Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by jocel_000 on vr 20-06-2014 at 18:11:26,44. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\jocel_000\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 20-6-2014 18:14:45 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\WinZip Registry Optimizer deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Gaming\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Gaming\AppData\Local\genienext deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.7 deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_0414c"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "UpdReg"=- "mobilegeni daemon"=- "vProt"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Mobogenie deleted C:\Users\Gaming\daemonprocess.txt deleted C:\Users\Gaming\.android deleted C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Avg_Update_0414c deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\AVG SafeGuard toolbar deleted C:\PROGRA~3\YTD Video Downloader deleted C:\PROGRA~3\Package Cache deleted C:\Users\Gaming\AppData\Local\SearchProtect deleted C:\Users\Gaming\AppData\Local\AVG SafeGuard toolbar deleted C:\Users\Gaming\AppData\Local\Mobogenie deleted C:\Users\Gaming\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\WINDOWS\SysNative\roboot64.exe deleted C:\Users\Gaming\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Users\jocel_000\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rel.job deleted C:\WINDOWS\tasks\AVG-Secure-Search-Update_0414c_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_0414c_rel deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_0414c_rmv deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted C:\Users\Gaming\Documents\Mobogenie deleted "C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll" deleted "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" deleted "C:\PROGRA~2\AVG SafeGuard toolbar\TBAPI.dll" deleted "C:\Program Files (x86)\AVG SafeGuard toolbar" not deleted "C:\Program Files (x86)\Avg Secure Update" not deleted "C:\PROGRA~2\AVG SafeGuard toolbar" not deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\JOCEL_~1\AppData\Local\Temp ==== 2014-06-17 09:57:14 97E868FBE22A30C0F0D486CD5004BB3E 156912 ----a-w- C:\Users\Gaming\AppData\Local\Temp\WNL26FA.tmp\CddbLangNL.dll 2014-06-12 17:39:20 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_0d4b51ce-4052-4907-a7a4-b113f40f64fa\NetworkDiagnosticSnapIn.dll 2014-06-12 17:39:02 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_6a9def4b-2fd6-4be6-869f-ba1c8c0fae41\NetworkDiagnosticSnapIn.dll 2014-06-12 17:38:08 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_dcf91dd7-bc64-4cdf-b059-6911a47fe418\NetworkDiagnosticSnapIn.dll 2014-06-12 17:37:00 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_5cac82ef-c481-4935-860b-1cbc6eac30ce\NetworkDiagnosticSnapIn.dll 2014-06-12 17:35:59 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_5a3d360d-995e-40c2-95cf-66bb715384b6\NetworkDiagnosticSnapIn.dll 2014-06-12 14:09:31 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_81620027-7115-4325-bdfc-c08dcbd3f821\NetworkDiagnosticSnapIn.dll 2014-06-12 14:09:14 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_2c51ef72-080b-4d3e-b132-15e26b6a0116\NetworkDiagnosticSnapIn.dll 2014-06-12 14:08:01 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_67a56058-0422-43c2-9c06-ba04c940d445\NetworkDiagnosticSnapIn.dll 2014-06-10 13:01:47 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_3505abad-04af-4026-a6c1-f0d21e3d4395\NetworkDiagnosticSnapIn.dll 2014-06-10 13:00:48 8BD04391BE30E483A4A279896A08F674 10240 ----a-w- C:\Users\Gaming\AppData\Local\Temp\SDIAG_53f84ab5-09c3-4f4e-9bce-e8395d452a92\NetworkDiagnosticSnapIn.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2014-06-11 07:28:08 D2E155FC442D58B8F4E67F43E83A1EF2 305152 ----a-w- C:\WINDOWS\SysWOW64\wusa.exe 2014-06-11 07:28:04 63B163EBB6CD51AB066EEAA573C0A4C5 1023488 ----a-w- C:\WINDOWS\SysWOW64\gdi32.dll 2014-06-11 07:28:02 B68C3F9DC9ED5C12D91E2EBC2E983F44 163840 ----a-w- C:\WINDOWS\SysWOW64\msrating.dll 2014-06-11 07:28:02 93ADE30136C7B4C38037E4A106021AA8 33280 ----a-w- C:\WINDOWS\SysWOW64\iernonce.dll 2014-06-11 07:28:02 82A443039354DB5A13AA310AD9972CE0 61440 ----a-w- C:\WINDOWS\SysWOW64\iesetup.dll 2014-06-11 07:28:01 EEBB92A56115248259308FDBDB9EFC80 1440768 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-06-11 07:28:01 D6442A667427194DED60C778EBAC09AF 1141248 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2014-06-11 07:28:01 6B0F3460EEB39F2BC44BCC02718A5741 493056 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2014-06-11 07:28:01 69C95B8F87C24940BEC0505F90AC559F 13731328 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2014-06-11 07:28:01 4CDD119A96E01289C76BAF4AAB407C37 44032 ----a-w- C:\WINDOWS\SysWOW64\UXInit.dll 2014-06-11 07:28:01 369621475E732E68E2904109A37C4B71 534528 ----a-w- C:\WINDOWS\SysWOW64\uxtheme.dll 2014-06-11 07:28:01 09B52FC5769B29CFF48A8B9A8471ED1E 109056 ----a-w- C:\WINDOWS\SysWOW64\iesysprep.dll 2014-06-11 07:27:59 A75DB7709AC2E09FBCF068320C3CFC49 226816 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2014-06-11 07:27:59 A1C2C8CE19D844AF03E1AED0FA19C080 39936 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2014-06-11 07:27:58 E6A88972B3087DCFC6463C2F25741233 357888 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-06-11 07:27:58 B46C4C23FB70D3C35D4B54DFDF482F23 1766400 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2014-06-11 07:27:58 05508B910202CDD620CD34FEDE87229E 2706432 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb 2014-06-11 07:27:46 F48E21D977D20F883303726F8171AD77 2050560 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2014-06-11 07:27:46 9C5E4D86786FBE599D5F219F47C60D45 80896 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2014-06-11 07:27:46 2BF932961E027461B745883DD7D89655 690688 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2014-06-11 07:27:42 95E087A289866DC5E435C5664DF02F84 2862080 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2014-06-11 07:27:41 094BD2492BB6266C8FFF09644682EA00 14365696 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2014-06-11 07:27:11 D50C5638CD3AFF9A2023ABCCF38900DD 1419264 ----a-w- C:\WINDOWS\SysWOW64\msxml3.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2014-06-11 07:28:17 6DFC361AF35A7C1928EF00ACC2E461D7 3246592 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2014-06-11 07:28:16 A2D7F03BA538D9EFF7EF283E2FDBB30B 235520 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll 2014-06-11 07:28:08 62C34DD7477501468924A4AA0C89BF8E 309760 ----a-w- C:\WINDOWS\Sysnative\wusa.exe 2014-06-11 07:28:07 93E7FA131B9AF0AF62D112AB19D31264 387268 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2014-06-11 07:28:04 BA9BEF9D223E174B0C1395FF59A90FFE 1301504 ----a-w- C:\WINDOWS\Sysnative\gdi32.dll 2014-06-11 07:28:01 E58CA58CE7126ABA7BBCBA518E177EE3 197120 ----a-w- C:\WINDOWS\Sysnative\msrating.dll 2014-06-11 07:28:01 E41F6D65A38FF596254FF4899E26F357 39936 ----a-w- C:\WINDOWS\Sysnative\iernonce.dll 2014-06-11 07:28:01 CC25DBC03D5492E4BB5BBC2BC7AE300A 2706432 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2014-06-11 07:28:01 A28977D4ADBDCA4E72A1E0EE22C4BF65 1366016 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2014-06-11 07:28:01 990CADAAD3A5E3BE39BB71C582781F0E 136704 ----a-w- C:\WINDOWS\Sysnative\iesysprep.dll 2014-06-11 07:28:01 3D565B725F2E8CA65E1DDE371543B4F8 53760 ----a-w- C:\WINDOWS\Sysnative\UXInit.dll 2014-06-11 07:28:01 1F6CB2605311BD90763B9DA6ED44BD22 51712 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2014-06-11 07:28:00 E689794136A6ACF839C01A2DFF965BC0 1508864 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2014-06-11 07:27:59 F181992EBE03646ECA4344C6DDE0975D 915968 ----a-w- C:\WINDOWS\Sysnative\uxtheme.dll 2014-06-11 07:27:59 43FE211BF795E9B9E1B5B235F1FE46D0 67072 ----a-w- C:\WINDOWS\Sysnative\iesetup.dll 2014-06-11 07:27:59 1854BA1C8076E17146DB9FC3190E713D 603136 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2014-06-11 07:27:58 FFF2A91E3E338C7D4752E0DEA63881C2 53760 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2014-06-11 07:27:58 E586C06D10EA9184E23871298258D9E0 15368704 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2014-06-11 07:27:58 B2A9CE2659BFB41526FE76D8E80BCE3C 281600 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2014-06-11 07:27:57 73AB92A1AA104EAF08B7AEA27B10C5CD 2239488 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2014-06-11 07:27:56 FE53AACE72D45C7EFC8BA8D93498548B 452096 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2014-06-11 07:27:56 40D30DAD6874AF781229C3B85DF47C88 855552 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2014-06-11 07:27:55 2B2BF069F45BCD774D0D584E9640B3E4 97792 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2014-06-11 07:27:54 36EA060DD7FF676E9A5E76F8E018002A 19290112 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2014-06-11 07:27:46 FC4AC8F1E9218E8921012397F2165396 3958784 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2014-06-11 07:27:46 EE625C14C19F5CF864B4030591BF3AE4 2650112 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2014-06-11 07:27:11 4ABAA6956EE250DEFBE31B3BB1F2FEED 1845760 ----a-w- C:\WINDOWS\Sysnative\msxml3.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2014-06-11 07:28:11 8504ADDE9C146C6295B16D13A0007560 619008 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2014-06-11 07:28:08 7B9BD186B7672DA1D79D5685BB2904CD 328024 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2014-06-11 07:27:12 0E0C16EE82E2F4EBC2FBCA24C8F00D9E 2233176 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-06-20 08:37:56 -------- d-----w- C:\Program Files\trend micro 2014-06-19 13:44:31 -------- d-----w- C:\Program Files\Speccy ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\jocel_000\AppData\Roaming ====== 2014-05-23 01:02:01 -------- d-----w- C:\Users\Gaming\AppData\Roaming\TeamViewer ====== C:\Users\jocel_000 ====== 2014-06-20 08:37:37 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jocel_000\Desktop\RSITx64.exe 2014-06-19 13:43:53 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\jocel_000\Downloads\spsetup126.exe 2014-06-12 17:57:40 C50109E904E58D3023D280EA19996C41 722104 ----a-w- C:\Users\Gaming\Downloads\yet_another_cleaner_mar.exe ====== C: exe-files == 2014-06-20 16:05:21 45D10F0878A188FE0CC05FC6842749FE 384872 ----a-w- C:\Users\jocel_000\AppData\Local\NVIDIA\NvBackend\Packages\00005c20\updatus.18618995_RUNASUSER.exe 2014-06-20 16:05:16 3A836FD241858D62466AE43AC64143F8 3633616 ----a-w- C:\Users\jocel_000\AppData\Local\NVIDIA\NvBackend\Packages\00005c18\DAO.18618300.exe 2014-06-20 08:37:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\jocel_000.exe 2014-06-20 08:37:37 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jocel_000\Desktop\RSITx64.exe 2014-06-19 14:27:14 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe 2014-06-19 14:27:14 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe 2014-06-19 14:27:13 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe 2014-06-19 14:27:12 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe 2014-06-19 14:27:12 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe 2014-06-19 14:27:12 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe 2014-06-19 14:27:12 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe 2014-06-19 14:27:10 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe 2014-06-19 13:43:53 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\jocel_000\Downloads\spsetup126.exe 2014-06-19 13:32:55 DF7181D515DE9E7639EF6AB217F87B3F 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avguirux.exe 2014-06-19 13:32:55 CF72A115AC0342E0D1690B2277B1C5A4 6092288 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe 2014-06-19 13:32:55 2C649861CD2408C4DD234CDA380B5571 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgrdtesta.exe 2014-06-19 13:32:55 2B806C2FDDE8C362513232CEC92A7290 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgrdtestx.exe 2014-06-17 19:30:46 E4E6BA571D120BD6DE4101ADB5C06799 30322144 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\GeForce_Experience_Update_v2.1.0.0.exe 2014-06-17 19:30:45 4A9A536B229183E73938803D76AAFA1F 384824 ----a-w- C:\Users\jocel_000\AppData\Local\NVIDIA\NvBackend\Packages\00005bf4\updatus.18607500_RUNASUSER.exe 2014-06-17 19:30:43 1290EE000E20A19866E63446735D0163 307408 ----a-w- C:\Users\jocel_000\AppData\Local\NVIDIA\NvBackend\Packages\00005bee\drsupdate.18604569_RUNASUSER.exe 2014-06-17 19:30:31 859AAC3C91210E72A87E19DF68651A6D 3604320 ----a-w- C:\Users\jocel_000\AppData\Local\NVIDIA\NvBackend\Packages\00005be7\DAO.18606833.exe 2014-06-14 14:42:25 CF685CFAA19710BBAAFCFAF838F4D323 384248 ----a-w- C:\Users\jocel_000\AppData\Local\NVIDIA\NvBackend\Packages\00005bd3\updatus.18586353_RUNASUSER.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1002\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "AVG-Secure-Search-Update_1213b"="C:\Users\Gaming\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=ab91fdeca6bd47d29dc6d74d7ae4e9f3-a8dd570f7cb14ba52ca6cf184fec3e2a4ddf8843 /CMPID=1213b" "Facebook Update"="C:\Users\Gaming\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "ooVoo.exe"="C:\Program Files (x86)\ooVoo\oovoo.exe /minimized" "AVG-Secure-Search-Update_0414c"="C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe /PROMPT /CMPID=0414c " [HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1005\Software\Microsoft\Windows\CurrentVersion\Run] "ooVoo"="C\ooVoo.exe /minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe /r" "Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ooVoo"="C\ooVoo.exe /minimized" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll, c:\\windows\\syswow64\\nvinit.dll,C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "THXCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " "Radio Manager"="C:\Program Files (x86)\SCM\Radio Manager.exe" "SCM"="C:\Program Files (x86)\SCM\SCM.exe" ==== Startup Folders ====================== 2012-10-19 00:54:25 2278 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk 2012-10-19 01:24:11 1969 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3542957407-3684110455-372236726-1002Core.job --a-------- C:\Users\Gaming\AppData\Local\Facebook\Update\FacebookUpdate.exe [25-01-2014 19:28] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3542957407-3684110455-372236726-1002UA.job --a-------- C:\Users\Gaming\AppData\Local\Facebook\Update\FacebookUpdate.exe [25-01-2014 19:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-12-2013 01:01] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3542957407-3684110455-372236726-1002Core" [C:\Users\Gaming\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3542957407-3684110455-372236726-1002UA" [C:\Users\Gaming\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@toolbar"="C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204" [] ==== Chrome Look ====================== Google Docs - jocel_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - jocel_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - jocel_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - jocel_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - jocel_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - jocel_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://mysearch.avg.com?cid={6C126F7E-D71B-495D-B263-A8EDAFD5A5F5}&mid=ab91fdeca6bd47d29dc6d74d7ae4e9f3-a8dd570f7cb14ba52ca6cf184fec3e2a4ddf8843&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 17:34:36&v=17.3.1.204&pid=safeguard&sg=&sap=hp" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6DF46124-AC36-4BF1-8480-EFAD87915D76}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {6DF46124-AC36-4BF1-8480-EFAD87915D76} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1002\Software\Microsoft\Internet Explorer\SearchScopes\{6DF46124-AC36-4BF1-8480-EFAD87915D76} deleted successfully HKEY_USERS\S-1-5-21-3542957407-3684110455-372236726-1005\Software\Microsoft\Internet Explorer\SearchScopes\{6DF46124-AC36-4BF1-8480-EFAD87915D76} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gaming\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gaming\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\jocel_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\jocel_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gaming\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\jocel_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1022 folders=393 295888578 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gaming\AppData\Local\Temp will be emptied at reboot C:\Users\jocel_000\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\JOCEL_~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gaming\AppData\Local\Temp\WMZuneComm.etl.003" not found "C:\Program Files (x86)\AVG SafeGuard toolbar" not found "C:\Program Files (x86)\Avg Secure Update" not found "C:\PROGRA~2\AVG SafeGuard toolbar" not found ==== EOF on vr 20-06-2014 at 18:30:58,73 ======================