==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\JRGEN~1\AppData\Local\Temp ==== 2016-02-25 10:09:03 222AA1F2FB05FB3F8A46EAFE6EBDD730 179624 ----a-w- C:\Users\JRGEN~1\AppData\Local\Temp\avguirn_081503745529.exe 2016-02-24 12:57:01 E3A25C80E2375B2D42C3D4729769BDF3 10240 ----a-w- C:\Users\JRGEN~1\AppData\Local\Temp\SDIAG_90843cf3-35c8-4673-94ac-fe08b7c1837a\NetworkDiagnosticSnapIn.dll ====== Java Cache ===== ====== C:\windows\SysWOW64 ===== ====== C:\windows\SysWOW64\drivers ===== ====== C:\windows\Sysnative ===== ====== C:\windows\Sysnative\drivers ===== 2016-02-28 20:02:43 8C17F3795DAE9A0ECDE4B3A3B0740E5F 79064 ----a-w- C:\windows\Sysnative\drivers\avng.sys 2016-02-28 18:20:19 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\windows\Sysnative\drivers\MBAMSwissArmy.sys 2016-02-28 18:20:00 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\windows\Sysnative\drivers\mbam.sys 2016-02-28 18:20:00 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\windows\Sysnative\drivers\mbamchameleon.sys 2016-02-28 18:20:00 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\windows\Sysnative\drivers\mwac.sys 2016-02-10 13:48:36 B0A106352DEF6D52332EA39E00462EA7 202240 ----a-w- C:\windows\Sysnative\drivers\mrxsmb20.sys 2016-02-10 13:48:36 61000E7155E92342D0D5338CE05D102A 401920 ----a-w- C:\windows\Sysnative\drivers\mrxsmb.sys 2016-02-10 13:48:21 D2AC8F07995CE6CD18848C129435B481 140800 ----a-w- C:\windows\Sysnative\drivers\mrxdav.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2016-02-28 09:04:31 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2016-02-11 20:04:45 -------- d-----w- C:\PROGRA~2\Free MP3 Cutter 2016-02-11 20:00:51 -------- d-----w- C:\PROGRA~2\FreeCodecPack ======= C: ===== ====== C:\Users\JRGEN~1\AppData ====== 2016-02-29 12:55:40 -------- d-----w- C:\windows\serviceprofiles\networkservice\AppData\Local\Temp 2016-02-29 12:55:40 -------- d-----w- C:\windows\serviceprofiles\Localservice\AppData\Local\Temp 2016-02-29 12:55:40 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2016-02-29 12:55:40 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2016-01-31 10:29:49 -------- d-----w- C:\Users\JRGEN~1\AppData\Local\Raphaël_Godart ====== C:\Users\JRGEN~1 ====== 2016-02-21 00:50:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag ====== C: exe-files == 2016-02-28 10:33:46 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Windows\Temp\e4jAAB7.tmp_dir1456655626\i4jdel.exe 2016-02-28 09:04:31 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jürgen.exe 2016-02-28 08:38:16 E46618969033A8C751E983DF7CF1C689 356352 ----a-w- C:\Users\Jürgen\AppData\Local\Packages\30236Rambo.AliExpressStore_eskj3em6jefke\AC\Microsoft\CLR_v4.0_32\NativeImages\AliExpressSe710dc35#\7432babccca33939bb5b035b3c9cf2c7\AliExpressStore.Windows.ni.exe 2016-02-26 20:44:24 61F36BD0779DFCAE01FCA273688FC99B 614456 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe 2016-02-26 08:28:26 EF8734A6337EA8EE02CAC1A1E8A2AB6E 444416 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe 2016-02-26 08:28:26 C37C03EFE49DBC4CE3DA1B31FFCA345A 355328 ----a-w- C:\Windows\System32\GWX\GWXDetector.exe 2016-02-26 08:28:26 7149E33CBE7E8413A160CA338CB9CE43 520704 ----a-w- C:\Windows\System32\GWX\GWX.exe 2016-02-26 08:28:26 5D0B8192510ADAF8A579C3647AAADA50 753152 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe 2016-02-26 08:28:26 4A5EB6541A61048377C9E8C8DE898134 396080 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe 2016-02-25 10:09:03 222AA1F2FB05FB3F8A46EAFE6EBDD730 179624 ----a-w- C:\Users\Jürgen\AppData\Local\Temp\avguirn_081503745529.exe 2016-02-25 10:08:44 F55C3197CEFAB359BFE1146AD85F5506 3147176 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupx.exe 2016-02-25 10:08:44 D8ABB1EE680D7984B056580C5E7B8388 2235816 ----a-w- C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe 2016-02-25 10:08:44 731F28E5D839DE0C0E133631036A566D 675240 ----a-w- C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe === C: other files == 2016-02-28 20:02:43 8C17F3795DAE9A0ECDE4B3A3B0740E5F 79064 ----a-w- C:\Windows\System32\drivers\avng.sys 2016-02-28 18:20:19 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2016-02-28 18:20:00 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2016-02-28 18:20:00 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2016-02-28 18:20:00 08DECFCB9BA97786165A69AB1015BC30 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2016-02-28 10:40:45 E4F94362DE1F0C81068C7C0BB163585D 35321 ----a-w- C:\Users\Jürgen\Downloads\OK\Victor Frankenstein (2015) [1080p] [YTS.AG]\victorfrankenstein2015brripxvidac3-evo-english-79279.zip 2016-02-26 17:35:41 C22542E6B8C15EFA555D5E743E490D5C 35342 ----a-w- C:\Users\Jürgen\Downloads\OK\In The Heart Of The Sea (2015) [1080p] [YTS.AG]\in-the-heart-of-the-sea-2015-1080p-yts-ag-english-79120.zip 2016-02-26 17:35:33 24F63C913D7B53E4304DB35871E8F820 28765 ----a-w- C:\Users\Jürgen\Downloads\OK\In The Heart Of The Sea (2015) [1080p] [YTS.AG]\intheheartofthesea720pblurayx264-sparks-dutch-79103.zip ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe /hideui" "OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe" "OPBHOBrokerDesktop"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe" "BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe" "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" ==== Startup Folders ====================== 2015-11-07 12:53:25 2114 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\HPCeeScheduleForJürgen.job [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\windows\SysNative\tasks\User_Feed_Synchronization-{20AF13F1-8008-467A-BB3B-CCF4D257BF9F}" [C:\windows\system32\msfeedssync.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [07/11/2015 13:55] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [07/11/2015 13:55] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPDTDFJS HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPDTDFJS HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPDTDFJS ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1243 folders=195 326732474 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\JRGEN~1\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\JRGEN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 29/02/2016 at 14:13:06,87 ======================