Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Vielans on za 20/02/2016 at 17:04:32,51. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Vielans\Desktop\zoek.com [Scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results2016-02-20-154626.log 937 bytes ==== Empty Folders Check ====================== C:\Users\Vielans\AppData\Local\ActiveSync deleted successfully C:\Users\Vielans\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2006528124-711895585-1205802454-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-2006528124-711895585-1205802454-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6007DB2-1AE0-4969-8758-388507A68B4E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D6007DB2-1AE0-4969-8758-388507A68B4E} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D6007DB2-1AE0-4969-8758-388507A68B4E} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2006528124-711895585-1205802454-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\antiphishing@bullguard deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Vielans\AppData\Roaming\IMVUClient deleted C:\PROGRA~2\Connected Music powered by Universal Music Group deleted C:\PROGRA~3\CyberlinkOutput.txt deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted "C:\windows\Installer\165ec.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-02-11 01:57:06 95D730526EF81792CD6848D8D10FAA1C 4502352 ----a-w- C:\WINDOWS\explorer.exe 2016-02-08 16:49:50 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\ativpsrm.bin 2016-02-03 02:59:29 EF5712B507FD449C062782A5CF39F4C3 1703424 ----a-w- C:\WINDOWS\sttray64.exe 2016-02-03 02:55:05 5657EDBF801FAE478964109B1E945156 67584 --s-a-w- C:\WINDOWS\bootstat.dat ====== C:\Users\Vielans\AppData\Local\Temp ==== ====== Java Cache ===== 2016-02-18 17:00:43 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Vielans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-1f024fd4 2016-02-18 17:00:43 5643D8EAABDB4ADD48649365E5A660A0 99 ----a-w- C:\Users\Vielans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2016-02-18 17:00:43 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Vielans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-2686e508 2016-02-18 17:00:51 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Vielans\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-11c4cea9 ====== C:\WINDOWS\SysWOW64 ===== 2016-02-17 14:52:09 207EC5FDC535FD71099958D7B51AAFF5 148256 ----a-w- C:\WINDOWS\SysWOW64\BgGamingMonitor.dll 2016-02-17 14:52:00 6D9C1F3A6754C17C9D6B3536155A0758 61968 ----a-w- C:\WINDOWS\SysWOW64\BGLsp.dll 2016-02-11 01:57:15 A898C851127646F4F657BBC7CD9DB987 19339776 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-11 01:57:13 0FAFB579F8D0DD97D62EAF87AE552B03 21124344 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-02-11 01:57:11 8B9DDC7866BD9B1A502D000D39CD40E3 5242496 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-11 01:57:10 01BFC0BC4D4986C7911B5A120E0EAC7B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-02-11 01:57:09 3B0CA32C396D84B4D3984177EA615F07 12125696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-11 01:57:08 8098C092B1C51D918C7FD17A0BC1B93A 18678272 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-11 01:57:07 E6EE0236D61AE1B946B9FE7F059C694F 5662208 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-11 01:57:05 FCBCED2A237DCD7EF86CED551B731742 4064320 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-02-11 01:57:05 FBF8BBB141504F661FA7F6864D95C16B 2230784 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-02-11 01:57:04 F29FE67D93D1EC698D8FE7B0A5BB32F1 1542816 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-11 01:57:04 CBE2DFB96C188DC8913B0CCBFA50C2FF 1824264 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2016-02-11 01:57:04 7FCEAC6F67C822B63306D1F6CB8B8A4B 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-11 01:57:04 52C8B2C9A9F61F2F1BE133E6015FA288 2919320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-11 01:57:03 838A36729CEC0E27D760AFE625104BB6 1557776 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-11 01:57:02 A9EEEFE4CFF7EEA891C77169A4C43D0A 295264 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-11 01:57:02 00ECC00ED8713D7FDE30323237C5CAEF 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-11 01:57:01 6EB3A9117D1849AE452110A2C66CC411 820704 ----a-w- C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-11 01:57:00 F7169F42A954DEAD789529859921BD36 81112 ----a-w- C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-11 01:57:00 F02A0D9F011212BC96B6DEF4F0E42AE9 1504768 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-11 01:56:59 F87C928A9C09611670BBF6533281003C 162816 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-11 01:56:59 AD18802933E2F0BD9FDE02FF35D8AEC3 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-11 01:56:59 0B247775E6D85763E490BAE3B7CE0CB9 31232 ----a-w- C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-11 01:56:58 F7F4D3C8F419097D5219C80B811978A9 203264 ----a-w- C:\WINDOWS\SysWOW64\iassam.dll 2016-02-11 01:56:58 EC0F9E1BF64F2162F232C072BB1D6768 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-11 01:56:58 0FC0E3CA4D36EB8A3BC1BA48436C1645 63488 ----a-w- C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-11 01:56:57 529D8C676C042EC2E6930221F81C1A4A 99840 ----a-w- C:\WINDOWS\SysWOW64\hlink.dll 2016-02-11 01:56:57 3ADA661523773B1A461CCA2BB1E4478B 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-08 16:58:27 F4F36D2AA4C3A686F749BF1C46F84C37 32680 ----a-w- C:\WINDOWS\SysWOW64\authuitu.dll 2016-02-08 16:45:36 7C163EDE63854539828F5B2C1BC529FD 157144 ----a-w- C:\WINDOWS\SysWOW64\ativvsva.dat 2016-02-08 16:45:36 219D7091DD1D93728392337FE9C7ADD6 204952 ----a-w- C:\WINDOWS\SysWOW64\ativvsvl.dat 2016-02-08 16:39:28 E666D0F1CBE953F615B0140636F3E493 492032 ----a-w- C:\WINDOWS\SysWOW64\igfxdv32.dll 2016-02-08 16:39:19 BB812787B838A74943DEF209350C3883 291744 ----a-w- C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-02-17 14:52:09 708673E5E061870573E9F899343E9184 169904 ----a-w- C:\WINDOWS\Sysnative\BgGamingMonitor.dll 2016-02-17 14:52:00 55A943F53B198516283B7CA3D7EF802E 76816 ----a-w- C:\WINDOWS\Sysnative\BGLsp.dll 2016-02-11 01:57:19 4844C11E00F0ED6100B3375C216BFB49 24603136 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-02-11 01:57:17 1CA392E9520D8B86CFC484DE04B39F55 22394368 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-02-11 01:57:16 3D6CDEB19DE3D9FD55533C28ED664EA0 22564328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-02-11 01:57:14 3BFD141B784459A10F1DA623B7BE5E6C 6605544 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2016-02-11 01:57:13 5CADC12CD7D8C21952AF932EFD1707B7 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-02-11 01:57:11 F25D44D09132849746A080D9BAE331D9 7835648 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-02-11 01:57:10 5343CC447AA0BEE71ECADCCDB5670F9A 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-02-11 01:57:09 A2001D2C8E6C237B8F01E4375B16AF4E 7476064 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-02-11 01:57:07 F23708D1B4C792F35CF40710804D51A4 4894720 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-02-11 01:57:06 E0D72868E01C22B985A9341F8295613B 2757120 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-02-11 01:57:06 9B98D38675D854AE9D5DC06AE62E5E53 2275328 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-02-11 01:57:06 1C772A877B4724F7F56117FB899C740C 3592704 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-02-11 01:57:05 C402B84B789382748EEEC04284781732 2606824 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2016-02-11 01:57:04 C2737837E8DE02DCEE93EB9E0492E607 1819720 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-02-11 01:57:03 D02F3E132E6AD02F2CB4F9991FB77B56 1270072 ----a-w- C:\WINDOWS\Sysnative\WinTypes.dll 2016-02-11 01:57:03 B0AD1A1DCBD8690F11C44708610974B9 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-02-11 01:57:03 AAD4516753A9EDD1CF93B81E8B5D0CE5 359776 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-02-11 01:57:03 80D6AF1D9BE30E386322E9E723F7B6DE 1387520 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-02-11 01:57:02 B67BE37DB6E01693A8529DBC4B2A1C88 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-02-11 01:57:01 D53F94A3F5DA461209C6128D5337FFF1 304752 ----a-w- C:\WINDOWS\Sysnative\systemreset.exe 2016-02-11 01:57:01 95F1566DEB77160095EC236964EE506D 1734656 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-02-11 01:57:01 0319FFA35F366D2FD1C9776DAA98FE96 299008 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll 2016-02-11 01:57:00 FAB5054707064EA9881954F98D9150C0 85320 ----a-w- C:\WINDOWS\Sysnative\OpenWith.exe 2016-02-11 01:57:00 C177128E60700E43109584F33D0430F9 258048 ----a-w- C:\WINDOWS\Sysnative\iassam.dll 2016-02-11 01:57:00 1C375486D1F6D0DD5281B76C750EEFA3 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-02-11 01:56:59 D974EACE921C3B1C78DD29334CC7F861 109056 ----a-w- C:\WINDOWS\Sysnative\hlink.dll 2016-02-11 01:56:59 BAAB5AE1EC2A970C16FDA670882EEE39 79360 ----a-w- C:\WINDOWS\Sysnative\cfgbkend.dll 2016-02-11 01:56:59 8A48AEAACC0F44E999BEC15BF017E74B 36864 ----a-w- C:\WINDOWS\Sysnative\ztrace_maps.dll 2016-02-11 01:56:58 00FFABBFBEE8A064DF817885187B1D8B 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-02-11 01:56:57 DE4D2583E70B89D027CF9C5ABCD3673B 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-02-11 01:56:57 DD4C204506488414C8980B925445481C 99328 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll 2016-02-11 01:56:57 AA94C58A205952A01A58C3D18E4B987F 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-02-11 01:56:57 380A4E413E227A6445FDB5244181BAFF 1087488 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2016-02-08 16:58:28 042BCF18CACC921E7B46FEE1A8105C04 46504 ----a-w- C:\WINDOWS\Sysnative\TURegOpt.exe 2016-02-08 16:58:27 29F3CBB16E7A4DAB3B1106227815BDB1 37288 ----a-w- C:\WINDOWS\Sysnative\authuitu.dll 2016-02-08 16:53:33 B5BAC2F194DC3DC5585740337239489E 91272 ----a-w- C:\WINDOWS\Sysnative\RtNicProp64.dll 2016-02-08 16:52:48 A4C997A24702C6B617ED9A5B0A39C8E0 499200 ----a-w- C:\WINDOWS\Sysnative\stcplx64.dll 2016-02-08 16:52:47 ADF03FD14AC8368120D31AA307E9DDE2 256000 ----a-w- C:\WINDOWS\Sysnative\st646498.dll 2016-02-08 16:52:47 2A0D353D5380575D3144016349658BCD 697856 ------w- C:\WINDOWS\Sysnative\stapi64.dll 2016-02-08 16:45:42 BBADD85854BFB5D43C60B7AC8EEA3DBA 255472 ----a-w- C:\WINDOWS\Sysnative\atiesrxx.exe 2016-02-08 16:45:42 B3AB2D5B98E67EC56ED4EB9D2A3199BF 683504 ----a-w- C:\WINDOWS\Sysnative\atieclxx.exe 2016-02-08 16:45:42 749584902AE80A53EFDA4F8FA03E1713 118784 ----a-w- C:\WINDOWS\Sysnative\atibtmon.exe 2016-02-08 16:45:38 0924FBECA5B233CCD3F89306D6EBBB50 451056 ----a-w- C:\WINDOWS\Sysnative\atidemgy.dll 2016-02-08 16:45:37 80C04025EB23316D1E9CFCC3E8D52AC5 1256432 ----a-w- C:\WINDOWS\Sysnative\atiadlxx.dll 2016-02-08 16:39:29 D20490A241F9B74712882B4284DC3D69 180224 ----a-w- C:\WINDOWS\Sysnative\igfxCoIn_v3308.dll 2016-02-08 16:39:29 7140322E4A87D67EF8B6CDEB97AFD5CB 9081856 ----a-w- C:\WINDOWS\Sysnative\igfxress.dll 2016-02-08 16:39:21 3A171360C8AFACD089A86C9541558E11 223744 ----a-w- C:\WINDOWS\Sysnative\hccutils.dll 2016-02-08 16:39:20 BF2DE6538AA3F9A6E285D1FE81C387CC 2384896 ----a-w- C:\WINDOWS\Sysnative\GfxRes.dll 2016-02-08 16:39:14 121619AD32134152616088673078F931 1806 ----a-w- C:\WINDOWS\Sysnative\GfxUIEx.exe.config ====== C:\WINDOWS\Sysnative\drivers ===== 2016-02-11 01:57:02 CC0A2F91C231E0D25EE3DBBF11B660D9 1998176 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-02-11 01:57:01 299B5570571185DB929194C40A1A0DB0 576352 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-02-11 01:57:00 A1105260EEEE3DBD8D38FD054B22BD00 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-02-11 01:56:59 BF6CA7EA5ECD6CF72D3D76652A9B8280 144384 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2016-02-08 16:53:33 471929D729C7FBC284ABDE74D9CED9DF 895256 ----a-w- C:\WINDOWS\Sysnative\drivers\rt640x64.sys 2016-02-03 15:21:00 318E816717431D3C23DC82779900C744 1089880 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-02-03 15:20:48 F259A45D6B555B14CC8365AA6BC8DC20 67072 ----a-w- C:\WINDOWS\Sysnative\drivers\usbser.sys 2016-02-03 02:58:32 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2016-02-03 02:57:50 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01011.Wdf 2016-02-03 02:48:57 EFEFC245B884B1BE0401931398DCD707 2152800 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-02-03 02:48:57 91D3F2A6253EF83EFBD7903028F58C4D 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\tdx.sys 2016-02-03 02:48:57 70148EFA9A562E7185B75BBE7D376BF7 578912 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2016-02-03 02:48:54 EF536C54AB9281FDC4E83B07279FCFC4 35680 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys 2016-02-03 02:48:54 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2016-02-03 02:48:52 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys 2016-02-03 02:48:52 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\WINDOWS\Sysnative\drivers\capimg.sys 2016-02-03 02:48:52 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys ====== C:\WINDOWS\Tasks ====== 2016-02-20 15:52:30 9457F3841F657530E0281E72BAE5E304 3282 ----a-w- C:\WINDOWS\Sysnative\Tasks\{5308772F-8D9C-4FB2-BBD5-1FD3251E96A6} 2016-02-16 18:43:13 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\cFos 2016-02-10 13:48:03 3D31A6A026EBFB1D593C0C836AC50DF3 3608 ----a-w- C:\WINDOWS\Sysnative\Tasks\Garena+ Plugin Host Service 2016-02-08 17:04:52 3D706A18D0601678BF44AD781665AB4F 3798 ----a-w- C:\WINDOWS\Sysnative\Tasks\Java Platform SE Auto Updater 2016-02-05 17:24:38 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\BullGuard 2016-01-23 13:01:06 D9B772D1DF8E2BAF7902D12D3B9BADF7 4138 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2016-01-23 13:01:06 ACC100A0EAFB596011C49022098343FD 1080 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-23 13:01:05 E3CC0AD33D8D505E04E2B9BCC462972D 3906 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2016-01-23 13:01:05 BCFEF5C4B73F7F43B0155364C2897CC4 1076 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-02-16 16:05:08 -------- d-----w- C:\Program Files\trend micro 2016-02-09 12:39:51 -------- d---a-w- C:\Program Files\ATI Technologies 2016-02-08 16:52:35 -------- d---a-w- C:\Program Files\IDT 2016-02-08 16:49:45 -------- d-----w- C:\Program Files\Common Files\ATI Technologies 2016-02-03 02:58:59 -------- d-----w- C:\Program Files\Intel 2016-02-03 02:58:10 -------- d---a-w- C:\Program Files\AMD 2016-02-03 02:57:39 -------- d-----w- C:\Program Files\Synaptics 2016-02-03 02:43:58 -------- d-----w- C:\Program Files\Reference Assemblies 2016-02-03 02:43:58 -------- d-----w- C:\Program Files\MSBuild ======= C:\PROGRA~2 ===== 2016-02-18 16:54:20 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-02-16 20:04:57 -------- d-----w- C:\PROGRA~2\MetaGeek 2016-02-15 21:46:56 -------- d-----w- C:\PROGRA~2\ooVoo 2016-02-08 16:44:41 -------- d-----w- C:\PROGRA~2\AVG 2016-02-08 16:17:05 -------- d-----w- C:\PROGRA~2\OSTotoSoft 2016-02-03 14:48:36 -------- d-----w- C:\PROGRA~2\Garena Plus 2016-02-03 02:59:03 -------- d---a-w- C:\PROGRA~2\ATI Technologies 2016-02-03 02:58:48 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2016-02-03 02:43:58 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-02-03 02:43:58 -------- d-----w- C:\PROGRA~2\MSBuild ======= C: ===== ====== C:\Users\Vielans\AppData\Roaming ====== 2016-02-16 20:05:20 -------- d-----w- C:\Users\Vielans\AppData\Local\MetaGeek,_LLC 2016-02-16 18:39:51 -------- d-----w- C:\Users\Vielans\AppData\Local\cFos 2016-02-16 17:20:18 -------- d-----w- C:\Users\Vielans\AppData\Local\AAA_Internet_Publishing,_ 2016-02-08 19:15:21 -------- d-----w- C:\Users\Vielans\AppData\Local\ATI 2016-02-08 16:45:38 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg 2016-02-08 16:45:23 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg 2016-02-08 16:42:06 -------- d-----w- C:\Users\Vielans\AppData\Local\Avg 2016-02-04 20:53:24 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2016-02-03 03:24:20 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-02-03 03:14:10 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Razer 2016-02-03 03:09:34 -------- d-----w- C:\Users\Default\AppData\Local\ATI 2016-02-03 03:09:34 -------- d-----w- C:\Users\Default User\AppData\Local\ATI 2016-02-03 03:09:32 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\ATI 2016-02-03 03:02:48 -------- d-s---r- C:\Users\Vielans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-02-03 03:02:48 -------- d-----w- C:\Users\Vielans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-02-03 03:02:48 -------- d-----w- C:\Users\Vielans\AppData\Roaming 2016-02-03 03:02:48 -------- d-----w- C:\Users\Vielans\AppData\Local\Temp 2016-02-03 03:02:48 -------- d-----w- C:\Users\Vielans\AppData\Local\Microsoft 2016-02-03 03:02:48 -------- d-----w- C:\Users\Vielans\AppData\Local 2016-02-03 03:02:48 -------- d-----r- C:\Users\Vielans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-02-03 03:02:48 -------- d-----r- C:\Users\Vielans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-02-03 03:02:48 -------- d-----r- C:\Users\Vielans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-02-03 03:02:48 -------- d-----r- C:\Users\Vielans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-02-03 02:58:22 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-02-03 02:54:26 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache 2016-02-03 02:54:01 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming 2016-02-03 02:54:01 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2016-02-03 02:53:55 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming 2016-02-03 02:53:55 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2016-02-03 02:53:54 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft 2016-02-03 02:53:54 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local 2016-02-03 02:46:21 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft ====== C:\Users\Vielans ====== 2016-02-18 16:57:25 462D73C11B99C0B77D65C0BFE82454AE 735328 ----a-w- C:\Users\Vielans\Downloads\JavaSetup8u73 (1).exe 2016-02-18 16:51:21 462D73C11B99C0B77D65C0BFE82454AE 735328 ----a-w- C:\Users\Vielans\Downloads\JavaSetup8u73.exe 2016-02-16 20:04:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek 2016-02-16 18:39:51 -------- d-----w- C:\ProgramData\cFos 2016-02-16 18:38:38 62A43B58081E0C50FF4EC9D3394A3D5C 3123384 ----a-w- C:\Users\Vielans\Downloads\cfospnet-v402.exe 2016-02-16 18:38:01 A6D93A074798D1FD69E5DCF2CC2E39BF 5709624 ----a-w- C:\Users\Vielans\Downloads\cfosspeed-v1010.exe 2016-02-16 17:19:25 AA556EDDC2F9DC7AEB34EC99D8D47CFB 25862544 ----a-w- C:\Users\Vielans\Downloads\WTFastSetup.4.0.6.679.exe 2016-02-16 16:04:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Vielans\Downloads\RSITx64.exe 2016-02-15 23:01:19 621F6C89349D136DD8D95149EC7BF1F3 13163744 ----a-w- C:\Users\Vielans\Downloads\Silverlight_x64.exe 2016-02-15 21:49:51 E2D692716EB08E6FF33CD1C38AC222CC 2388000 ----a-w- C:\Users\Vielans\Downloads\ooVooSetup (1).exe 2016-02-15 21:46:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo 2016-02-15 21:45:54 E2D692716EB08E6FF33CD1C38AC222CC 2388000 ----a-w- C:\Users\Vielans\Downloads\ooVooSetup.exe 2016-02-10 13:47:51 -------- d-----w- C:\ProgramData\ATI 2016-02-09 12:39:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2016-02-08 16:44:41 -------- d--h--w- C:\ProgramData\Common Files 2016-02-08 16:44:41 -------- d-----w- C:\ProgramData\Avg 2016-02-08 16:36:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Talent 2016-02-08 16:35:25 E7A0C8AB5D083BD65BB2A21CB98C7035 10616584 ----a-w- C:\Users\Vielans\Documents\DriverTalent_setup.exe 2016-02-08 16:17:51 -------- d-----w- C:\Users\Public\Thunder Network 2016-02-08 16:17:51 -------- d-----w- C:\ProgramData\Thunder Network 2016-02-08 16:17:24 -------- d-----w- C:\ProgramData\DriverTalent 2016-02-08 16:16:12 34E9F6823F288E35F8F2B909AA89946C 10610952 ----a-w- C:\Users\Vielans\Downloads\DriverTalent_setup.exe 2016-02-03 14:49:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena 2016-02-03 14:48:31 -------- d-----w- C:\ProgramData\GarenaMessenger 2016-02-03 13:08:42 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Vielans\ntuser.ini 2016-02-03 03:02:48 -------- d--h--w- C:\Users\Vielans\AppData 2016-02-03 02:54:30 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-02-03 02:54:01 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\Saved Games 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Videos 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Pictures 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Music 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Links 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Favorites 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Downloads 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Documents 2016-02-03 02:54:01 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Desktop 2016-02-03 02:53:55 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\Saved Games 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Videos 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Pictures 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Music 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Links 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Favorites 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Downloads 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Documents 2016-02-03 02:53:55 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Desktop 2016-02-03 02:53:54 -------- d--h--w- C:\WINDOWS\serviceprofiles\networkservice\AppData 2016-01-30 16:24:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wooxy ====== C: exe-files == 2016-02-20 15:58:59 D1A980AB7CDAC3A1924758B7D10D77A0 2184104 ----a-w- C:\Users\Vielans\AppData\Local\Temp\DELEF7F.EXE 2016-02-20 15:12:01 45AB0193BCF8693503AF810B1E60D7FE 879512 ----a-w- C:\Program Files (x86)\Google\Update\Install\{8722D193-CD7C-4E4E-B70D-7287C5EB98E1}\48.0.2564.116_48.0.2564.109_chrome_updater.exe 2016-02-20 15:12:01 45AB0193BCF8693503AF810B1E60D7FE 879512 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\48.0.2564.116\48.0.2564.116_48.0.2564.109_chrome_updater.exe 2016-02-19 19:50:13 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\D3B2599D-D862-4B02-9646-34A8AE00836C\DismHost.exe 2016-02-18 16:58:41 DB409F9BD2FA779E75835B1E0FE1181C 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\unpack200.exe 2016-02-18 16:58:40 C84504D069A78BE5E4444EA06AA5E102 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\orbd.exe 2016-02-18 16:58:40 ABC1BAF673FA608029D45EB6C78E1D04 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssvagent.exe 2016-02-18 16:58:40 AB6E988F108E2437E65536F3F5550BA2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\ktab.exe 2016-02-18 16:58:40 A3AA0A0935506C7ECA6EF2F584CD416F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\policytool.exe 2016-02-18 16:58:40 8BD1E7120713F9581645D5FDD14B8D25 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmid.exe 2016-02-18 16:58:40 6ABADA3CA8DC4AC2AFDA69A6836C362F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\pack200.exe 2016-02-18 16:58:40 66550F1F363BC66AFD9A530AD8CB6570 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\kinit.exe 2016-02-18 16:58:40 4383D5735FD7743D01AD04E9AAD1D6CF 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\keytool.exe 2016-02-18 16:58:40 3B74EE580794FCBDE389639E9D8ECEFB 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmiregistry.exe 2016-02-18 16:58:40 2942578781EFB763366176C015F09ACD 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\tnameserv.exe 2016-02-18 16:58:40 0A7708846A0629D518739075A40DDD06 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\servertool.exe 2016-02-18 16:58:40 04E0265E964D9ECB07B105D456B96982 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\klist.exe 2016-02-18 16:58:39 B100697A0837596183F3BBD94448F68E 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jabswitch.exe 2016-02-18 16:58:39 876744373E18627410A9F23C348C5D9E 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2launcher.exe 2016-02-18 16:58:39 5B98DCE4893425BA4F08C2BE134CABE5 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaw.exe 2016-02-18 16:58:39 328A57535A2B74C924FA34DD29039E9D 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\java-rmi.exe 2016-02-18 16:58:39 249C1C8BD8AC9568E5C5A0EC2FB39018 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\java.exe 2016-02-18 16:58:39 237CDD69D6E3866533B402F321A11A4E 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javacpl.exe 2016-02-18 16:58:39 2211C51BABE577798343D69F818E25AB 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaws.exe 2016-02-18 16:58:39 16E2FE80EE89DCCA1907D97E34656E19 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jjs.exe 2016-02-17 21:11:09 761204CE1F26D946B2ACE5D5FF2D5D16 1579928 ----a-w- C:\Users\Vielans\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.3\software_reporter_tool.exe 2016-02-17 20:12:31 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\BAB4E327-5D4F-4E12-8C48-E05E68B126B5\DismHost.exe 2016-02-17 20:07:39 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\6C237968-AF97-4FA5-ABE3-2E12B60E2260\DismHost.exe 2016-02-17 20:01:14 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\911A88F9-D5F2-4251-B61A-561502CC5650\DismHost.exe 2016-02-17 19:56:41 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\09526EAB-4C03-4EB5-907C-77E0F4F9AF0E\DismHost.exe 2016-02-17 19:50:14 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\0089F92C-7F08-4147-9DD4-F0C7951CBC3A\DismHost.exe 2016-02-17 19:43:39 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\77AC4C17-5D72-46C2-8531-D427340330DA\DismHost.exe 2016-02-17 14:52:09 E2A6306D39C198C24F4422F535A0FC8A 373776 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDuplicateSize.exe 2016-02-17 14:52:09 B783D09259B3B92F95E7A6C786E73152 105488 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgDelayStartup.exe 2016-02-17 14:52:09 61E7034C82D683F160742C51B0A1D6E9 175632 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgBootMonitor.exe 2016-02-17 14:52:09 5E2A12B007C7BD750E64604EE35355CB 115728 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDelayStartup.exe 2016-02-17 14:52:09 22BCDC855F8BD882B617B61A3D3A5596 389136 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDirSize.exe 2016-02-17 14:52:02 B297CA35DEE41D669E35F0B3C33D4F91 222224 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe 2016-02-17 14:52:01 BC2F287389F55AD40FD7FD9B4A0715BE 352272 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupRun.exe 2016-02-17 14:52:01 773FB020EA81BCE55BE6E6E8D302CD2A 404496 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupShellTransfer.exe 2016-02-17 14:52:00 D1EA14A4F4EFE84AA31E239199C42EFE 310288 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe 2016-02-17 14:52:00 21789A80677D89598E12BA2C064208D9 242192 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BsMailProxy\BgCertUtil32.exe 2016-02-17 14:51:59 C931C203C2D44CA633269634C674EF67 673296 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe 2016-02-17 14:51:59 87EB467256483CF6FCB92EC6D3F22F53 264208 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BgCertUtil32.exe 2016-02-17 14:51:58 8D262939A1CC87E2EA4D7636842981CB 496144 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgScan.exe 2016-02-17 14:51:58 77F7ED533186C3AFAF5F0B2C0E4A49D7 249872 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgSecErase.exe 2016-02-17 14:51:58 4A9305ECB8A1BD6EB9DC8DBEA99B3112 134672 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\UpdatePatcher.exe 2016-02-17 14:51:58 497A03987F4C7663DCFF7EAFE690A963 373264 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgLogViewer.exe 2016-02-17 14:51:58 1C334635D37D4FF53E31DDDE7558FC41 1165328 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\ManualUpdate.exe 2016-02-17 14:51:57 87FF5A7DFFE0FA10DBC6F994A9ED7DE6 2856464 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe 2016-02-17 14:51:56 79A8A8BD2D3D75C00C27B516452CF4BD 631992 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Uninst.exe 2016-02-17 14:51:55 1B5280FCB6E52E955FCB8F52BAA97549 273232 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Instalator.exe 2016-02-17 14:51:54 BA1C6821EAAC83097AAE5BBF29C5A561 72720 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgLauncher.exe 2016-02-17 14:51:54 A688B7D3F5FBF4B347C47AA0DDB7A04E 160272 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgNag.exe 2016-02-17 14:51:54 8BEBE80621B6CF487F170AD7B4175263 1350160 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe 2016-02-17 14:51:54 4949DFBF59C248B4EDE2634E8B641200 159248 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgProbe.exe 2016-02-17 14:51:54 40591E1BA3EF39594E4267EB2F9D82BA 174096 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgProbe.exe 2016-02-17 14:51:54 35AE177692FC65698B8D61BC2F64F53D 78864 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgRegister.exe 2016-02-17 14:48:25 70D524739404540F4207D090C3DCBF55 398864 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe 2016-02-16 16:05:08 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Vielans.exe 2016-02-15 18:36:25 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\E6672A92-46ED-4693-8BBA-9670DE2715FC\DismHost.exe 2016-02-15 18:31:56 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\8B306274-2F7D-4413-B4F5-4C0114488C9F\DismHost.exe 2016-02-15 18:16:53 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\F338D24C-EE94-49A6-BC7F-657A83822CF8\DismHost.exe 2016-02-15 17:28:18 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\530EB791-4D77-444B-B8A7-FE8C12DE2EBA\DismHost.exe 2016-02-13 18:05:37 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\E14982DA-2247-4763-92E8-C47FD818620A\DismHost.exe 2016-02-13 17:40:23 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\F0F8F7C7-4E40-491E-9DB2-3AD9EA662D1F\DismHost.exe 2016-02-13 17:39:43 6B96514604457DDC49B75FC955094B92 2013696 ----a-w- C:\Users\Vielans\AppData\Local\Packages\Telenet.Yelo_c5vekn1z7ww04\AC\Microsoft\CLR_v4.0\NativeImages\Yelo\5af2b32070bad27c306fb3723cc2c62b\Yelo.ni.exe 2016-02-13 17:34:57 4E95AB8BEB2C8FD53B348EF4AD5121C5 149184 ----a-w- C:\Users\Vielans\AppData\Local\Temp\538DDA32-CB00-4553-8C07-97381E5874AD\DismHost.exe === C: other files == 2016-02-20 15:40:59 56FF737E7570FBEF6847D75B92446F8A 96 ----a-w- C:\$Recycle.Bin\S-1-5-21-2006528124-711895585-1205802454-1001\$IH7HK62.com 2016-02-20 15:40:35 36D327EB4A26B4E9242E511913E91084 1448141 ----a-w- C:\$Recycle.Bin\S-1-5-21-2006528124-711895585-1205802454-1001\$RH7HK62.com 2016-02-18 16:58:41 EFE4B4EBEBBF14DE84461AFCC281DA12 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ooVoo.exe"="C:\Program Files (x86)\ooVoo\oovoo.exe /minimized" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2006528124-711895585-1205802454-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Vielans\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Vielans\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Spotify"="C:\Users\Vielans\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "ooVoo.exe"="C:\Program Files (x86)\ooVoo\oovoo.exe /minimized" [HKEY_USERS\S-1-5-21-2006528124-711895585-1205802454-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Vielans\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Vielans\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey" "Raptr"="C:\Program Files (x86)\Raptr\raptrstub.exe --startup" "RazerCortex"="C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Vielans\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Vielans\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "Spotify"="C:\Users\Vielans\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Vielans\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Vielans\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [29/01/2016 07:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/01/2016 14:01] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/01/2016 14:01] C:\WINDOWS\tasks\HPCeeScheduleForVielans.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16/06/2015 09:51] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [21/08/2015 19:18] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\AMD Updater" ["C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\WINDOWS\SysNative\tasks\Garena+ Plugin Host Service" [C:\Program Files (x86)\Garena Plus\ggdllhost.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCeeScheduleForVielans" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\WINDOWS\SysNative\tasks\Java Platform SE Auto Updater" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{86CBF301-701B-48D3-822E-6E7ED973CD6F}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\BullGuard\BullGuardUpdate2" [c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe] "C:\WINDOWS\SysNative\tasks\cFos\Registration Tasks\Open Browser" [c:\program files (x86)\google\chrome\application\chrome.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\SymErr.exe] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Vielans\AppData\Roaming\Mozilla\Firefox\Profiles\nwehpgtq.default DAD55CEF682EAE6FA7B4C9487563A496 - C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bejnhdlplbjhffionohbdnpcbobfejcc - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx[] iikflkcanblccfahdhdonehdalibjnif - No path found[] YouTube - Vielans\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Vielans\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Vielans\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi AdBlock - Vielans\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Norton Identity Safe - Vielans\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Chrome Web Store Payments - Vielans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Hola - Unlimited Proxy VPN - Vielans\AppData\Local\Google\Chrome\User Data\Default\Extensions\opalpjjboefohnelaemnhdhlceibbcgl Norton Security Toolbar - Vielans\AppData\Local\Maelstrom\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc Norton Identity Safe - Vielans\AppData\Local\Maelstrom\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Chrome Web Store Payments - Vielans\AppData\Local\Maelstrom\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Vielans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Vielans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Vielans\AppData\Local\Maelstrom\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={1882C0EE-6917-4692-92D3-CEE09AC72989}&mid=942151a0c09e47cc9d57e9a3e1110bc8-d63845334b38456432534353db5567f5af2d8b2c&lang=en&ds=AVG&coid=avgtbavg&cmpid=0116piz&pr=fr&d=2016-02-08 20:24:41&v=4.2.5.441&pid=wtu&sg=&sap=hp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS HKLM\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/1553-29906-12136-18/4 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS HKLM\Wow6432Node\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/1553-29906-12136-18/4 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS HKCU\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC} - http://rover.ebay.com/rover/1/1553-29906-12136-18/4 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FEEF40788A6AE7E41B42DB16226CE6C2 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8704FEEF-A6A8-4E7E-B124-BD6122C66E2C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\FEEF40788A6AE7E41B42DB16226CE6C2 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Vielans\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Vielans\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Vielans\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Vielans\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Vielans\AppData\Local\Mozilla\Firefox\Profiles\nwehpgtq.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Vielans\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Vielans\AppData\Local\Maelstrom\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1985 folders=137 309766019 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Vielans\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 20/02/2016 at 17:46:28,40 ======================