Zoek.exe v5.0.0.0 Updated 23-04-2015
Tool run by Arthur on zo 03/05/2015 at 13:19:02,65.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Arthur\Downloads\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

3/05/2015 13:21:44 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Acer Remote Demo deleted successfully
C:\PROGRA~2\epson deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\Users\Arthur\AppData\Local\CrashDumps deleted successfully
C:\Users\Arthur\AppData\Local\DriverToolkit deleted successfully
C:\Users\Arthur\AppData\Local\MediaShow deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3278227515-2674876024-1554646791-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-3278227515-2674876024-1554646791-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-3278227515-2674876024-1554646791-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.4.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\g4hoyhz0.default

---- Lines mysearch removed from prefs.js ----
user_pref("browser.startup.homepage", "https://mysearch.avg.com?cid={377D287B-2F43-4582-9210-7FDE463161C4}&mid=0015b02b84b847d2a1f529460744dc95-acc220
---- FireFox user.js and prefs.js backups ---- 

user_20150305_1348_.backup
prefs_20150305_1348_.backup

ProfilePath: C:\Users\Arthur\AppData\Roaming\Thunderbird\Profiles\aqcmcwmi.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20150305_1348_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe] 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Acer Remote Demo not found
C:\PROGRA~2\epson not found
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\WINDOWS\syswow64\appdata deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted
C:\Program Files\AVG Web TuneUp deleted
C:\PROGRA~2\Linkey deleted
C:\MioMore_v7_50_0110_SP.exe deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\Avg_Update_0215tb deleted
C:\PROGRA~3\Avg_Update_1214tb deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Arthur\AppData\Local\conduit deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Arthur\AppData\LocalLow\AVG Web TuneUp deleted
C:\Users\Arthur\AppData\LocalLow\IAC deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\WINDOWS\tasks\Open Chrome.job deleted
C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\g4hoyhz0.default\searchplugins\avg-secure-search.xml deleted
"C:\windows\Installer\2f453.msi" deleted
"C:\PROGRA~2\AVG Web TuneUp\avgcefrend.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp\icudt.dll" deleted
"C:\PROGRA~2\AVG Web TuneUp\libcef.dll" deleted
"C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\log4cplusU.dll" deleted
"C:\Users\Arthur\AppData\Local\AVG Web TuneUp\IE\cef_cache\Cookies" deleted
"C:\PROGRA~2\AVG Web TuneUp\locales\en-US.pak" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.4.0\avgdttbx.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.4.0\log4cplusU.dll" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted
"C:\Users\Arthur\AppData\Local\AVG Web TuneUp" deleted
"C:\PROGRA~2\AVG Web TuneUp" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0" deleted
"C:\Users\Arthur\AppData\Local\AVG Web TuneUp\IE" deleted
"C:\Users\Arthur\AppData\Local\AVG Web TuneUp\IE\cef_cache" deleted
"C:\PROGRA~2\AVG Web TuneUp\locales" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.4.0" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.4.0" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Arthur\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-05-01 16:19:12	032D9982B72E4F9A9B62A43B4CEDB072	1969664	----a-w-	C:\WINDOWS\SysWOW64\wpdshext.dll
2015-04-30 15:38:14	6A8F18B55D3482271D4D65C62E862DC6	88064	----a-w-	C:\WINDOWS\SysWOW64\CNC176CD.TBL
2015-04-30 15:38:13	EC6626695C7B02FEB4D528D27F48DE93	321536	----a-w-	C:\WINDOWS\SysWOW64\CNC_BWL.dll
2015-04-30 15:38:13	D16CF34B17899F90A8FCF2A3F77B4A27	15872	----a-w-	C:\WINDOWS\SysWOW64\CNHMCA.dll
2015-04-30 15:13:46	EA2DFB3E298DE43E77EC4E70C9B3B8BD	69712	----a-w-	C:\WINDOWS\SysWOW64\IJRMF.exe
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-05-01 16:19:13	0BB6089A1AEE468209FE22E29E6B87BD	2067968	----a-w-	C:\WINDOWS\Sysnative\wpdshext.dll
2015-05-01 16:19:12	9D17F78BB04A3EF67426AFD087660188	410017	----a-w-	C:\WINDOWS\Sysnative\ApnDatabase.xml
2015-04-30 15:32:03	CDD96DAFF3898F454DD1902C46EC4768	282624	----a-w-	C:\WINDOWS\Sysnative\CNC_BWC.dll
2015-04-30 15:32:03	9F70BFE44CB247B53AECEDCEC3CF5F61	106496	----a-w-	C:\WINDOWS\Sysnative\CNC_BWI.dll
2015-04-30 15:32:03	230210CF03C1E63A0104BCA91B93604A	367104	----a-w-	C:\WINDOWS\Sysnative\CNC_BWL.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-05-01 19:59:13	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2015-05-01 19:58:20	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2015-05-01 19:58:20	28B597A61C9AC9B59BC0573D70A62CBF	64216	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2015-05-01 19:58:20	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2015-04-15 13:57:05	E87A6D3B8FECD5B93BC0CFBB48C27970	991552	----a-w-	C:\WINDOWS\Sysnative\drivers\http.sys
2015-04-15 13:55:50	8EB7E70C2D348FE2476A2E3F2D585E3D	377152	----a-w-	C:\WINDOWS\Sysnative\drivers\clfs.sys
====== C:\WINDOWS\Tasks ======
2015-04-30 15:23:00	93404A89A203F8744FC590C58B82AED4	3082	----a-w-	C:\WINDOWS\Sysnative\Tasks\{EB561214-1052-4C49-B6CB-69FF7793F602}
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-05-01 18:16:29	--------	d-----w-	C:\Program Files\trend micro
2015-05-01 16:31:42	--------	d-----w-	C:\Program Files\ATI Technologies
2015-04-30 15:33:04	--------	d-----w-	C:\Program Files\Canon
2015-04-30 15:31:32	--------	d--h--w-	C:\Program Files\CanonBJ
======= C:\PROGRA~2 =====
2015-04-30 17:32:44	--------	d-----w-	C:\PROGRA~2\Mio
2015-04-11 15:02:08	--------	d-----w-	C:\PROGRA~2\Mozilla Thunderbird
======= C: =====
2015-04-30 17:30:09	ADF1B235A0FC614023E69D130C4562C7	85596	---h--w-	C:\temp.ini
====== C:\Users\Arthur\AppData\Roaming ======
2015-05-01 18:56:16	--------	d-----w-	C:\Users\Arthur\AppData\Local\ElevatedDiagnostics
2015-05-01 17:18:37	--------	d-----w-	C:\Users\Arthur\AppData\Local\AMD
2015-05-01 16:46:52	D9BE315878F5CF44E40D8A5F3090BBAB	254536	----a-w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2015-05-01 16:27:06	--------	d-----w-	C:\Users\Default\AppData\Roaming\ATI
2015-05-01 16:27:06	--------	d-----w-	C:\Users\Default\AppData\Local\ATI
2015-05-01 16:27:06	--------	d-----w-	C:\Users\Default User\AppData\Roaming\ATI
2015-05-01 16:27:06	--------	d-----w-	C:\Users\Default User\AppData\Local\ATI
2015-05-01 16:26:55	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\ATI
2015-05-01 16:26:55	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\ATI
2015-04-30 17:58:29	--------	d-----w-	C:\Users\Arthur\AppData\Local\MiTAC_International_Corpo
2015-04-30 17:33:03	--------	d-----w-	C:\Users\Arthur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio
2015-04-30 15:37:20	--------	d-----w-	C:\Users\Arthur\AppData\Locallow\Canon Easy-WebPrint EX2
2015-04-30 15:37:20	--------	d-----w-	C:\Users\Arthur\AppData\Locallow\Canon Easy-WebPrint EX
====== C:\Users\Arthur ======
2015-05-03 07:06:31	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Arthur\Downloads\RSITx64.exe
2015-05-01 17:47:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-05-01 17:17:58	--------	d-----w-	C:\ProgramData\ATI
2015-04-30 15:48:38	--------	d-----w-	C:\ProgramData\CanonIJPLM
2015-04-30 15:37:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gebruikersregistratie voor Canon MG2400 series
2015-04-30 15:33:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-04-30 15:32:46	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual
2015-04-30 15:32:20	--------	d--h--w-	C:\ProgramData\CanonBJ

====== C: exe-files ==
2015-05-03 11:39:01	2FBC280F4028CA1A5846403E1A893C2C	560456	----a-w-	C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\SwReporter\2.16.3\software_reporter_tool.exe
2015-05-03 07:06:31	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Arthur\Downloads\RSITx64.exe
2015-05-01 19:56:57	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Arthur\AppData\Local\Microsoft\Windows\INetCache\IE\2ALG1IVR\mbam-setup-2.1.6.1022.exe
2015-05-01 18:16:30	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Arthur.exe
2015-04-30 17:41:37	C43C54771A055807D67623A7FCB0377D	22809032	----a-w-	C:\Program Files (x86)\Mio\MioMore Desktop 7.50\8535\SmartST_Spiri_6950_v7_50_0036.exe
2015-04-30 17:39:49	BFCC93F0A1DBF4A130A37256579CF1E3	989184	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\application\Common Files\USBMode.exe
2015-04-30 17:39:42	7217E93CCEA03CD144B457A8B7EF82A6	132608	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\application\MioCS\Roadside.exe
2015-04-30 17:39:33	15491621968DCBA3D252628A9EB1100F	389632	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\application\MioMediaPlayer\MioMediaPlayer.exe
2015-04-30 17:39:31	5A95D2EBD9D2E580A98CBFFBA3E7E5C7	783504	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\application\AV_IN\AV_IN.exe
2015-04-30 17:39:31	1EF2615AA974B28D1E68CF811BC25F5B	120464	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\application\AV_IN\AVINMgr.exe
2015-04-30 17:38:22	0D82F57D428A658839AEA764D6ADEB72	11205632	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\application\Navman\SmartST_CE\SmartST_CE.exe
2015-04-30 17:38:20	675B71F28D48D76BCE0BD93D86251EF2	339456	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\application\Navman\AppStartupSec.exe
2015-04-30 17:34:20	9250C3581D50CCBA57961EF67962713D	405504	----a-w-	C:\Users\Arthur\Documents\00022AC1FC92010010000000004C3667\Auto\device\DesktopLauncher.exe
2015-04-30 17:33:03	52FD0F92CA48A5B4CD4376A342FB3430	147209	----a-w-	C:\Program Files (x86)\Mio\MioMore Desktop 7.50\Uninstall.exe
2015-04-30 15:48:36	C5E4602D85029C666A42890A3B2DFA45	140936	----a-w-	C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
2015-04-30 15:48:36	5531247ACAA42C4F153381149B479E8F	393352	----a-w-	C:\Program Files (x86)\Canon\IJPLM\ijplmui.exe
2015-04-30 15:48:36	204B2B393B0A41E394C08EE3285C4BD1	94344	----a-r-	C:\Program Files (x86)\Canon\IJPLM\setup.exe
2015-04-30 15:38:43	7A8FA143B2FCBF05A416674E7BCA1BFD	21072	----a-w-	C:\Windows\System32\spool\drivers\x64\3\CNMXSEBW.EXE
2015-04-30 15:38:43	614F33948BDA9347507D7CC27530949F	641616	----a-w-	C:\Windows\System32\spool\drivers\x64\3\CNMXPVBW.EXE
2015-04-30 15:38:27	0767866EC60D7505DEF5B27288022351	124496	----a-w-	C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
2015-04-30 15:38:25	DE4445CFBBFC40A407D7C0DC96A66691	94288	----a-w-	C:\Program Files (x86)\Canon\IJ Scan Utility\MAPI.exe
2015-04-30 15:38:25	1254E2F94611C48090EA705879818560	1112656	----a-w-	C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe
2015-04-30 15:38:24	D692DF2EE9EAF76E45E391FB1EF71153	421032	---ha-w-	C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe
2015-04-30 15:37:31	EA2DFB3E298DE43E77EC4E70C9B3B8BD	69712	------w-	C:\Program Files (x86)\Canon\IJEREG\MG2400 series\IJRMF.exe
2015-04-30 15:37:31	9B137B4D4D84979C3AD271D23CA032C4	404560	------w-	C:\Program Files (x86)\Canon\IJEREG\MG2400 series\IJEREG.exe
2015-04-30 15:37:31	57B2DC0F38E830D98C5D5323F0F3C262	72784	------w-	C:\Program Files (x86)\Canon\IJEREG\MG2400 series\UNINST.EXE
2015-04-30 15:37:17	B05FCC8AE92C5EC4CE7FE41AC7FD1DA4	110184	----a-w-	C:\Program Files\Canon\Easy-WebPrint EX\addprinter.exe
2015-04-30 15:37:17	73913CC49926CAB5CC37BAF3DE13A4E0	725088	----a-w-	C:\Program Files\Canon\Easy-WebPrint EX\ewpexapp.exe
2015-04-30 15:37:17	61446FDD76788229D3EBAEABE84DF38C	887896	----a-w-	C:\Program Files\Canon\Easy-WebPrint EX\dotNetFx40_Client_setup.exe
2015-04-30 15:37:17	4669FF378F9895A672037B0FF36F9027	2265088	----a-w-	C:\Program Files\Canon\Easy-WebPrint EX\ewpexbrk.exe
2015-04-30 15:37:15	C95B0C1EED7E60EE94C184B66D3FC05C	725088	----a-w-	C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexapp.exe
2015-04-30 15:37:15	7760472A5EA8DB92278498E375B068EB	1674848	----a-w-	C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbrk.exe
2015-04-30 15:37:15	61446FDD76788229D3EBAEABE84DF38C	887896	----a-w-	C:\Program Files (x86)\Canon\Easy-WebPrint EX\dotNetFx40_Client_setup.exe
2015-04-30 15:37:15	13940BA025548132C1D0F5F177A0B7A7	110184	----a-w-	C:\Program Files (x86)\Canon\Easy-WebPrint EX\addprinter.exe
2015-04-30 15:37:13	BB749C5E36C107EAFE7F3752A640BDCC	1865328	---ha-w-	C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.exe
2015-04-30 15:36:40	5A2BE6FB08B12B9208916B568A08D622	122000	----a-w-	C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexdl.exe
2015-04-30 15:36:26	CEFE852859CBCA9BA15DB6EE7F0DD6A5	989800	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
2015-04-30 15:36:26	A3793E05388407868CAF23FA269D254F	619624	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNQMULNC.EXE
2015-04-30 15:36:26	58CA0EBF3D2781549885F6F22BE00E7D	382040	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNSEMAIN.EXE
2015-04-30 15:36:26	26B54BFD5CBC33FA1D71FBE87849289B	1088088	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
2015-04-30 15:36:25	8AC10EC7431ABCB52A74CC9236907EB7	1282120	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
2015-04-30 15:36:25	49BB2103F7C0CDBDA72D51A2983665E9	769128	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNQMACNF.EXE
2015-04-30 15:36:25	35B16FB64BCD24EBBEC330A5296446DF	778872	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNQMINST.EXE
2015-04-30 15:36:25	0CBEAF1336308C1AB74DB31D90F6177B	590424	----a-w-	C:\Program Files (x86)\Canon\Quick Menu\CNQMLNCR.EXE
2015-04-30 15:36:23	5CC72ECA2CAB18D1AB5B9D5FDB6D9298	1852576	---ha-w-	C:\Program Files (x86)\Canon\Quick Menu\uninst.exe
2015-04-30 15:34:36	5CC72ECA2CAB18D1AB5B9D5FDB6D9298	1852576	---ha-w-	C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.exe
2015-04-30 15:33:48	0F4EA37C69382BE3741CFD548E705A8A	571984	----a-w-	C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
2015-04-30 15:33:34	18102952358185C0FDACAFEA5B5E2865	3332240	----a-w-	C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\cnmiggipi.exe
2015-04-30 15:33:27	5CC72ECA2CAB18D1AB5B9D5FDB6D9298	1852576	---ha-w-	C:\Program Files (x86)\Canon\My Image Garden\uninst.exe
2015-04-30 15:33:07	D44971908F070426C9D986743A390673	3694736	----a-w-	C:\Program Files\Canon\MyPrinter\BJMyDgn.exe
2015-04-30 15:33:07	9424DEE30C8B2A1BAF68ECECDAF10F56	120464	----a-w-	C:\Program Files\Canon\MyPrinter\LogInfo2.exe
2015-04-30 15:33:07	85439104B7D7DF5EBA9DF7B17B0FED74	381072	----a-w-	C:\Program Files\Canon\MyPrinter\BJMyRst.exe
2015-04-30 15:33:07	758DDEEBEFFC52FD4BA5FE9ABAD4631C	220304	----a-w-	C:\Program Files\Canon\MyPrinter\LogInfo.exe
2015-04-30 15:33:07	5C14A0EB991980460316EAE53F003119	2774160	----a-w-	C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
2015-04-30 15:33:04	5631C924AD7E8942CA9E21740E771A0A	1852576	---ha-w-	C:\Program Files\Canon\MyPrinter\uninst.exe
2015-04-30 15:32:48	5F875FDDFFC4D7E91C2B10E895CC6F8C	354392	----a-r-	C:\Program Files (x86)\Canon\IJ Manual\CANON MG2400 SERIES\uninstall.exe
2015-04-30 15:32:36	331F5FCA4B7DDF32EE185BFD16082F38	56496	----a-w-	C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmvdrv.exe
2015-04-30 15:32:35	865871BCC18C97E601C97496045C9D22	2165920	----a-w-	C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe
2015-04-30 15:32:04	0830F88AA97B4F2F39BFCE282E240254	723032	----a-r-	C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series\DELDRV64.exe
2015-04-30 15:31:51	DB568E71D9F368FBDC54EEE970B25A61	61008	----a-w-	C:\Windows\System32\spool\drivers\x64\3\CNMVSBW.EXE
2015-04-30 15:31:47	1CA0CC187E4F66E24CAAF0D46AB0BF6F	21072	----a-w-	C:\Windows\System32\spool\drivers\x64\3\CNMSEBW.EXE
2015-04-30 15:13:46	EA2DFB3E298DE43E77EC4E70C9B3B8BD	69712	----a-w-	C:\Windows\SysWOW64\IJRMF.exe
2015-04-30 15:00:14	5CBF70FD73ED1498448C471F9672E17E	1089104	----a-w-	C:\Program Files (x86)\Google\Update\Install\{531B1C4F-ECD6-488E-AF9A-505CFCBC1470}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-04-30 15:00:14	5CBF70FD73ED1498448C471F9672E17E	1089104	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe
=== C: other files ==
2015-05-01 19:59:13	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-05-01 19:58:20	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-05-01 19:58:20	28B597A61C9AC9B59BC0573D70A62CBF	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-05-01 19:58:20	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-04-28 15:24:14	F34936F8757E4EFC41CBE586B5F82A65	1075831	----a-w-	C:\Users\Arthur\Pictures\Oma achterkant.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3278227515-2674876024-1554646791-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Folders ======================

2014-10-15 12:56:28	1062	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/01/2014 12:11]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/01/2014 12:11]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe]
"C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\WINDOWS\SysNative\tasks\DriverAssist.Autostart" [C:\Program Files\DriverAssist\DriverAssist.exe]
"C:\WINDOWS\SysNative\tasks\DriverAssist.Scanning" [C:\Program Files\DriverAssist\DriverAssist.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Hotkey Utility" ["C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe"]
"C:\WINDOWS\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"]
"C:\WINDOWS\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{AD34F792-583E-470E-9E78-E3C646B087AF}" [C:\WINDOWS\system32\msfeedssync.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\g4hoyhz0.default
user_pref("browser.search.selectedEngine", "AVG Secure Search");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\g4hoyhz0.default
- AVG Web TuneUp - %ProfilePath%\extensions\avg@toolbar
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Arthur\AppData\Roaming\Mozilla\Firefox\Profiles\g4hoyhz0.default\extensions\avg@toolbar deleted

==== Chromium Look ======================

Google Chrome Version: 42.0.2311.135 (Possible outdated, latest Stable version: , Mac and Linux. A list of changes is available in the <a href="https://chromium.googlesource.com/chromium/src/+log/42.0.2311.90..42.0.2311.135?pretty=fuller&amp;n=10000">log</a>.<br />)


Google Docs - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
AVG Web TuneUp - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Google Search - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Bookmark Manager - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Google Wallet - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://mysearch.avg.com/?rvt=1",
"startup_urls": [ "http://www.google.be/" ]


==== Chromium Fix ======================

C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully
C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://mysearch.avg.com/?cid={377D287B-2F43-4582-9210-7FDE463161C4}&mid=0015b02b84b847d2a1f529460744dc95-acc22058e738fa7c58011459f160041b4d58853b&lang=nl&ds=AVG&coid=avgtbavg&cmpid=1214tb&pr=fr&d=2014-11-06 21:50:26&v=4.1.0.411&pid=wtu&sg=&sap=hp"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{26B5A413-59CE-40D4-B9DC-ADFC6FED01B4} Google  Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
{8503593C-1734-4ED0-A52A-B53970A3A225} Unknown  Url="Not_Found"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3278227515-2674876024-1554646791-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8503593C-1734-4ED0-A52A-B53970A3A225} deleted successfully
HKEY_USERS\S-1-5-21-3278227515-2674876024-1554646791-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{8503593C-1734-4ED0-A52A-B53970A3A225} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8503593C-1734-4ED0-A52A-B53970A3A225} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Arthur\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Arthur\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Arthur\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Arthur\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Arthur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=809 folders=146 614420203 bytes)

==== Empty Temp Folders ======================

C:\Users\Arthur\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Arthur\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 03/05/2015 at 14:09:35,33 ======================