Zoek.exe v5.0.0.0 Updated 15-09-2015 Tool run by Eigenaar on di 15/09/2015 at 23:30:57,25. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 15/09/2015 23:32:40 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Program Files\mcafee.com deleted successfully C:\PROGRA~3\Systweak deleted successfully C:\Users\Eigenaar\AppData\Roaming\Systweak deleted successfully C:\Users\Eigenaar\AppData\Roaming\WinRAR deleted successfully C:\Users\Eigenaar\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Eigenaar\AppData\Local\EmieSiteList deleted successfully C:\Users\Eigenaar\AppData\Local\EmieUserList deleted successfully C:\Users\Eigenaar\AppData\Local\Sparta deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\AVG Web TuneUp deleted C:\found.000 deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted "C:\Windows\Installer\44648.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Eigenaar\AppData\Local\Temp ==== 2015-09-15 10:22:36 78F768C4E0BD116AAF5EE41D760F899D 71168 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkaa1rc.dll 2015-09-14 11:50:15 00B74A1D7EC6F1BEC852FF1347E29E81 585824 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\jre-8u60-windows-au.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-09-09 03:31:30 F34E095C602E105AAEB5762464A074D8 81920 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2015-09-09 03:31:30 8EBAEAEF19E557506D9C7236281B79F4 124928 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll 2015-09-09 03:31:30 3EB61DA44BD70A70803CDFFC317C3525 29696 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe 2015-09-09 03:31:30 0EA1A0514316E500B4B6ABB816DA01DC 721920 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2015-09-09 03:30:51 0C0F9AAF13415DE6C9F73FF7BEF88314 230912 ----a-w- C:\WINDOWS\SysWOW64\InkEd.dll 2015-09-09 03:30:48 FE5CDD0986F845684E866C8A00ABF5B9 749568 ----a-w- C:\WINDOWS\SysWOW64\tdh.dll 2015-09-09 03:30:47 7A88A2F50CC53DF2DDCA544B4A58F95C 1556992 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2015-09-09 03:30:47 2D2C20DF59F51A8EEA12F3D6DE2E7D9B 1903848 ----a-w- C:\WINDOWS\SysWOW64\msxml6.dll 2015-09-09 03:30:40 164FE7DB9C7819F2F60A33F9BADD3B99 19856384 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 03:30:37 DA36D4C0F6EF1C3A3FD848BB7A88A728 12857344 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 03:30:36 7FE6E42911FCD9EA43AC111558E794C1 4520448 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-09-09 03:30:35 C2CDCD4EFD66AF2DE22EBB1EDAD70A92 2279424 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 03:30:35 9BCDFFECF276DBFB1EC8E2D3DD038E00 1951232 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-09-09 03:30:34 912A76E83F974A8EE728A109C9905685 504832 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 03:30:34 21FA5416257D628DE9100B22C6F4E011 665600 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 03:30:32 DB87011A9EA9E44EB716C472E09921F8 1310720 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-09-09 03:30:32 A030A4D208BB0FEA97702F56A75CE7D2 2052608 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-09-09 03:30:32 59C13F923C30AE909129C1B28139E32B 327168 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-09-09 03:30:32 12051337325500C8E68ADDE4E3706908 689152 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-09-09 03:30:31 BD197D0865A8C858BB9AB153D5B22EF7 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll 2015-09-09 03:30:30 97B61B2A69D381FB4B354A742D77438A 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2015-09-09 03:30:30 7282DBD37A639459F907B8C9307D1041 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-09-09 03:30:21 F418F268721B183BB5C42DFA23D9D9C2 359936 ----a-w- C:\WINDOWS\SysWOW64\taskeng.exe 2015-09-09 03:30:21 F3FE4F9CFF9E82DC66963988F8FBC4F1 1097216 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2015-09-09 03:30:20 A81B57D0157AC51C312BADB2D7153252 520192 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 03:30:20 9FA27757540B4AAD5EDAAEE1E1D33FA9 182784 ----a-w- C:\WINDOWS\SysWOW64\schtasks.exe 2015-09-09 03:30:20 70C34F5CC9B0E51B87C417FB65C120F9 1546752 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 03:30:20 560120EE098272BF187C9FC470F290FA 2461184 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 03:30:20 4615D4A2D7990F604130002F48EE0B87 148480 ----a-w- C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 03:30:19 F1BB02F06DF4A6D37508A65E0A2EE881 301568 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 03:30:19 78FE64758E3396A13EE8CBE0EF435B32 35840 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-09 03:30:19 2EE41D7C3CE1F2574DAF1FA72AD8564B 65600 ----a-w- C:\WINDOWS\SysWOW64\appidapi.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-09-09 03:31:31 B4EAB9C15967EBD6E4569734892176D4 136904 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2015-09-09 03:31:31 7AB01F304D40674D37CB7E7E8891B429 409088 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll 2015-09-09 03:31:31 57220D51A2650FEB323AA9E639714E4B 2240512 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2015-09-09 03:31:31 3F726FF7B1ACC7D5E89940EA5BFF0E61 3705344 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2015-09-09 03:31:30 F3F53766701AB4B894DDB4F78D53321D 140288 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll 2015-09-09 03:31:30 604010F2534A39FF7E043236FE296BA3 95744 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2015-09-09 03:31:30 5AD59ABE70AB621386E6E23A5EE221D1 35840 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe 2015-09-09 03:31:30 5106BAC2B4547B26C4B3A974615D2585 891904 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2015-09-09 03:30:51 5AA5D3EE2A87385B6E567D6B48B13A84 268288 ----a-w- C:\WINDOWS\Sysnative\InkEd.dll 2015-09-09 03:30:50 08079E76DD10DDEC6FA4F92AFF1CD38D 118616 ----a-w- C:\WINDOWS\Sysnative\consent.exe 2015-09-09 03:30:49 D6457C727572BF4E4189FE04CD49A589 951296 ----a-w- C:\WINDOWS\Sysnative\tdh.dll 2015-09-09 03:30:49 484E3AD4E215A7850B4197A4A6D97134 41984 ----a-w- C:\WINDOWS\Sysnative\UtcResources.dll 2015-09-09 03:30:49 21EDAD8188372C912B7BB9B1C6CB0D38 1633792 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll 2015-09-09 03:30:47 C2840E77C27B5F90F60F5C3CAE8787A7 2531400 ----a-w- C:\WINDOWS\Sysnative\msxml6.dll 2015-09-09 03:30:47 54FCD2135049B5121BD8879E220E773A 2345472 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2015-09-09 03:30:41 B73856CE663B16B980D635922B6A5EA6 25188352 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-09-09 03:30:38 06A02C37847A859E10EACE1A9032387C 14451712 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-09-09 03:30:37 13FAD8FFBB0E85761B42594FDAE425F7 5923840 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-09-09 03:30:36 CC4D00C985EC6E0F67EE3CF69FABAC4B 2886144 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-09-09 03:30:35 096A832FCF5A01003E96DD7FEE45618D 2427392 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-09-09 03:30:34 1F3DBB57E9EAC4E4BDD4DD523EEAC701 1545728 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-09-09 03:30:33 F6EA92A7954C4BE5916BD791F1B2FA3F 720384 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2015-09-09 03:30:33 C3BBD7A0B4E8E4208E8C88D9D4D0E835 585216 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-09-09 03:30:33 9D7B2EBCE72DBF36A8B502ED7FF230A7 817664 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-09-09 03:30:33 504D90662FEFEF8EA6E19BFE5C10229C 2126336 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-09-09 03:30:33 2ED806192EEB92E963B30B250F946C04 374784 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-09-09 03:30:31 F5886DC6A5386A1EC938C93A40554C15 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-09-09 03:30:31 B0ED8AEF452E9294E73C0C70BD301A4F 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2015-09-09 03:30:30 FCE64E50B3E81A69C1CA767015AA1917 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-09-09 03:30:30 C5760EA4180AD13CF49F04D2E806DE8F 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-09-09 03:30:21 E559586B7EA3E1902E6C123098BDBE5B 2819072 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers.dll 2015-09-09 03:30:21 A21AC8D41E63CF1AA24EBC165AE82C9A 468992 ----a-w- C:\WINDOWS\Sysnative\taskeng.exe 2015-09-09 03:30:21 3151A020E03DDE31AAC49F35C5EFB4DB 1265152 ----a-w- C:\WINDOWS\Sysnative\schedsvc.dll 2015-09-09 03:30:21 2E9E198247BF0E9BD94B42286798A5AC 229376 ----a-w- C:\WINDOWS\Sysnative\schtasks.exe 2015-09-09 03:30:21 1BC82B720076C30643CB04AAEE649A79 1380056 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2015-09-09 03:30:20 FA3A2F366A8D4A2BFE2FBD6BF99D8BD2 2775552 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2015-09-09 03:30:20 F5A987C9AE37B5A0E596FD6C61B2786E 194048 ----a-w- C:\WINDOWS\Sysnative\shacct.dll 2015-09-09 03:30:20 D29E5AA3BDB179B68BB80918008B6D55 655872 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll 2015-09-09 03:30:20 C437FBED45D3F2AEBA19CA3A9BA2348D 411455 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2015-09-09 03:30:20 3D50654EB342ED42EDA48F4CD8EF82B1 1728000 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Immersive.dll 2015-09-09 03:30:19 BB13532E840F4B6842E789DDA8382FE2 358912 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2015-09-09 03:30:19 88358135810B9DFD830A9D3A8C3D149A 39936 ----a-w- C:\WINDOWS\Sysnative\appidsvc.dll 2015-09-09 03:30:19 6E409D818C6B342544EAE741B1422B85 228864 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2015-09-09 03:30:19 452F2B00E71FB1B216957539D15F3159 4175872 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2015-09-09 03:30:19 447B30071910564528542F80343C74CB 44032 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2015-09-09 03:30:19 3F44A679845792E68F1A6FDA59309E92 74928 ----a-w- C:\WINDOWS\Sysnative\appidapi.dll 2015-09-09 03:30:17 D2B6D2C64B74277FC27756F9C02FFB5F 63488 ----a-w- C:\WINDOWS\Sysnative\tzsync.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2015-09-09 03:30:15 FEA8FC81431AD93F44D5FBFBBF096AA7 118272 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthpan.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-09-14 11:26:22 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-09-14 11:51:17 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== 2015-09-14 11:51:08 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Sun 2015-09-14 11:50:18 -------- d-----w- C:\Users\Eigenaar\AppData\Locallow\Oracle 2015-08-26 09:36:04 -------- d-----w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Eigenaar ====== 2015-09-14 11:51:04 -------- d-----w- C:\Users\Eigenaar\.oracle_jre_usage 2015-09-14 11:25:31 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Desktop\RSITx64.exe 2015-09-14 11:25:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64.exe 2015-08-28 00:53:15 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp ====== C: exe-files == 2015-09-14 12:02:34 7406493BDD20A553A52B5830E51B34F3 16372255 ----a-w- C:\Users\Eigenaar\Documents\ygopro-1.033.5-Percy\updates\10336.exe 2015-09-14 11:50:44 E408E46C5DD2D03A7474AA12BAABEFEE 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\klist.exe 2015-09-14 11:50:44 D94C31E9C9C9A1273CC67DC6FFAF9984 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\policytool.exe 2015-09-14 11:50:44 BDFF5086FC1F20E631A070EEF43A7BEC 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\tnameserv.exe 2015-09-14 11:50:44 BC949C957CEB9FAFDF0F3949CDDF1A72 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\java.exe 2015-09-14 11:50:44 B9DE149653ED8B9C5C6CB68131AB66D2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jjs.exe 2015-09-14 11:50:44 B804A4E31F4BAD4D5BA05FE684756BA2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\servertool.exe 2015-09-14 11:50:44 8C6BDB56CD4DEED1AF2790D37B54CFE9 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe 2015-09-14 11:50:44 86CC77A8189758834CF83F7F2FEA5162 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\java-rmi.exe 2015-09-14 11:50:44 7A0DE452F677EF2971C7B75B0267B6ED 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssvagent.exe 2015-09-14 11:50:44 7080B965215703EA1340C3C4903C7D73 274016 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaws.exe 2015-09-14 11:50:44 6A5A2FDB6D09E02A3283C55237DA10F6 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\unpack200.exe 2015-09-14 11:50:44 606A24A64E164B345A79F8F22A5DAC6F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\pack200.exe 2015-09-14 11:50:44 5DC0128E8A2017E82289191820C736A5 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe 2015-09-14 11:50:44 5A503CFE5B553A9721A469FCC9CE8562 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmiregistry.exe 2015-09-14 11:50:44 3292748E640429C2682484BD23D43F6B 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmid.exe 2015-09-14 11:50:44 30387BE3E5D04FE969B731441C89D2D8 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\ktab.exe 2015-09-14 11:50:44 262BBCE84B9C8784CC5A5E1975898022 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jabswitch.exe 2015-09-14 11:50:44 21B5D297A9191E4D833BB39456CEDAD0 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\kinit.exe 2015-09-14 11:50:44 0FCF9F3D9518B90FB58CC950FA33998C 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2launcher.exe 2015-09-14 11:50:44 0F6E0DD1263ACB2A1AC559BB7742B54D 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\keytool.exe 2015-09-14 11:50:44 08427EADE480F21412696582170B1167 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\bin\orbd.exe 2015-09-14 11:50:15 00B74A1D7EC6F1BEC852FF1347E29E81 585824 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\jre-8u60-windows-au.exe 2015-09-14 11:26:22 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Eigenaar.exe 2015-09-14 11:25:31 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Desktop\RSITx64.exe 2015-09-14 11:25:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Eigenaar\Downloads\RSITx64.exe 2015-09-14 08:13:27 7EE57FAE8E4976A3FAB2B83677BDE288 524608 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00007dee\CoProc update.19959086.exe 2015-09-12 23:22:17 10AA8F4AC923419FBB418E826594F569 6242248 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00007ded\DAO.19956763.exe 2015-09-12 13:15:32 20C31856CC5CCB8453166C4E1A72F576 630200 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2015-09-12 13:15:28 6472BF603AF255DF6EA49AC86C3B536F 172984 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2015-09-12 08:14:58 487592F963E1AE9F43523F5EC4A1C1DE 524160 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00007de4\CoProc update.19953049.exe 2015-09-11 09:50:39 30C51CF43768279DDF454C7221F99AC3 6242208 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00007ddf\DAO.19950306.exe 2015-09-10 08:17:07 7EAF8AF85FE3FCE0FFAB4172879EB439 523856 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00007dd3\CoProc update.19947981.exe 2015-09-09 19:00:54 84BD2148EE4A476E54C1014D1A005BE3 1304392 ----a-w- C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.1\software_reporter_tool.exe 2015-09-09 07:52:55 51BCC220F75FF26C4B8501B1C4F37B1E 6241568 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00007dbb\DAO.19940805.exe 2015-09-09 07:52:51 EC1EA48EB868686F56D6C99B057C550F 523712 ----a-w- C:\Users\Eigenaar\AppData\Local\NVIDIA\NvBackend\Packages\00007db6\CoProc update.19940080.exe 2015-09-09 03:31:31 B4EAB9C15967EBD6E4569734892176D4 136904 ----a-w- C:\Windows\System32\wuauclt.exe 2015-09-09 03:31:30 5AD59ABE70AB621386E6E23A5EE221D1 35840 ----a-w- C:\Windows\System32\wuapp.exe 2015-09-09 03:31:30 3EB61DA44BD70A70803CDFFC317C3525 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-09-09 03:30:51 09BF7018D659795EDFA5A7BEE4E26586 2138112 ----a-w- C:\Program Files\Windows Journal\Journal.exe 2015-09-09 03:30:50 08079E76DD10DDEC6FA4F92AFF1CD38D 118616 ----a-w- C:\Windows\System32\consent.exe 2015-09-09 03:30:33 F6EA92A7954C4BE5916BD791F1B2FA3F 720384 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-09-09 03:30:21 F418F268721B183BB5C42DFA23D9D9C2 359936 ----a-w- C:\Windows\SysWOW64\taskeng.exe 2015-09-09 03:30:21 A21AC8D41E63CF1AA24EBC165AE82C9A 468992 ----a-w- C:\Windows\System32\taskeng.exe 2015-09-09 03:30:21 2E9E198247BF0E9BD94B42286798A5AC 229376 ----a-w- C:\Windows\System32\schtasks.exe 2015-09-09 03:30:20 9FA27757540B4AAD5EDAAEE1E1D33FA9 182784 ----a-w- C:\Windows\SysWOW64\schtasks.exe 2015-09-09 03:30:17 D2B6D2C64B74277FC27756F9C02FFB5F 63488 ----a-w- C:\Windows\System32\tzsync.exe === C: other files == 2015-09-15 18:30:04 DD921131629852FAE878953AE38C04D5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3839557676-4073800451-2590231035-1002\$IGE9OF4.zip 2015-09-15 14:24:47 76AF5A76578747340EB947763294FB2F 7572579 ----a-w- C:\$Recycle.Bin\S-1-5-21-3839557676-4073800451-2590231035-1002\$RGE9OF4.zip 2015-09-15 14:23:50 76AF5A76578747340EB947763294FB2F 7572579 ----a-w- C:\Users\Eigenaar\Downloads\ygohack137-master (16).zip 2015-09-14 11:50:45 4E221C69F3B103481534D1B6CB6A90DD 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_60\lib\deploy\ffjcext.zip 2015-09-09 03:30:19 452F2B00E71FB1B216957539D15F3159 4175872 ----a-w- C:\Windows\System32\win32k.sys 2015-09-09 03:30:15 FEA8FC81431AD93F44D5FBFBBF096AA7 118272 -c--a-w- C:\Windows\System32\drivers\bthpan.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3839557676-4073800451-2590231035-1002\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Dropbox Update"="C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "RadioController"="C:\Program Files (x86)\RadioController\RfBtnHelper.exe Start_Run" "Dolby Home Theater v4"="C:\Dolby PCEE4\pcee4.exe -autostart" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Dropbox Update"="C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll, C:\\WINDOWS\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2015-05-16 09:31:07 1197 ----a-w- C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3839557676-4073800451-2590231035-1002Core.job --a-------- C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [13/06/2015 11:19] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3839557676-4073800451-2590231035-1002UA.job --a-------- C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [13/06/2015 11:19] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 02:24] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 02:24] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3839557676-4073800451-2590231035-1002Core" [C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3839557676-4073800451-2590231035-1002UA" [C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{51E6C95C-2D4F-4BE1-AC30-6783C85A2D02}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\i8bhi03m.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.search.selectedEngine", "Google"); ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "fdm_ffext@freedownloadmanager.org"="C:\Program Files (x86)\Free Download Manager\Firefox\Extension" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\kompozer.net\KompoZer\Profiles\od0bbdui.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 45.0.2454.85 Google Drive - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Docs Offline - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{58EC8554-7E41-4535-A477-6AAA64ED64F2}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {58EC8554-7E41-4535-A477-6AAA64ED64F2} Unknown Url="Not_Found" {AA9A4890-4262-4441-8977-E2FFCBFB706C} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3839557676-4073800451-2590231035-1002\Software\Microsoft\Internet Explorer\SearchScopes\{58EC8554-7E41-4535-A477-6AAA64ED64F2} deleted successfully HKEY_USERS\S-1-5-21-3839557676-4073800451-2590231035-1002\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{58EC8554-7E41-4535-A477-6AAA64ED64F2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{58EC8554-7E41-4535-A477-6AAA64ED64F2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3839557676-4073800451-2590231035-1002\Software\Mozilla\Firefox\Extensions\fdm_ffext@freedownloadmanager.org deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\i8bhi03m.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8 folders=5 5693578 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 15/09/2015 at 23:52:01,90 ======================