
Zoek.exe v5.0.0.1 Updated 08-October-2015
Tool run by Wesley on vr 09/10/2015 at 19:03:51,69.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wesley\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

9/10/2015 19:06:12 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\log deleted successfully
C:\Users\Wesley\AppData\Roaming\dlg deleted successfully
C:\Users\Wesley\AppData\Roaming\TP deleted successfully
C:\Users\Wesley\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Wesley\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Wesley\AppData\Local\EmieSiteList deleted successfully
C:\Users\Wesley\AppData\Local\EmieUserList deleted successfully
C:\Users\Wesley\AppData\Local\photoOptimizeHistoryDataBase deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Winsta not found
C:\PROGRA~2\SystemRequirementsLab deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Users\Wesley\AppData\Local\X6eW2.vbs deleted
C:\Users\Wesley\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\PROGRA~3\Package Cache" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Wesley\AppData\Local\Temp ====
2015-10-08 17:49:17	611996D47DB08486BE06302B9D544471	69	----a-w-	C:\Users\Wesley\AppData\Local\Temp\dced92f4d09d755a6cae222aea0fbe91.dll
2015-10-08 17:48:53	9305736BCBE5C777A7534A87936A03C3	512	----a-w-	C:\Users\Wesley\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll
2015-10-08 12:04:25	B8C1F6D3E68BA96CF27A0C7E77647315	785016	----a-w-	C:\Users\Wesley\AppData\Local\Temp\nvStInst.exe
2015-10-05 10:29:12	C0FE25F036DBAD335A0227D4E7FA7511	28099	----a-w-	C:\Users\Wesley\AppData\Local\Temp\i4jdel0.exe
2015-09-29 08:48:04	5736A6AE504A402EBEF709E56709059E	66233256	----a-w-	C:\Users\Wesley\AppData\Local\Temp\tmd_34019802.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-10-08 12:08:26	B5EE32AABD5B5DCDB2D79FE460423953	102520	----a-w-	C:\Windows\SysWOW64\nvStreaming.exe
2015-10-08 12:04:03	DD9079A97F809873289C83DF6EA60CAD	128696	----a-w-	C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-08 12:04:03	A7B9D5DACF0061F7AB9BE16DC833FD5D	15002304	----a-w-	C:\Windows\SysWOW64\nvwgf2um.dll
2015-10-08 12:04:03	80AD32A30338C05DFE6F38434850BC2C	13518496	----a-w-	C:\Windows\SysWOW64\nvopencl.dll
2015-10-08 12:04:03	7E0FA3285A2F5FCAA7A17755895376D0	673912	----a-w-	C:\Windows\SysWOW64\NvIFR.dll
2015-10-08 12:04:03	645E053F482FA25CAC8C1E7ADC133011	689456	----a-w-	C:\Windows\SysWOW64\NvFBC.dll
2015-10-08 12:04:03	15C106B41C938B6BA0E2AA0225EEF428	18359928	----a-w-	C:\Windows\SysWOW64\nvoglv32.dll
2015-10-08 12:04:02	E43145FEE9FCD787265C3D7F17B82B1D	37882488	----a-w-	C:\Windows\SysWOW64\nvcompiler.dll
2015-10-08 12:04:02	C3E5CCF6A73F692C74967B12EB9AB0EE	2489976	----a-w-	C:\Windows\SysWOW64\nvcuvid.dll
2015-10-08 12:04:02	97D223727F99CC872A777D802747FA75	12032200	----a-w-	C:\Windows\SysWOW64\nvcuda.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-10-08 12:04:03	FA1C2EB6872DE69E1391A8BDF357B388	17395512	----a-w-	C:\Windows\Sysnative\nvwgf2umx.dll
2015-10-08 12:04:03	F239588D4A3185AACCF2BD48EBB7146A	22306936	----a-w-	C:\Windows\Sysnative\nvoglv64.dll
2015-10-08 12:04:03	97840DE99D1A3AB1D8DD7612462F84F1	1564976	----a-w-	C:\Windows\Sysnative\nvdispgenco6435850.dll
2015-10-08 12:04:03	5FAB38629B6437F3D88FEC6C992F1F0F	877176	----a-w-	C:\Windows\Sysnative\NvFBC64.dll
2015-10-08 12:04:03	3F845D3E131F89C1A53CB22F1EA6F80D	861816	----a-w-	C:\Windows\Sysnative\NvIFR64.dll
2015-10-08 12:04:03	1872672A66D7F4ECAC13E0053B67D2EB	151368	----a-w-	C:\Windows\Sysnative\nvoglshim64.dll
2015-10-08 12:04:03	0A08F751E67CE3243510D73EB8C1AD08	16541040	----a-w-	C:\Windows\Sysnative\nvopencl.dll
2015-10-08 12:04:02	CE8721EFF79A61DC4B6C8EF9A491CA57	15716648	----a-w-	C:\Windows\Sysnative\nvd3dumx.dll
2015-10-08 12:04:02	9E9BBDB7D51C4EC2FF46C9136BA23DA8	14832968	----a-w-	C:\Windows\Sysnative\nvcuda.dll
2015-10-08 12:04:02	8C354FBC45770394E849B15759AC5141	1905456	----a-w-	C:\Windows\Sysnative\nvdispco6435850.dll
2015-10-08 12:04:02	42C15412420BD9B632CCEEA42AEEDD9B	2869880	----a-w-	C:\Windows\Sysnative\nvcuvid.dll
2015-10-08 12:03:59	717F412E2DF3CDCAD8906142D4CBCD7D	42914096	----a-w-	C:\Windows\Sysnative\nvcompiler.dll
====== C:\Windows\Sysnative\drivers =====
2015-10-09 13:48:07	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-10-09 13:47:45	AED2A0882252A5C27530C4D49F6006D2	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-10-09 13:47:45	8C4C495F43C793C8C4B1EB40A60E9E41	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-10-09 13:47:45	3584C58731B86FF315FB6EC8FCB6843E	109272	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-10-08 12:04:03	36BAB895547EA82892292F05FA02142E	11114616	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
2015-10-08 12:04:03	2464570B44EAC56308669A04FBA1CD81	31352	----a-w-	C:\Windows\Sysnative\drivers\nvpciflt.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-10-09 09:27:11	--------	d-----w-	C:\Program Files\trend micro
2015-09-25 17:09:34	--------	d-----w-	C:\Program Files\WinRAR
======= C:\PROGRA~2 =====
2015-09-25 17:04:55	--------	d-----w-	C:\PROGRA~2\WinRAR
======= C: =====
====== C:\Users\Wesley\AppData\Roaming ======
2015-09-25 17:10:19	--------	d-----w-	C:\Users\Wesley\AppData\Roaming\WinRAR
2015-09-25 17:09:53	--------	d-----w-	C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-09-22 16:05:47	--------	d-----w-	C:\Users\Wesley\AppData\Roaming\ViberPC
2015-09-22 16:05:23	--------	d-----w-	C:\Users\Wesley\AppData\Local\Viber
2015-09-22 16:05:15	--------	d-----w-	C:\Users\Wesley\AppData\Local\Package Cache
====== C:\Users\Wesley ======
2015-10-09 13:50:19	8BA618F15C8D721B12668D602DBAE5DB	1682432	----a-w-	C:\Users\Wesley\Desktop\adwcleaner_5.013.exe
2015-10-09 13:47:12	9B22512845511901DE62BA05A5AC7D71	21545336	----a-w-	C:\Users\Wesley\Downloads\mbam-setup-sem-2.1.6.1022.exe
2015-10-09 09:26:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Wesley\Downloads\RSITx64.exe
2015-09-25 17:09:53	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

====== C: exe-files ==
2015-10-09 13:50:19	8BA618F15C8D721B12668D602DBAE5DB	1682432	----a-w-	C:\Users\Wesley\Desktop\adwcleaner_5.013.exe
2015-10-09 13:47:12	9B22512845511901DE62BA05A5AC7D71	21545336	----a-w-	C:\Users\Wesley\Downloads\mbam-setup-sem-2.1.6.1022.exe
2015-10-09 13:45:30	F82E1290E57237E37E3F1D420B5B77F3	353304	----a-w-	C:\Users\Wesley\AppData\Local\NVIDIA\NvBackend\Packages\00007fa2\DRS update.20028384.exe
2015-10-09 13:45:30	6DC51938D5ABAD04A26D029708A506AB	587968	----a-w-	C:\Users\Wesley\AppData\Local\NVIDIA\NvBackend\Packages\00007fca\CoProc update.20042880.exe
2015-10-09 13:45:30	66DEA767F219D70080E8089042F2D069	6611672	----a-w-	C:\Users\Wesley\AppData\Local\NVIDIA\NvBackend\Packages\00007fb7\DAO.20038607.exe
2015-10-09 09:27:11	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Wesley.exe
2015-10-09 09:26:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Wesley\Downloads\RSITx64.exe
2015-10-09 08:19:54	1FE2D531F6BA5017F07B7094E93DDFBD	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2297541314-1087702399-2154512188-1003\$ITZNVCL.exe
2015-10-09 08:18:47	8227174B865BA711EB4B4A72DDF99751	143	----a-w-	C:\$Recycle.Bin\S-1-5-21-2297541314-1087702399-2154512188-1003\$RTZNVCL.exe
2015-10-08 17:46:51	5006C2F341E1CCECA9DEACAE9A2B0799	7585280	----a-w-	C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\GameClient\System\EOS.exe
2015-10-08 17:45:27	9F1AE66D7954FE2E0909A5EBC6B94798	67072	----a-w-	C:\Program Files (x86)\Steam\bin\wow_helper.exe
2015-10-08 13:10:52	9FDBE5A31F5B38524EDBA3A58053EBFD	630200	----a-w-	C:\Users\Wesley\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-10-08 13:10:48	6A967D29F6841C0FEDF24E4AB774BA69	172984	----a-w-	C:\Users\Wesley\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-10-08 12:08:27	881F692DABDD8E8A70D7D5085E8E24BE	7846008	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe
2015-10-08 12:08:27	022123738C242EDEC0714DABE0995172	1691256	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
2015-10-08 12:08:26	BEB5304E5DFCDC6ED4B23005EBAA2570	2402936	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe
2015-10-08 12:08:26	B5EE32AABD5B5DCDB2D79FE460423953	102520	----a-w-	C:\Windows\SysWOW64\nvStreaming.exe
2015-10-08 12:08:26	30D7D12AD020E246BC371EAD16546C23	596600	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
2015-10-08 12:08:26	087D293FC553B2581991733CBB023943	316024	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe
2015-10-08 12:08:26	0551616785A2BAA1CFFDBAEBBEDBB40E	437368	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe
2015-10-08 12:08:25	C92D3FF896851D670F2117F28CD47A13	896120	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe
2015-10-08 12:08:23	C368FAF3084E3978462159F1DDAFF54F	417400	----a-w-	C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2015-10-08 12:04:25	B8C1F6D3E68BA96CF27A0C7E77647315	785016	----a-w-	C:\Users\Wesley\AppData\Local\Temp\nvStInst.exe
2015-10-08 12:04:03	662DF9C8F85D78899BD6115CB7139F41	18169888	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{A97E3F1D-CF1C-4CEC-99AE-65F65C5E8E32}\3DVision.exe
2015-10-08 12:03:59	9628B1202D594513D22CB429EEC43B8B	94908208	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D84D82EE-C03D-4472-B9DE-D392EF71F1E9}\NvCplSetupInt.exe
2015-10-08 12:03:58	028ED92AC9D5EFCB26DADDBC9DC7773C	449144	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D84D82EE-C03D-4472-B9DE-D392EF71F1E9}\dbInstaller.exe
2015-10-08 12:03:58	028ED92AC9D5EFCB26DADDBC9DC7773C	449144	----a-w-	C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
2015-10-08 12:03:46	04C7816946F46C0A71826A29C1E46B2D	413816	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{B7F90492-6B9A-B683-EDB3-3FCC5FA6ACF5}-setup.exe
2015-10-08 12:03:12	5B886015E9D392FB2BFC2C93F7FF16F2	1872504	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\installer.{2F8E75C0-A63D-4F30-9E53-90A741955309}\NVNetworkService.exe
2015-10-08 11:41:22	D3F0E4F448CFD98F60D55D01A97939E7	707072	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-10-08 11:41:21	8C1FAC4BA4A1A3F4991763FA01527CB9	523264	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-10-08 11:41:21	7E925A9A931C8AE2B15EC801BE0183D6	388400	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2015-10-08 11:41:21	26A2294858EA67A297D8A4920A0AF71C	360960	----a-w-	C:\Windows\System32\GWX\GWXDetector.exe
2015-10-08 11:41:21	0D400710E06F502D715853A5AF1FF98C	445952	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2015-10-08 11:41:20	A45BD2EFB89B0870E8D46E36A101FA50	418304	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-10-08 11:33:13	9F80424A41438854D9675E2DF37E23EE	414000	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
2015-10-08 11:33:13	84627E2F3A8B8AB8842CADB57C8CA2C2	196400	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe
2015-10-08 11:33:10	EC599020CA153F58509C231036A7A7B4	20003120	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamUserAgent.exe
2015-10-08 11:33:05	3B21300676CD2FCF13D0E6BDE1CC6A09	21983024	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamUserAgent.exe
2015-10-08 11:33:05	12CFFEEFA26A3A1140F3AD3412AE57CB	4325680	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamService.exe
2015-10-08 11:33:02	B2C3D31934FAFA20EE8ED1977651E871	5568816	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamService.exe
2015-10-08 11:32:56	3F15121A00E918DA8B10E7C67C54E6E8	5833008	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe
2015-10-08 11:32:53	11AFDF4FC4B0906CEBD98D672F438939	7575344	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe
2015-10-08 11:32:51	B57C5FA794A8A1B72D5A2E07ECF8697B	5375792	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2015-10-08 11:32:49	5BEB3B23183E124C5CDAD5A70828176E	6754096	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2015-10-08 11:32:48	0671EAE125EA82EF51F5BE4916B2B3A3	4169520	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe
2015-10-08 11:32:46	4C55FA8894BB4EE452C9850E29B28B38	3235632	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe
2015-10-08 11:32:46	22188ADA2E42F5C6AE49077D6C75E2DC	1872688	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe
2015-10-08 11:32:45	930AE35B57C33F361AF045D220229063	1872688	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe
2015-10-08 11:32:44	CA8BDEC37A9D2DD74EC2A5C38086E169	87160	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe
2015-10-08 11:32:44	84EF5487ACC3C91FA64515823B4E9256	126584	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe
2015-10-08 11:32:43	FEDF59A44767480267C5615C46F0FBA5	2654512	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe
2015-10-08 11:32:43	D3C40989B164358F5BAA11EB7F605390	1155376	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe
2015-10-08 11:32:43	987C6F802C05E5788997097F9B04497D	637560	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2015-10-08 11:32:43	2803579AAF7DE043B980494B1E3B1BCE	1058096	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe
2015-10-08 11:32:41	6A604C6172B7A873C3EBB39E69D2F2E1	921392	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe
2015-10-08 11:32:41	3842142E509521856E43AA1EDB366BBD	4739888	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe
2015-10-08 11:32:40	78234776846976999DD50014D1D56EEF	519984	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe
2015-10-08 11:32:40	1FD8ABBAB7BDA653905E637329C47E60	595760	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe
2015-10-08 11:32:08	03F74A3132A8DCEF8DA69DD875F50A0D	37849088	----a-w-	C:\ProgramData\NVIDIA Corporation\NetService\cf4c7cee-e3ce-4c89-8020-0b53e9be137f\GeForce_Experience_Update_v2.5.15.46.exe
2015-10-08 11:31:59	3ABC35C11CC2273571B5A227B33266F1	301556840	----a-w-	C:\ProgramData\NVIDIA Corporation\NetService\10199275-9ef2-4863-a3cc-e87f1434b52e\358.50-notebook-win8-win7-64bit-international-whql-g.exe
2015-10-05 10:29:12	C0FE25F036DBAD335A0227D4E7FA7511	28099	----a-w-	C:\Users\Wesley\AppData\Local\Temp\i4jdel0.exe
2015-10-05 10:28:52	CD5E4489A855FC33D4F02EF66EB20A33	10980384	----a-w-	C:\Users\Wesley\AppData\Roaming\Azureus\tmp\AZU3847367449932991850.tmp\Vuze_5.6.2.0_win32.exe
=== C: other files ==
2015-10-09 13:48:07	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-10-09 13:47:45	AED2A0882252A5C27530C4D49F6006D2	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-10-09 13:47:45	8C4C495F43C793C8C4B1EB40A60E9E41	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-10-09 13:47:45	3584C58731B86FF315FB6EC8FCB6843E	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-10-08 12:04:03	36BAB895547EA82892292F05FA02142E	11114616	----a-w-	C:\Windows\System32\drivers\nvlddmkm.sys
2015-10-08 12:04:03	2464570B44EAC56308669A04FBA1CD81	31352	----a-w-	C:\Windows\System32\drivers\nvpciflt.sys
2015-10-08 11:34:06	35DFC12FD7E44B7CB8CCD7E5A2B3975A	50472	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys
2015-10-08 11:34:05	EE830ED41C660D6F3F8112B48869943B	19760	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2015-10-08 11:34:05	C2A9985C97DF5946AEAE7C001625410C	44840	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys
2015-10-08 11:34:05	9D9CAD70EA640AB8D3EB77BFAE6CABE2	28344	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys
2015-10-08 11:34:05	7ABD081BB7A1A8CF7E3B1E64183AB812	24760	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys
2015-10-08 11:34:05	3A75036E302390A04ADFA34096042CBD	18736	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
2015-10-08 11:34:04	D70A78443A13B048116B7CD1727A0EE8	15664	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys
2015-10-08 11:34:04	2043F5446FBE67B5219090E45E0C47C8	14640	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys
2015-10-05 10:28:36	051E817E59F6A573FA0DA06077C1BEC7	10006399	----a-w-	C:\Users\Wesley\AppData\Local\Temp\Vuze_5.6.2.0_win32.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2297541314-1087702399-2154512188-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"
"LMgrVolOSD"="C:\Program Files (x86)\Launch Manager\OSD.exe"
"Wbutton"="C:\Program Files (x86)\Launch Manager\Wbutton.exe"
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 "
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Folders ======================

2015-09-22 15:39:04	1304	----a-w-	C:\Users\Wesley\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/09/2015 12:02]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ :C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/08/2015 17:04]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Default_Page_URL"="http://www.aldi.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{65C6738E-40B3-4C3D-A9D9-76B3754D266A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{65C6738E-40B3-4C3D-A9D9-76B3754D266A} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE"
{8D820838-067A-4AB5-92FE-2B838FF0CC14} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_enDE393"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wesley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wesley\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Wesley\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=135 folders=39 73510499 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Wesley\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Wesley\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on vr 09/10/2015 at 19:28:56,60 ======================