Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Rossi930 on di 09-06-2015 at 9:11:05,00. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rossi930\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 9-6-2015 09:12:50 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\Origin Games deleted successfully C:\Users\Rossi930\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.4.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\Origin Games not found C:\PROGRA~3\AVG Web TuneUp deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Rossi930\AppData\LocalLow\AVG Web TuneUp deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted "C:\PROGRA~2\AVG Web TuneUp\avgcefrend.exe" deleted "C:\PROGRA~2\AVG Web TuneUp\icudt.dll" deleted "C:\PROGRA~2\AVG Web TuneUp\libcef.dll" deleted "C:\PROGRA~2\AVG Web TuneUp\TBAPI.dll" deleted "C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\log4cplusU.dll" deleted "C:\Users\Rossi930\AppData\Local\AVG Web TuneUp\IE\cef_cache\Cookies" deleted "C:\PROGRA~2\AVG Web TuneUp\locales\en-US.pak" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.4.0\avgdttbx.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.4.0\log4cplusU.dll" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Users\Rossi930\AppData\Local\AVG Web TuneUp" deleted "C:\PROGRA~2\AVG Web TuneUp" not deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0" deleted "C:\Users\Rossi930\AppData\Local\AVG Web TuneUp\IE" deleted "C:\Users\Rossi930\AppData\Local\AVG Web TuneUp\IE\cef_cache" deleted "C:\PROGRA~2\AVG Web TuneUp\locales" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\18.4.0" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.4.0" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-05-28 04:01:16 919282D9ABC78644A325F72F684148AA 970556225 ----a-w- C:\WINDOWS\MEMORY.DMP ====== C:\Users\Rossi930\AppData\Local\Temp ==== 2015-06-05 14:08:08 E3A25C80E2375B2D42C3D4729769BDF3 10240 ----a-w- C:\Users\Rossi930\AppData\Local\Temp\SDIAG_1dcbc382-1ee1-4042-9c95-b882aed88c37\NetworkDiagnosticSnapIn.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-06-08 13:14:46 A09B87198FFB8075358AB1466E5C7E29 14232 ----a-w- C:\WINDOWS\SysWOW64\sh4native.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-06-05 04:02:11 16D44C27EE81892ED918DA21544665DC 1020928 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2015-06-05 04:02:10 FC504D3310BBDABA4449C598C3F8113B 45568 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2015-06-05 04:02:10 F0CACB26E37A19A8049F7C4448ECC2F5 1119232 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2015-06-05 04:02:10 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\WINDOWS\Sysnative\aepic.dll 2015-06-05 04:02:10 ACDA86BD8FE54376586173BD55F678F9 756736 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2015-06-05 04:02:10 2C14C7A76B728DF9F2A0425166FDEE8F 422912 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2015-06-05 04:02:10 009FD5658121B32791D55D0F34B63883 700416 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2015-06-05 04:02:09 90BFB92CF2AB75A01BF40D22BD1670A8 227328 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-05-13 10:29:03 0447065A6E10774EFCECFDD0EB970A79 39168 ----a-w- C:\WINDOWS\Sysnative\drivers\ScpVBus.sys 2015-05-13 04:59:25 95B0179BDA907252025DEEA183699FB3 467776 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-05-13 04:59:24 272A62B660A48AEF366F8A1836CED19F 57856 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthhfenum.sys 2015-05-13 04:59:06 FE14D249D39368CA62D8DA6BC94AC694 80384 ----a-w- C:\WINDOWS\Sysnative\drivers\ahcache.sys 2015-05-13 04:58:55 C61EAF8E1E4B2F62BA4FDF457440B2C6 316416 ----a-w- C:\WINDOWS\Sysnative\drivers\udfs.sys 2015-05-13 04:58:43 C54B6B2170BF628FD42F799A66956D75 239424 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2015-05-13 04:58:43 95E295FD19F80B3AD33629B5AEFEC9C7 154432 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2015-05-13 04:58:43 5E5AB950693F2C6D6ACBEE3A74697ED7 561928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys ====== C:\WINDOWS\Tasks ====== 2015-06-03 15:31:25 53FC2F48922B0A76DD76CECD6B49F460 3552 ----a-w- C:\WINDOWS\Sysnative\Tasks\GarminUpdaterTask ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-06-07 13:48:54 -------- d-----w- C:\Program Files\trend micro 2015-06-01 15:49:35 -------- d-----w- C:\Program Files\Garmin GPS Plugin ======= C:\PROGRA~2 ===== 2015-06-08 12:56:59 -------- d-----w- C:\PROGRA~2\Enigma Software Group 2015-06-08 12:56:42 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard 2015-06-08 11:13:15 -------- d-----w- C:\PROGRA~2\Ubisoft 2015-06-02 17:16:26 -------- d-----w- C:\PROGRA~2\GrabIt 2015-06-01 15:49:35 -------- d-----w- C:\PROGRA~2\Garmin GPS Plugin 2015-05-21 13:40:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-05-14 19:14:23 -------- d--h--w- C:\PROGRA~2\COMMON~1\EAInstaller ======= C: ===== 2015-06-08 13:14:31 0B92CBF1D4A1E1DE0B9F5CD402DAADBF 4735 ----a-w- C:\spyhunter.fix 2015-06-08 12:58:59 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Rossi930\AppData\Roaming ====== 2015-06-08 12:56:59 -------- d-----w- C:\Users\Rossi930\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2015-06-08 11:13:18 -------- d-----w- C:\Users\Rossi930\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-06-08 11:13:17 -------- d-----w- C:\Users\Rossi930\AppData\Local\Ubisoft Game Launcher 2015-06-02 17:18:15 -------- d-----w- C:\Users\Rossi930\AppData\Roaming\GrabIt 2015-06-01 20:48:24 -------- d-----w- C:\Users\Rossi930\AppData\Local\GWX 2015-06-01 20:43:14 -------- d-----w- C:\Users\Rossi930\AppData\Local\sabnzbd 2015-05-24 08:34:23 -------- d-----w- C:\Users\Default\AppData\Roaming\TuneUp Software 2015-05-24 08:34:23 -------- d-----w- C:\Users\Default User\AppData\Roaming\TuneUp Software 2015-05-24 08:33:52 -------- d-----w- C:\Users\Rossi930\AppData\Local\Avg 2015-05-16 06:54:39 -------- d-----w- C:\Users\Rossi930\AppData\Local\Diagnostics 2015-05-13 10:28:51 -------- d-----w- C:\Users\Rossi930\AppData\Roaming\DS4Windows 2015-05-12 22:01:25 -------- d-----w- C:\Users\Rossi930\AppData\Roaming\Origin 2015-05-12 22:01:24 -------- d-----w- C:\Users\Rossi930\AppData\Local\Origin ====== C:\Users\Rossi930 ====== 2015-06-08 11:12:54 BCB0013E2BD5AF70D1751DC92F60B5F3 61320528 ----a-w- C:\Users\Rossi930\Downloads\UplayInstaller.exe 2015-06-07 13:47:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Rossi930\Downloads\RSITx64.exe 2015-06-06 16:48:47 CD735A90E5B6123222F6A8AF4ADC2FD0 3612760 ----a-w- C:\Users\Rossi930\Downloads\Trendmicro_T10206411651388075T_.exe 2015-06-02 17:16:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrabIt 2015-06-02 17:16:02 A8FC2490262C49D033F786DE59B98669 2738251 ----a-w- C:\Users\Rossi930\Downloads\GrabIt173b.exe 2015-06-01 15:48:25 99B4A2A03C2F9C566403D372926AA281 18860616 ----a-w- C:\Users\Rossi930\Downloads\CommunicatorPlugin_420.exe 2015-05-18 10:44:48 -------- d-----w- C:\ProgramData\EA Logs 2015-05-18 09:54:44 -------- d-sh--w- C:\ProgramData\DSS 2015-05-14 19:09:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-05-13 10:51:49 -------- d---a-w- C:\Users\Rossi930\OneDrive 2015-05-12 22:00:37 -------- d-----w- C:\ProgramData\Origin 2015-05-12 22:00:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2015-05-12 22:00:36 -------- d-----w- C:\ProgramData\Electronic Arts ====== C: exe-files == 2015-06-08 13:14:46 A09B87198FFB8075358AB1466E5C7E29 14232 ----a-w- C:\Windows\SysWOW64\sh4native.exe 2015-06-08 12:57:40 EE2BBFA13ABF5DA559FD7753CEC411AF 131991 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla11.exe 2015-06-08 12:57:40 0376FEDC5ADB49075343025E4ACB7923 131039 ----a-w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP\WiseCustomCalla.exe 2015-06-08 12:56:59 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Rossi930\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconF7A21AF7.exe 2015-06-08 12:56:59 36B98B8197E1BE8E7382D29C1A3628AA 110080 ----a-r- C:\Users\Rossi930\AppData\Roaming\Microsoft\Installer\{4FC9DA9D-F608-454E-8191-D7EFFDCC5726}\IconD7F16134.exe 2015-06-08 11:12:54 BCB0013E2BD5AF70D1751DC92F60B5F3 61320528 ----a-w- C:\Users\Rossi930\Downloads\UplayInstaller.exe 2015-06-07 13:48:54 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Rossi930.exe 2015-06-07 13:47:59 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Rossi930\Downloads\RSITx64.exe 2015-06-06 16:48:47 CD735A90E5B6123222F6A8AF4ADC2FD0 3612760 ----a-w- C:\Users\Rossi930\Downloads\Trendmicro_T10206411651388075T_.exe 2015-06-06 09:08:36 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\9227BF4F-808C-431C-86A2-F24B594698F0\DismHost.exe 2015-06-06 08:30:52 B1B97114D180B5B1B05EB84F50441091 140464 ----a-w- C:\Windows\Temp\29614F09-B9CB-4F43-B42E-D8301BB0FC30\DismHost.exe 2015-06-04 04:07:30 56CF3916FBE47103D92E622DD8E35461 25944 ----a-w- C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe 2015-06-03 15:29:20 7E8204CE48A88D02A6216EBA42FF96B6 41182528 ----a-w- C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\IE\URPU8F1B\GarminExpressInstaller.exe 2015-06-03 10:41:18 873A04B15E9B9937620C1555CF4A2E01 453720 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000077b2\CoProc update.19636462.exe 2015-06-02 17:28:41 B88B8DA6B88D10319658833BF4C01CFD 62751 ----a-w- C:\Users\Rossi930\Downloads\GrabIt Downloads\wildcard\reverse-tools-mac-win\WINDOWS\Setup.exe 2015-06-02 17:16:26 ED1090A79ABAE8E7D305F64852390A87 479232 ----a-w- C:\Program Files (x86)\GrabIt\external\par2\par2.exe 2015-06-02 17:16:26 8AE0708A2497A27CBA2E3EC8FF327295 310872 ----a-w- C:\Program Files (x86)\GrabIt\external\unrar\unrar.exe 2015-06-02 17:16:26 7ED5143A364C57EFCA9C2BFB64398CC6 4598272 ----a-w- C:\Program Files (x86)\GrabIt\GrabIt.exe 2015-06-02 17:16:26 5F7AE768CDD6E925A57E68D527101980 715038 ----a-w- C:\Program Files (x86)\GrabIt\unins000.exe 2015-06-02 17:16:02 A8FC2490262C49D033F786DE59B98669 2738251 ----a-w- C:\Users\Rossi930\Downloads\GrabIt173b.exe === C: other files == 2015-06-08 12:58:59 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_F216E1CF03F967D676EDA4B0F93EE6C8"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Spotify Web Helper"="C:\Users\Rossi930\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KLM"="C:\Program Files (x86)\MSI\KLM\KLM.exe" "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "BDRegion"="C:\Program Files (x86)\Cyberlink\Shared files\brs.exe" "BlueStacks Agent"="c:\Program Files (x86)\BlueStacks\HD-Agent.exe" "vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_F216E1CF03F967D676EDA4B0F93EE6C8"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Spotify Web Helper"="C:\Users\Rossi930\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Rossi930\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64" "Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Radio Manager"="C:\Program Files (x86)\SCM\Radio Manager.exe" "SCM"="C:\Program Files (x86)\SCM\SCM.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-04-2015 23:07] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-04-2015 23:07] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [23-04-2013 23:51] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\AutoKMS" [C:\WINDOWS\AutoKMS\AutoKMS.exe] "C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{B6F71DFA-3BA8-4029-B2F5-4003B34BE392}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.81 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaaiabcopkplhgaedhbloeejhhankf - No path found[] Search App By Ask v2 - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf Google Slides - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Bubble Shooter Level Pack - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\cclpcbfoiabkkbhlcdlkkjhledodjakp Pool - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb selector is not a valid CSS selector - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Add to Wunderlist - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmnddeddcgdllibmaodanoonljfdmooc Google Sheets - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Elite Unzip - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn AdBlock - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Bookmark Manager - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik 3D Galaxy Bowling - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\llojoebfpfheijcipgokjllohccfnkoo Google Maps - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk Google Wallet - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Cube Slam - Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcoeeddamedegogbcmdbadnoifmfipn ==== Chromium Startpages ====================== C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Preferences BE50CE4","llojoebfpfheijcipgokjllohccfnkoo":"C4412B56A9A9D400D890D29AB436FFD18E40395BCDA89DDF298B64C2C5658BDE","lneaknkopdijkpnocmklfnjbeapigfbh":"A3FED7B3228002835D48277D47DC18D11B8A0F57D1678C10A5B9CBBA55F5D8D1","mfehgcgbbipciphmccgaenjidiccnmng":"A30DC98A9EFBA83686FF73B15B466CDC6DEC4C76046A80A5E1F26913E9B61DE3","mfffpogegjflfpflabcdkioaeobkgjik":"78BF58B77BC97D46666493194FEC178F8942345612D1C35D219377474412C864","mgndgikekgjfcpckkfioiadnlibdjbkf":"6BB33F7CA7ECFC6FAC72E368552E064CDFFAFD18E7FB94B4A19B8EA85ACBA457","mhjfbmdgcfjbbpaeojofohoefgiehjai":"8F9C16CB0F003EFDD2CF80AF652228A2982E46F3D5C30020E0A1C5BEC8AF8E69","mnnelgnkomjdakpkjpkfehdipjifjmbk":"64767A613BC71CC954112E79BF82C34F979F7F82C7E02AD93B0FEB4B673AD9B6","neajdppkdcdipfabeoofebfddakdcjhd":"EC447D7EC0664D8164D31D71C741CDAF045ADC8B9108F5A665DC6CDB060EB16B","nkeimhogjdpnpccoofpliimaahmaaome":"A968D7B7FC728BA726DD7FBA655FBBA36249D6B2C5278DB854BF87FF1F0D1385","nmmhkkegccagdldgiimedpiccmgmieda":"EAE724F978FAFEE898BBF0EFE7B795F6AC6C33469CF4130AFC973F4AE1C4155A","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"0F4EB35CB53B669C3A4A01FDC307460AF8A81EDB252D4E7AD6AA6C4DB729EF7B","pjkljhegncpnkpknbcohdijeoejaedia":"766FF8121EAB602FD705D949B8E2A3F7D03E022F3B6E1C4DF70A27ACF035BF3C","pkcoeeddamedegogbcmdbadnoifmfipn":"891F214B7722078A36724E101EAA12BDB918E3BA4004ABF79E026DC4A8D24794"}},"google":{"services":{"last_username":"8B2A4396F2D0AC4970793D84E49888E0A9B5D589C014E313C6C6DAC8DED6117D","username":"5BF04D41B97ADE9F412EE6E422E031FC635200A6244B15EB4618EB7804571C17"}},"homepage":"82C40C46DE07FB3938019AFC2A7E44A1F0C7EE0010660E8C71A291F8B22789FA","homepage_is_newtabpage":"65914B878C3FA91C6CE10B28A9488E0F85B1CF596D728B8133D4792C08001FC6","pinned_tabs":"F9AEC4A0BED768B9E56A2552EABDA995D1D9031718376148D5585F441EA468F7","prefs":{"preference_reset_time":"04208DFDEF32BEFE63A53D33F96DC4ED61B07A7EDC1534F0CFB080E0BD7BCB86"},"profile":{"reset_prompt_memento":"E1B436DF79AAE6EEFCC311F60BD5E8397C22F964AC699DA08DB4B12DDF7E8AD5"},"safebrowsing":{"incidents_sent":"FAB12DC15014025D41EDBB95BDEEBF28E52D726DF569179B460BC8FF4FF006C1"},"search_provider_overrides":"49C87A5BDC1DA767E48B37340F896B1FE53F9DEAA0D74A6514BAF920A5C13E56","session":{"restore_on_startup":"1C398A17BED47F5B06454ADC2BC6B0FB39BDF6C0E2BB6F3A11830F40953432FD","startup_urls":"E19BB53868C9E32238C7156F33DE56FA95EE27DEFEC4A722F390D8592D189599"},"software_reporter":{"prompt_reason":"834BC7B43EB0AA3E3FD3D2AABB0B5D849C1FCAA36693D06BA660520ADC51C022","prompt_seed":"81B6652DD0FAE53D36AA044E6751F2A6E86700460E11C62DFEAE82595072C154","prompt_version":"DF77BAD1D78CB7AAD1EC5854C30C9A405493EA3A91651C8B58DDDF5D38E8EC0C"},"sync":{"remaining_rollback_tries":"4679EB2655D14ABBCDCEAC9F826BED6FF27BB3F69CCED94974BD2C9DE37C5114"}},"super_mac":"957857807AAD33B3F86D5DAC515B87F88199FF192D04B034684D81615F6572A1"},"session":{"restore_on_startup":5,"startup_urls":["https://www.google.be/?gws_rd=ssl","http://www.sweet-page.com/?type=hp&ts=1420292770&from=cor&uid=3219913727_198339_D454B580","http://www.mystartsearch.com/?type=hp&ts=1426351047&from=amt&uid=WDCXWD1002FAEX-00Z3A0_WD-WCATR029822998229"]},"sync":{"remaining_rollback_tries":0}} ==== Chromium Fix ====================== C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafhhbahpojnjfhpepjjfjojbphnogmn deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{5E14413B-19A1-458E-83D5-D1524FE02BFA}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.hln.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {5E14413B-19A1-458E-83D5-D1524FE02BFA} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2692958852-1695414720-1072984534-1002\Software\Microsoft\Internet Explorer\SearchScopes\{5E14413B-19A1-458E-83D5-D1524FE02BFA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{5E14413B-19A1-458E-83D5-D1524FE02BFA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E14413B-19A1-458E-83D5-D1524FE02BFA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rossi930\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Rossi930\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1086 folders=213 577811841 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Rossi930\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Rossi930\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\AVG Web TuneUp" not found ==== EOF on di 09-06-2015 at 10:14:39,23 ======================