPrxy.exe
2015-04-04 15:28:00	9C5DAAED3B3C06DBC95228CC407B8B70	4197016	----a-w-	C:\Users\pc\Desktop\tdsskiller.exe
2015-04-03 21:37:55	108C257D765AAD2E6EC46557DA0B02BD	13824	----a-w-	C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-03 21:37:45	8E75B1112C374EBDF18FD640DA2F0655	1147392	----a-w-	C:\Windows\System32\mstsc.exe
2015-04-03 21:37:45	79EE5ECB4BE89343E4CF1E48F7769F59	420864	----a-w-	C:\Windows\System32\wksprt.exe
2015-04-03 21:37:45	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\SysWOW64\mstsc.exe
2015-04-03 21:12:44	F0CA914D7CB44395C5921A7FC1C849DA	588656	----a-w-	C:\Program Files (x86)\TeamViewer\uninstall.exe
2015-04-03 21:12:44	E98CED53B8E912D19D9F229B0D299F30	5448464	----a-w-	C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
2015-04-03 21:12:44	AA943520A2E45BD5DBC0439B0528DD6D	17653008	----a-w-	C:\Program Files (x86)\TeamViewer\TeamViewer.exe
2015-04-03 21:12:44	4444BF3FDF36F1A91AACE8245A98AB58	229136	----a-w-	C:\Program Files (x86)\TeamViewer\tv_w32.exe
2015-04-03 21:12:44	3EBDEC6754C5484986B9B8859ED9CD86	5437712	----a-w-	C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
2015-04-03 21:12:44	3A06DEB43AAC8726FE3ADF056A7C0187	263952	----a-w-	C:\Program Files (x86)\TeamViewer\tv_x64.exe
2015-04-02 14:21:19	EB39E9FD63B97FBA1B4812DE032E80AD	119408	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice.exe
2015-04-02 14:21:19	D6BDB1AAB9DE9DDA742B2DCE443F1B11	22640	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\WSEnable.exe
2015-04-02 14:21:19	CAE00C42558CA8F058C06D129713666D	901232	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
2015-04-02 14:21:19	B5EBDEA6F32C773A93F2FDE3954E03F3	18544	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\plugin-container.exe
2015-04-02 14:21:19	9EFFCE19EB94EE6FE7A5132E97BDA743	194176	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe
2015-04-02 14:21:19	9B6145F78620F411AC2C1A645A21F1D2	389744	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
2015-04-02 14:21:19	1A4561D377E16EC61C4FAD793755DCF1	280176	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\updater.exe
2015-04-02 14:21:18	AF1F47C2488D4B61C5F1744AE9A1A3F9	117360	----a-w-	C:\Program Files (x86)\Mozilla Thunderbird\crashreporter.exe
2015-04-02 14:16:04	C1C7EFE18FAF1D77AC87D30A27895532	778928	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
=== C: other files ==
2040-06-11 18:02:29	DC7024B085E7DFF450D53239D9518D8B	2892	----a-w-	C:\Windows\SysWOW64\audcon.sys
2015-04-06 18:36:09	39857ECFB8B908618758C262035781B2	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2641425330-4099986175-798816701-1003\$IS1PI9U.zip
2015-04-06 18:33:49	B0128F651751FCC2EA5DF5D5797FD293	1297238	----a-w-	C:\$Recycle.Bin\S-1-5-21-2641425330-4099986175-798816701-1003\$RS1PI9U.zip
2015-04-06 15:44:27	F69FD161BD904778E1D6EBE9EEBBC2B5	161424	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0B0AF176-D54F-438A-8194-FA52DE9D40B0}\nvhda32v.sys
2015-04-06 15:44:27	EC43F992182F6F810BF86400CE6F89C4	452424	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{2590DE4D-56FE-417E-B9DD-CF425F0AC1F8}\nvstusb64.sys
2015-04-06 15:44:27	C15625EFEF5373C086C67A0BF29FA78D	435600	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{2590DE4D-56FE-417E-B9DD-CF425F0AC1F8}\nvstusb32.sys
2015-04-06 15:44:27	7E4355930B28C2798D9F09AB9F81151F	195728	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0B0AF176-D54F-438A-8194-FA52DE9D40B0}\nvhda64v.sys
2015-04-06 15:44:27	12E94FC57F69D8F2F41644D275A22E23	128960	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0B0AF176-D54F-438A-8194-FA52DE9D40B0}\nvhda32.sys
2015-04-06 15:44:27	08298EF4577F3B43F3F3246B730AE58B	161608	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{0B0AF176-D54F-438A-8194-FA52DE9D40B0}\nvhda64.sys
2015-04-06 15:44:26	C512909B2E9E41F1A1481C4023D0B216	15504	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{19CDAFCD-9FF5-4AEB-936F-CBFD9A00779F}\NVI2SystemService64.sys
2015-04-06 15:44:26	1DE5FB03C383CD95FB020FF4BE037EEC	14664	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{19CDAFCD-9FF5-4AEB-936F-CBFD9A00779F}\NVI2SystemService32.sys
2015-04-06 15:44:25	F69FD161BD904778E1D6EBE9EEBBC2B5	161424	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{3C4A5EF7-61BB-46F1-9369-D382867FF8D5}\nvhda32v.sys
2015-04-06 15:44:25	EC43F992182F6F810BF86400CE6F89C4	452424	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{2CB753C7-7028-4747-8260-351B9DA1298D}\nvstusb64.sys
2015-04-06 15:44:25	C15625EFEF5373C086C67A0BF29FA78D	435600	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{2CB753C7-7028-4747-8260-351B9DA1298D}\nvstusb32.sys
2015-04-06 15:44:25	7E4355930B28C2798D9F09AB9F81151F	195728	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{3C4A5EF7-61BB-46F1-9369-D382867FF8D5}\nvhda64v.sys
2015-04-06 15:44:25	12E94FC57F69D8F2F41644D275A22E23	128960	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{3C4A5EF7-61BB-46F1-9369-D382867FF8D5}\nvhda32.sys
2015-04-06 15:44:25	08298EF4577F3B43F3F3246B730AE58B	161608	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{3C4A5EF7-61BB-46F1-9369-D382867FF8D5}\nvhda64.sys
2015-04-06 15:44:24	C512909B2E9E41F1A1481C4023D0B216	15504	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{B030000C-66BF-4B07-B7E3-E9744E322CE1}\NVI2SystemService64.sys
2015-04-06 15:44:24	1DE5FB03C383CD95FB020FF4BE037EEC	14664	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{B030000C-66BF-4B07-B7E3-E9744E322CE1}\NVI2SystemService32.sys
2015-04-06 15:44:04	C512909B2E9E41F1A1481C4023D0B216	15504	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys
2015-04-06 15:44:04	1DE5FB03C383CD95FB020FF4BE037EEC	14664	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys
2015-04-06 15:43:26	C512909B2E9E41F1A1481C4023D0B216	15504	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{ECC4DBD1-E0E5-4DD1-91EB-17FA04F59F84}\NVI2SystemService64.sys
2015-04-06 15:43:26	1DE5FB03C383CD95FB020FF4BE037EEC	14664	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{ECC4DBD1-E0E5-4DD1-91EB-17FA04F59F84}\NVI2SystemService32.sys
2015-04-06 15:42:18	7EBB5DAD11B1D0B12317A191C8325991	21128	----a-w-	C:\Windows\System32\appraiser\nxquery.sys
2015-04-03 21:37:54	E9981ECE8D894CEF7038FD1D040EB426	56832	----a-w-	C:\Windows\System32\drivers\TsUsbFlt.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2641425330-4099986175-798816701-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"="CTHELPER.EXE"
"CTxfiHlp"="CTXFIHLP.EXE"
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\guard32.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="C:\Windows\system32\igfxpers.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cfp.exe -h"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\guard64.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
"item"="Adobe Speed Launcher"
"hkey"="HKCU"
"command"="1418853123"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\COMODO]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="COMODO"
"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CPA]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CPA"
"hkey"="HKLM"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\MAGICD~1\\MAGICD~1.EXE"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Adobe LM Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CLPSLS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvUpdatusService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Stereo Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc]


==== Startup Folders ======================

2013-10-30 22:03:54	2199	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\trivia_games_notification_service.job --a------ C:\Program Files (x86)\trivia games\trivia_games_notification_service.exe []
C:\Windows\tasks\trivia_games_updating_service.job --a------ C:\Program Files (x86)\trivia games\trivia_games_updating_service.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\trivia_games_notification_service" [C:\Program Files (x86)\trivia games\trivia_games_notification_service.exe]
"C:\Windows\SysNative\tasks\trivia_games_updating_service" [C:\Program Files (x86)\trivia games\trivia_games_updating_service.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{772A691B-36A9-4071-9B91-B1D9FEE43B15}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{2EEA41DF-E836-40E6-B7C8-6AACA7717E37}" [D:\EmuPMX_PCApp_L6_1_81_06.exe]
"C:\Windows\SysNative\tasks\{AAAF8D8F-B65A-4C44-BAF3-F3EBD2DFBFFB}" [C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\pc\AppData\Roaming\Thunderbird\Profiles\fj16we32.default
- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\v7mjlcuz.default
43583AB4DFD406F4C188342F41B1F91C	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll -	Shockwave Flash


==== Chromium Look ======================


==== Chromium Startpages ======================

C:\Users\pc\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
"homepage": "http://www.comodo.com/",
"homepage": "http://www.comodo.com/",
"urls_to_restore_on_startup": [ "http://www.comodo.com/" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{4BD652BB-78C3-45BB-9BF3-6333F34A9431}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{4BD652BB-78C3-45BB-9BF3-6333F34A9431} Google  Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CPA deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {59F39B89-94C3-44C5-B903-9A6B85C32921} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: SimpleNewTab - Change Tab Custom Page... - {59F39B89-94C3-44C5-B903-9A6B85C32921} - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Encrypting File System (EFS) (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Software Protection (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Credential Manager (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\pc\AppData\Local\Mozilla\Firefox\Profiles\v7mjlcuz.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\pc\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=158 folders=60 207152371 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\pc\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\pc\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\cm-lock"  not deleted

==== EOF on ma 06-04-2015 at 20:56:45,06 ======================