Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by Olivier on zo 24/01/2016 at 10:50:49,17. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\Olivier\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-01-01-130549.log 17624 bytes C:\zoek-results2016-01-01-135955.log 11092 bytes C:\zoek-results2016-01-01-151300.log 14736 bytes C:\zoek-results2016-01-21-195903.log 39450 bytes ==== Empty Folders Check ====================== C:\Users\Olivier\AppData\Roaming\WarThunder deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ypagerps"=- ==== Deleting Files \ Folders ====================== C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\zzyoyi8t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} not found "C:\Windows\zoek-delete.exe" not found C:\zoek_backup deleted C:\PROGRA~2\Yahoo! deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Olivier\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-01-12 19:27:07 EA1AE75952A134B916898F6ED711D0DF 4610560 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-01-12 19:27:03 0EB02F0E2D88391FA424ADE23DED4B26 20367360 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-01-12 19:27:02 C5C764DD432EFBFB696E57DA7FD1DCFC 12856320 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-01-12 19:26:58 FEC239DEA89529EA2F0A7EAD33035C7E 2011136 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-01-12 19:26:58 BD9A366336173D9E802DA831FA1E862C 496640 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-01-12 19:26:57 1966606B40E38ED3680241CDB7345C5B 1311744 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-01-12 19:26:56 A78B94FF06C52A229DC83D176963A960 687104 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-01-12 19:26:56 9CB9B1CAD05BF9E534D284D3560BF7DC 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2016-01-12 19:26:56 86DF509512570AEB252C8A0FB4785569 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-01-12 19:26:56 701D71335226B378555AD172DA76B643 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-01-12 19:25:39 B82BB75B4109CB4E36F2080182C5FB96 561664 ----a-w- C:\Windows\SysWOW64\qedit.dll 2016-01-12 19:25:37 77988DF39C0B03ECEC23D983828C551E 1484888 ----a-w- C:\Windows\SysWOW64\msmpeg2adec.dll 2016-01-12 19:25:36 D4308B86A037A3F961AD8DC9453D13B0 1115640 ----a-w- C:\Windows\SysWOW64\mfnetsrc.dll 2016-01-12 19:25:36 4947C613E6A3979B7532784BB1F1FF88 2528784 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL 2016-01-12 19:25:30 DCAE83B49A2CCB4C8C5AE303E336E5E4 2324744 ----a-w- C:\Windows\SysWOW64\mfcore.dll 2016-01-12 19:25:26 246FAB0A3797CA09EB2784F56210460B 700360 ----a-w- C:\Windows\SysWOW64\mfnetcore.dll 2016-01-12 19:25:25 FA9C431BD37D08B3827920AAEC15BB79 1037680 ----a-w- C:\Windows\SysWOW64\WMADMOD.DLL 2016-01-12 19:25:25 E8DAB63684F3E835DB238126A9EE7DE6 2447136 ----a-w- C:\Windows\SysWOW64\WMVENCOD.DLL 2016-01-12 19:25:25 A5AFCB657F36FEC0D02829FB55CADECC 887296 ----a-w- C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-01-12 19:25:25 7543ADD28E5755173A900BB1E0CFFBC6 584656 ----a-w- C:\Windows\SysWOW64\evr.dll 2016-01-12 19:25:24 C2A0E75716AB62945EE7A5424A191A85 399776 ----a-w- C:\Windows\SysWOW64\mfsvr.dll 2016-01-12 19:25:24 9F10DB8E9D93D8099D1929C48BED33F5 1501184 ----a-w- C:\Windows\SysWOW64\quartz.dll 2016-01-12 19:25:24 7C37B256651C65EF36CDF8654094BB1E 492736 ----a-w- C:\Windows\SysWOW64\WMVSDECD.DLL 2016-01-12 19:25:23 D6A832C6275332E6AFF9619816EC62BB 184912 ----a-w- C:\Windows\SysWOW64\COLORCNV.DLL 2016-01-12 19:25:23 8D59116B0DF2C6BBEB77FAE473132E07 463776 ----a-w- C:\Windows\SysWOW64\MP4SDECD.DLL 2016-01-12 19:25:23 1C64686C98F54027247B67EA7EFFB6B7 99136 ----a-w- C:\Windows\SysWOW64\MP3DMOD.DLL 2016-01-12 19:25:22 FB61563FE57A83FD47D106EFB1E0F9A9 183856 ----a-w- C:\Windows\SysWOW64\VIDRESZR.DLL 2016-01-12 19:25:22 D7A0EBA50D2614C7B59FE7D66D360E45 229272 ----a-w- C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-01-12 19:25:22 D0812E8C73FF954E8861B32C6189C758 81032 ----a-w- C:\Windows\SysWOW64\devenum.dll 2016-01-12 19:25:22 AB783643CC9FC852AF4514C7EC956FB4 275312 ----a-w- C:\Windows\SysWOW64\MPG4DECD.DLL 2016-01-12 19:25:22 8F1DF01E797D4ED88AEA48A7318DAA34 110544 ----a-w- C:\Windows\SysWOW64\mfps.dll 2016-01-12 19:25:22 883785B6448CAEDFD23F243B812F76B6 914672 ----a-w- C:\Windows\SysWOW64\WMADMOE.DLL 2016-01-12 19:25:22 46721B442060DFD86AB13DB2C454E291 274280 ----a-w- C:\Windows\SysWOW64\MP43DECD.DLL 2016-01-12 19:25:22 25054169C8980C26F1A000FDD89500EF 76936 ----a-w- C:\Windows\SysWOW64\mfvdsp.dll 2016-01-12 19:25:21 9EA85D39C2245DB6DB494BD0D01AC53A 519680 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2016-01-12 19:25:21 7AFC278792FA79B55417BAE8BA1C578D 736256 ----a-w- C:\Windows\SysWOW64\WMVXENCD.DLL 2016-01-12 19:25:21 635923C4DA0FD32A8AE4BAA6B62454E5 402432 ----a-w- C:\Windows\SysWOW64\WMVSENCD.DLL 2016-01-12 19:25:21 4D6C13CA3E4D0869F911D88DE9BF2E3E 743936 ----a-w- C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-01-12 19:25:20 E620785DB51AD2B582DEAC1EC4A35621 1411584 ----a-w- C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-01-12 19:25:20 1D057D45BDAE173989A8F57CB069BBDA 245760 ----a-w- C:\Windows\SysWOW64\ksproxy.ax 2016-01-12 19:25:16 D1DA248D5FAA665D98279D400C3B1FED 357888 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-01-12 19:25:16 C0878126EDA2BF4FC8FE79D668353457 324096 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-01-12 19:25:16 8C702867BED37F9077231A0DA1599EF5 91416 ----a-w- C:\Windows\SysWOW64\ncryptsslp.dll 2016-01-12 19:25:16 5F1F20AB31DC487CF70360653AF94A17 120376 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-01-12 19:25:16 4119CA65855636E118942B09B4AA8852 340872 ----a-w- C:\Windows\SysWOW64\bcryptprimitives.dll 2016-01-12 19:25:14 54F82315BDF55BC8D0951E625B0FF71C 1097216 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2016-01-12 19:25:13 B0BCD3162B84852317209FE01FB8F3ED 1499912 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2016-01-12 19:24:44 F1D1E449FA396163F46459CF020A9B00 507176 ----a-w- C:\Windows\SysWOW64\advapi32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-01-12 20:10:58 652EDF1C0800FF7D468C49FFFE9F128F 1380864 ----a-w- C:\Windows\Sysnative\appraiser.dll 2016-01-12 20:10:58 066AA02D3D8463D758568CE1981D4394 792064 ----a-w- C:\Windows\Sysnative\generaltel.dll 2016-01-12 20:10:57 C96B880CE00D71939A9E982307589029 210432 ----a-w- C:\Windows\Sysnative\aepic.dll 2016-01-12 20:10:57 BB7CA975BD668E3F8DD895D683CE4322 705024 ----a-w- C:\Windows\Sysnative\invagent.dll 2016-01-12 20:10:57 B0F0DF4375DF40FE563797F709453530 505344 ----a-w- C:\Windows\Sysnative\devinv.dll 2016-01-12 20:10:57 977921D0AA83A8FCFE30730E3F57F35E 33456 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2016-01-12 20:10:57 6213E00B1EDD2C93A35F5A335E741FDE 1164800 ----a-w- C:\Windows\Sysnative\aeinv.dll 2016-01-12 20:10:57 31A196B4A2D4F5424BA76B1EE9432492 76800 ----a-w- C:\Windows\Sysnative\acmigration.dll 2016-01-12 19:27:08 FEEA59E7EF781F8F0A19960D507B69C4 25837568 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-01-12 19:27:07 158E4BF96FC82F10569441A6CF216BE1 6051328 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-01-12 19:27:01 F6C28491FB681CF9FB084E3FECB5E6D6 2487808 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-01-12 19:26:58 E65A0393F63880795EF1C96BECA7C752 571904 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-01-12 19:26:58 221E80A7181BF64BCDA36BCB92056C8A 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-01-12 19:26:57 BC59C0EFF4016AB3764B210B4FF288C9 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2016-01-12 19:26:57 AC135AD2BE989724404B392158EFFE4A 1546752 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-01-12 19:26:57 38600FA640785ECA985D81A84D65CC42 798208 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-01-12 19:26:57 11428DAC697C906F873A2B9BD28673A0 14456832 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-01-12 19:26:56 E2D77066F93867FED970A2F9725FCF64 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-01-12 19:26:56 90D875B41701279FD3AA7ADA77577731 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-01-12 19:25:39 6CB2E641D5287ECB1AD661F94269244F 670208 ----a-w- C:\Windows\Sysnative\qedit.dll 2016-01-12 19:25:37 EDBCF020312B0A666D573F17E6C8F36E 1877504 ----a-w- C:\Windows\Sysnative\msmpeg2adec.dll 2016-01-12 19:25:36 E57FA5C2293F9B68B8EE3F3347A8E467 2745184 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2016-01-12 19:25:35 49C90B7CA335B88256301BD7EC71922D 2334104 ----a-w- C:\Windows\Sysnative\mfcore.dll 2016-01-12 19:25:33 E4A9005FDC43AB809745727DFD8B9733 1288128 ----a-w- C:\Windows\Sysnative\mfnetsrc.dll 2016-01-12 19:25:28 394AD52DCAD308ABD78E41D24FCEC274 1210200 ----a-w- C:\Windows\Sysnative\WMADMOD.DLL 2016-01-12 19:25:27 73F79CFF87CCB6E05CC381A705A22ACF 850680 ----a-w- C:\Windows\Sysnative\mfnetcore.dll 2016-01-12 19:25:25 CF43BD59243814D6C40906A0D958C13B 2450240 ----a-w- C:\Windows\Sysnative\WMVENCOD.DLL 2016-01-12 19:25:25 B8ED24CF601BBF02542A447E786C62CC 735496 ----a-w- C:\Windows\Sysnative\evr.dll 2016-01-12 19:25:25 4DE477B2C0E8C192F7E6081DDCF7E80E 498472 ----a-w- C:\Windows\Sysnative\mfsvr.dll 2016-01-12 19:25:25 16409B63D29D0D5B9764D17DA6986EAC 1010688 ----a-w- C:\Windows\Sysnative\WMSPDMOD.DLL 2016-01-12 19:25:25 0971A106909DD24FC95B64B466964D21 1697792 ----a-w- C:\Windows\Sysnative\quartz.dll 2016-01-12 19:25:24 EB766AA7CA9736E8730DBCC5E24A11A8 299080 ----a-w- C:\Windows\Sysnative\VIDRESZR.DLL 2016-01-12 19:25:24 C4EB5199371188D73B6398BA9DA9336F 1664000 ----a-w- C:\Windows\Sysnative\WMSPDMOE.DLL 2016-01-12 19:25:24 9F3F1690779AF925EF27E5AB3DC98971 557856 ----a-w- C:\Windows\Sysnative\WMVSDECD.DLL 2016-01-12 19:25:24 6546BB2387558FC0B8A8960C6E64812B 250520 ----a-w- C:\Windows\Sysnative\MPG4DECD.DLL 2016-01-12 19:25:24 25A14A22A07E0CB798B64EEC4CCCADF5 629600 ----a-w- C:\Windows\Sysnative\MP4SDECD.DLL 2016-01-12 19:25:24 12C3FD470C9563378F617EDC5C452B60 203016 ----a-w- C:\Windows\Sysnative\COLORCNV.DLL 2016-01-12 19:25:23 FFED8E82FACEA3A98495AA51DAD39E47 246856 ----a-w- C:\Windows\Sysnative\RESAMPLEDMO.DLL 2016-01-12 19:25:23 89B8BD9C6EC007F8B676523C64646019 90392 ----a-w- C:\Windows\Sysnative\mfvdsp.dll 2016-01-12 19:25:23 74A9FAB8E52E574328167C954C291158 248432 ----a-w- C:\Windows\Sysnative\MP43DECD.DLL 2016-01-12 19:25:22 CA5F2EBE9A37612EA870C9DABFA9322B 116720 ----a-w- C:\Windows\Sysnative\MP3DMOD.DLL 2016-01-12 19:25:22 B6F66E58C282D8EBE679E79CF758246D 468480 ----a-w- C:\Windows\Sysnative\MFWMAAEC.DLL 2016-01-12 19:25:22 AF86B829240BB1C86B729FF19523C405 451072 ----a-w- C:\Windows\Sysnative\WMVSENCD.DLL 2016-01-12 19:25:22 9BD541409D98319F47A47E0EDDA0CD16 644608 ----a-w- C:\Windows\Sysnative\WMVXENCD.DLL 2016-01-12 19:25:22 958BBFEC04E21D21E12FE942288CB62E 1150232 ----a-w- C:\Windows\Sysnative\WMADMOE.DLL 2016-01-12 19:25:22 37F68076C560C0FE274F63573945F3E5 90904 ----a-w- C:\Windows\Sysnative\devenum.dll 2016-01-12 19:25:22 1E96347787177BE61A5B0E11D114ED41 244296 ----a-w- C:\Windows\Sysnative\mfps.dll 2016-01-12 19:25:21 AC0793654FDA191356F976F90020D442 289792 ----a-w- C:\Windows\Sysnative\ksproxy.ax 2016-01-12 19:25:21 512B361A9AAC27E32B49F4A853555127 340992 ----a-w- C:\Windows\Sysnative\qdvd.dll 2016-01-12 19:25:16 F7A892FD55475668240A1C059770C87F 1441280 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-01-12 19:25:16 F488EB4A942D4A1ABB67F4E9D21F34A1 137968 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-01-12 19:25:16 D8168652443B089D3A10B1B8A5E9027E 432128 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-01-12 19:25:16 98F7815A4F789AD06C758A848C6A2DBA 106960 ----a-w- C:\Windows\Sysnative\ncryptsslp.dll 2016-01-12 19:25:16 8B78F99AFF5F8D9248AED6622B331CFC 397224 ----a-w- C:\Windows\Sysnative\bcryptprimitives.dll 2016-01-12 19:25:16 33719C09E35F10AB8BCC8F7AC730937C 445440 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-01-12 19:25:14 B15AB960663EEA2A824DACABEB4016E4 1380600 ----a-w- C:\Windows\Sysnative\gdi32.dll 2016-01-12 19:25:13 D71AD091DA54E72D6F679170980FF5F0 7453016 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2016-01-12 19:25:13 3039DE51900B7EA1F30603402D8A800F 1735000 ----a-w- C:\Windows\Sysnative\ntdll.dll 2016-01-12 19:24:44 1A3350C4ECB93F15839F5799E60E32FD 685432 ----a-w- C:\Windows\Sysnative\advapi32.dll ====== C:\Windows\Sysnative\drivers ===== 2016-01-12 19:25:16 D5EB16B7A8FBD925E5A4F27A653E38C9 202240 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-01-12 19:25:16 C9ACE28CDCD5FF473033A01AA510A184 561952 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2016-01-12 19:25:16 A950AB512ED2BD847789FAAD3E967AFA 177488 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-01-12 19:25:16 767087A3646D01EBA4E8DDD903920BD0 401920 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys ====== C:\Windows\Tasks ====== 2016-01-14 21:39:46 711114CF37F2D043517C1C8AD86BCD6D 3262 ----a-w- C:\Windows\Sysnative\Tasks\Opera N Saturday 2016-01-14 21:39:46 0402D99E7E0ABADF6BFF92AB10A16CBC 3262 ----a-w- C:\Windows\Sysnative\Tasks\Opera N Sunday ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-01-14 21:39:16 -------- d-----w- C:\PROGRA~2\Opera ======= C: ===== ====== C:\Users\Olivier\AppData\Roaming ====== 2016-01-21 19:59:03 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-01-21 19:59:03 -------- d-----w- C:\Users\Olivier\AppData\Local\Temp 2016-01-21 19:59:03 -------- d-----w- C:\Users\Gast\AppData\Local\Temp 2016-01-21 19:59:03 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-01-21 19:59:03 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-01-14 21:39:55 -------- d-----w- C:\Users\Olivier\AppData\Local\Opera Software 2016-01-14 21:39:54 -------- d-----w- C:\Users\Olivier\AppData\Roaming\Opera Software 2016-01-04 18:18:42 -------- d-----w- C:\Users\Olivier\AppData\Local\Apps ====== C:\Users\Olivier ====== 2016-01-14 21:47:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger 2016-01-14 21:45:12 E946F9102D61760FDA05536ABBA48437 424072 ----a-w- C:\Users\Olivier\Downloads\msgr11us.exe ====== C: exe-files == 2016-01-24 09:49:31 A34855222FF0E28237F66710F136CC10 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3416387803-1765937096-2094940511-1002\$IC65DKJ.exe 2016-01-24 09:44:31 7EA0260488F304D68067A50B33A23AC2 1309184 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3416387803-1765937096-2094940511-1002\$RC65DKJ.exe 2016-01-21 13:27:29 61277689831E2E7E917CAE415369196A 602872 ----a-w- C:\Users\Olivier\AppData\Local\NVIDIA\NvBackend\Packages\0000853a\CoProc update.20361960.exe 2016-01-21 13:27:29 1987CF6CCEC2B6FC35CBFD09B41596DC 7130224 ----a-w- C:\Users\Olivier\AppData\Local\NVIDIA\NvBackend\Packages\0000853f\DAO.20362321.exe 2016-01-21 12:35:54 114255B24038B8E92D5F8A9CAD0F8F58 630200 ----a-w- C:\Users\Olivier\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-01-21 12:35:52 B33DD155BB433058B93834802BF14207 172984 ----a-w- C:\Users\Olivier\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-01-19 20:20:25 77D98C591509DE2292E46B113FD2465F 2246056 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe 2016-01-19 20:20:24 C04B3349EC0413AC56974B7E4DCBA7B4 3162536 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupx.exe 2016-01-19 20:20:24 A8A3F7F79E7AA13B956D5B837E77C0FB 695208 ----a-w- C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3416387803-1765937096-2094940511-1002\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Dropbox Update"="C:\Users\Olivier\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Messenger (Yahoo\PROGRA~2\Yahoo\Messenger\YahooMessenger.exe -quiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TSVU"="c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "ITSecMng"="%ProgramFiles(x86)%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Dropbox Update"="C:\Users\Olivier\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Messenger (Yahoo\PROGRA~2\Yahoo\Messenger\YahooMessenger.exe -quiet" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "TSSSrv"="C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "TCrdMain"="C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2015-05-09 21:40:09 1164 ----a-w- C:\Users\Olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20/01/2016 14:41] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3416387803-1765937096-2094940511-1002Core.job --a-------- C:\Users\Olivier\AppData\Local\Dropbox\Update\DropboxUpdate.exe [22/06/2015 06:49] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3416387803-1765937096-2094940511-1002Core" [C:\Users\Olivier\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3416387803-1765937096-2094940511-1002UA" [C:\Users\Olivier\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\Opera N Saturday" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\Opera N Sunday" [C:\Program Files (x86)\Opera\launcher.exe] "C:\Windows\SysNative\tasks\Resolution+ Setting Task" [C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe] "C:\Windows\SysNative\tasks\UMonitor Task" [C:\Windows\SysWOW64\UMonit64.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{DB084CC7-EC32-4317-BB93-7EF58E7EBEDE}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\TOSHIBA\CommonNotifier" [C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe] "C:\Windows\SysNative\tasks\TOSHIBA\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\zzyoyi8t.default user_pref("browser.startup.homepage", "http://microminimus.com/"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Olivier\AppData\Roaming\Mozilla\Firefox\Profiles\zzyoyi8t.default A107920551356DAEE665F0884F34D2D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll - Shockwave Flash ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Olivier\AppData\Local\Mozilla\Firefox\Profiles\zzyoyi8t.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Olivier\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files= ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Olivier\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Olivier\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\02OXBTUV" not found "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\7EE5H2ZE" not found "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\88E4SGFS" not found "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\8NHZRULK" not found "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\BMXZNJ9T" not found "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\BVUXSKQG" not found "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\IVJJQZXD" not found "C:\Users\Olivier\AppData\Local\Microsoft\Windows\INetCache\IE\YNVCY2BI" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 24/01/2016 at 11:29:52,69 ======================