
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Yousra on di 25/08/2015 at 20:14:33,73.
Microsoft Windows 8.1 met Bing 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Yousra\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

25/08/2015 20:23:51 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\35a05f94-4ad3-4c54-a46b-5f6cbe9e24fb deleted successfully
C:\PROGRA~2\a410d30c-e968-4d5e-b150-b9d142bcce13 deleted successfully
C:\PROGRA~3\bd49c38a00000b22 deleted successfully
C:\Users\Yousra\AppData\Roaming\hpqlog deleted successfully
C:\Users\Yousra\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Yousra\AppData\Local\EmieSiteList deleted successfully
C:\Users\Yousra\AppData\Local\EmieUserList deleted successfully
C:\Users\Yousra\AppData\Local\MediaShow deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} deleted successfully
HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} deleted successfully
HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9488E5CC-633A-41D7-9323-83AEF5977836} deleted successfully
HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} deleted successfully
HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A6E5EC13-4515-4910-BDED-032D55D6659B} deleted successfully
HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully
HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F5884D0D-3BF5-4FC2-B25E-BF875942AC63} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9488E5CC-633A-41D7-9323-83AEF5977836} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9488E5CC-633A-41D7-9323-83AEF5977836} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\3acecae8 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\d3a378f6 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a8501310 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPBIUpd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Primary Color deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Primary Color deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Primary Color deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Primary Color deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeKrnl deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeNetFilter deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPDRIVER_1.42.0.1828 deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

\CurrentVersion\Run] 
"YTDownloader"=- 
"Super Optimizer"=- 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 
"YTDownloader"=- 
"gmsd_be_180"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\35a05f94-4ad3-4c54-a46b-5f6cbe9e24fb not found
C:\PROGRA~2\a410d30c-e968-4d5e-b150-b9d142bcce13 not found
C:\Program Files (x86)\YTDownloader not found
C:\Program Files (x86)\Primary Color not found
C:\PROGRA~2\AlLSavere deleted
C:\PROGRA~2\buyandbruOWse deleted
C:\PROGRA~2\buYuandbrowse deleted
C:\PROGRA~2\dollarsavER deleted
C:\PROGRA~2\sAleoffer deleted
C:\PROGRA~2\BorderlineRunner deleted
C:\PROGRA~2\ProcessFoobar deleted
C:\PROGRA~2\RelaySubs deleted
C:\PROGRA~2\AlllSAver deleted
C:\PROGRA~2\buyaaNdbroawsE deleted
C:\PROGRA~2\daiolyypriZe deleted
C:\PROGRA~2\EditThisCookie deleted
C:\PROGRA~2\SnapPea Photos deleted
C:\PROGRA~2\Validity deleted
C:\Program Files (x86)\Super Optimizer deleted
C:\Program Files\Common Files\ShopperPro deleted
C:\Users\Yousra\AppData\Roaming\Super Optimizer deleted
C:\ProgramData\3794581889768616469 deleted
C:\ProgramData\{0e953c99-580e-a5e0-0e95-53c99580f265} deleted
C:\677e280396dfd61f59313079e85a7750 deleted
C:\Users\Yousra\SupTab deleted
C:\PROGRA~2\ShopperPro deleted
C:\PROGRA~2\XTab deleted
C:\Program Files\Common Files\System\SysMenu.dll deleted
C:\Program Files\Common Files\System\SysMenu64.dll deleted
C:\Users\Yousra\AppData\Roaming\appdataFr2.bin deleted
C:\Users\Yousra\AppData\Roaming\1B38A494-1431289047-E311-B2A0-6CC217EAF868 deleted
C:\PROGRA~3\ShopperPro deleted
C:\PROGRA~3\IHProtectUpDate deleted
C:\PROGRA~3\WindowsMangerProtect deleted
C:\Users\Yousra\AppData\Local\1B38A494-1431296323-E311-B2A0-6CC217EAF868 deleted
C:\Users\Yousra\AppData\Local\Installer deleted
C:\Users\Yousra\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Windows\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-1-6.job deleted
C:\Windows\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-1-7.job deleted
C:\Windows\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-5.job deleted
C:\Windows\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-5_user.job deleted
C:\Windows\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-6.job deleted
C:\Windows\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-7.job deleted
C:\Windows\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-1-6.job deleted
C:\Windows\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-1-7.job deleted
C:\Windows\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-6.job deleted
C:\Windows\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-7.job deleted
C:\windows\SysNative\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-1-6 deleted
C:\windows\SysNative\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-1-7 deleted
C:\windows\SysNative\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-5 deleted
C:\windows\SysNative\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-5_user deleted
C:\windows\SysNative\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-6 deleted
C:\windows\SysNative\Tasks\8f49a9f1-dc26-42ac-b3a7-4413def4ff28-7 deleted
C:\windows\SysNative\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-1-6 deleted
C:\windows\SysNative\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-1-7 deleted
C:\windows\SysNative\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-6 deleted
C:\windows\SysNative\Tasks\eb228d11-fb65-4778-bffe-95b98721c71e-7 deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\windows\SysNative\tasks\Super Optimizer Schedule deleted
C:\windows\SysNative\Tasks\SPBIW_UpdateTask_Time_313230383339383933312d2d37505a2a6c55326c342341 deleted
C:\windows\SysNative\Tasks\SPDriver deleted
C:\windows\SysNative\tasks\ShopperPro deleted
C:\windows\SysNative\tasks\ShopperProJSUpd deleted
C:\windows\SysNative\tasks\ASP deleted
C:\windows\SysNative\tasks\Easy Driver Pro Schedule deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Yousra\Documents\Super Optimizer deleted
"C:\PROGRA~2\Easy Speed Check\easyspeedcheck.exe" deleted
"C:\PROGRA~2\Easy Speed Check\libcurl.dll" deleted
"C:\PROGRA~2\Easy Speed Check\libeay32.dll" deleted
"C:\PROGRA~2\Easy Speed Check\libgcc_s_dw2-1.dll" deleted
"C:\PROGRA~2\Easy Speed Check\libidn-11.dll" deleted
"C:\PROGRA~2\Easy Speed Check\libstdc++-6.dll" deleted
"C:\PROGRA~2\Easy Speed Check\ssleay32.dll" deleted
"C:\PROGRA~2\Easy Speed Check\zlib1.dll" deleted
"C:\PROGRA~2\Easy Speed Check" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-08-14 21:09:31	FC2EA5BD5307D2CFA5AAA38E0C0DDCE9	221184	----a-w-	C:\Windows\notepad.exe
====== C:\Users\Yousra\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-08-23 13:23:01	A98799EBA5BAABF1AB2BAFCE488FC9F9	19871232	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-08-19 18:15:16	F51474B15B4210E93FD73CA9E52E7926	103120	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:16:39	6125B69B76160B3B7D07653EE8034272	27136	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-08-14 21:16:39	56EFA37771E7628216E9B35ED681384C	721920	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-08-14 21:16:35	B06236A3C5568BA063711D6E239509B9	81920	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-08-14 21:16:34	B4507FD993C3F7545A637863BE756559	124928	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-08-14 21:16:34	6C02E120E119B06D31EBD96DE4740111	29696	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-08-14 21:14:38	3C74EA1EC43A694060F09B7D754446C6	12856832	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-08-14 21:14:35	AB6A3699E478DEF677D48B126B223C54	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-08-14 21:14:32	3E168B5E5FEE3D09C2D4E97861B5F4B3	479232	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-08-14 21:14:32	0AC8CD2138FD10C4A0E2FF08F892359C	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-08-14 21:14:27	A37FEDFC0BC9E96AD3DFFF41D5805F04	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-08-14 21:14:24	BD3E3A13423C40E8CF4BE531EE68BAF0	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-08-14 21:14:22	D4CE6BDB3225327B3FAF630287B6B446	1048576	----a-w-	C:\Windows\SysWOW64\actxprxy.dll
2015-08-14 21:14:22	4D036506C8359185FC52EB49DB891743	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-08-14 21:14:21	66EA3446CDAC2772CC17A23DFE0169B7	880128	----a-w-	C:\Windows\SysWOW64\inetcomm.dll
2015-08-14 21:14:20	C98AF04E9FC94DBF57B29A9891597664	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 21:14:17	FB1B7D2B2D500E067B96C56EE0B4DDAD	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-08-14 21:14:17	728188684708FEF4F18E2CAB46C54DBB	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 21:14:17	358D91656E54B03B8FFE3CF4D535A6C8	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-08-14 21:13:02	A68963D6522B5281516B9841B6BC9919	198656	----a-w-	C:\Windows\SysWOW64\WebClnt.dll
2015-08-14 21:13:02	1467236922B38B4706BF2539D7BAC4B3	87040	----a-w-	C:\Windows\SysWOW64\davclnt.dll
2015-08-14 21:12:45	703B543281B5537DEB5B8EF05D94D898	1499920	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-08-14 21:09:31	9D12A01443D52BB25A8AD0F100F91B83	212992	----a-w-	C:\Windows\SysWOW64\notepad.exe
2015-08-14 21:09:28	AD560C728C33F20E9D0CF37C40DB7A23	1556992	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2015-08-14 21:09:28	7D2406D3E8DEAB81A539C8FF5FB8EAE2	1901776	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2015-08-14 21:09:07	2C961D5568DA48EA25FC663411120A04	6213120	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-08-14 21:09:05	8CF33E0D6E2592BBC3A471F40358E2DB	856064	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-14 21:08:59	6CF8627C9C84CA5E6CE8DC10CE757538	1559552	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-08-14 21:08:59	1B3D01CF06111D199380C0A7FBF5B1DE	301568	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-08-14 21:08:58	6738291C76FDD47037225BD70EE3503C	35840	----a-w-	C:\Windows\SysWOW64\atmlib.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-08-23 13:23:03	E5F2BB962F84A8F8D996FEA33F4C817B	25191936	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-08-19 18:15:17	AFA127EEA1E9FAE862A55A1D0B7E822C	124624	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 21:16:40	BB6F53F80AA1789815963C16E303A973	3704320	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-08-14 21:16:39	6FD5F29679239BF336D9AC045EFDE74F	35840	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-08-14 21:16:38	6CDF693DB2B20604E7314F8323F52F00	136904	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-08-14 21:16:38	5B5196CFE7A703D9F9309859EA70462C	891904	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-08-14 21:16:36	7CFB5C243562FEDEE84B2BBF12BEE33E	2228736	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-08-14 21:16:34	C82107E0CC8E12DE7CFBB4A9BFFD62BA	95744	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-08-14 21:16:33	F3C92D851BB901EDB5C7A977EFD578A8	409088	----a-w-	C:\Windows\Sysnative\WUSettingsProvider.dll
2015-08-14 21:16:33	DB3B4BE9021D0ADB3B34D00AB94D0895	140288	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-08-14 21:16:32	B137687B02C877047CCD4873D2925814	359936	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-08-14 21:16:31	B50599B542623B6C3A731F15A8C0D5AB	66048	----a-w-	C:\Windows\Sysnative\wups.dll
2015-08-14 21:16:31	2DF64AE63F4A95252E9AA626C5C65740	52224	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-08-14 21:14:42	995797E4DE4215715CA2040BB81F4594	14451200	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-08-14 21:14:40	C6960223A6BAB3CF83DB09565D191844	5923328	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-08-14 21:14:34	E892688BB1C8B0B485C27436F2B963CF	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-08-14 21:14:34	C555B5C8142844DED9E3BD94E6313000	2427904	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-08-14 21:14:30	0A11C834B8CA37AE07DF5E8727846BEC	2880000	----a-w-	C:\Windows\Sysnative\actxprxy.dll
2015-08-14 21:14:28	158C1D034080B9DC0A9A2CD9E8DB0199	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-08-14 21:14:25	4E37600CED71FFCE7EEBB129A90B3431	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-08-14 21:14:24	43AF91A40E44205272335E33B7BBA4C3	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-08-14 21:14:24	3E4568FFE110FE81CA1A75BF1149153B	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-08-14 21:14:23	77A4FEE4031F90DBB5C16F6A8FC855BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-08-14 21:14:22	8EB07ED289C0F53E3838DC812E5A9CCC	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-08-14 21:14:19	D25352D34FDE9AF82F6362CA86A317C3	145408	----a-w-	C:\Windows\Sysnative\iepeers.dll
2015-08-14 21:14:18	C580215DE134617942FF1740A1235CE4	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-08-14 21:14:18	9C7B3D3A9A945AED5CC97C6535C9D857	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-08-14 21:14:18	591A23DF78E3DDE47FF769C82CAC5AC7	1032704	----a-w-	C:\Windows\Sysnative\inetcomm.dll
2015-08-14 21:14:18	39E11AA344781CD5773BE9E2472C84E4	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-08-14 21:13:02	F077AA3AF6BF55445801661ADBC63D06	104448	----a-w-	C:\Windows\Sysnative\davclnt.dll
2015-08-14 21:13:02	40F83492DB9ABBA59773A45FB487C8B2	228864	----a-w-	C:\Windows\Sysnative\WebClnt.dll
2015-08-14 21:12:46	C8219AC86CFE28102878B69F414F2079	7458648	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-08-14 21:12:45	3CDAF271CFC64DB18F1B6D8BF495EB58	1735000	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-08-14 21:12:44	7E85DB0463AD2403AE84AD162B162279	1217024	----a-w-	C:\Windows\Sysnative\sysmain.dll
2015-08-14 21:09:40	F776672C327EA4B8409B337422B87350	59392	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-08-14 21:09:40	05B08C20B8428ECE088CB5635696A48D	59392	----a-w-	C:\Windows\Sysnative\basesrv.dll
2015-08-14 21:09:31	FC2EA5BD5307D2CFA5AAA38E0C0DDCE9	221184	----a-w-	C:\Windows\Sysnative\notepad.exe
2015-08-14 21:09:29	753F99CF6554FD9CBCDC79E7CB94E63A	2345472	----a-w-	C:\Windows\Sysnative\msxml3.dll
2015-08-14 21:09:29	3D6FE1BAB1FCBEECCA6F64E4C0F11640	2529880	----a-w-	C:\Windows\Sysnative\msxml6.dll
2015-08-14 21:09:07	570CCDEB1D230BEFDE7A0556FB02C674	7032320	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-08-14 21:09:05	1FD24A3B2B1BBEEC69EE009F3B110286	1101824	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
2015-08-14 21:09:01	4F9BFE0A0E3D979DE1C2C717E7FF34E0	4177408	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-08-14 21:09:00	6789160F360BF5BAF50CFEBC4043FA8E	1994752	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-08-14 21:09:00	1E93CBB75D167CDF85501A8C790097A8	1381888	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-08-14 21:08:59	AE0E60AE84B2E5CD261E6BD96F074841	44032	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-08-14 21:08:59	A1DB29E2E47A99E1992B6049ED838C9F	358912	----a-w-	C:\Windows\Sysnative\atmfd.dll
====== C:\Windows\Sysnative\drivers =====
2015-08-15 18:15:20	26B8FED3F3B85F5F0C4BD03FD00B9941	270168	----a-w-	C:\Windows\Sysnative\drivers\WdFilter.sys
2015-08-15 18:15:07	81285DDC994F03379DB46419300B2DCB	44560	----a-w-	C:\Windows\Sysnative\drivers\WdBoot.sys
2015-08-15 18:15:05	CE67080F00E0AF32755096CEA6430ABA	114520	----a-w-	C:\Windows\Sysnative\drivers\WdNisDrv.sys
2015-08-14 21:12:45	9A788037D768809DFD677F4BA08A224A	101720	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
====== C:\Windows\Tasks ======
2015-08-23 13:40:15	4A09D897C361BD02D8AA0551015EB4E7	356	----a-w-	C:\Windows\Tasks\Superclean.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-08-24 20:09:27	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Yousra\AppData\Roaming ======
2015-08-08 18:42:10	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Hewlett-Packard
====== C:\Users\Yousra ======
2015-08-24 20:08:54	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Yousra\Downloads\RSITx64.exe

====== C: exe-files ==
2015-08-24 20:09:28	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Yousra.exe
2015-08-23 13:34:49	CBA8D3818E9EFA0127C4C26A19A1401B	39592	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe
2015-08-23 13:34:42	2AF758F121FC60DDAF85A473A8390683	1134296	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe
2015-08-23 13:34:41	BF03BC8867B80284A82922C218B5CB03	7886552	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe
2015-08-23 13:34:38	9B0774D82D4F152803F347224E874FFC	84208	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
2015-08-23 13:34:37	5D858660962C7EB8988CBD6EF81DD684	5767896	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe
2015-08-23 13:34:33	6081EDF1034BB90FD8E8732DCACEC782	842448	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe
2015-08-23 13:34:32	C18CE8C7F28584600C8A4A9A25CFCF8B	550584	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe
2015-08-23 13:34:32	16BE056CD7D714DFCD21873A612E0395	480984	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe
2015-08-23 13:34:30	C1C83DDF46ABE62AFA9EBBE7D584C782	474344	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe
2015-08-23 13:34:29	92FAD266D88530BC6C18E702DA87C265	528584	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe
2015-08-23 13:34:28	BE953AF147A381A5567AE3B361B0A8BF	18996392	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
2015-08-23 13:34:09	BF86055AE9457B40E0E4C2B8AE0775CB	1923232	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\winword.exe
2015-08-23 13:34:05	4F3B7BEF36C1D880621A0FD66D0E5455	1846960	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe
2015-08-23 13:34:05	2159DF7D4CBC69B4770A1B9749CC69BA	874160	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2015-08-23 13:33:50	B7C90235D87EB10185419A081A19C5A9	1763496	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
2015-08-23 13:33:48	D640EB9759D69BE3AB0BB99EA43A7AA4	25722016	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excel.exe
2015-08-23 13:33:47	86577112ED2C9D9131090527BA45646E	569592	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe
2015-08-23 13:33:47	2A9577C88480519794ED2905ED518521	161480	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msosrec.exe
2015-08-23 13:33:46	5A8165E50FEDB7CD3BAD4E3F8BEF265E	517360	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe
2015-08-23 13:33:45	25C0A7EA906302A835ED1516D55F4C8D	15519912	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe
2015-08-23 13:33:39	957A0772C7AC1B2215F25248E6D8AC75	21938336	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2015-08-23 13:33:35	9A513223FA9D3A12404054B46AD47579	631504	----a-w-	C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe
=== C: other files ==
2015-08-23 13:24:53	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\Yousra\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\CollectOneDriveLogs.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2253621861-2412068149-2562745399-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"EasySpeedCheck"="C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe"
"SPDriver"="C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"
"Super Optimizer"="C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"HPMessageService"="C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"SPDriver"="C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EasySpeedCheck"="C:\Program Files (x86)\Easy Speed Check\easyspeedcheck.exe"
"SPDriver"="C:\Program Files (x86)\ShopperPro\JSDriver\1.42.0.1828\jsdrv.exe"
"YTDownloader"="C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot"
"Super Optimizer"="C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe /hideui"
"OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"OPBHOBrokerDesktop"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\Windows\tasks\HPCeeScheduleForYousra.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 04:43]
C:\Windows\tasks\Superclean.job --a-------- C:\programdata\0e953c99-580e-a5e0-0e95-53c99580f265\hqghumeaylnlf.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 1510 series" ["C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\Inst_Rep" [C:\Users\Yousra\AppData\Local\Installer\Install_10661\ytdiegut_gutdc_setup.exe]
"C:\Windows\SysNative\tasks\LaunchPreSignup" [C:\Program Files (x86)\OLBPre\OLBPre.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E85E2D5C-4518-489D-89BC-A0A5DB7DC7EF}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPW10UpgradeReminder_backup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPW10UpgradeReminder.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Chromium Startpages ======================

C:\Users\Yousra\AppData\Local\Google\Chrome\User Data\Default\Preferences
C8B97F7B63E01F1A35","startup_urls":"3683F0DD0AF102C08D253B6619D4A0B40500E0EAA39736F0B22922A0D070255D"},"software_reporter":{"prompt_reason":"48BC8A01A335357B83010BFD8D441DEA11D7682C1DFD61A001558F0D24B03D8D","prompt_seed":"6DD704FE3783389E474D10D1C7602C4DCF230D71CC08A3CAD4E1D038E577E92E","prompt_version":"6E7674B198A1DE330A804DC017BF128B999F19B5F5155320F9A0D4C4944CEDEA"},"sync":{"remaining_rollback_tries":"04F73117CBB13944436D136AEB3A59B57ACB9CAFCA2B99951DC6BD54D8A6CC98"}},"super_mac":"F4E1E4800E64A984BE473D713128A9031582B17605D8A7D2D443AC35CB1AAE2F"},"safebrowsing":{"incidents_sent":{"2":{"chrome.dll":"3774509266","chrome_child.dll":"3743713718"},"6":{"domain_request_incident":"42","script_request_incident":"42"}}},"session":{"startup_urls":["http://www.delta-homes.com/?type=hp&ts=1432152910&z=be2cc5dbd66ec495c7842e0gaz5cco1g7w8o3t8g9e&from=wpm05203&uid=TOSHIBAXMQ01ABF050_54VHCDHQTXX54VHCDHQT"]},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.v9.com?type=hp&ts=1434412145&from=mych123&uid=toshibaxmq01abf050_54vhcdhqtxx54vhcdhqt&z=fbe0679462cf53a44da6f26gdz8c6z5z1geoag8c7z"
"Default_Page_URL"="http://www.v9.com?type=hp&ts=1434412145&from=mych123&uid=toshibaxmq01abf050_54vhcdhqtxx54vhcdhqt&z=fbe0679462cf53a44da6f26gdz8c6z5z1geoag8c7z"
"Search Page"="http://www.mystartsearch.com/web/?type=dspp&ts=1431269328&z=3a5e9a9dd446d041376ee79g5zecdg4ocq9t2c2g1z&from=tugs&uid=TOSHIBAXMQ01ABF050_54VHCDHQTXX54VHCDHQT&q={searchTerms}"
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=dspp&ts=1431269328&z=3a5e9a9dd446d041376ee79g5zecdg4ocq9t2c2g1z&from=tugs&uid=TOSHIBAXMQ01ABF050_54VHCDHQTXX54VHCDHQT&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.v9.com?type=hp&ts=1434412145&from=mych123&uid=toshibaxmq01abf050_54vhcdhqtxx54vhcdhqt&z=fbe0679462cf53a44da6f26gdz8c6z5z1geoag8c7z"
"Start Page"="http://www.v9.com?type=hp&ts=1434412145&from=mych123&uid=toshibaxmq01abf050_54vhcdhqtxx54vhcdhqt&z=fbe0679462cf53a44da6f26gdz8c6z5z1geoag8c7z"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.v9.com?type=hp&ts=1434412145&from=mych123&uid=toshibaxmq01abf050_54vhcdhqtxx54vhcdhqt&z=fbe0679462cf53a44da6f26gdz8c6z5z1geoag8c7z"
"Start Page"="http://www.v9.com?type=hp&ts=1434412145&from=mych123&uid=toshibaxmq01abf050_54vhcdhqtxx54vhcdhqt&z=fbe0679462cf53a44da6f26gdz8c6z5z1geoag8c7z"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Yousra\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Yousra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Yousra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.old was reset successfully
C:\Users\Yousra\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Yousra\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{a8501310} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{3acecae8} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d3a378f6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{144AC25F-D7A7-B233-BFB8-433771ECB92D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CF663D34-D239-8E23-0994-A44C0EC65ADE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Yousra\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Yousra\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Yousra\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Yousra\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Yousra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=286 folders=82 102764069 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Yousra\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Yousra\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 25/08/2015 at 21:10:16,67 ======================