Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by user on di 23/06/2015 at 20:54:38,89. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\user\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 23/06/2015 20:59:56 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Merge Modules deleted successfully C:\Program Files\log deleted successfully C:\Users\user\AppData\Roaming\Malwarebytes deleted successfully C:\Users\user\AppData\Local\Adobe deleted successfully C:\Users\user\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 64 Bit HP CIO Components Installer Adobe Flash Player 18 NPAPI Adobe Photoshop 7.0.1 All Casual Games All Enthusiast Games All Family Games All Kids Games All Touch Friendly Games ASUS Live Update ASUS Power4Gear Hybrid ASUS Screen Saver ASUS Smart Gesture ASUS Splendid Video Enhancement Technology ASUS USB Charger Plus ATK Package Avast Free Antivirus Belgium e-ID middleware 4.0.7 (build 7466) Brackets CCleaner Crimson Editor SVN286M Definition Update for Microsoft Office 2013 (KB3054786) 64-Bit Edition Entity Framework Designer for Visual Studio 2012 - enu EPSON SX235 Series Printer Uninstall FileZilla Client 3.11.0.1 Game Explorer Categories - casual Game Explorer Categories - enthusiast Game Explorer Categories - family Game Explorer Categories - kids Game Explorer Categories - touch Garmin BaseCamp Garmin USB Drivers Google Chrome Google Update Helper Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899) Intel(R) Control Center Intel(R) Dynamic Platform and Thermal Framework Intel(R) Management Engine Components Intel(R) Processor Graphics Intel© Trusted Connect Service Client Java 8 Update 31 Java 8 Update 40 Java 8 Update 45 Java Auto Updater JaVaWa Device Manager 3.7 JaVaWa GMTK 3.9 Malwarebytes Anti-Malware versie 2.1.6.1022 Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft .NET Framework 4.5 SDK Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft .NET Framework 4.5.1 SDK Microsoft Access MUI (Dutch) 2013 Microsoft Application Error Reporting Microsoft ASP.NET MVC 2 Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft Help Viewer 1.0 Microsoft Help Viewer 2.0 Microsoft Help Viewer 2.1 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Office 32-bit Components 2013 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Professional Plus 2013 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Shared 32-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2013 Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft Silverlight 3 SDK Microsoft Silverlight 5 SDK Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files (English) Microsoft SQL Server 2012 Command Line Utilities Microsoft SQL Server 2012 Data-Tier App Framework Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft SQL Server 2012 Express LocalDB Microsoft SQL Server 2012 Management Objects Microsoft SQL Server 2012 Management Objects (x64) Microsoft SQL Server 2012 Native Client Microsoft SQL Server 2012 T-SQL Language Service Microsoft SQL Server 2012 Transact-SQL Compiler Service Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft SQL Server 2014 Express LocalDB Microsoft SQL Server 2014 Management Objects Microsoft SQL Server 2014 Management Objects (x64) Microsoft SQL Server 2014 T-SQL Language Service Microsoft SQL Server 2014 Transact-SQL ScriptDom Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft SQL Server Data Tools - enu (11.1.20828.01) Microsoft SQL Server Data Tools - enu (12.0.41012.0) Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft SQL Server Database Publishing Wizard 1.4 Microsoft SQL Server System CLR Types Microsoft SQL Server System CLR Types (x64) Microsoft SQL Server VSS Writer Microsoft System CLR Types for SQL Server 2012 Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft System CLR Types for SQL Server 2014 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Web Deploy 3.5 Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 Microsoft Word MUI (Dutch) 2013 Mozilla Firefox 38.0.5 (x86 nl) Mozilla Maintenance Service MyFreeCodec MySQL Connector Net 6.9.6 MySQL Workbench 6.3 CE OpenFietsMap (BNLv13-12-2014) Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais Polar ProTrainer Prerequisites for SSDT Qualcomm Atheros Client Installation Program Realtek Card Reader Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft Office 2013 (KB2910941) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039749) 64-Bit Edition Security Update for Microsoft Office 2013 (KB3039782) 64-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition SketchUp 2015 Sql Server Customer Experience Improvement Program Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for (KB2504637) Update for Microsoft Access 2013 (KB3054795) 64-Bit Edition Update for Microsoft Excel 2013 (KB3054794) 64-Bit Edition Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition Update for Microsoft Office 2013 (KB2760371) 64-Bit Edition Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition Update for Microsoft Office 2013 (KB2837654) 64-Bit Edition Update for Microsoft Office 2013 (KB2880487) 64-Bit Edition Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition Update for Microsoft Office 2013 (KB2881017) 64-Bit Edition Update for Microsoft Office 2013 (KB2881076) 64-Bit Edition Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition Update for Microsoft Office 2013 (KB2889863) 64-Bit Edition Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition Update for Microsoft Office 2013 (KB2899522) 64-Bit Edition Update for Microsoft Office 2013 (KB2956152) 64-Bit Edition Update for Microsoft Office 2013 (KB2965253) 64-Bit Edition Update for Microsoft Office 2013 (KB2965259) 64-Bit Edition Update for Microsoft Office 2013 (KB2965269) 64-Bit Edition Update for Microsoft Office 2013 (KB2965271) 64-Bit Edition Update for Microsoft Office 2013 (KB2975869) 64-Bit Edition Update for Microsoft Office 2013 (KB3023054) 64-Bit Edition Update for Microsoft Office 2013 (KB3039761) 64-Bit Edition Update for Microsoft Office 2013 (KB3039791) 64-Bit Edition Update for Microsoft Office 2013 (KB3054774) 64-Bit Edition Update for Microsoft Office 2013 (KB3054783) 64-Bit Edition Update for Microsoft Office 2013 (KB3054797) 64-Bit Edition Update for Microsoft Office 2013 (KB3054853) 64-Bit Edition Update for Microsoft Office 2013 (KB3054856) 64-Bit Edition Update for Microsoft OneDrive for Business (KB3054825) 64-Bit Edition Update for Microsoft OneNote 2013 (KB3039764) 64-Bit Edition Update for Microsoft Outlook 2013 (KB3054855) 64-Bit Edition Update for Microsoft Outlook Social Connector 2013 (KB3054854) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB3023058) 64-Bit Edition Update for Microsoft Project 2013 (KB3054830) 64-Bit Edition Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition Update for Microsoft Word 2013 (KB3039755) 64-Bit Edition Update for Skype for Business 2015 (KB2889853) 64-Bit Edition Update for Skype for Business 2015 (KB3054791) 64-Bit Edition Update Installer for WildTangent Games App Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU WampServer 2.5 WCF RIA Services V1.0 SP2 Web Deployment Tool WebStorage Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207) Windows Phone 8.0 Emulation Images Windows Phone 8.1 Emulators - ENU Windows Phone 8.1 SDK - Images Windows Phone Emulator 8.0 Configurator Windows Phone Tools Finalizer WinFlash WinRAR 5.21 (64-bit) WinZip 19.0 ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\Samsung\Kies\Kies.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Users\user\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\user\AppData\Roaming\Brackets deleted C:\PROGRA~3\SetStretch.VBS deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\machine deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8076 MB CPU Info: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz CPU Speed: 2436,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SU-228FB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 186,3GB | D: 258,3GB Hard Disks - Free: C: 73,2GB | D: 247,8GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. X751LA Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Firewall: avast! Antivirus disabled Default Browser: Firefox 38.0.5 Internet Explorer Version: 11.0.9600.17842 Mozilla Firefox version: 38.0.5 (x86 nl) Google Chrome version: 43.0.2357.130 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) Flash Player version: 18.0.0.194 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-06-22 08:48:22 CA2A8AF1DBAD0F31F9B33A2827DFBC16 207 ----a-w- C:\Windows\tweaking.com-regbackup-USERPCASUS-Windows-8.1-(64-bit).dat ====== C:\Users\user\AppData\Local\Temp ==== 2015-06-22 08:48:01 FDD26A402322F212DCA153FF8B1FFB6E 78816 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\pcwintech_tasksch.dll 2015-06-22 08:48:01 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\libiconv2.dll 2015-06-22 08:48:01 DC7A3BC0FC185CD68848DC6F7D7B026B 40960 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\SSubTmr6.dll 2015-06-22 08:48:01 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\libintl3.dll 2015-06-22 08:48:01 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe 2015-06-22 08:48:01 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\pcre3.dll 2015-06-22 08:48:01 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\regex2.dll 2015-06-22 08:48:01 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-06-11 10:46:33 BD7E7AC5639FFE7CDDAA5A3F7A05D4A7 2483712 ----a-w- C:\Windows\SysWOW64\msftedit.dll 2015-06-11 10:46:31 7F78583D91D0FCA9678778F45328C99F 367104 ----a-w- C:\Windows\SysWOW64\puiobj.dll 2015-06-11 10:46:27 02BE9F037101364A565D224194337B0C 207872 ----a-w- C:\Windows\SysWOW64\rastapi.dll 2015-06-11 10:46:25 33BC1A74FA72C3B0EE04A23FDE1045FC 158720 ----a-w- C:\Windows\SysWOW64\rgb9rast.dll 2015-06-11 10:46:14 E9A91A0A589AED5328E30D8C7E59E5AE 2749952 ----a-w- C:\Windows\SysWOW64\tquery.dll 2015-06-11 10:46:14 B95D112E19CFEC74692F7791ABBB03BE 391680 ----a-w- C:\Windows\SysWOW64\mssph.dll 2015-06-11 10:46:14 8D4CEAEE747097A70342B80EA32E018D 710144 ----a-w- C:\Windows\SysWOW64\SearchIndexer.exe 2015-06-11 10:46:14 50B6B1D4EFCB81298DE7F9415879C51B 699392 ----a-w- C:\Windows\SysWOW64\mssvp.dll 2015-06-11 10:46:14 5027CAF4BFB31E4CD2918B2C2DFFC4CB 1920000 ----a-w- C:\Windows\SysWOW64\mssrch.dll 2015-06-11 10:46:14 14B5D6506A366585F8D6B6097530F7F2 272896 ----a-w- C:\Windows\SysWOW64\SearchProtocolHost.exe 2015-06-11 10:46:14 00ED6F8562702A00D8AEC9F70CA7DDFE 1018880 ----a-w- C:\Windows\SysWOW64\UIAutomationCore.dll 2015-06-11 10:46:12 CF6502529F3819C984A26BBD83ED3C8E 180224 ----a-w- C:\Windows\SysWOW64\authz.dll 2015-06-11 10:46:11 B0EDCA1168C874812A180EBCD1A43EB5 549888 ----a-w- C:\Windows\SysWOW64\comctl32.dll 2015-06-11 10:46:06 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-06-11 10:46:05 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-06-11 10:46:04 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-06-11 10:46:04 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-06-11 10:46:04 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-06-11 10:46:04 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-06-11 10:46:04 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-06-11 10:46:03 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-06-11 10:46:03 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-06-11 10:46:03 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-06-11 10:46:03 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-06-11 10:46:03 AE8F02C9B1DC7364A94ABEB6E396611C 327168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-06-11 10:46:03 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-06-11 10:46:03 8AE1E22527BC203BAD89212F6D09F038 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2015-06-11 10:46:03 7467B0605897898F8F32B4B9B9041F51 128000 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2015-06-11 10:46:03 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-06-11 10:46:03 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-06-11 10:46:03 3B850134010B7CCC546C29D51405C9DA 1042944 ----a-w- C:\Windows\SysWOW64\actxprxy.dll 2015-06-11 10:46:03 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-06-17 11:13:30 F0CACB26E37A19A8049F7C4448ECC2F5 1119232 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-06-17 11:13:30 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-06-17 11:13:30 ACDA86BD8FE54376586173BD55F678F9 756736 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-06-17 11:13:30 16D44C27EE81892ED918DA21544665DC 1020928 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-06-17 11:13:30 009FD5658121B32791D55D0F34B63883 700416 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-06-17 11:13:29 FC504D3310BBDABA4449C598C3F8113B 45568 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-06-17 11:13:29 90BFB92CF2AB75A01BF40D22BD1670A8 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-06-17 11:13:29 2C14C7A76B728DF9F2A0425166FDEE8F 422912 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-06-11 10:46:33 3F8C7B8A4C345D0378AC79746E927158 3097600 ----a-w- C:\Windows\Sysnative\msftedit.dll 2015-06-11 10:46:31 9DF4C369F556A4FBAE7E1D86F1AA5593 309760 ----a-w- C:\Windows\Sysnative\compstui.dll 2015-06-11 10:46:31 4DC765353D890B9813AC809C0EFF488A 477184 ----a-w- C:\Windows\Sysnative\puiobj.dll 2015-06-11 10:46:31 4A5D524C19BEB337797D6448020025B4 1091072 ----a-w- C:\Windows\Sysnative\localspl.dll 2015-06-11 10:46:29 574F2184043FAF24B588BA12B3CC99CC 410336 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2015-06-11 10:46:27 D044FD35EEC3BF683B963DE10A5E00C3 222208 ----a-w- C:\Windows\Sysnative\rastapi.dll 2015-06-11 10:46:26 B0B46D29B9F34D19B819B48E208871A5 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2015-06-11 10:46:26 3ECB752A6963B1CBC9AD65ED89C8ACED 1430528 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2015-06-11 10:46:14 F52C9F18BE8899CF503D7D40E62C47C3 903168 ----a-w- C:\Windows\Sysnative\SearchIndexer.exe 2015-06-11 10:46:14 F2CBC74E403A4251279D0BA9D0ECFBDB 2551808 ----a-w- C:\Windows\Sysnative\mssrch.dll 2015-06-11 10:46:14 98D0A8C3BF81774D76EAAB5977B69AB3 337408 ----a-w- C:\Windows\Sysnative\SearchProtocolHost.exe 2015-06-11 10:46:14 62B3D51F60859F595317D7C3AEC5E5F2 248832 ----a-w- C:\Windows\Sysnative\mssphtb.dll 2015-06-11 10:46:14 42FFA34D6A1ABBC6064E0D8A452039D3 774144 ----a-w- C:\Windows\Sysnative\mssvp.dll 2015-06-11 10:46:14 3C03E08CBB76B7081173924C52D329EE 1249280 ----a-w- C:\Windows\Sysnative\UIAutomationCore.dll 2015-06-11 10:46:14 3B8D14C7D33E3991090C726DD4CF7088 468480 ----a-w- C:\Windows\Sysnative\mssph.dll 2015-06-11 10:46:14 279C2DB5C56A3674DCB98165E85237CF 3633664 ----a-w- C:\Windows\Sysnative\tquery.dll 2015-06-11 10:46:12 CD7DC91A7F84B4C81A06B511545DE867 275968 ----a-w- C:\Windows\Sysnative\authz.dll 2015-06-11 10:46:11 0341BF7622E0D547446DB254868EF965 653824 ----a-w- C:\Windows\Sysnative\comctl32.dll 2015-06-11 10:46:07 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-06-11 10:46:05 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-06-11 10:46:05 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-06-11 10:46:04 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-06-11 10:46:04 7B4A7D55E905ED9A0A4B1263BA7C6944 2865152 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2015-06-11 10:46:04 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-06-11 10:46:04 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-06-11 10:46:03 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-06-11 10:46:03 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-06-11 10:46:03 9EFAF10AF9BFA6CDBDDE3D8C5EDC3453 145408 ----a-w- C:\Windows\Sysnative\iepeers.dll 2015-06-11 10:46:03 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-06-11 10:46:03 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-06-11 10:46:03 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-06-11 10:46:03 614604C8D322D0779E426917CAFE4F3E 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-06-11 10:46:03 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-06-11 10:46:03 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-06-11 10:46:03 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-06-11 10:46:03 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-06-11 10:46:03 1E31F06BE53F11CF5E660284E68587AC 374272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-06-11 10:46:03 11E5CD954CC38080471E7CC2CA1558AE 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2015-06-11 10:46:03 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-06-11 10:45:53 6CCC851608DD076C13E37737BB75A9DC 4177920 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2015-06-11 10:46:14 44603DA5A87FB491EF59C889EBBB4DDB 325464 ----a-w- C:\Windows\Sysnative\drivers\USBXHCI.SYS 2015-06-08 08:43:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf ====== C:\Windows\Tasks ====== 2015-06-21 14:41:41 057A507B0822B7D4CD18DBFFB0A9B577 3086 ----a-w- C:\Windows\Sysnative\Tasks\{6834CB72-D6C1-4080-BFA7-250344EF5341} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-06-22 19:05:41 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0 2015-06-22 14:54:42 -------- d-----w- C:\Program Files\trend micro 2015-05-27 13:27:24 -------- d-----w- C:\Program Files\FileZilla FTP Client ======= C:\PROGRA~2 ===== 2015-06-21 12:48:40 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 12.0 2015-06-08 08:41:54 -------- d-----w- C:\PROGRA~2\Windows Kits 2015-06-08 08:40:31 -------- d-----w- C:\PROGRA~2\Microsoft Help Viewer 2015-05-25 14:56:45 -------- d-----w- C:\PROGRA~2\MySQL ======= C: ===== ====== C:\Users\user\AppData\Roaming ====== 2015-06-15 11:53:50 -------- d-----w- C:\Users\user\AppData\Roaming\iterate_GmbH 2015-06-15 11:47:22 -------- d-sh--w- C:\Users\user\AppData\Roaming\Cyberduck Updater AU 2015-06-08 09:45:41 -------- d-----w- C:\Users\user\AppData\Roaming\NuGet 2015-05-27 13:46:37 -------- d-sh--w- C:\Users\user\AppData\Roaming\wyUpdate AU 2015-05-27 13:46:32 -------- d-----w- C:\Users\user\AppData\Roaming\Cyberduck 2015-05-27 13:27:41 -------- d-----w- C:\Users\user\AppData\Roaming\FileZilla ====== C:\Users\user ====== 2015-06-22 19:11:15 CB17DA17257D9C1DE6F11E05CA1743C2 43507845 ----a-w- C:\Users\user\Downloads\wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-64b(1).exe 2015-06-22 14:53:22 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\user\Downloads\RSITx64.exe 2015-06-22 08:47:47 7D4D2582898E865A7EEEDDFAC649231A 2950454 ----a-w- C:\Users\user\Downloads\JRT.exe 2015-06-22 08:42:20 02C1EE40968BAA67C3A785CDA9807125 262 --sha-r- C:\ProgramData\ntuser.pol 2015-06-22 08:37:21 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\user\Downloads\adwcleaner_4.207 (1).exe 2015-06-22 08:37:15 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\user\Downloads\adwcleaner_4.207.exe 2015-06-21 14:48:31 C5AEF10E3E96E98FC4AA5CF44E21ED15 1240624 ----a-w- C:\Users\user\Downloads\vs_community.exe 2015-06-08 10:18:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK 2015-05-27 13:46:40 -------- d-sh--w- C:\Users\user\wc ====== C: exe-files == 2015-06-23 18:48:20 C29E128D08F09C9AEAABA0B602165262 1063504 ----a-w- C:\Program Files (x86)\Google\Update\Install\{9FE01FA6-2DC9-4AE8-9216-2B2E88CEB2D3}\43.0.2357.130_43.0.2357.124_chrome_updater.exe 2015-06-23 18:48:20 C29E128D08F09C9AEAABA0B602165262 1063504 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.130\43.0.2357.130_43.0.2357.124_chrome_updater.exe 2015-06-22 19:24:24 F4E3D5003DE8FB0D6C4EC11B4DFC5F77 406528 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe 2015-06-22 19:24:24 B94C770978AD994F419D92FE24FD3F0F 360240 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe 2015-06-22 19:24:24 9FCD33F6C4765C8EAEEA7E152D1E2E75 401408 ----a-w- C:\Windows\System32\GWX\GWXUX.exe 2015-06-22 19:24:24 2B0C2B239CE5603F7F7FD57F54E841C8 666624 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe 2015-06-22 19:24:24 0AD060F08BC0008DA1B0FECA0015F270 475648 ----a-w- C:\Windows\System32\GWX\GWX.exe 2015-06-22 19:11:15 CB17DA17257D9C1DE6F11E05CA1743C2 43507845 ----a-w- C:\Users\user\Downloads\wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-64b(1).exe 2015-06-22 14:54:42 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\user.exe 2015-06-22 14:53:22 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\user\Downloads\RSITx64.exe 2015-06-22 08:48:01 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe 2015-06-22 08:48:01 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe 2015-06-22 08:47:47 7D4D2582898E865A7EEEDDFAC649231A 2950454 ----a-w- C:\Users\user\Downloads\JRT.exe 2015-06-22 08:37:21 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\user\Downloads\adwcleaner_4.207 (1).exe 2015-06-22 08:37:15 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\user\Downloads\adwcleaner_4.207.exe 2015-06-21 14:48:31 C5AEF10E3E96E98FC4AA5CF44E21ED15 1240624 ----a-w- C:\Users\user\Downloads\vs_community.exe === C: other files == 2015-06-22 08:48:01 F206D8CBAD79E949AC9ADBE8AF2D60B7 2374 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\medfos.bat 2015-06-22 08:48:01 D574912A12CAAFD0E47A7757A0D9527F 9174 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\searchlnk.bat 2015-06-22 08:48:01 C16EBCAA02F2976408D2F5A68D2562FF 1771 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\delfolders.bat 2015-06-22 08:48:01 BD130F08F50D61C3859B6F819F3558A5 31138 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\iexplore.bat 2015-06-22 08:48:01 B23B16209341AEAE62A7D32117A36F55 1192 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\TDL4.bat 2015-06-22 08:48:01 A8F5541C419593F3ECAC0E0A3FB0F2BA 1162 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\surfvox.bat 2015-06-22 08:48:01 A6DEDFDFF4E2321F44790819C5F310F1 13907 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\chrome.bat 2015-06-22 08:48:01 A337A318BC530E1C231F4148DDFE4C60 7393 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\runvalues.bat 2015-06-22 08:48:01 93A6196509429319C854A941F14F1E7C 252 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\ev_clear.bat 2015-06-22 08:48:01 9246BABAAAE2978EABF6F0D784B0683D 34543 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\prelim.bat 2015-06-22 08:48:01 78551B6A98FF3EE95DB330BB742F7AD0 152662 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\firefox.bat 2015-06-22 08:48:01 749C44588AD7BD398F1BDCD030F2B081 21096 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\ask.bat 2015-06-22 08:48:01 654E99115CFEC77263269E5EB6717E4C 131287 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\misc.bat 2015-06-22 08:48:01 49B4FCAB4947D8A494C0108127101009 4756 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\chrome_pref.bat 2015-06-22 08:48:01 2719B06EF921402D7D820120D79D4E88 14504 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\mws.bat 2015-06-22 08:48:01 05E06D3F96DDF25998D8C3117035B7B6 17011 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\get.bat 2015-06-22 08:33:34 630A6AA4EB5E8E9845A5365BC6450398 9571 ----a-w- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\73kt6umo.default\extensions\{27400994-36cd-48cb-a3d1-3ad5c9cea524}.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3143911281-1452477061-804109539-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "EPSON331930 (Epson Stylus SX235)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\user\AppData\Local\Temp\E_S353D.tmp /EF HKCU" [HKEY_USERS\S-1-5-21-3143911281-1452477061-804109539-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "EPSON331930 (Epson Stylus SX235)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\user\AppData\Local\Temp\E_S353D.tmp /EF HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "EPSON331930 (Epson Stylus SX235)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\user\AppData\Local\Temp\E_S353D.tmp /EF HKCU" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DptfPolicyLpmServiceHelper"="C:\Windows\system32\DptfPolicyLpmServiceHelper.exe" ==== Startup Folders ====================== 2014-12-24 11:58:08 1383 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [23/06/2015 20:54] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/12/2014 19:27] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/12/2014 19:27] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe] "C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\Windows\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\ASUS\P4G\IntlDPST.exe] "C:\Windows\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\Windows\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{526B9F7C-EC1A-41CE-9A9A-92F2F119B2DD}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\73kt6umo.default user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006"); user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006"); user_pref("browser.search.defaultengine", "Google (avast)"); user_pref("browser.search.defaultenginename", "Google (avast)"); user_pref("browser.search.selectedEngine", "Google (avast)"); user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\73kt6umo.default - Filter Results - %ProfilePath%\extensions\{27400994-36cd-48cb-a3d1-3ad5c9cea524}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\73kt6umo.default 2820FF3A306D6AEB8BFBBB753BD83EBE - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.130 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/03/2015 14:12] Google Wallet - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.extcontent00.extcontent.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.extcontent00.extcontent.com_0.localstorage-journal deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopper.deals-way.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopper.deals-way.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Old Start Page"="http://www.google.com" "Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" "Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" "Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Old Start Page"="https://www.google.com/?trackid=sp-006" "Start Page"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [EPSON331930 (Epson Stylus SX235)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\user\AppData\Local\Temp\E_S353D.tmp" /EF "HKCU" O4 - HKUS\S-1-5-21-3143911281-1452477061-804109539-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (User '?') O4 - HKUS\S-1-5-21-3143911281-1452477061-804109539-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload (User '?') O4 - HKUS\S-1-5-21-3143911281-1452477061-804109539-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Polar Sync] (User '?') O4 - HKUS\S-1-5-21-3143911281-1452477061-804109539-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [EPSON331930 (Epson Stylus SX235)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\user\AppData\Local\Temp\E_S353D.tmp" /EF "HKCU" (User '?') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @oem15.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing) O23 - Service: @oem15.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\system32\DptfPolicyConfigTDPService.exe (file missing) O23 - Service: @oem15.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\Windows\system32\DptfPolicyCriticalService.exe (file missing) O23 - Service: @oem15.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\Windows\system32\DptfPolicyLpmService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\73kt6umo.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2664 folders=585 2008602786 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\user\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\user\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 23/06/2015 at 21:32:30,36 ======================