Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by luc on zo 21/06/2015 at 12:21:06.56. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\luc\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-06-21-101445.log 224715 bytes ==== Empty Folders Check ====================== C:\Users\luc\AppData\Local\Studio_pomaranca_d.o.o__O ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] ==== Batch Command(s) Run By Tool====================== Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Common Files\DVDVideoSoft deleted C:\Program Files (x86)\IObit\LiveUpdate deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\luc\AppData\Local\Temp ==== 2015-06-21 10:16:17 05A72ADA9247AEB114A9EF01A394B6C4 227897 ------w- C:\Users\luc\AppData\Local\Temp\jna-107514\jna5468086402739527094.dll 2015-06-21 10:15:43 05A72ADA9247AEB114A9EF01A394B6C4 227897 ------w- C:\Users\luc\AppData\Local\Temp\jna-107514\jna5606883754269748108.dll 2015-06-21 10:15:32 D9348DB92AB4E5B94F005F0F651DE2B1 43008 ----a-w- C:\Users\luc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1jy5bx.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-06-18 06:59:50 CFF867572B44212B01B711C1FA009537 101888 ----a-w- C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2015-06-18 06:59:50 4C6F2D2CE86330335801F2982B26223E 89360 ----a-w- C:\WINDOWS\SysWOW64\VB5DB.DLL 2015-06-18 06:59:49 A975D60B223E683C987162BEB291B748 415504 ----a-w- C:\WINDOWS\SysWOW64\MSREPL35.DLL 2015-06-18 06:59:49 9F6FAF209BEC2362523A0E9509F78964 1046288 ----a-w- C:\WINDOWS\SysWOW64\MSJET35.DLL 2015-06-18 06:59:49 954CEB4D7C7DC5E94EA237CF96D387A3 252176 ----a-w- C:\WINDOWS\SysWOW64\MSRD2X35.DLL 2015-06-18 06:59:49 72F160302EE06A2CB12FA2FFA10BA3F0 24848 ----a-w- C:\WINDOWS\SysWOW64\MSJTER35.DLL 2015-06-18 06:59:49 719E0F4D1114F700F564E9AE47F0E3EE 119808 ----a-w- C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 2015-06-18 06:59:49 4FB4A9FBB17ED82EDC6AC5C3C6E71C6D 123664 ----a-w- C:\WINDOWS\SysWOW64\MSJINT35.DLL 2015-06-18 06:59:48 EC751A9D4C9BCA0488A0875C7802F5E5 440352 ----a-w- C:\WINDOWS\SysWOW64\MSHFLXGD.OCX 2015-06-18 06:59:48 AB412429F1E5FB9708A8CDEA07479099 152848 ----a-w- C:\WINDOWS\SysWOW64\COMDLG32.OCX 2015-06-10 08:21:36 9B3EE3F42109B4115FFE053C225FC1C6 792568 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-10 08:21:36 38D724C261738F1C3FD90D21B130E06A 178168 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-10 06:38:40 BD7E7AC5639FFE7CDDAA5A3F7A05D4A7 2483712 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2015-06-10 06:37:01 7F78583D91D0FCA9678778F45328C99F 367104 ----a-w- C:\WINDOWS\SysWOW64\puiobj.dll 2015-06-10 06:35:24 02BE9F037101364A565D224194337B0C 207872 ----a-w- C:\WINDOWS\SysWOW64\rastapi.dll 2015-06-10 06:35:01 33BC1A74FA72C3B0EE04A23FDE1045FC 158720 ----a-w- C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-06-10 06:34:07 5027CAF4BFB31E4CD2918B2C2DFFC4CB 1920000 ----a-w- C:\WINDOWS\SysWOW64\mssrch.dll 2015-06-10 06:34:04 E9A91A0A589AED5328E30D8C7E59E5AE 2749952 ----a-w- C:\WINDOWS\SysWOW64\tquery.dll 2015-06-10 06:34:03 8D4CEAEE747097A70342B80EA32E018D 710144 ----a-w- C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-06-10 06:34:02 B95D112E19CFEC74692F7791ABBB03BE 391680 ----a-w- C:\WINDOWS\SysWOW64\mssph.dll 2015-06-10 06:34:01 14B5D6506A366585F8D6B6097530F7F2 272896 ----a-w- C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-06-10 06:34:00 50B6B1D4EFCB81298DE7F9415879C51B 699392 ----a-w- C:\WINDOWS\SysWOW64\mssvp.dll 2015-06-10 06:33:54 00ED6F8562702A00D8AEC9F70CA7DDFE 1018880 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-06-10 06:33:47 CF6502529F3819C984A26BBD83ED3C8E 180224 ----a-w- C:\WINDOWS\SysWOW64\authz.dll 2015-06-10 06:33:41 B0EDCA1168C874812A180EBCD1A43EB5 549888 ----a-w- C:\WINDOWS\SysWOW64\comctl32.dll 2015-06-10 06:33:29 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-10 06:33:19 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-10 06:33:17 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-06-10 06:33:12 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-10 06:33:10 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-10 06:33:10 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-10 06:33:09 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-10 06:33:08 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-06-10 06:33:06 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\WINDOWS\SysWOW64\html.iec 2015-06-10 06:33:06 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-10 06:33:05 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-06-10 06:33:02 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-06-10 06:32:59 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-10 06:32:58 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-10 06:32:56 AE8F02C9B1DC7364A94ABEB6E396611C 327168 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-06-10 06:32:53 3B850134010B7CCC546C29D51405C9DA 1042944 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2015-06-10 06:32:50 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2015-06-10 06:32:42 7467B0605897898F8F32B4B9B9041F51 128000 ----a-w- C:\WINDOWS\SysWOW64\iepeers.dll 2015-06-10 06:32:38 8AE1E22527BC203BAD89212F6D09F038 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-06-16 08:10:51 F449319A87FAC25D53BF2BECD703D46B 4375072 ----a-w- C:\WINDOWS\Sysnative\MetaViewer64.dll 2015-06-10 06:38:37 3F8C7B8A4C345D0378AC79746E927158 3097600 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2015-06-10 06:37:28 574F2184043FAF24B588BA12B3CC99CC 410336 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2015-06-10 06:37:02 4DC765353D890B9813AC809C0EFF488A 477184 ----a-w- C:\WINDOWS\Sysnative\puiobj.dll 2015-06-10 06:37:02 4A5D524C19BEB337797D6448020025B4 1091072 ----a-w- C:\WINDOWS\Sysnative\localspl.dll 2015-06-10 06:37:01 9DF4C369F556A4FBAE7E1D86F1AA5593 309760 ----a-w- C:\WINDOWS\Sysnative\compstui.dll 2015-06-10 06:35:24 D044FD35EEC3BF683B963DE10A5E00C3 222208 ----a-w- C:\WINDOWS\Sysnative\rastapi.dll 2015-06-10 06:35:05 B0B46D29B9F34D19B819B48E208871A5 36864 ----a-w- C:\WINDOWS\Sysnative\UtcResources.dll 2015-06-10 06:35:05 3ECB752A6963B1CBC9AD65ED89C8ACED 1430528 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll 2015-06-10 06:34:08 F2CBC74E403A4251279D0BA9D0ECFBDB 2551808 ----a-w- C:\WINDOWS\Sysnative\mssrch.dll 2015-06-10 06:34:05 3B8D14C7D33E3991090C726DD4CF7088 468480 ----a-w- C:\WINDOWS\Sysnative\mssph.dll 2015-06-10 06:34:05 279C2DB5C56A3674DCB98165E85237CF 3633664 ----a-w- C:\WINDOWS\Sysnative\tquery.dll 2015-06-10 06:34:04 F52C9F18BE8899CF503D7D40E62C47C3 903168 ----a-w- C:\WINDOWS\Sysnative\SearchIndexer.exe 2015-06-10 06:34:03 42FFA34D6A1ABBC6064E0D8A452039D3 774144 ----a-w- C:\WINDOWS\Sysnative\mssvp.dll 2015-06-10 06:34:02 98D0A8C3BF81774D76EAAB5977B69AB3 337408 ----a-w- C:\WINDOWS\Sysnative\SearchProtocolHost.exe 2015-06-10 06:34:01 62B3D51F60859F595317D7C3AEC5E5F2 248832 ----a-w- C:\WINDOWS\Sysnative\mssphtb.dll 2015-06-10 06:33:55 3C03E08CBB76B7081173924C52D329EE 1249280 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2015-06-10 06:33:47 CD7DC91A7F84B4C81A06B511545DE867 275968 ----a-w- C:\WINDOWS\Sysnative\authz.dll 2015-06-10 06:33:41 0341BF7622E0D547446DB254868EF965 653824 ----a-w- C:\WINDOWS\Sysnative\comctl32.dll 2015-06-10 06:33:31 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-06-10 06:33:21 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-06-10 06:33:20 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-06-10 06:33:14 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-06-10 06:33:11 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-06-10 06:33:11 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-06-10 06:33:09 7B4A7D55E905ED9A0A4B1263BA7C6944 2865152 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2015-06-10 06:33:08 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-06-10 06:33:07 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-06-10 06:33:07 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\WINDOWS\Sysnative\html.iec 2015-06-10 06:33:06 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-06-10 06:33:04 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-06-10 06:33:02 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-06-10 06:33:01 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2015-06-10 06:32:57 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2015-06-10 06:32:56 614604C8D322D0779E426917CAFE4F3E 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2015-06-10 06:32:52 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2015-06-10 06:32:49 9EFAF10AF9BFA6CDBDDE3D8C5EDC3453 145408 ----a-w- C:\WINDOWS\Sysnative\iepeers.dll 2015-06-10 06:32:47 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\WINDOWS\Sysnative\ieui.dll 2015-06-10 06:32:45 1E31F06BE53F11CF5E660284E68587AC 374272 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-06-10 06:32:41 11E5CD954CC38080471E7CC2CA1558AE 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-06-10 06:32:02 6CCC851608DD076C13E37737BB75A9DC 4177920 ----a-w- C:\WINDOWS\Sysnative\win32k.sys ====== C:\WINDOWS\Sysnative\drivers ===== 2015-06-10 06:33:51 44603DA5A87FB491EF59C889EBBB4DDB 325464 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2015-06-09 08:04:57 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2015-06-09 08:04:56 28B597A61C9AC9B59BC0573D70A62CBF 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-06-09 08:04:56 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-06-04 08:24:09 77621A3DF170D246DC744CD0767BFAB3 33152 ----a-w- C:\WINDOWS\Sysnative\drivers\gwdrv.sys 2015-06-04 08:24:09 61F60C794F0B40A68BAC6B61A5145311 3102 ----a-w- C:\WINDOWS\Sysnative\drivers\gwdrv.inf 2015-06-04 08:24:09 0D457235E0448235A27706E5F1ED8D8D 8392 ----a-w- C:\WINDOWS\Sysnative\drivers\gwdrv.cat ====== C:\WINDOWS\Tasks ====== 2015-06-10 08:07:35 58B2F60C8C89A31141A09330D33C3FE7 2686 ----a-w- C:\WINDOWS\Sysnative\Tasks\Wise Memory Optimizer Task 2015-06-10 08:07:33 AF7223FA85A4DDA78B250F910743B7CF 438 ----a-w- C:\WINDOWS\Tasks\Wise Memory Optimizer Task.job 2015-05-24 07:16:52 F468F5CE42A73CC7696002CDE8D9ED8B 3090 ----a-w- C:\WINDOWS\Sysnative\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2322693781-2597380507-2506105236-1001 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-06-07 08:19:13 -------- d-----w- C:\Program Files\TAP-Windows ======= C:\PROGRA~2 ===== 2015-06-18 08:43:41 -------- d-----w- C:\PROGRA~2\TSMV5 2015-06-18 06:59:48 -------- d-----w- C:\PROGRA~2\FreeFolderHider 2015-06-11 07:24:55 -------- d-----w- C:\PROGRA~2\LibreOffice 4 2015-06-09 15:01:14 -------- d-----w- C:\PROGRA~2\FreeCodecPack 2015-06-07 08:19:07 -------- d-----w- C:\PROGRA~2\OpenVPN 2015-06-06 09:26:19 -------- d-----w- C:\PROGRA~2\TrackView 2015-06-04 08:23:55 -------- d-----w- C:\PROGRA~2\GlassWire 2015-05-30 08:06:34 -------- d-----w- C:\PROGRA~2\Dropbox 2015-05-25 09:31:33 -------- d-----w- C:\PROGRA~2\Jeta Logo Designer 2015-05-23 11:06:00 -------- d-----w- C:\PROGRA~2\XMind ======= C: ===== ====== C:\Users\luc\AppData\Roaming ====== 2015-06-21 10:12:13 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2015-06-21 10:12:13 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2015-06-21 10:12:13 -------- d-----w- C:\Users\luc\AppData\Local\Temp 2015-06-21 10:12:13 -------- d-----w- C:\Users\ingrid\AppData\Local\Temp 2015-06-21 10:12:13 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-06-21 10:12:13 -------- d-----w- C:\Users\Administrator\AppData\Local\Temp 2015-06-18 08:44:12 -------- d-----w- C:\Users\luc\AppData\Local\1Million_Ltd 2015-06-18 08:43:46 -------- d-----w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0 2015-06-16 08:10:05 -------- d-----w- C:\Users\luc\AppData\Roaming\MetaQuotes 2015-06-11 10:28:24 -------- d-----w- C:\Users\luc\AppData\Local\ElevatedDiagnostics 2015-06-11 07:28:42 -------- d-----w- C:\Users\luc\AppData\Roaming\LibreOffice 2015-06-11 07:04:37 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Dropbox 2015-06-11 07:03:52 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Dropbox 2015-06-09 08:00:59 -------- d-----w- C:\Users\luc\AppData\Local\GWX 2015-06-04 08:24:19 -------- d-----w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire 2015-05-30 08:07:17 -------- d-----w- C:\Users\luc\AppData\Roaming\Dropbox 2015-05-30 08:06:31 -------- d-----w- C:\Users\luc\AppData\Local\Dropbox 2015-05-24 12:34:00 224EB0166477F3ECD2FE88B6B8D4BE13 3865 ----a-w- C:\Users\luc\AppData\Locallow\lpm.dat 2015-05-24 07:58:59 -------- d-----w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2015-05-24 07:58:56 -------- d-----w- C:\Users\luc\AppData\Local\FluxSoftware 2015-05-23 10:43:27 -------- d-----w- C:\Users\luc\AppData\Local\GlassWire ====== C:\Users\luc ====== 2015-06-21 06:44:30 -------- d-----w- C:\ProgramData\Kingsoft 2015-06-18 09:17:10 9FF3C7F736B3F1FE01EF13B2A97BDD93 307200 ----a-w- C:\Users\luc\Downloads\Mozan.exe 2015-06-18 08:42:49 9E5161A683304F01E3E7901D4CABB047 12540872 ----a-w- C:\Users\luc\Downloads\TSMsetup.exe 2015-06-18 06:59:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Folder Hider 2015-06-18 06:59:15 3BCCE4794A3C5246D450322DD08174D8 2803347 ----a-w- C:\Users\luc\Downloads\FreeFolderHider.exe 2015-06-16 08:09:47 1D8161C95549169FE8EF61A374AC40A6 527936 ----a-w- C:\Users\luc\Downloads\mt5setup (1).exe 2015-06-14 09:11:17 8611C95230B655AE661AAEDC17BAA152 6549184 ----a-w- C:\Users\luc\Downloads\ccsetup506 (1).exe 2015-06-12 09:53:08 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\luc\Downloads\MicrosoftFixit.IEPerformance.FISC.146357533226380896.1.3.Run.exe 2015-06-12 09:49:31 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\luc\Downloads\MicrosoftFixit.Codec.FISC.146357533226380896.1.2.Run.exe 2015-06-12 09:48:27 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\luc\Downloads\MicrosoftFixit.malware.FISC.146357533226380896.1.1.Run.exe 2015-06-11 07:28:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4 2015-06-11 07:05:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-11 07:04:35 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Documents 2015-06-11 07:04:35 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Desktop 2015-06-09 08:04:11 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\luc\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-07 08:19:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows 2015-06-07 08:19:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN 2015-06-06 09:26:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackView 2015-05-30 08:10:03 -------- d-----r- C:\Users\luc\Dropbox 2015-05-30 08:06:31 -------- d-----w- C:\ProgramData\Dropbox 2015-05-25 09:31:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeta Logo Designer 2015-05-23 11:07:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind 2015-05-23 10:43:06 -------- d-----w- C:\ProgramData\GlassWire ====== C: exe-files == 2015-06-18 09:17:10 9FF3C7F736B3F1FE01EF13B2A97BDD93 307200 ----a-w- C:\Users\luc\Downloads\Mozan.exe 2015-06-18 08:43:42 95E9972B33E4920024AA42BCFDC18A7C 572448 ----a-w- C:\Program Files (x86)\TSMV5\TSMsetup_35117.exe 2015-06-18 08:43:14 AB9F9F3A4AB87C0A496ECB8F512A8985 3128320 ----a-w- C:\Program Files (x86)\TSMV5\TheStakingMachine.exe 2015-06-18 08:42:49 9E5161A683304F01E3E7901D4CABB047 12540872 ----a-w- C:\Users\luc\Downloads\TSMsetup.exe 2015-06-18 06:59:48 4B0B619FF5E40BB4EF7062D6DD9A83A5 685937 ----a-w- C:\Program Files (x86)\FreeFolderHider\unins000.exe 2015-06-18 06:59:48 22088E61E1DD1B6843F6DAD4F5FC3B39 892928 ----a-w- C:\Program Files (x86)\FreeFolderHider\FolderHider.exe 2015-06-18 06:59:15 3BCCE4794A3C5246D450322DD08174D8 2803347 ----a-w- C:\Users\luc\Downloads\FreeFolderHider.exe 2015-06-16 08:09:47 1D8161C95549169FE8EF61A374AC40A6 527936 ----a-w- C:\Users\luc\Downloads\mt5setup (1).exe === C: other files == 2015-06-16 09:42:27 BC9563FF4AEFE350BFDDD4C1C5BB278C 74591813 ----a-w- C:\Users\luc\OneDrive\Muziek\AsatruInVinland.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2322693781-2597380507-2506105236-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "ftweak_RAMRush"="C:\Program Files (x86)\RAMRush\RAMRush.exe" "f.lux"="-C:\Users\luc\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "GlassWire"="C:\Program Files (x86)\GlassWire\glasswire.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cmsc"="c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun" "DivXMediaServer"="-C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" "DivXUpdate"="-C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "ftweak_RAMRush"="C:\Program Files (x86)\RAMRush\RAMRush.exe" "f.lux"="-C:\Users\luc\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "GlassWire"="C:\Program Files (x86)\GlassWire\glasswire.exe -hide" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe /hideui" "OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe" "RTHDVCPL"="-C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BoxSync"="-C:\Program Files\Box\Box Sync\BoxSync.exe -m" ==== Startup Folders ====================== 2015-01-05 14:51:08 1943 ----a-w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Connection Keeper.lnk 2015-05-07 13:54:51 1095 ----a-w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Degoo .lnk 2015-01-04 13:49:07 795 ----a-w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk 2015-04-12 11:57:28 1465 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Philips GoGear SA4VBE Device Manager.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Wise Memory Optimizer Task.job --a-------- C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe [10/06/2015 14:34] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\Wise Memory Optimizer Task" [C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe] "C:\WINDOWS\SysNative\tasks\Badosoft\Connectivity Fixer" ["C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN45U71561" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\luc\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[03/04/2015 11:15] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Slides - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Drive App Launcher - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Drive App Launcher - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Reset Google Chrome ====================== C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=369 folders=98 2008961029 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\ingrid\AppData\Local\Temp emptied successfully C:\Users\luc\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\luc\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 21/06/2015 at 13:04:13.41 ======================