
Zoek.exe v5.0.0.0 Updated 11-October-2014
Tool run by stefanie on ma 13/10/2014 at  9:12:58,27.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\stefanie\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-03-22-081102.log	1187 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Kodak deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\COMMON~1\myCuteBuddy deleted successfully
C:\Program Files\log deleted successfully
C:\Program Files\WinRAR deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\stefanie\AppData\Roaming\DisplayFusion deleted successfully
C:\Users\stefanie\AppData\Roaming\Logitech deleted successfully
C:\Users\stefanie\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\stefanie\AppData\Roaming\passport_photo deleted successfully
C:\Users\stefanie\AppData\Local\Adobe Tool deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6hdcfsz1.default-1408022038531

user.js not found
---- Lines enabledAddons" modified from prefs.js ----

user_pref("extensions.enabledAddons", "exif_viewer%40mozilla.doslash.org:2.00,%7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.142,fiddlerhook%40fiddl
---- FireFox user.js and prefs.js backups ---- 

prefs_20141310_1135_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6hdcfsz1.default-1408022038531\extensions\superstart@enjoyfreeware.org deleted
C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6hdcfsz1.default-1408022038531\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} deleted
C:\Users\stefanie\AppData\Roaming\iSpy deleted
C:\PROGRA~3\Application Data deleted
C:\PROGRA~2\MyFree Codec deleted
C:\Users\stefanie\AppData\Roaming\Common deleted
C:\Users\stefanie\AppData\Roaming\GetRightToGo deleted
C:\Users\stefanie\CD95F661A5C444F5A6AAECDD91C240D8.TMP deleted
C:\Users\stefanie\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Users\stefanie\Downloads\SpeedyPC Pro Installer_d779911_.exe deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWOW64\AniGIF.ocx deleted
C:\Users\stefanie\Desktop\Continue Microsoft RAW Image Thumbnailer and Viewer 1.0 Installation.lnk deleted
"C:\Users\stefanie\AppData\Roaming\driver\driver.html" deleted
"C:\Users\stefanie\AppData\Roaming\driver" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-09-22 07:13:16	456462905091DB042141487FE030E3C9	737280	----a-w-	C:\Windows\iun6002.exe
====== C:\Users\stefanie\AppData\Local\Temp ====
2014-10-12 16:54:48	E17B30D3B06DBC63E9E94DAE70290A35	787968	----a-w-	C:\Users\stefanie\AppData\Local\Temp\sqlite3.dll
2014-10-04 09:43:27	D25D22CC40998A9E758CFA3649873C72	19881984	----a-w-	C:\Users\stefanie\AppData\Local\Temp\vlc-2.1.5-win32.exe
2014-10-04 06:05:15	FAFD66ECEC7C6DC019B71923C8648645	119808	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\access\libaccess_http_plugin.dll
2014-10-04 06:05:15	F60C6C405FCC6A8FDCCBB9047E157ABC	229227	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\libwinpthread-1.dll
2014-10-04 06:05:15	F3DDA95E32DF6F6385BCA0C6653262B6	19968	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2014-10-04 06:05:15	F090A0829DF5DF7D68EB2A2E5A983F9B	482419	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\libgcc_s_sjlj-1.dll
2014-10-04 06:05:15	D77CC41338D0A96D5B0585A3014E550D	1495552	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_filter\libsamplerate_plugin.dll
2014-10-04 06:05:15	C5CF9AC3E696F3B3F7F6A23D1658946D	46080	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\access\libfilesystem_plugin.dll
2014-10-04 06:05:15	BFEFF2702DCD29CC028D795B7ECBE275	18432	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_filter\libscaletempo_plugin.dll
2014-10-04 06:05:15	BCD9997164D11A5164F765EC77E29DE0	20480	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-10-04 06:05:15	BC2A7A0549658DD7CA3897C6D7C3750F	5798954	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\libstdc++-6.dll
2014-10-04 06:05:15	AC2E764AAE9B56AAD2435AE2A5BA6419	13824	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\control\libdummy_plugin.dll
2014-10-04 06:05:15	AB847C08764B168FB1504370347B5A3C	54272	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-10-04 06:05:15	9410C590D348B14D69BA397741EE329C	2084352	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\misc\libgnutls_plugin.dll
2014-10-04 06:05:15	87B8AAD6CFC7208EB8108CB74B6FA43C	581632	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\stream_filter\libhttplive_plugin.dll
2014-10-04 06:05:15	6F86504DB73C897D0294030F11BBDCF1	21504	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-10-04 06:05:15	540BF7D35DF30272A72C471A6B252258	672185	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\npvlc.dll
2014-10-04 06:05:15	3805176C34B4784BF81E74F8C71606C3	14336	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\access\libidummy_plugin.dll
2014-10-04 06:05:15	1A96A8C99DDF96E0A35782C873589A84	14848	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\access\libaccess_udp_plugin.dll
2014-10-04 06:05:15	19B7B588687E0561FE1D877ACC041BF4	14336	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\access\libaccess_tcp_plugin.dll
2014-10-04 06:05:15	079AF5B2EF389B69D355B636E5FE4A86	1917440	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\libbhaaluvlccore.dll
2014-10-04 06:05:14	F6F6962BD25E7B9F1DC1AA9D58511FD5	68608	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_output\libdirectdraw_plugin.dll
2014-10-04 06:05:14	F47FAC04BC79D6FC4BB5FE25F5F862A7	556544	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_filter\libswscale_plugin.dll
2014-10-04 06:05:14	D8EF18A05910AC28399EA595F272EBD1	14848	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_output\libvdummy_plugin.dll
2014-10-04 06:05:14	D7082C10D1C7017152F0CE2DE8F27ACC	337408	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libfaad_plugin.dll
2014-10-04 06:05:14	D50F473F28203BCAB2ECD8D780F7184D	206336	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\demux\libmp4_plugin.dll
2014-10-04 06:05:14	C44D8D65CA0720A2E325E46BE324E327	14336	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\demux\libh264_plugin.dll
2014-10-04 06:05:14	C3DD415B921DE3490B59CB1BD49452AE	70144	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libdxva2_plugin.dll
2014-10-04 06:05:14	AC5DA33C619F68519EE3624F8DF3C700	38400	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_output\libyuv_plugin.dll
2014-10-04 06:05:14	9624B971BB1FE3892689658F549CA849	56832	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_output\libdirect2d_plugin.dll
2014-10-04 06:05:14	8A402E8CF58A07F1E7C287C7966836A9	18944	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_output\libvmem_plugin.dll
2014-10-04 06:05:14	6FF5E4471DC1C6DA722B03D9D9E1644C	9115136	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libavcodec_plugin.dll
2014-10-04 06:05:14	6183D5FDA9A45CFA73800B1B616EE2FA	15360	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_filter\libscale_plugin.dll
2014-10-04 06:05:14	5DCC54A4FC52202FA2733C803B4208FA	25600	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\demux\libes_plugin.dll
2014-10-04 06:05:14	5543E249C8148F15B3B7F2B2379E391D	18944	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libdts_plugin.dll
2014-10-04 06:05:14	4DE85FE20D9E083EB1499D8DFB2B9E1A	131584	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\demux\libts_plugin.dll
2014-10-04 06:05:14	43A5FAA3C4A24962E1742F7F121A20C0	15872	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_output\libdrawable_plugin.dll
2014-10-04 06:05:14	3BB2BF2B865B67D6F5D13869199BC2E7	20480	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libmpeg_audio_plugin.dll
2014-10-04 06:05:14	34247981A53581286190066D999B5CB8	16896	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libaes3_plugin.dll
2014-10-04 06:05:14	32505C442EE9A92C07C6B9CC507BBA87	173056	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_filter\libdeinterlace_plugin.dll
2014-10-04 06:05:14	30C7BBA9D6011AA936CB47F33D625846	24064	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_filter\libaudio_format_plugin.dll
2014-10-04 06:05:14	2AB35FD8E70AB449009B784244F171FB	95744	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_output\libglwin32_plugin.dll
2014-10-04 06:05:14	290B62B0DD1F05229A1769B7250AFC1A	17408	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\liba52_plugin.dll
2014-10-04 06:05:14	0C1DD0A1BD34F113D3F7E68BBB4D66EB	19456	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libcrystalhd_plugin.dll
2014-10-04 06:05:14	05EF96BE22B9E56ED092B9A4111632F7	14336	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2014-10-04 06:05:14	010743083E7A1420EB3950F45BA1E9E7	134656	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\codec\libtwolame_plugin.dll
2014-10-04 06:05:13	FCA5DBFA526B08E3A7D9A2FF93EFCD9B	138752	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\demux\libplaylist_plugin.dll
2014-10-04 06:05:13	ED4C3317616CDB7597CCFA1D79ACC52E	15872	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-10-04 06:05:13	EA5C7DD09A31643083279DF6D0D0B5F7	26624	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2014-10-04 06:05:13	D855EDA7452296077A06E1253DC5E6BC	12800	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-10-04 06:05:13	BA88BAB9E75F681F4ECCBDA926348CF9	13312	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\librv32_plugin.dll
2014-10-04 06:05:13	A66AE87FCA6AA9D293EFD37493EF9B8D	34816	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\demux\libps_plugin.dll
2014-10-04 06:05:13	9D83FDC7F1CE257F9949853448F2605C	17920	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-10-04 06:05:13	85FC41006F7AF643093843E8F022658C	16896	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_output\libamem_plugin.dll
2014-10-04 06:05:13	797AF15A8BC6F0A4080831790E9EA8BB	24576	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2014-10-04 06:05:13	6CEE6650F0064CE9F50C230AF7ADE165	29184	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-10-04 06:05:13	6936AE0A3F327C68C3D2D43205005A4A	27136	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\audio_output\libdirectsound_plugin.dll
2014-10-04 06:05:13	568F9C1E03B8BC2138008B6AAA5A7FEF	19456	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-10-04 06:05:13	54D25BF60C90E7FCA147029FDA2196F8	20480	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-10-04 06:05:13	4E942A10D9BF43FEB8E665F465B57FB3	117760	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\libbhaaluvlc.dll
2014-10-04 06:05:13	453DE0B3E73F3D8C42A18E13A256A9A0	67072	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2014-10-04 06:05:13	42649AD760BBC9C87509E1E847A47A1F	17408	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-10-04 06:05:13	3F91272EEFBFCB6DD529C3E237E46324	33280	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\libi420_rgb_plugin.dll
2014-10-04 06:05:13	3EEC6CDEA74A9D1382C1326D5DF92E90	62464	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\packetizer\libpacketizer_h264_plugin.dll
2014-10-04 06:05:13	3A73A08510A6DE4C4DE2EDB7535BA976	15360	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\video_chroma\libi422_i420_plugin.dll
2014-10-04 06:05:13	2B7857126700921297269E6104913AEC	114688	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-10-04 06:05:13	0AEDF70B3538D7A4007B3255C9216A82	29184	----a-w-	C:\Users\stefanie\AppData\Local\Temp\nw18912_10123\plugins\plugins\sse2\libi420_yuy2_sse2_plugin.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-09-30 17:40:11	BBA80D3CAB22620A6AC9BB603386EE33	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-09-30 17:40:12	8D46C7BCDF7FBAAC8666D6640ADA930E	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-10-06 13:15:12	--------	d-----w-	C:\Program Files\Microsoft Silverlight
======= C:\PROGRA~2 =====
2014-10-12 08:19:28	--------	d-----w-	C:\PROGRA~2\HD Tune
2014-10-06 13:15:11	--------	d-----w-	C:\PROGRA~2\Microsoft Silverlight
2014-10-04 06:04:47	--------	d-----w-	C:\PROGRA~2\Right Brain Interface
2014-10-01 18:18:21	--------	d-----w-	C:\PROGRA~2\COMMON~1\COMODO
2014-09-26 15:30:53	--------	d-----w-	C:\PROGRA~2\PGWARE
2014-09-26 13:33:56	--------	d-----w-	C:\PROGRA~2\GameGain
2014-09-26 11:53:08	--------	d-----w-	C:\PROGRA~2\DisplayFusion
2014-09-22 07:13:04	--------	d-----w-	C:\PROGRA~2\ISP Monitor
2014-09-13 10:38:51	--------	d-----w-	C:\PROGRA~2\Fiddler2
======= C: =====
2014-09-23 10:18:07	3B243BBEB828710BAC067B2593A69557	230432	----a-w-	C:\PA7302.DAT
====== C:\Users\stefanie\AppData\Roaming ======
2014-10-04 06:04:52	--------	d-----w-	C:\Users\stefanie\AppData\Local\Bhaalu
2014-09-26 14:24:11	--------	d-----w-	C:\Users\stefanie\AppData\Local\CrashDumps
2014-09-26 12:03:31	--------	d-----w-	C:\Users\stefanie\AppData\Local\DisplayFusion
2014-09-22 07:13:35	--------	d-----w-	C:\Users\stefanie\AppData\Roaming\ISP Monitor
2014-09-22 07:05:28	--------	d-----w-	C:\Users\stefanie\AppData\Local\TeleLimit
====== C:\Users\stefanie ======
2014-10-12 17:56:24	590AE97695A21AE8FA5B419BE3E13452	1976320	----a-w-	C:\Users\stefanie\Desktop\adwcleaner_4.000.exe
2014-10-12 17:14:41	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\stefanie\Desktop\RSITx64(2).exe
2014-10-12 08:19:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-10-12 08:18:27	088812A121E0A9CEB40CE9C808C8A90C	642632	----a-w-	C:\Users\stefanie\Downloads\hdtune_255.exe
2014-10-06 13:15:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-06 13:05:54	2EDE6612B7042D8582819CAB084E6883	13087456	----a-w-	C:\Users\stefanie\Downloads\Silverlight_x64.exe
2014-10-04 06:04:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Brain Interface
2014-10-02 04:08:34	D0C5FF1B39AB6DC43DE2B5E35A2D8E4A	41945432	----a-w-	C:\Users\stefanie\Downloads\QuickTimeInstaller(4).exe
2014-09-26 15:30:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperRam
2014-09-26 13:33:57	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameGain
2014-09-26 11:54:16	--------	d-----w-	C:\ProgramData\Binary Fortress Software
2014-09-26 11:53:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2014-09-22 07:13:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISP Monitor

====== C: exe-files ==
2014-10-12 17:27:33	B94DCD283719E5E86D11018A3B73EB29	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1705311119-2534654475-498374019-1001\$IKOMPTP.exe
2014-10-12 17:26:58	F5CF14EA0FC5DA1BDF57ED0AD5D77C44	16551	----a-w-	C:\$Recycle.Bin\S-1-5-21-1705311119-2534654475-498374019-1001\$RKOMPTP.exe
2014-10-12 17:21:51	8C38DC0484D2F2EF77A40987E294AD29	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1705311119-2534654475-498374019-1001\$IQXJLTD.exe
2014-10-10 05:51:47	12EFD5FA51597F188E5DB50BE20EE597	1375089	----a-w-	C:\$Recycle.Bin\S-1-5-21-1705311119-2534654475-498374019-1001\$RQXJLTD.exe
=== C: other files ==
2014-10-08 08:43:40	54653500E9E6851AD83FB8B7BC3CBFA6	511605924	------w-	C:\tablet\Download\wetransfer-21177b(2).zip
2014-10-08 08:40:44	2A19652EC03F959CAB473AE5DC2C1AE8	41345138	------w-	C:\tablet\Download\jasper.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1705311119-2534654475-498374019-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\stefanie\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"WebcamMaxAutoRun"="C:\Program Files (x86)\WebcamMax\wcmmon.exe -a"
"HP Photosmart 7520 series (NET)"="C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe -deviceID TH448722TW05YY:NW -scfn HP Photosmart 7520 series (NET) -AutoStart 1"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"DisplayFusion"="C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Bonus.SSR.FR11"="C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe /autorun"
"PivotSoftware"="C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe"
"DT HPC"="C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"tvncontrol"="C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -controlservice -slave"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\stefanie\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"WebcamMaxAutoRun"="C:\Program Files (x86)\WebcamMax\wcmmon.exe -a"
"HP Photosmart 7520 series (NET)"="C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe -deviceID TH448722TW05YY:NW -scfn HP Photosmart 7520 series (NET) -AutoStart 1"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"DisplayFusion"="C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe"
"PAC7302_Monitor"="C:\Windows\PixArt\PAC7302\Monitor.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tvncontrol]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="tvncontrol"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\COMODO\\GeekBuddyRSP.exe\" -controlservice -slave"


==== Startup Folders ======================

2013-06-22 23:36:53	2306	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk
2014-10-01 18:18:34	2014	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
2013-09-03 09:59:15	2585	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [28/09/2014 05:00]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1705311119-2534654475-498374019-1001Core.job --a------ C:\Users\stefanie\AppData\Local\Facebook\Update\FacebookUpdate.exe [27/06/2013 21:49]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1705311119-2534654475-498374019-1001UA.job --a------ C:\Users\stefanie\AppData\Local\Facebook\Update\FacebookUpdate.exe [27/06/2013 21:49]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1705311119-2534654475-498374019-1001Core" [C:\Users\stefanie\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1705311119-2534654475-498374019-1001UA" [C:\Users\stefanie\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 7520 series" ["C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\SysNative\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"fiddlerhook@fiddler2.com"="C:\Program Files (x86)\Fiddler2\FiddlerHook" [13/09/2014 12:38]

==== Firefox Extensions ======================

ProfilePath: C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6hdcfsz1.default-1408022038531
- FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook
- Exif Viewer - %ProfilePath%\extensions\exif_viewer@mozilla.doslash.org.xpi
- Homepage New Tab - %ProfilePath%\extensions\HomepageNewTab@neocodex.us.xpi
- Who stole my pictures? - %ProfilePath%\extensions\images@wink.su.xpi
- Add Google Search To New Tab Page - %ProfilePath%\extensions\newtabgoogle@graememcc.co.uk.xpi
- Minimeter - %ProfilePath%\extensions\{08ab63e1-c4bc-4fb7-a0b2-55373b596eb7}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\stefanie\AppData\Roaming\Mozilla\Firefox\Profiles\6hdcfsz1.default-1408022038531
DFC9460CC37E5C414DC4680B10C19E7A	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll -	Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\stefanie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[23/09/2012 20:43]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07/08/2014 03:44]
omaonpoimgkmbllpdihbnmgphjoipdhf - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx[01/05/2012 22:45]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\stefanie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================


==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\stefanie\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\stefanie\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 13/10/2014 at 13:09:58,79 ======================