Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by claudia on ma 27/07/2015 at 21:51:53,92. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\claudia\Downloads\zoek(2).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-07-27-085030.log 36413 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\ProgramData\Avg_Update_0715av not found "C:\Windows\tasks\0715avUpdateInfo.job" not found "C:\DelFix.txt" not found C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-07-25 10:10:49 F63F0384E9EBBA3F0271D003D02D682B 231517630 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\claudia\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-07-20 17:42:50 D80ECB18D64AE3C2A9D8220ABEBCE40A 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2015-07-20 17:42:50 BBA0C61CB01BA4351C41DC36BBEB55B4 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2015-07-20 17:42:50 900DB967084C22C6D83D637529B77E8F 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-07-20 17:42:50 2DD3D6B44442EF17675554D0482E7BC2 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2015-07-20 17:42:50 0A6495A400140B89242268A13C807841 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2015-07-14 20:13:09 E2A2B221A47271DD4176FB9B93F670E6 93184 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-07-14 20:13:09 CBC91E2E6158358E82D153D811B73C38 30208 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-07-14 20:13:09 7F13188A9656355F664313334971DA22 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-07-14 20:13:09 1728A7831E95BCEEEA3F0D07AE6F74EE 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-07-14 20:13:09 13810657EE732C2F5453C0C877FD5DB2 34816 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-07-14 20:13:03 6E91F67335D57DDFFE798C815444B0E3 210432 ----a-w- C:\Windows\SysWOW64\cewmdm.dll 2015-07-14 20:12:59 143046AC227C193B5B2E0E20BC0CF1DD 312320 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2015-07-14 20:12:58 3D73FC0D0997DA1EF6F705EF9936AB20 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-07-14 20:12:58 31165F9D71D3C249AB97FBAE55DE4B49 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-07-14 20:12:50 37BC6BC6CFC38A6202B28459F7CCE4CD 479232 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-07-14 20:12:50 116F506573B59B85CD0DC18527E9951A 19877376 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-07-14 20:12:50 05CA106A1B68770BDABB9AA7AEAE516A 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-07-14 20:12:49 AFAEB9E4269846C64DC9721B1BFA5CEC 12855296 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-07-14 20:12:49 4E4B3CAC5C62415AF5C6B0167A376EB8 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-07-14 20:12:47 8EDF7B6D3A563DAA06DD87053C734168 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-07-14 20:12:24 E8F3572F002B556D19AC3AE4A11CAC2E 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-07-14 20:12:24 E42BB0E02C8F6C8D1CCBFE6AB8EB199F 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-07-14 20:12:24 E3883C13DB4D19E29095C9F4BC27B755 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-07-14 20:12:24 D503616B296B869486AA84D6DB8FB6A5 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-14 20:12:24 1A04239A054D810CF32C46F2B70C47B7 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-07-14 20:12:23 95C40DFE3B3CFCEBA2DF9E493945A7B5 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-07-14 20:12:23 87E5B70C9F0DE7E3D620E1E3A60AA274 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-07-14 20:12:23 18465944F711AD3FDE58675C3C42FA99 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-07-14 20:12:23 019019007E6980EACAC80DE04B5D330A 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-07-14 20:12:22 E475D4B65088F4F7FABF7D427CD3D30E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-07-14 20:12:22 CC044CFF6018AD0368AF3A8149721407 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-07-14 20:12:22 81ED1F775E5DDBE990D9C3AFF507DAC2 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-07-14 20:12:22 442DB5B16073DE2E79E1912D0B77F343 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-07-14 20:12:22 43CF584D989A4A0EA6B5D3EBFAD260B7 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-07-14 20:12:22 2CC6836C44C84583386702468125654F 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-07-14 20:12:22 0CB44ADB09C5BE7CE9D1D1F04E909067 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-07-14 20:12:20 72D524ED31A2FBA7432801361CE41FC3 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-07-14 20:12:20 63B01F72FD727D5736DBEF54174D8F93 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-07-14 20:12:20 17DFCBA042195666632C889E04913E19 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-07-14 20:12:20 0DE5FE06603CF80238EFD9D67AB45A56 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-07-14 20:11:39 603ADCCAA52D1E0675C63646AFBBA992 856064 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll 2015-07-14 20:11:39 5E3ED0FB3D07258A72C27CAFAA9D0101 6131200 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2015-07-14 20:11:38 2CECF5A9E952E3165F14267544A2E6A6 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2015-07-14 20:11:37 4548507ED3C17DB4739DBBEAF6378004 1414656 ----a-w- C:\Windows\SysWOW64\ole32.dll 2015-07-14 20:11:34 F4AFDB5ABEA0C9079E8193E24D1DB21D 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2015-07-14 20:11:34 D864C283FFD7C080FDC25FD4C798FF8D 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2015-07-14 20:11:34 588D52C2D0E60EE71FD5A64407865B10 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2015-07-14 20:11:34 33F67BBCC3C0499D3F3382473114CFA8 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2015-07-14 20:11:16 E97B4515FC3846CB5C6853C40E71EF28 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2015-07-14 20:11:16 E344031017D52F5F1A4C759A815625CC 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-07-14 20:11:16 CA017983095846BFCFBE9C02B40958B3 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-07-14 20:11:16 98226182583DF1715F1BE6CCEA6E8D95 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-07-14 20:11:16 4466D67AC240FE1CCCB32BE743BCB488 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-07-14 20:11:16 393FDE87F56A8E98AC1B37ADB2181332 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-07-14 20:11:16 02CD86D59807467D065F521BE81BB858 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2015-07-14 20:11:15 E6F375BAA4F839592627DA3E95BF3977 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-07-14 20:11:15 A719B9156A6DCDBACC201D9163AFF8D1 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-07-14 20:11:15 A41BF25E4F145E1BC00445B6421B9E11 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-07-14 20:11:15 96741CBB4CC3638A2BCB11F93B92B738 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-07-14 20:11:15 81E207D09B2A7723A549EFB34B47C7EA 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-07-14 20:11:15 6AE6E08938D5BA9D8BA305506620B48D 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-07-14 20:11:15 2E8C9C3223E05F4B42FB89C03DD09C1D 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-07-14 20:11:15 2B4A31319D74B3D3407AB64942B7FF32 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-07-14 20:11:11 D7C4ABB0F1FFA371928EED0C7A6E24DC 2364416 ----a-w- C:\Windows\SysWOW64\msi.dll 2015-07-14 20:11:11 7B4277F9E9F48D5D8E6AEA341F8048E8 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll 2015-07-14 20:11:10 F61A069A5517F85662ED9A6C5AD5445A 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe 2015-07-14 20:11:10 C08582E7F8EA706A2D4A3C7BD5AC35C1 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll 2015-07-14 20:11:10 A344B1EFA7DB86AE1407039CD596FB1E 25088 ----a-w- C:\Windows\SysWOW64\msimsg.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-07-20 17:42:50 D57C03D365BC71C7A30504644515F3F8 41984 ----a-w- C:\Windows\Sysnative\lpk.dll 2015-07-20 17:42:50 37C6F4906A4B3F837780AF078A1718BA 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2015-07-20 17:42:50 2D0E2C197BA9CD67105DE5BBFBEF72A7 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-07-20 17:42:50 1C4FF36152EBDF5C10A612FC9B2E1F8A 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2015-07-20 17:42:50 08D58C21888BC2DC754F591C23709C33 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll 2015-07-14 20:13:09 3F9239D5F65F1318A53EBAEC01C092F1 139776 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-07-14 20:13:09 3EDB01024BA86C5B4D2CB307DC5D3AC0 37376 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-07-14 20:13:08 F56E83C1EFEDEF919033CBFF071602B6 36864 ----a-w- C:\Windows\Sysnative\wups.dll 2015-07-14 20:13:08 D79E3C2D45315ADCAA267A05355DFBF5 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-07-14 20:13:08 BC80574FF264848F8613A3F6F7AF7642 192000 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-07-14 20:13:08 AA3E844A2595B1AA5825C70CA50D963E 2603008 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-07-14 20:13:08 84CEF9B2D8ED8006B3975DC1D8109B3D 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-07-14 20:13:08 80381DD7C4797A601E59F8E001B46793 3154944 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-07-14 20:13:08 2896A06239E19379CE44FAFCDB1675B1 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-07-14 20:13:08 00DCC688DF459A9FEE42C7397668C62B 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-07-14 20:13:08 00383E521D3D039968B92A0998BA76FD 37888 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-07-14 20:13:03 60696836CAD56F1B47059E1BA739787D 254976 ----a-w- C:\Windows\Sysnative\cewmdm.dll 2015-07-14 20:13:00 F6D23F6707CAEA235E4C84A4AC87EB2A 3180544 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2015-07-14 20:13:00 960D313FFBC9C4C14D9DFDB1FEB21CBD 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2015-07-14 20:12:59 EFFFE1C77ACCE66C82CCFD18A9687F48 404992 ----a-w- C:\Windows\Sysnative\gdi32.dll 2015-07-14 20:12:59 C4EA3D63E8BF077ECD1E93BF6556AE99 3207168 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-07-14 20:12:58 837BD6BB879405B416A4326C8B723D83 5923840 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-07-14 20:12:58 2A795629E0746D82A229A01EEE75FCE5 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-07-14 20:12:50 FC165889E97E37BCB55C5B79BEB3D331 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-07-14 20:12:49 78E4D3781E5632BA88E5153510BEB625 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-07-14 20:12:49 120E3CE08505A9637CAB72D35A2D2E8C 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-07-14 20:12:48 D74E2BE157B8A2A9CF29BEBB052B8A42 25193984 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-07-14 20:12:48 6A70888EEC05B45C8990E8977C480019 14453248 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-07-14 20:12:47 41D59904967A4033FB4497DCED7320AD 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-07-14 20:12:24 A51BF63E9EA6DDED50A69797EAD23576 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-07-14 20:12:24 50AAC6B4AFD93060456134A29C35FB1E 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-07-14 20:12:24 44D98BF1ED7B520602A55446E28D8840 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-07-14 20:12:24 3A46FC42EDE2021399FCD9E4A7A406F8 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-07-14 20:12:23 4887D79B5CE61A00FCC5C53AA2216007 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-07-14 20:12:22 DAECFA33350D863D49157506587D5EF8 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-07-14 20:12:22 80E899C111219316B94BBA72FAFF7D11 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-07-14 20:12:22 7EEC52D1B800230A4E8EC81B92D61118 389832 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-07-14 20:12:22 434CBA59035C4F3A02E5AB92FD6C816B 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-07-14 20:12:21 BCE51D1B0F7BC8977CDAECD24A0D4C88 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-07-14 20:12:21 BB33A140CA61A22B5882486881E2191A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-07-14 20:12:21 AF3D4DA49A9C9C9778953CE9D7470C11 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-07-14 20:12:21 58243D92748201D38AACDAEA22527412 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-07-14 20:12:20 B5164F4515C4BC4F45FBF5B3A99685C0 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-07-14 20:12:20 9B9D2B99A865CB3B9BAA9BE77A300680 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-07-14 20:12:20 142D20CA55870589B009D53C37C0B75C 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-07-14 20:12:19 74F367C596EEF3106EBC65625F04C807 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-07-14 20:12:19 4024752E6B341B07F3823B7DA72C45D2 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-07-14 20:12:18 F30702F2607AEE462A6AB8715E72FC03 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-07-14 20:12:18 E066FDC3A2074D926903B8C31EF3B347 2427392 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-07-14 20:12:18 88E26FC9F8BDE0635F379BB8FE6BFFF1 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-07-14 20:12:18 796A89701B2560FF453FF08FF941A169 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-07-14 20:12:17 C95EE658B7816B3588418E948EF55F83 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-07-14 20:12:17 8DA3623D372E5147914973383D998980 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-07-14 20:11:41 673CF0DA2BE5D86282FC7C5BE3172470 429568 ----a-w- C:\Windows\Sysnative\wksprt.exe 2015-07-14 20:11:40 823BAE27CBF54C1E3E0CD964909A253E 7077376 ----a-w- C:\Windows\Sysnative\mstscax.dll 2015-07-14 20:11:39 18B16B510258DEBE6121CA25CFCD2AE8 1057792 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll 2015-07-14 20:11:38 E3EB94B45A2735D4559558B5899732E8 2087424 ----a-w- C:\Windows\Sysnative\ole32.dll 2015-07-14 20:11:38 04A5640833EE276AA4E8C71EB56613AF 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2015-07-14 20:11:34 C5752F5CE47B6B00F914AE91087C0CB4 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2015-07-14 20:11:34 7EE0A3B9E904AF4744E4D8F00CB5CA32 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2015-07-14 20:11:34 7BC3E861F7E8EB543A630090FAE779E0 188416 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2015-07-14 20:11:34 71187FA11F58012C188453877E16EB8B 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2015-07-14 20:11:16 F66102F990EE913261ED7907403718ED 729088 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-07-14 20:11:16 E8560BC8E1B85A5A081AEF43626187B1 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2015-07-14 20:11:16 D5844B744F7BAF826965DD634FF8DB00 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-07-14 20:11:16 A66FF313F2F8A6CBF9BB2B0CC92D5ACD 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2015-07-14 20:11:16 9F2CCDE3F30C224C082984B6F95D3D95 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-07-14 20:11:16 9EA6DA45B95599C27B1661C1D99307D7 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-07-14 20:11:16 750C44D6F7A708F0C6618F075A0A68A7 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-07-14 20:11:16 3B96392CBE54FF44BEAEB0B4BCC65487 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-07-14 20:11:16 09730D830B2B69B626817F4A95945308 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-07-14 20:11:15 F01A58E45BB8E28CCE6BCF272FF0F9A8 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-07-14 20:11:15 EEB192537935BB12A998CAB8F5A07E78 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-07-14 20:11:15 C3F6A9A41CC8591EF0370708E54DE474 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-07-14 20:11:15 C3F0594AF92FE71B13A44177FDB80784 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-07-14 20:11:15 B1D191D0EDEB86197A5FD5030B65420F 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-07-14 20:11:15 97D879A884E7CDFED51AD63348A35254 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-07-14 20:11:15 7C26CACB82ECA09874B984B155B06AD4 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-07-14 20:11:15 55750A7588D91B102EB17E69BFF2AAF1 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-07-14 20:11:15 48A88348F1539CC7C8CB4E032DD79DAA 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-07-14 20:11:11 D9A91A779B5059E72D7FAD2B38275EA4 3242496 ----a-w- C:\Windows\Sysnative\msi.dll 2015-07-14 20:11:11 5489E74E56C0255159C8AE2C70744458 1941504 ----a-w- C:\Windows\Sysnative\authui.dll 2015-07-14 20:11:10 CDAD406033C31DB34185DDAECDD35FE2 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll 2015-07-14 20:11:10 978DC0A1FBE9CC91B21B40AF66CB396A 70656 ----a-w- C:\Windows\Sysnative\appinfo.dll 2015-07-14 20:11:10 91593D4FB7D89249014564A5F3EC389B 25088 ----a-w- C:\Windows\Sysnative\msimsg.dll 2015-07-14 20:11:10 81CB8D34112178CE1826C86BA5F268C3 128000 ----a-w- C:\Windows\Sysnative\msiexec.exe 2015-07-14 20:11:10 0D9514850CC3A99A6600643F2888858B 112064 ----a-w- C:\Windows\Sysnative\consent.exe 2015-07-14 20:11:02 D236055773550118989C0C81CBE79A29 765440 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-07-14 20:11:02 BBA5CB528CB7482E118D0FEAF808987A 17856 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2015-07-14 20:11:02 782C216AFEE0561680706698F70B2A93 1085440 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-07-14 20:11:02 658B5EC540CD94D76889D0E8390B1C04 433664 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-07-14 20:11:02 5D507961F680D0A0392CC5EB6515E70A 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-07-14 20:11:02 474EA5201E3883F747D540D3EF57C1F2 1145856 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-07-14 20:11:02 0919F433ED64E6CD1912C016F1E80BE7 67584 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-07-14 20:11:01 5663847B3DCC8382B1D1F1EEB4A92994 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll ====== C:\Windows\Sysnative\drivers ===== 2015-07-14 20:11:16 C0A6C3D6E02B61B5D100FE17306C276F 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-07-14 20:11:16 7A7328E427694CC7244235C3BC299F80 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-07-14 20:11:16 45A03A0B6461EFBEE77E0A6AC2816EDA 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-07-14 20:11:16 21AF322605D8C7F2A627C22634D1C9C9 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-07-14 20:11:16 1877EB1495CFBDAB27D6A32F6DDF3818 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-07-25 14:08:57 -------- d-----w- C:\Program Files\WinRAR 2015-07-12 16:37:24 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-07-20 18:01:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-07-14 20:42:12 -------- d-----w- C:\PROGRA~2\LogMeIn Hamachi ======= C: ===== 2015-07-27 08:46:40 9E99F5D3F753BAA1D4EDF80CE1B94555 90 ----a-w- C:\folders.txt ====== C:\Users\claudia\AppData\Roaming ====== 2015-07-27 08:46:44 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-07-27 08:46:44 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2015-07-27 08:46:44 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-07-27 08:46:44 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-07-27 08:46:44 -------- d-----w- C:\Users\claudia\AppData\Local\Temp 2015-07-27 08:46:44 -------- d-----w- C:\Users\aaron\AppData\Local\Temp 2015-07-25 14:09:25 -------- d-----w- C:\Users\claudia\AppData\Roaming\WinRAR 2015-07-25 14:09:03 -------- d-----w- C:\Users\claudia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-07-19 16:54:40 -------- d-----w- C:\Users\claudia\AppData\Roaming\.pokepack2 2015-06-30 13:14:32 -------- d-----w- C:\Users\aaron\AppData\Roaming\.atlauncher ====== C:\Users\claudia ====== 2015-07-27 09:03:02 7B0D5CFD4FE96A40701F4506A7F6EAE9 10174886 ----a-w- C:\Users\claudia\Downloads\minecraft_server.1.8.7.exe 2015-07-26 09:27:57 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\claudia\Downloads\RSITx64.exe 2015-07-25 14:09:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-07-25 14:08:31 C39C2FA2376162ED7065A927DEFE960A 1957472 ----a-w- C:\Users\claudia\Downloads\winrar-x64-53b1.exe 2015-07-20 18:01:02 -------- d-----w- C:\ProgramData\Sun 2015-07-14 20:42:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-07-11 21:21:16 -------- d-----w- C:\ProgramData\Oracle ====== C: exe-files == 2015-07-27 09:03:02 7B0D5CFD4FE96A40701F4506A7F6EAE9 10174886 ----a-w- C:\Users\claudia\Downloads\minecraft_server.1.8.7.exe 2015-07-26 09:27:57 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\claudia\Downloads\RSITx64.exe 2015-07-25 14:08:57 D2285FB01DC041F10745284E77FBE54D 188920 ----a-w- C:\Program Files\WinRAR\Uninstall.exe 2015-07-25 14:08:57 C94FEA39AE18FE0243DC8D70945EB889 335352 ----a-w- C:\Program Files\WinRAR\UnRAR.exe 2015-07-25 14:08:57 C48B8E8C1E613446D205A1F0AC8B2B3F 62968 ----a-w- C:\Program Files\WinRAR\Ace32Loader.exe 2015-07-25 14:08:57 B8268C33CE14F6CCDF55A92CEBEF7515 1528824 ----a-w- C:\Program Files\WinRAR\WinRAR.exe 2015-07-25 14:08:57 4AF397CAA5F3DDF992309632BB09C2D3 531448 ----a-w- C:\Program Files\WinRAR\Rar.exe 2015-07-25 14:08:31 C39C2FA2376162ED7065A927DEFE960A 1957472 ----a-w- C:\Users\claudia\Downloads\winrar-x64-53b1.exe 2015-07-24 08:36:35 0CEED1D533CAE0741D56D83AB5CB004F 1525064 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_CA8A7236098B8F9A.exe 2015-07-24 08:36:32 71FF025C24EA6E0FC972427208B7AF9D 1105864 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_D6EBD55792EF3063.exe 2015-07-24 08:35:38 7D2D1E575711AF3C4340304F4A78E35A 532312 ----a-w- C:\Program Files (x86)\Google\Update\Install\{302E1067-D5FF-49D9-BC59-EC061378DF47}\GoogleToolbarInstaller_updater_signed.exe 2015-07-24 08:35:38 7D2D1E575711AF3C4340304F4A78E35A 532312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.6710.2136\GoogleToolbarInstaller_updater_signed.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-275429129-1623184646-3500824430-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\S-1-5-21-275429129-1623184646-3500824430-1003\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-275429129-1623184646-3500824430-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 6510 series (NET)"="C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1C2411DT05QB:NW -scfn HP Photosmart 6510 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "fssui"="C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe -autorun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20/07/2015 20:57] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/10/2014 16:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/10/2014 16:01] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{308ED91B-F21D-457A-BF57-65042A69EC89}" ["c:\program files (x86)\mozilla firefox\firefox.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\claudia\AppData\Roaming\Mozilla\Firefox\Profiles\6cwih2rz.default user_pref("browser.startup.homepage", "https://www.google.be/"); ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\claudia\AppData\Roaming\Mozilla\Firefox\Profiles\6cwih2rz.default 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies AC47B55B38D626B678897F195793ECAB - C:\windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 0FC325593893749364EC4A733E7D9100 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash FD82108FD60B63010325D9AF6F00AF99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/nl-be/?pc=UP97&ocid=UP97DHP" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/nl-be/?pc=UP97&ocid=UP97DHP" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\aaron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORWPZOC2 will be deleted at reboot C:\Users\claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XKBJ0FK3 will be deleted at reboot C:\Users\claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y6659HB9 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\aaron\AppData\Local\Mozilla\Firefox\Profiles\g8l9hg81.default\cache2 emptied successfully C:\Users\claudia\AppData\Local\Mozilla\Firefox\Profiles\6cwih2rz.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=11 folders=8 5165570 bytes) ==== Empty Temp Folders ====================== C:\Users\aaron\AppData\Local\Temp emptied successfully C:\Users\claudia\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\claudia\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ORWPZOC2" not found "C:\Users\claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XKBJ0FK3" not found "C:\Users\claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y6659HB9" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on ma 27/07/2015 at 22:17:22,50 ======================