
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Haring on di 20-12-2016 at 11:34:07,69.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZ5LUWWJ\zoek.exe [Scan all users]   [Quick Scan] [Auto Clean]

==== System Restore Info ======================

20-12-2016 11:34:47 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\GUM51F6.tmp deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Common Files deleted successfully
C:\PROGRA~3\UDL deleted successfully
C:\Users\Haring\AppData\Roaming\HMYGSetting deleted successfully
C:\Users\Haring\AppData\Local\InPixio deleted successfully
C:\Users\Haring\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1045022672-3163342113-3722232678-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\GUM51F6.tmp not found
C:\Users\Haring\.android deleted
C:\Users\Haring\AppData\Roaming\Wondershare deleted
C:\Users\Haring\AppData\Roaming\ParetoLogic deleted
C:\Users\Haring\AppData\Roaming\DriverCure deleted
C:\PROGRA~3\Reimage Protector deleted
C:\PROGRA~3\ParetoLogic deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Haring\AppData\Local\SlimWare Utilities Inc deleted
C:\Users\Haring\AppData\Local\Wondershare deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Haring\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-12-17 14:26:42	F8C7F69A4C6AC0B0BA38DD1B0826D6EC	802904	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-17 14:26:42	4AFC296253710238DA215ED0B5855F2C	144472	----a-w-	C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 09:41:04	766562B91B5312A3220142383BFD67CE	20302848	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-12-14 09:41:03	F4F5123B45BFCFD2F035280FDCB5BBBE	2444800	----a-w-	C:\Windows\SysWOW64\wininet.dll
2016-12-14 09:41:03	9C11D851979D4E8BF71091580AA073C2	2365440	----a-w-	C:\Windows\SysWOW64\msi.dll
2016-12-14 09:41:03	4739A0A6A9CDFA27594FF7CFB76FCCA5	13653504	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-12-14 09:41:03	1D72AE3A2525BF5D18D130BFD9CE9BF6	4608000	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-12-14 09:41:02	E94C5EBE93727712236FAD4F4116378F	312832	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2016-12-14 09:41:02	E04D367F66E57C658466B71A2E738448	342528	----a-w-	C:\Windows\SysWOW64\certcli.dll
2016-12-14 09:41:02	D3E1C9DF5EB2FCCA4C2E7E47934CB410	1312256	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2016-12-14 09:41:02	A6EA4FEF58E880BAAF35BEE12DEEAA78	498688	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2016-12-14 09:41:02	90CDD9EF6B0CD5BF52FE4DD0B3154002	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 09:41:02	6F9D244E4542119E1CC03BA5F4828C89	82944	----a-w-	C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 09:41:02	654E339AED4903E7FADCB414B187A5CF	346320	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 09:41:02	4FF053435E24CC845D5A4182A013574C	2287616	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2016-12-14 09:41:02	3CB074875AC88A7C1010A2A7F9881A8C	833024	----a-w-	C:\Windows\SysWOW64\user32.dll
2016-12-14 09:41:02	25EAA581087B7D95EB497678E2D4B0B9	627712	----a-w-	C:\Windows\SysWOW64\usp10.dll
2016-12-14 09:41:02	16C100872F41862877C115828B0D1569	2055680	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 09:41:02	0EBBF3AA0BE120BF981CB8FB53679D5F	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2016-12-14 09:41:02	0E6A08BBAA27D52F77D5E502B13FDBFD	84992	----a-w-	C:\Windows\SysWOW64\hlink.dll
2016-12-14 09:41:01	A5A915A7AADFB13BE900A2B25AD80FE7	476160	----a-w-	C:\Windows\SysWOW64\ieui.dll
2016-12-14 09:41:01	84CCDA182B5C8E8A05757DF1DD40A844	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 09:41:01	74DD581657824B8F5907C114A0BC07A2	693248	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 09:41:01	4E4D1E09C48F4B11563A196D4E5E6A55	666112	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 09:41:01	4315D6ECAE85024A0567DF2CB253B7B0	73216	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2016-12-14 09:41:00	FF0D7F6E62B3508EDA1AFF16DEFEC3A6	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2016-12-14 09:41:00	E5272D4E58EBABA7F269C38255CDF8B2	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2016-12-14 09:41:00	E20E379A69AE9C9F37F6A996B4BE0282	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 09:41:00	B6BB76A91A7D6CFA7CE7D333EF8377E7	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2016-12-14 09:41:00	A473B16C3C1D028EFC021F0937EC1CD0	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2016-12-14 09:41:00	85577FA0AFC3B602509266DFB7250F41	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 09:41:00	848F6B9F171037579C9186A52AA095DB	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2016-12-14 09:41:00	65AD1C12F1AD29EF56976E2E1D9CF5A0	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 09:41:00	5D44C4AACDE24A1537FDF7896B5FC9E8	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 09:41:00	3404387E4BEDE52FCA29D9051BB9FDAD	553472	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2016-12-14 09:41:00	23ADEE784D374D1C7EAD1A9862FD81B7	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 09:41:00	217E1BBAB85862194CA05333949CCA85	1806848	----a-w-	C:\Windows\SysWOW64\authui.dll
2016-12-14 09:41:00	0632439227EE10B807054F234C85FE8D	337408	----a-w-	C:\Windows\SysWOW64\msihnd.dll
2016-12-14 09:41:00	0135906B2D02978D8234A6289B756324	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 09:40:59	FE8297C0E2AF69BF44E0C3E568B6C558	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 09:40:59	F944208F70D6F30FEFC5FA115D1B643E	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 09:40:59	ED9CA4A4F08C2EF08495E7236754DEA8	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2016-12-14 09:40:59	C711480E905CE4FC424ACB606CE93DD5	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2016-12-14 09:40:59	C653E9BFB214E43C537D6AD1D4F567DD	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2016-12-14 09:40:59	BD297D4B2877E52A919C0DDDB68AE114	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2016-12-14 09:40:59	B60005DA58BF35F6F80699DB387469EA	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2016-12-14 09:40:59	B2A5AE6CBC95555995241DB8C6EF902D	91136	----a-w-	C:\Windows\SysWOW64\inseng.dll
2016-12-14 09:40:59	A683DF04FC8FC60EC2DBB0CC3D1B66B3	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 09:40:59	8947FD854A9AE8B05AD6CD54D078C077	690688	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2016-12-14 09:40:59	86CFCBE4754A0258E676005006CBE80D	223232	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 09:40:59	730E48FA7A06F226335391855A197EE5	141312	----a-w-	C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 09:40:59	6FB95020712772F0BA8BF4A8C5A791DC	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 09:40:59	58F8F4FDE2F39B5B246F4C2C51A017A1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2016-12-14 09:40:59	540184C88B69473A5478DB126EBBB99D	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 09:40:59	49AA29F3997392CF627767B0AD9D9CE9	25088	----a-w-	C:\Windows\SysWOW64\msimsg.dll
2016-12-14 09:40:59	45AB35D5DFDC51DD9F107B455A11E054	261120	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 09:40:59	345C404EB5BC39CBFED3E76F1198FA94	36352	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 09:40:59	30057D5C8C681E8240EC4E2936944310	254464	----a-w-	C:\Windows\SysWOW64\schannel.dll
2016-12-14 09:40:58	A3D5E866C7CD38AF97DD54304674FDDB	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
2016-12-14 09:40:58	5635F4EC6BC7172510A4DD46B05A7677	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2016-12-14 09:40:58	499941B763EA89164C47CBB5A1901D09	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-12-15 22:32:32	7499CC823EA345DCA72D6164461D2325	267912	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
2016-12-14 09:41:05	27242553CF6CC1E4B6BD10231E43C0B8	25759744	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-12-14 09:41:04	B6DCB1497E2516F771A92A7659AAF238	15257088	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-12-14 09:41:03	D2FBCAE25B66A63B52687A17C145357E	6049280	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-12-14 09:41:03	C679AAD000EC16FEDEA563DAF1830D31	3219456	----a-w-	C:\Windows\Sysnative\win32k.sys
2016-12-14 09:41:03	439B0973C025FF5663A07D76FAB85EE2	3244032	----a-w-	C:\Windows\Sysnative\msi.dll
2016-12-14 09:41:03	105954F9BEAD700A6DF4B5B489FCCB4B	2920960	----a-w-	C:\Windows\Sysnative\wininet.dll
2016-12-14 09:41:02	EB076BC497AEBB367B6FDCA38B759956	109568	----a-w-	C:\Windows\Sysnative\hlink.dll
2016-12-14 09:41:02	E947878385B88B3D1050E6D026945CBD	802304	----a-w-	C:\Windows\Sysnative\usp10.dll
2016-12-14 09:41:02	E594B2C9DB43441524D7E70C096ACD58	394448	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2016-12-14 09:41:02	E3CBF48C921170D3110051B325E1EE53	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2016-12-14 09:41:02	DD60F2870E1569107498A54FF78AC355	576000	----a-w-	C:\Windows\Sysnative\vbscript.dll
2016-12-14 09:41:02	D52DD43F72919285E58164B379F8A243	463872	----a-w-	C:\Windows\Sysnative\certcli.dll
2016-12-14 09:41:02	CA1A040202A9D836291F2D85302CC542	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2016-12-14 09:41:02	BF340EDE35941C88C86A14215270D98F	1543680	----a-w-	C:\Windows\Sysnative\urlmon.dll
2016-12-14 09:41:02	BDDD20CEB520E59863C62BA74CDBA997	114408	----a-w-	C:\Windows\Sysnative\consent.exe
2016-12-14 09:41:02	B6135EC4807ECAE321E3C706D1D92098	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2016-12-14 09:41:02	81A6D62B2EE125437F561ADFDA3230E5	2896384	----a-w-	C:\Windows\Sysnative\iertutil.dll
2016-12-14 09:41:02	5D00514114842A7AB3F4AD6910FBA0FE	404992	----a-w-	C:\Windows\Sysnative\gdi32.dll
2016-12-14 09:41:02	5A297B37F246F5DF68DDF8803AB1D615	2131456	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2016-12-14 09:41:02	50CB53984F493C05A06CA91D521D63FB	806912	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2016-12-14 09:41:02	3D67C27DD17B254D7915FA16A5AE3573	370920	----a-w-	C:\Windows\Sysnative\clfs.sys
2016-12-14 09:41:02	357C4EF0675CFC1F1CC3E4EE640E57FC	123904	----a-w-	C:\Windows\Sysnative\bcrypt.dll
2016-12-14 09:41:02	34BA256FBF83457F9D5E51A56DB54542	1009152	----a-w-	C:\Windows\Sysnative\user32.dll
2016-12-14 09:41:01	CE18D981152392C46CDB4D8906C09FA1	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2016-12-14 09:41:01	C44560F142B85256707D688EEA23AC61	1941504	----a-w-	C:\Windows\Sysnative\authui.dll
2016-12-14 09:41:01	C3350B4EF99D3EFC28103256FED7C1EB	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2016-12-14 09:41:01	BC753B8789CED6C26876014D807FC77F	417792	----a-w-	C:\Windows\Sysnative\html.iec
2016-12-14 09:41:01	BC39870DE7CE2C2D8995C024F6152480	504320	----a-w-	C:\Windows\Sysnative\msihnd.dll
2016-12-14 09:41:01	AC2E7152124CEED36846BD1B6592A00F	128512	----a-w-	C:\Windows\Sysnative\msiexec.exe
2016-12-14 09:41:01	A8793DC0961C32744793C4602BBFE9D5	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2016-12-14 09:41:01	8F72C06D4BE07E7EB5D13F7A82C4B416	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2016-12-14 09:41:01	8957B2E4F8FFF0BFE5A6F1BD8196B123	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2016-12-14 09:41:01	857EE0BBB9BE7143A819187857E750F0	1212928	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2016-12-14 09:41:01	3D34C73BD327C86BDE0357F2AECAE356	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2016-12-14 09:41:01	3B112E6CB92FF4C3D39F9DC172D0DE8B	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2016-12-14 09:41:01	2763831DD0914226A33F3D2A7506526B	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2016-12-14 09:41:01	19713264CC441BE4001D635CA8FA8733	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2016-12-14 09:41:01	1091F9A0089AAF5F52D241F4309F7C46	1462272	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2016-12-14 09:41:01	0C23659D499AEFABB162ED85050772AC	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2016-12-14 09:41:01	07F0BCCC8711314CB51431AB91558541	730624	----a-w-	C:\Windows\Sysnative\kerberos.dll
2016-12-14 09:41:00	FFF14EE527ADC1F4F4709E2C7CF292AB	345600	----a-w-	C:\Windows\Sysnative\schannel.dll
2016-12-14 09:41:00	DEE7F131FB55F8809AB3806BC4366E34	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2016-12-14 09:41:00	DE23E052E557580674785CDF45B613F3	70144	----a-w-	C:\Windows\Sysnative\appinfo.dll
2016-12-14 09:41:00	D0C71B1D9DD6D5691B947A639DAF1319	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2016-12-14 09:41:00	C5D0D874A8AF47BD32E4EB38F215BAE4	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2016-12-14 09:41:00	C08A0A6FAC9AC084E98488AFF152A348	725504	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2016-12-14 09:41:00	A714F9929B0E2704DC1B2D94D126B362	107520	----a-w-	C:\Windows\Sysnative\inseng.dll
2016-12-14 09:41:00	98B463C6A516410459EBE43FEBE68DC7	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2016-12-14 09:41:00	48C02D82223EEB70F53F6C2C3641299D	210432	----a-w-	C:\Windows\Sysnative\wdigest.dll
2016-12-14 09:41:00	4183DE305D64E8DAD7375EFD25AC7C14	312320	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2016-12-14 09:41:00	3C71D43A7A02A60B95C8B958507E70A9	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2016-12-14 09:41:00	287BB1C23B1295329A96C15FB7CB801C	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2016-12-14 09:41:00	09432520BEA4B69E2F70B1FEEC4E5FA8	316928	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2016-12-14 09:40:59	E3CB22452C9323DBBE1AAADA7BD84E69	43520	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2016-12-14 09:40:59	CE0FEFCC1198531FC1A3EA1B24020895	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2016-12-14 09:40:59	C2E73688144C6E4C054EF232175B758D	190464	----a-w-	C:\Windows\Sysnative\rpchttp.dll
2016-12-14 09:40:59	A96AB69FFC2940E965BC2CBAA30EEF8D	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2016-12-14 09:40:59	6918ACBA1558AF363F6AA8D217AFCA8D	30720	----a-w-	C:\Windows\Sysnative\lsass.exe
2016-12-14 09:40:59	65C026D9A48A959D4CAE85D40E858C72	28672	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2016-12-14 09:40:59	4A2F1937F017F96A3487E7481BA675A9	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2016-12-14 09:40:59	364789C03D1C255928755700955ACCA6	135680	----a-w-	C:\Windows\Sysnative\sspicli.dll
2016-12-14 09:40:59	34FDA9F3BC789514D4759411C225F7FA	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2016-12-14 09:40:59	297628B7B2FDF81743795D90C64250C7	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2016-12-14 09:40:59	13D2D7C8C9CD5A9E0220AA7C41C86DB9	690688	----a-w-	C:\Windows\Sysnative\adtschema.dll
2016-12-14 09:40:59	0F2067587B1943D0A14C2B533D23DB73	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2016-12-14 09:40:59	0E7257A86BB4BD0D61271BE578981737	25088	----a-w-	C:\Windows\Sysnative\msimsg.dll
2016-12-14 09:40:58	F9A2CBA23641A0F8EE9165BD891EBD26	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2016-12-14 09:40:58	922ED80A1AA9441FB9E9EDF6C8009D9C	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2016-12-14 09:40:58	5369AB7253357548787F4F133D458FC9	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2016-12-14 09:40:58	0F988A3924AAF91267BF5E5E331BBD2B	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
====== C:\Windows\Sysnative\drivers =====
2016-12-14 09:41:03	A98CED39AD91B445E2E442A9BD67E8B4	467392	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2016-12-14 09:41:02	F54475BA70B5CDA4EF11DC44BFB07F40	95464	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2016-12-14 09:41:02	ED1D1E1AAACF08438F9BCF731C8CA168	154856	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-12-14 09:41:01	8A6DD6FDCCC010F7C6480EE7D0C3B92E	159744	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2016-12-14 09:41:00	68C12354AEA8FB5B559F5F69EF1C0DF0	291328	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2016-12-14 09:40:59	307E956C0DE630EE0ACE657233C0E83F	129536	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2016-11-30 08:59:34	FCE5C79717A487BDC71F3DEC78A684CA	62464	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
====== C:\Windows\Tasks ======
2016-12-17 14:26:43	6ED3C9054D0C470286BA6BBCBB9E3965	3878	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2016-12-17 14:26:43	307BBABCDC285B9D8F1629406FB76D3D	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-12-19 10:29:56	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2016-12-15 21:52:09	--------	d-----w-	C:\PROGRA~2\AVG
======= C: =====
2016-12-19 22:14:20	1843905BE47CA899E40091CBB36F9EA0	1305	----a-w-	C:\DelFix.txt
====== C:\Users\Haring\AppData\Roaming ======
2016-12-18 21:34:31	--------	d-----w-	C:\Users\Haring\AppData\Local\EasyPDFCombineTooltab
2016-12-15 22:28:07	02E220CC4C978136719CD65B07E87384	276000	----a-w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2016-12-01 08:32:41	--------	d-----w-	C:\Users\Default\AppData\Local\Trusteer
2016-12-01 08:32:41	--------	d-----w-	C:\Users\Default User\AppData\Local\Trusteer
====== C:\Users\Haring ======

====== C: exe-files ==
2016-12-19 10:29:56	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Haring.exe
2016-12-17 14:26:42	F8C7F69A4C6AC0B0BA38DD1B0826D6EC	802904	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 09:41:02	FBE4C579BB164069C045D19F7DC29720	814280	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-12-14 09:41:02	EE79D654A04333F566DF07EBDE217928	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2016-12-14 09:41:02	BDDD20CEB520E59863C62BA74CDBA997	114408	----a-w-	C:\Windows\System32\consent.exe
2016-12-14 09:41:01	AC2E7152124CEED36846BD1B6592A00F	128512	----a-w-	C:\Windows\System32\msiexec.exe
2016-12-14 09:41:01	4315D6ECAE85024A0567DF2CB253B7B0	73216	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2016-12-14 09:41:01	3B112E6CB92FF4C3D39F9DC172D0DE8B	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2016-12-14 09:41:00	DEE7F131FB55F8809AB3806BC4366E34	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2016-12-14 09:41:00	C840EB5FD0ED4A05F6ADDD0700135B84	492032	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-12-14 09:41:00	C08A0A6FAC9AC084E98488AFF152A348	725504	----a-w-	C:\Windows\System32\ie4uinit.exe
2016-12-14 09:41:00	5D44C4AACDE24A1537FDF7896B5FC9E8	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 09:40:59	B84FC7C031FF7B030E4AE6D08DC27DCD	49664	----a-w-	C:\Windows\servicing\GC64\tzupd.exe
2016-12-14 09:40:59	6918ACBA1558AF363F6AA8D217AFCA8D	30720	----a-w-	C:\Windows\System32\lsass.exe
2016-12-14 09:40:59	58F8F4FDE2F39B5B246F4C2C51A017A1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2016-12-14 09:40:59	558AF23CDA512F5928796086EEEFD622	475648	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2016-12-14 09:40:59	4A2F1937F017F96A3487E7481BA675A9	64000	----a-w-	C:\Windows\System32\auditpol.exe
2016-12-14 09:40:59	44B4892B3208AA735E68F414CADA3EDF	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2016-12-14 09:40:59	38AB93B04777486F93C206A05D7C831A	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2016-12-14 09:40:59	34FDA9F3BC789514D4759411C225F7FA	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
=== C: other files ==
2016-12-14 09:41:03	C679AAD000EC16FEDEA563DAF1830D31	3219456	----a-w-	C:\Windows\System32\win32k.sys
2016-12-14 09:41:03	A98CED39AD91B445E2E442A9BD67E8B4	467392	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-12-14 09:41:02	F54475BA70B5CDA4EF11DC44BFB07F40	95464	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2016-12-14 09:41:02	ED1D1E1AAACF08438F9BCF731C8CA168	154856	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-12-14 09:41:02	3D67C27DD17B254D7915FA16A5AE3573	370920	----a-w-	C:\Windows\System32\clfs.sys
2016-12-14 09:41:01	8A6DD6FDCCC010F7C6480EE7D0C3B92E	159744	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2016-12-14 09:41:00	68C12354AEA8FB5B559F5F69EF1C0DF0	291328	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2016-12-14 09:40:59	307E956C0DE630EE0ACE657233C0E83F	129536	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"RTHDVCPL"="\"C:\\Program Files\\Realtek\\Audio\\HDA\\RtkNGUI64.exe\" -s"
"MSC"="\"C:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-12-2016 15:26]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe]

==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://hp.myway.com/easypdfcombine/s19518/index.html?n=782B93DE&p2=^BSB^xdm012^S19518^nl&ptb=2E9E378D-35DD-4C84-A2F8-88A5B03B3E29&si=CKz6o_bY_tACFfEA0wodR2AGTA&coid=834f0aafc7ac4749a522e9c4a3c55f4b"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://hp.myway.com/easypdfcombine/s19518/index.html?n=782B93DE&p2=^BSB^xdm012^S19518^nl&ptb=2E9E378D-35DD-4C84-A2F8-88A5B03B3E29&si=CKz6o_bY_tACFfEA0wodR2AGTA&coid=834f0aafc7ac4749a522e9c4a3c55f4b"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PLXB_nlNL698

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\493CLVZY will be deleted at reboot
C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZ5LUWWJ will be deleted at reboot
C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZN2EDZX2 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=19 folders=22 2896103 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Haring\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Haring\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\493CLVZY" deleted
"C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VZ5LUWWJ" not found
"C:\Users\Haring\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZN2EDZX2" deleted

==== EOF on di 20-12-2016 at 11:50:56,36 ======================