Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Hotel on wo 27-04-2016 at 11:33:55,79. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Hotel\Desktop\PC help\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 27-4-2016 11:36:04 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\COMMON~1\Intel deleted successfully C:\Program Files\Google deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\PROGRA~3\SUPPORTDIR deleted successfully C:\Users\Hotel\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Hotel\AppData\Local\EmieSiteList deleted successfully C:\Users\Hotel\AppData\Local\EmieUserList deleted successfully C:\Users\Hotel\AppData\Local\NetworkTiles deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\SharedWiFi deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1437635954-4164599740-681965440-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1437635954-4164599740-681965440-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1437635954-4164599740-681965440-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TuneUp.UtilitiesSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.2.8 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\Program Files\AVG Web TuneUp deleted C:\windows\SysNative\Tasks\iolo System Checkup SetTask deleted C:\Users\Hotel\AppData\Local\AVG Web TuneUp deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\PROGRA~3\Avg_Update_1015av deleted C:\PROGRA~3\Nico Mak Computing\WinZip Malware Protector deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector deleted C:\WINDOWS\SysNative\wsusnative64.exe deleted C:\WINDOWS\wininit.ini deleted C:\windows\SysNative\tasks\WinZip Malware Protector_startup deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\Users\Public\Desktop\WinZip Malware Protector.lnk deleted "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\html.dat" not deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuavgx.dll" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_nl.lng" not deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuuix.dll" deleted "C:\PROGRA~2\WinZip Malware Protector\aspsys.dll" deleted "C:\PROGRA~2\WinZip Malware Protector\Microsoft.Win32.TaskScheduler.DLL" deleted "C:\PROGRA~2\WinZip Malware Protector\System.Data.SQLite.dll" deleted "C:\PROGRA~2\WinZip Malware Protector\WinZipMalwareProtector.exe" deleted "C:\PROGRA~2\WinZip Malware Protector\Xceed.Compression.dll" deleted "C:\PROGRA~2\WinZip Malware Protector\Xceed.FileSystem.dll" deleted "C:\PROGRA~2\WinZip Malware Protector\Xceed.Zip.dll" deleted "C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\log4cplusU.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.9\avgdttbx.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.9\log4cplusU.dll" deleted "C:\Program Files (x86)\AVG Web TuneUp" deleted "C:\Program Files (x86)\AVG\AVG PC TuneUp" not deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\WinZip Malware Protector" not deleted "C:\PROGRA~2\AVG Web TuneUp" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.9" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.9" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Hotel\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-04-25 17:14:04 BFB944500972BA0B10DE7BDC04AA6031 18796544 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-25 17:14:03 EF6D1DD7C37937D4C87E08AB8F28FB52 21088728 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-04-25 17:14:03 35FEF33A9C5F162C1534FF645F275B39 60928 ----a-w- C:\WINDOWS\SysWOW64\samlib.dll 2016-04-25 17:14:02 8F5F153AB87CDC482746AD59CC90550F 1767000 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-25 17:14:02 08CFEE57F2AD201CC9FF3FDE12702669 3680256 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2016-04-25 17:14:01 F8B3CD1518434D30099D6CCAF3C0A2AD 133120 ----a-w- C:\WINDOWS\SysWOW64\AppxSip.dll 2016-04-25 17:14:01 94A05FF450CF79A03288839B11C2F491 842240 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-04-25 17:14:01 149AB80CE10C9A718182E18DA555397F 1594368 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-25 17:14:00 F8CC4EE4592DB03DDFFFEE80882E1B2A 19325440 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-25 17:14:00 DD264D3712C20FA88E204368BE66595B 11263488 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-25 17:13:59 8ECB2BEB4318BF7C6B376269B4BF538B 1531888 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-25 17:13:59 8DEB4DFEE4C759BB7CD85D610B7ADB38 201216 ----a-w- C:\WINDOWS\SysWOW64\cemapi.dll 2016-04-25 17:13:58 6245CD949CA56526B0F804C9912A9B7D 223744 ----a-w- C:\WINDOWS\SysWOW64\ExSMime.dll 2016-04-25 17:13:58 0204856F30472715575521D3ACEFA0A5 5457408 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-25 17:13:57 4274FC71E6B7A5114446C90680C13E44 202240 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-04-25 17:13:57 1BC26B866A9820E324BE4BCF8E935B9F 700256 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-04-25 17:13:56 FB2DD511304A7A015260BD0C86D51E31 168448 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-04-25 17:13:56 C2A5E323EAD57EAC0BB91E665FCE3D7E 150528 ----a-w- C:\WINDOWS\SysWOW64\VCardParser.dll 2016-04-25 17:13:55 AA1590D5A6710EDEEFD196C2CDEB9FA8 579584 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-04-25 17:13:54 E50B61A950637E976C76B44250667314 104960 ----a-w- C:\WINDOWS\SysWOW64\AuthBroker.dll 2016-04-25 17:13:54 BC3AAA8470071EA42E7573D678EB3E6D 928256 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll 2016-04-25 17:13:54 55A2E25021746C5AFB00E0D638CF5966 2879024 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-25 17:13:54 4999A0891B2A5634179E431373B4360B 91648 ----a-w- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-04-25 17:13:53 C2D0FDC090C7BCDF55A67823F48ED4A3 55808 ----a-w- C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-04-25 17:13:53 988A874D3B8B71896F1ACB4D1C03A736 56320 ----a-w- C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-04-25 17:13:53 0132FDD001AEF6707E920ED83A23E89A 18944 ----a-w- C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-04-25 17:13:52 C0F48F83DC4535D1627992092E21B431 311808 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-04-25 17:13:52 A30C0B7E8B00485D6C388859D70951E5 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-04-25 17:13:52 55AE24F5BD65BE6B200C71CE1ED5175E 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-04-25 17:13:51 F00A88F3EB94D5B242994FC9D107B104 625152 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll 2016-04-25 17:13:51 BCC930B259A6EE4C4EF9CA6C99A8AFD3 557568 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll 2016-04-25 17:13:51 AF1F6504EC6280E0A9100A97268FB489 295424 ----a-w- C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-25 17:13:51 2AD24AC2466E059CEA4A1FA6FD289E7E 203776 ----a-w- C:\WINDOWS\SysWOW64\vaultcli.dll 2016-04-25 17:13:50 E34506337C00CE97503F2A9032794717 161792 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-25 17:13:50 976370693B95960D3AAB2EF537978FE8 539728 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-25 17:13:50 329A4AE43F089C63E80C07B38F9CB4EB 525312 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll 2016-04-25 17:13:48 D0BDD1228CF240F013229D97753E2BC1 163328 ----a-w- C:\WINDOWS\SysWOW64\fwbase.dll 2016-04-25 17:13:47 345A25187E51B4090D3E421E79AF8A17 172032 ----a-w- C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-04-25 17:13:46 EB988275F95921C14EB3AE1C22DBFA9F 181088 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-25 17:13:45 03F1A692E954C666E060179AA21B8671 163840 ----a-w- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-04-25 17:13:44 888559543B1E0BEAB4F32DC292238306 195584 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-04-25 17:13:44 4CE9ECAD43EDF5C14755FA5A3FCC8C56 365056 ----a-w- C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-04-25 17:13:44 3A87019F772CE782CCD97024B60B5F20 195584 ----a-w- C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-04-25 17:13:44 2EBE5467EF072F24D45FD39C7AC109FA 131072 ----a-w- C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-04-25 17:13:43 83CB142B473D05A1E03C751D3B1C0935 52736 ----a-w- C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-04-25 17:13:43 4FBD1C392649762381EDBE26CB4D6854 768000 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-25 17:13:42 FC051BDA44A331EDF9EF4640058228D6 19456 ----a-w- C:\WINDOWS\SysWOW64\wfapigp.dll 2016-04-25 17:13:42 C494112CBAA165233807B4F6B3ED2EDB 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-04-27 09:30:45 DB648941A84FA419111511860976B565 16148 ----a-w- C:\WINDOWS\Sysnative\PC_HOTEL_Hotel_HistoryPrediction.bin 2016-04-25 17:14:11 7F06C45F101CA2A9BDE5F5DC7A5BA13D 21859840 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-04-25 17:14:09 7ED92E8B17A35A23EE70EE1985B10D25 24593408 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-04-25 17:14:08 1E3F1D2EDDBC4A84326D52253FAF061E 3467784 ----a-w- C:\WINDOWS\Sysnative\WSService.dll 2016-04-25 17:14:07 BFA2F2397B77E3CF6E1E821159B4AF23 140536 ----a-w- C:\WINDOWS\Sysnative\AuthHost.exe 2016-04-25 17:14:07 B6ACBCD7FF5F92572BDB4643B57BDA34 22610328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-04-25 17:14:06 FEFDB732E9F44C789905304390FFA2C9 12505600 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-04-25 17:14:05 6C8D9B970564AD9C5DE0F7ABC9970A52 7525376 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-04-25 17:14:03 FCAEBF10DBBBF61BA0C5FF4A36580007 850432 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll 2016-04-25 17:14:03 91D53074A6774D983B771FF3914CEC03 95232 ----a-w- C:\WINDOWS\Sysnative\samlib.dll 2016-04-25 17:14:02 FA25EF1F646C9C09688772CFF1989BC7 3363328 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2016-04-25 17:14:02 7ABDA53F1703B517DB855920A4810F94 2495768 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2016-04-25 17:14:02 4B107ADD53F027196F8B904FB2B2CACB 158208 ----a-w- C:\WINDOWS\Sysnative\AppxSip.dll 2016-04-25 17:14:02 0C4FCA0D923FCA5C2FC2152ECF41FFBE 607744 ----a-w- C:\WINDOWS\Sysnative\AppxApplicabilityEngine.dll 2016-04-25 17:14:01 C79127AA908732119EF88DA6E79AE17E 3622272 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-04-25 17:14:01 B1FB27F4C061B8029DB91CE3BD596BA7 931840 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2016-04-25 17:14:01 8FDE7D4A0CCF927042C8B2469858324E 3587584 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-04-25 17:14:01 857E9716C303CE66CE30D1E08187020E 1871872 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll 2016-04-25 17:14:01 3AB3AD8F9EC036565F6B7811B30A1B89 1794560 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-04-25 17:14:01 1C9D7CB4DA7F4157CD6D296A4B26D60C 1290240 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2016-04-25 17:13:59 7CCC88CF797AF1A4A399ECB83C6A90A3 1416192 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-04-25 17:13:59 77A84192DEF629EA4932AC26B467DC16 244736 ----a-w- C:\WINDOWS\Sysnative\cemapi.dll 2016-04-25 17:13:59 6B1386D55FC4A64D3E6F8B3567B94780 274944 ----a-w- C:\WINDOWS\Sysnative\ExSMime.dll 2016-04-25 17:13:59 693104B1B9CD1DB198293C3DD83DC4A9 255488 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll 2016-04-25 17:13:58 AEB8DAB1630E05FBA1ADBB47701AE336 1423872 ----a-w- C:\WINDOWS\Sysnative\UserDataService.dll 2016-04-25 17:13:58 8CF862EF8EDC7EFE2447171C4885274F 1521664 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-04-25 17:13:58 7B3913C4A31CA31DC52B27CFBD664F18 66560 ----a-w- C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll 2016-04-25 17:13:58 3943D77D015FDDFD27119D8072046404 70656 ----a-w- C:\WINDOWS\Sysnative\POSyncServices.dll 2016-04-25 17:13:58 14627B8C27BBD16474846D289AFBD216 65024 ----a-w- C:\WINDOWS\Sysnative\basesrv.dll 2016-04-25 17:13:57 F9551AFC9609C5F775D48E81EE734323 214528 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll 2016-04-25 17:13:57 EB13CA8689FBC6D54AEB70158BC5026F 1381376 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-04-25 17:13:57 E6B774E0428598E812BC325DDF23535B 195072 ----a-w- C:\WINDOWS\Sysnative\VCardParser.dll 2016-04-25 17:13:57 C981E989681D3D9793052046DA40E7D1 1299032 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-04-25 17:13:57 B342E5DE0BC729FE559F0522AD7985D3 911360 ----a-w- C:\WINDOWS\Sysnative\SharedStartModel.dll 2016-04-25 17:13:57 57F9A202E71A581683F609CC5D2B20AD 1951872 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-04-25 17:13:57 49CD82AC0814925A090F99E0F2D09759 1127024 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-04-25 17:13:56 D92B51B5CBF35C17E6FD784315747CE3 1022664 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-04-25 17:13:56 B3F02109F06C958F968BF21A05D22EFB 595016 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll 2016-04-25 17:13:56 8D7373D3C95C70C543F1C7C668A9A2D4 861512 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-04-25 17:13:56 3920F89CDD19D7DDD5583380F9554F60 685568 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll 2016-04-25 17:13:56 379EC57F69771118C71FA7C8085EF605 194048 ----a-w- C:\WINDOWS\Sysnative\SharedStartModelShim.dll 2016-04-25 17:13:56 1FCB20B3A80FE573971343A5B64051A3 1016832 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2016-04-25 17:13:55 EE7B967B2CE297931F8A0BDB14267098 135168 ----a-w- C:\WINDOWS\Sysnative\AuthBroker.dll 2016-04-25 17:13:55 CBF24B61F6F00F24DE56A7CF79842F30 114688 ----a-w- C:\WINDOWS\Sysnative\FontProvider.dll 2016-04-25 17:13:55 B21DEA1F5F1636B82B0DAED7D04222F6 1205248 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll 2016-04-25 17:13:55 424CF2BB621F44A126427E957BC14F03 983904 ----a-w- C:\WINDOWS\Sysnative\SecConfig.efi 2016-04-25 17:13:54 A9A7953D8C64E9FE50836E867922A2B7 801632 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-04-25 17:13:54 82613A9699C9B340729624A0D2F5D462 115712 ----a-w- C:\WINDOWS\Sysnative\UserDataTimeUtil.dll 2016-04-25 17:13:54 773C84D3C0477C477E19C854F6B55C61 348672 ----a-w- C:\WINDOWS\Sysnative\usocore.dll 2016-04-25 17:13:53 EFA502AAC0BC5309421EB7663B387ED6 243200 ----a-w- C:\WINDOWS\Sysnative\updatehandlers.dll 2016-04-25 17:13:53 C2FE52099132128982B5022095445846 414208 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2016-04-25 17:13:53 B0C606013446EB3A965DBE9F4D3DDE5D 573952 ----a-w- C:\WINDOWS\Sysnative\Windows.Cortana.Desktop.dll 2016-04-25 17:13:53 282BF6B5AB1F4A24AFAAB8FED0FD7731 658568 ----a-w- C:\WINDOWS\Sysnative\ClipSVC.dll 2016-04-25 17:13:53 0E0EF158A2BDA52A741A6314EA12556B 74752 ----a-w- C:\WINDOWS\Sysnative\wpninprc.dll 2016-04-25 17:13:52 EE2242D3E75F2CA0A5F3A7A7F0F4E684 334848 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2016-04-25 17:13:52 D47469EAF6182ACC0DAEA2171A8D52EF 45056 ----a-w- C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll 2016-04-25 17:13:52 8CA83A2DCC657C3AFE90B54B588615B0 181760 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll 2016-04-25 17:13:52 772B204EA1D38700E5EDA5C315A5B39F 607416 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-04-25 17:13:52 749EE0008489244EB05C3283A105EFF8 856576 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll 2016-04-25 17:13:52 54EFDB0177C5D20D1AA491989DC0D86B 511488 ----a-w- C:\WINDOWS\Sysnative\FirewallAPI.dll 2016-04-25 17:13:52 4AEA2CCEF3077FE66B5D44ECA1C5E4BE 670208 ----a-w- C:\WINDOWS\Sysnative\ieproxy.dll 2016-04-25 17:13:52 38C48E3E32EEFAC837C78EBFE3C813A6 45056 ----a-w- C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll 2016-04-25 17:13:51 DA225CBACDA6E7483DED6FE097EADBA7 720896 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll 2016-04-25 17:13:51 D9C4829C8EF857722136353648055F1D 163840 ----a-w- C:\WINDOWS\Sysnative\CallHistoryClient.dll 2016-04-25 17:13:51 AEC04D942D21B2EBB62B1FD7A7355023 280576 ----a-w- C:\WINDOWS\Sysnative\vaultcli.dll 2016-04-25 17:13:51 9AE2296DE971798F81E4BCBD3B045C54 246272 ----a-w- C:\WINDOWS\Sysnative\PackageStateRoaming.dll 2016-04-25 17:13:51 8117C4B8E6178BFA8E4839C08D577742 185344 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2016-04-25 17:13:51 6F125E31835E6624E8FD9DB6521E2491 151552 ----a-w- C:\WINDOWS\Sysnative\MusNotification.exe 2016-04-25 17:13:51 639BA3697C650AA7A6204B277B0869EB 23552 ----a-w- C:\WINDOWS\Sysnative\ExtrasXmlParser.dll 2016-04-25 17:13:51 0E4433A8BA3A57BDDBDFCD5096749650 856576 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll 2016-04-25 17:13:50 B69FFED170359422CD53EDB3A17D353E 322048 ----a-w- C:\WINDOWS\Sysnative\vaultsvc.dll 2016-04-25 17:13:50 998CE50A928C6E229B36DE08FF0F7398 208736 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll 2016-04-25 17:13:50 4B2AAC9E21786C169D928B25CBC79720 752640 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll 2016-04-25 17:13:47 DD613F1BD0559E50B8022C429D638DE8 2180608 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-04-25 17:13:46 F734560B1FA9939DCD64D8F2BF42EF0A 76800 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2016-04-25 17:13:46 B0BACDC36CF5D615E8DB4FF8DC269F1E 288256 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenance.dll 2016-04-25 17:13:46 09C9788CF630BA16CE6906A820BB146C 950272 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-04-25 17:13:45 DFB51BACC499072111FB5678CE7DA1C0 223232 ----a-w- C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll 2016-04-25 17:13:45 5AB790DC0AA9D616BB8C28E18226FFE9 68608 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll 2016-04-25 17:13:45 41BCFF788B4C2508139ECE118B250FC2 257024 ----a-w- C:\WINDOWS\Sysnative\UserDataAccountApis.dll 2016-04-25 17:13:44 777ACAD331D4B61E1CBCFCAEAC57A609 25600 ----a-w- C:\WINDOWS\Sysnative\wfapigp.dll 2016-04-25 17:13:44 5E649D3A3A6F72B1EF062E023308D08E 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll 2016-04-25 17:13:44 2B20139CAD45B21A64E95B4EC70D7443 196096 ----a-w- C:\WINDOWS\Sysnative\fwpolicyiomgr.dll 2016-04-25 17:13:43 49B542B435E960BC26DE61596D2ABAED 81920 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll 2016-04-25 17:13:42 E7E798690361EFA3D0C4F321A1C36B2F 183296 ----a-w- C:\WINDOWS\Sysnative\fwbase.dll 2016-04-25 17:13:42 965D6D4ACC757452894B49FA0A9BD56F 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-04-25 17:13:42 44406AB6CDCA5BD1195273F07F656D9A 324096 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-04-25 17:14:05 870DB31C41E4D04BCDDFC297F64D63D7 1010016 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-04-25 17:13:50 9281116A817FE051AAA8BA2711FC2507 601344 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-04-26 16:54:52 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Hotel\AppData\Roaming ====== 2016-03-31 04:55:25 -------- d-----w- C:\Users\Default\AppData\Local\AVG 2016-03-31 04:55:25 -------- d-----w- C:\Users\Default User\AppData\Local\AVG ====== C:\Users\Hotel ====== 2016-04-26 16:54:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hotel\Downloads\RSITx64.exe 2016-04-25 09:53:12 6FAF14161EC116B6D374D4FD40AD0A39 21105944 ----a-w- C:\Users\Hotel\Desktop\tweaking.com_windows_repair_aio_setup.exe 2016-04-14 09:45:23 E679FCF33FFB57BCABBC598AB5C18BE8 6868672 ----a-w- C:\Users\Hotel\Downloads\ccsetup516.exe 2016-04-14 09:42:50 DEECB07B56D7DB9233645466CB9BFD03 7476000 ----a-w- C:\Users\Hotel\Downloads\SparkTrust PC Cleaner Plus Setup_5952631D-6077-45A1-9F89-5EE286D244BA_.exe 2016-04-14 09:39:20 BFCC299F3D547A4D3067782E43984C79 1977272 ----a-w- C:\Users\Hotel\Downloads\OneSafe_PC_Cleaner.exe 2016-04-12 11:55:26 -------- d-----w- C:\ProgramData\BullGuard ====== C: exe-files == 2016-04-26 16:54:52 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Hotel.exe 2016-04-26 16:54:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Hotel\Downloads\RSITx64.exe 2016-04-26 16:49:33 27C325E1EB78A41E767802D481C46EA0 8892608 ----a-w- C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2016-04-26 16:49:33 27C325E1EB78A41E767802D481C46EA0 8892608 ----a-w- C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\OneDriveSetup.exe 2016-04-26 16:49:29 7AA1222AA05D17D4A727E52786AE7572 178888 ----a-w- C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileSyncConfig.exe 2016-04-26 16:49:28 F75A4E3FDA266B6E4A9FC3075AE3D4C2 176840 ----a-w- C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe 2016-04-26 16:49:28 AE03FFEAAB0963E119CD7AF8032FB054 493256 ----a-w- C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\OneDriveStandaloneUpdater.exe 2016-04-26 15:56:56 BBBCBF05EBE35BEC4665DE11F9B75D68 1711104 ----a-w- C:\Users\Hotel\AppData\Local\Packages\Microsoft.Studios.Wordament_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\WordamentWin8.1\62180313b7368fcf351f13d1395ff0ae\WordamentWin8.1.ni.exe 2016-04-26 15:56:41 A2024B58F907B5C065B50289F8D63B75 1836544 ----a-w- C:\Users\Hotel\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Mahjong\541f883ab640045678f2207295a94e58\Mahjong.ni.exe 2016-04-26 15:56:25 65DD29DBED7CC52AB7EAA2EAC365C751 2171392 ----a-w- C:\Users\Hotel\AppData\Local\Packages\Microsoft.MicrosoftJackpot_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft Jackpot\19859c6bdb06a5432937edf6c0d13ddb\Microsoft Jackpot.ni.exe 2016-04-26 15:53:17 1B16795D3CB7A9FAA3FC41C56EF2966D 149184 ----a-w- C:\Users\Hotel\AppData\Local\Temp\1CABA00A-B6BE-4A21-BB84-B5E68ACB297A\DismHost.exe 2016-04-25 19:25:10 DCA6122252CD1EB424C48017C7545B1D 1836544 ----a-w- C:\Users\Hotel\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Mahjong\080285643260421e31266a63128f8148\Mahjong.ni.exe 2016-04-25 19:24:27 84CE50A61C4D41C6A07E42F254362B4B 2171392 ----a-w- C:\Users\Hotel\AppData\Local\Packages\Microsoft.MicrosoftJackpot_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft Jackpot\701f7df2f7c6a4e5bd494ab3e6fd5c98\Microsoft Jackpot.ni.exe 2016-04-25 17:25:23 162885741A87E1C0E8F6626B68014798 1013496 ----a-w- C:\Program Files (x86)\AVG\Av\Notification\Launcher.exe 2016-04-25 17:14:07 BFA2F2397B77E3CF6E1E821159B4AF23 140536 ----a-w- C:\WINDOWS\System32\AuthHost.exe 2016-04-25 17:14:06 A10AFA4D103EDD35885E7937DC0EA2F1 6265200 ----a-w- C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 2016-04-25 17:13:57 49CD82AC0814925A090F99E0F2D09759 1127024 ----a-w- C:\WINDOWS\System32\winload.exe 2016-04-25 17:13:57 49CD82AC0814925A090F99E0F2D09759 1127024 ----a-w- C:\WINDOWS\System32\Boot\winload.exe 2016-04-25 17:13:57 1BC26B866A9820E324BE4BCF8E935B9F 700256 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-04-25 17:13:56 8D7373D3C95C70C543F1C7C668A9A2D4 861512 ----a-w- C:\WINDOWS\System32\winresume.exe 2016-04-25 17:13:56 8D7373D3C95C70C543F1C7C668A9A2D4 861512 ----a-w- C:\WINDOWS\System32\Boot\winresume.exe 2016-04-25 17:13:54 A9A7953D8C64E9FE50836E867922A2B7 801632 ----a-w- C:\WINDOWS\System32\WWAHost.exe 2016-04-25 17:13:54 A3885E4B85361ECD0D5D38FA1A411FE0 783712 ----a-w- C:\WINDOWS\Boot\PCAT\memtest.exe 2016-04-25 17:13:52 772B204EA1D38700E5EDA5C315A5B39F 607416 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe 2016-04-25 17:13:51 6F125E31835E6624E8FD9DB6521E2491 151552 ----a-w- C:\WINDOWS\System32\MusNotification.exe 2016-04-25 17:13:50 976370693B95960D3AAB2EF537978FE8 539728 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-25 17:13:48 AC3935C614E94187762A2BE2C3B6C4D8 1906016 ----a-w- C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 2016-04-25 09:53:12 6FAF14161EC116B6D374D4FD40AD0A39 21105944 ----a-w- C:\Users\Hotel\Desktop\tweaking.com_windows_repair_aio_setup.exe === C: other files == 2016-04-26 16:49:28 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\CollectOneDriveLogs.bat 2016-04-25 19:08:01 7D4730C2746ACA703791B2BB310A16CB 771448 ----a-w- C:\Users\Hotel\AppData\Local\Packages\Microsoft.MicrosoftMahjong_8wekyb3d8bbwe\LocalState\DiskCache\MSCasualGames.zip 2016-04-25 17:14:05 870DB31C41E4D04BCDDFC297F64D63D7 1010016 ----a-w- C:\WINDOWS\System32\drivers\http.sys 2016-04-25 17:14:01 8FDE7D4A0CCF927042C8B2469858324E 3587584 ----a-w- C:\WINDOWS\System32\win32kfull.sys 2016-04-25 17:13:57 EB13CA8689FBC6D54AEB70158BC5026F 1381376 ----a-w- C:\WINDOWS\System32\win32kbase.sys 2016-04-25 17:13:50 9281116A817FE051AAA8BA2711FC2507 601344 ----a-w- C:\WINDOWS\System32\drivers\cng.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1437635954-4164599740-681965440-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-21-1437635954-4164599740-681965440-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64" "Uninstall C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64" "Uninstall C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Hotel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-05-2015 12:58] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\PDVDServ12 Task" [C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{70578DA4-8111-467E-B0EA-F8F58BC7FB77}" [C:\windows\system32\msfeedssync.exe] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 ==== Chromium Fix ====================== C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={2DE4C627-68A8-4C35-B9DF-1817C1F891ED}&mid=f800c85538b047cda17a1176934f6c6d-3e89f345db953b4ff33c11e12c34dea8f7145a42&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2015-05-30 11:59:45&v=4.1.8.599&pid=wtu&sg=&sap=hp" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{E7FC72E5-17BE-4CAE-86B8-8BF6BA392330} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB ==== Reset Google Chrome ====================== C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Malware Protector_is1 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Hotel\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Hotel\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Hotel\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Hotel\AppData\Local\Microsoft\Windows\INetCache\IE\HUEVFL28 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Hotel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2801 folders=199 821908953 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Hotel\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\AVG\AVG PC TuneUp\html.dat" not found "C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_nl.lng" not found "C:\Program Files (x86)\AVG\AVG PC TuneUp" not found "C:\PROGRA~2\WinZip Malware Protector" not found "C:\Users\Hotel\AppData\Local\Microsoft\Windows\INetCache\IE\HUEVFL28" not found ==== EOF on wo 27-04-2016 at 11:51:29,85 ======================