Zoek.exe v5.0.0.0 Updated 19-10-2014 Tool run by Wout on ma 20-10-2014 at 11:28:05,55. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Wout\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 20-10-2014 11:30:24 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3797447156-1396509543-314429029-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3797447156-1396509543-314429029-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3797447156-1396509543-314429029-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3797447156-1396509543-314429029-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully HKEY_USERS\S-1-5-21-3797447156-1396509543-314429029-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully HKEY_USERS\S-1-5-21-3797447156-1396509543-314429029-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files\ASUS\P4G\InsOnSrv.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files\ASUS\P4G\InsOnWMI.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Windows\SysWOW64\ctfmon.exe C:\Users\Wout\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_0414c"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\Program Files (x86)\Mysearchdial deleted C:\PROGRA~2\SopCast deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\Users\Wout\AppData\Roaming\mysearchdial deleted C:\PROGRA~3\SetStretch.VBS deleted C:\PROGRA~3\Avg_Update_0414c deleted C:\PROGRA~3\Avg_Update_0814tb deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\AVG SafeGuard toolbar deleted C:\Users\Wout\AppData\Local\AVG SafeGuard toolbar deleted C:\Users\Wout\Downloads\avg_free_stb_all_2014_4355_cnet.exe deleted C:\Users\Wout\Downloads\sopcast.nl.zip deleted C:\Users\Wout\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\windows\SysNative\tasks\RocketTab deleted C:\windows\SysNative\tasks\RocketTab Update Task deleted C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rel.job deleted C:\Windows\tasks\AVG-Secure-Search-Update_0414c_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_0414c_rel deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_0414c_rmv deleted C:\END deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll" deleted "C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe" deleted "C:\PROGRA~2\AVG SafeGuard toolbar\TBAPI.dll" deleted "C:\Program Files (x86)\AVG SafeGuard toolbar" not deleted "C:\Program Files (x86)\Avg Secure Update" not deleted "C:\PROGRA~2\AVG SafeGuard toolbar" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3982 MB CPU Info: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz CPU Speed: 1815,2 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 710M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 186,3GB | D: 258,3GB Hard Disks - Free: C: 104,8GB | D: 258,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. X550CL Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Default Browser: Google Chrome 38.0.2125.104 Internet Explorer Version: 10.0.9200.17116 Google Chrome version: 38.0.2125.104 Adobe Reader version: 10.0.0.396 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Wout\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-10-16 16:36:30 C1D91745071296A5B8B4109B852557CD 104904 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-10-16 16:36:30 8794F606864361680F1E380A7C119A9C 705480 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-15 11:51:29 8EE4E15CD5E62EA1FD3331F5BDCDF97B 2620928 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL 2014-10-15 11:51:28 7BB8D2AE467A8B2D88EDCDFBAC40964C 1408952 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2014-10-15 11:51:27 94B39718C58270E0B948B5186FB3BA4D 323072 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-10-15 11:51:25 E182544D07146B762939CAAF5FA18495 478352 ----a-w- C:\Windows\SysWOW64\locale.nls 2014-10-15 11:51:23 0621E6E20AABF521A91C74C9AD7A7663 96768 ----a-w- C:\Windows\SysWOW64\dwmapi.dll 2014-10-15 11:51:22 E932B750A978F0A93BA7327FA04844DB 2032640 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-10-15 11:51:21 231C3AA139D74642AE7D957B7811EBD1 1220608 ----a-w- C:\Windows\SysWOW64\storagewmi.dll 2014-10-15 11:51:15 C7A3ACA54E11E2BDCEB46975EC8848BA 7168 ----a-w- C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-15 11:51:15 16DDE29F307B0663AFD8897442E065B7 8192 ----a-w- C:\Windows\SysWOW64\KBDRUM.DLL 2014-10-15 11:51:14 EDE03D06A35132D786C35FE5DD2F0B07 6656 ----a-w- C:\Windows\SysWOW64\KBDRU.DLL 2014-10-15 11:51:14 D57A1A110698E4A9B5FCEB536F90BAAF 6656 ----a-w- C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-15 11:51:14 6E34D6520DC74C611B6415B40B47808F 6144 ----a-w- C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-15 11:51:13 A08F2C30B46A60F81D66CB3FE3C14631 7168 ----a-w- C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-15 11:50:01 4F6502701DBE08C9BEA05F4D78373B60 68096 ----a-w- C:\Windows\SysWOW64\packager.dll 2014-10-15 11:49:39 C5AC3F6E50500596320747DC96C8316E 5095424 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-10-15 11:49:36 2BE2BCA9EE6BACA15D57871657E58B0C 1049600 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-10-15 11:49:35 AC0B4E69B7CAC4643E3801C3C2169477 269312 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2014-10-15 11:49:35 61FDC4560746FD5579B69A83E497E20C 233472 ----a-w- C:\Windows\SysWOW64\winsta.dll 2014-10-15 11:49:11 5CC7C09299A59EFB3D39B919440E4D1B 14368768 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-10-15 11:49:03 46AD2C023AFAE4B34BB53A03D3D29A45 13757952 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-10-15 11:49:02 C8E7CBB6E1D0E7C82F40316F5A289F4A 2055168 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-10-15 11:49:02 B3B9E14680EF3501068C50DCF7E6981F 1762816 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-10-15 11:49:01 AB28F96CB72CF5D4DF084A122F29102A 1180672 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-10-15 11:48:58 E9F211DBE5D6A8A1BAC623DD96607A2F 1440768 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-10-15 11:48:56 27E77B7CE4CED3FA7B075DCE4007E360 2861568 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-10-15 11:48:55 9C198475DB06DDB79BB760B4FC280FAA 226816 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-10-15 11:48:55 88F81FA0B71337CEC3CFFADAADB90578 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-10-15 11:48:55 6F8CB04F5817839862C3E8D4EA213818 80384 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-10-15 11:48:55 4F53B02C564E01C35A91CA0C881ACC5A 226816 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-10-15 11:48:55 47AF1AA5D689714BC056E9878D8C5667 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2014-10-15 11:48:55 0FD77638DA2B431316591BC45BDC88DB 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2014-10-15 11:48:54 BA416CCF74538009ECE3545EAD16F7D0 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll 2014-10-15 11:48:54 AE51CBCF4E92FE99383584D8CEB415CD 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-10-15 11:48:54 6BEBD66BF8EB39E715C7CD57FCC21CB2 357888 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-10-15 11:48:53 F127C446B2720FB936C22C6A37CAD895 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-10-15 11:48:52 F393728E0B79C4C58CD963F2AA6895BA 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll 2014-10-15 11:48:52 3CB3C819315B2ECC8612FA91DF7D695C 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-10-15 11:48:52 1A39E4CEC2AE017AA39B5E6895A23B63 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-10-15 11:48:51 A4BA6796D8F45780F07773B3B351C971 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-10-15 11:48:41 D4672231F8BA23F726F0705EA03D57C2 510464 ----a-w- C:\Windows\SysWOW64\rastls.dll 2014-10-15 11:48:27 BBC180F529B08A65100536A08724ED58 1126400 ----a-w- C:\Windows\SysWOW64\user32.dll 2014-10-15 11:48:25 AEFC2C5E01740C731C1C451752606471 27648 ----a-w- C:\Windows\SysWOW64\sscore.dll 2014-10-15 11:48:02 1122B660FD27AB3BC94534B5EA98259C 754176 ----a-w- C:\Windows\SysWOW64\actxprxy.dll 2014-10-15 11:48:01 8A05EDB3B6FFF8FFE667095F75095E98 2416128 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-10-15 11:48:01 5EA6E0ED314024E4EC47BFC387B29D7B 8858112 ----a-w- C:\Windows\SysWOW64\twinui.dll 2014-10-15 11:47:58 50C9B7528610F9F24DA4681BF44C5878 2037760 ----a-w- C:\Windows\SysWOW64\authui.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-10-18 12:04:37 A33D84EBCF229CB96D7823DE61EB1832 294872 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2014-10-15 11:51:36 DD92DF2E4B94B64C3D31DE27A06D1575 1824784 ----a-w- C:\Windows\Sysnative\ntdll.dll 2014-10-15 11:51:32 1BE05DA2BDD01C2B55E8EF932CEFC590 1023488 ----a-w- C:\Windows\Sysnative\localspl.dll 2014-10-15 11:51:29 820682A620FE947E9B289CECE63367B5 419328 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-10-15 11:51:28 3D353BA6A5A2A39AC34034FF57CAEDE9 1539584 ----a-w- C:\Windows\Sysnative\storagewmi.dll 2014-10-15 11:51:26 4930F66E2F2BC026DBA513CBE2F38DB1 2842112 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2014-10-15 11:51:25 E182544D07146B762939CAAF5FA18495 478352 ----a-w- C:\Windows\Sysnative\locale.nls 2014-10-15 11:51:25 50FDEA8EDF71EB1A9F6C76D6E613BC60 2238464 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-10-15 11:51:24 F43314B83101DEBF7D7CCD42493CFC60 263680 ----a-w- C:\Windows\Sysnative\wcmsvc.dll 2014-10-15 11:51:24 11FAD2D291E172B95FCB54B4B1CE508F 1403896 ----a-w- C:\Windows\Sysnative\winload.efi 2014-10-15 11:51:23 9C7C5190CD04EFAD1A71A4D6A8A44FDE 1271664 ----a-w- C:\Windows\Sysnative\winload.exe 2014-10-15 11:51:21 C5FE4940CA3C5FB2EAB6C39C3FC456AD 117248 ----a-w- C:\Windows\Sysnative\dwmapi.dll 2014-10-15 11:51:20 7319B31138CF508E0C4502946657A4B4 209920 ----a-w- C:\Windows\Sysnative\profsvc.dll 2014-10-15 11:51:20 5AAB01B8725DC24CA6B3FC5012D70DB9 74752 ----a-w- C:\Windows\Sysnative\wcmcsp.dll 2014-10-15 11:51:19 FC1569B5705887D74FE7C8A39BE1C71C 340480 ----a-w- C:\Windows\Sysnative\defragsvc.dll 2014-10-15 11:51:19 12A626D63F58DACEB63BD41C7D86B09A 733184 ----a-w- C:\Windows\Sysnative\win32spl.dll 2014-10-15 11:51:15 DF9F74432FB1CE9178F33E276A4431BA 6656 ----a-w- C:\Windows\Sysnative\KBDBASH.DLL 2014-10-15 11:51:15 DCFD9072A8A1AFCBFB0E05B32C9150EB 7168 ----a-w- C:\Windows\Sysnative\KBDYAK.DLL 2014-10-15 11:51:15 B495BC16629E0BCED17CEFD25C23964E 6656 ----a-w- C:\Windows\Sysnative\KBDRU.DLL 2014-10-15 11:51:15 9ED8C4F352416C11C73C6D912906CA79 7168 ----a-w- C:\Windows\Sysnative\KBDRU1.DLL 2014-10-15 11:51:15 9BD3DE5E420C4123BA08613270764AC4 181248 ----a-w- C:\Windows\Sysnative\Defrag.exe 2014-10-15 11:51:15 05CA44CAA9C4FB53923E1A9E44EA0F0F 8704 ----a-w- C:\Windows\Sysnative\KBDRUM.DLL 2014-10-15 11:51:15 03D0D2E49D71AD3F0D545F5F915B10F9 7168 ----a-w- C:\Windows\Sysnative\KBDTAT.DLL 2014-10-15 11:50:02 792D0FBD7C1BA45F8384D70735B437C4 79360 ----a-w- C:\Windows\Sysnative\packager.dll 2014-10-15 11:49:40 F518FD5FDD680629673C9DC77DC0EEC6 5982208 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-10-15 11:49:38 D50E68430D66BB84CE179861E69CC399 3248128 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-10-15 11:49:37 2B3D2FDF50EDABEBE0A9E6F741C81858 724992 ----a-w- C:\Windows\Sysnative\termsrv.dll 2014-10-15 11:49:37 155779F35206A76C7126273F9D5AD2EE 1125376 ----a-w- C:\Windows\Sysnative\mstsc.exe 2014-10-15 11:49:36 6D6C2DA65E13E51F75BBE2ACA3A48835 300544 ----a-w- C:\Windows\Sysnative\winsta.dll 2014-10-15 11:49:16 2489EA735F94216925A002781B3B87F9 19280896 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-10-15 11:49:05 21310AC456E9275E6D0AC5CACEE4A30B 15399424 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-10-15 11:49:04 949C61BEF8501BD244C50A7F182CEC74 2236928 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-10-15 11:49:04 1CBC10733B34EB7D4E92E8022B1535BF 2655232 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-10-15 11:49:02 F458934D036BB3F2C754640339384158 1407488 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-10-15 11:48:59 EBFB72FF2992D1CB6805698B58A64AEE 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-10-15 11:48:58 F76A5255660252420376B31AD1C24FC5 1508864 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-10-15 11:48:57 9957691D2875DB42D7EA1209A2E67B26 97280 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-10-15 11:48:56 98E591978CCBA8E2FCB87268ABD12DA2 281600 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-10-15 11:48:56 3B34638F07B49277AF78464EE4A63032 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll 2014-10-15 11:48:55 AF9A48264098AE33CA93CB86C2AB892B 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2014-10-15 11:48:55 752F603D0C13591FE70BB2B7A50AE17A 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2014-10-15 11:48:55 4C9FD7A59F423D1A8F4C869DB82B9525 255488 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-10-15 11:48:55 3D39412058F901DF575AD1B1B5870FB1 3959296 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-10-15 11:48:55 00D412368D9EB874BDCBC8050DD21A39 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-10-15 11:48:54 E9430BD5E2CE513383C736F27DD71EDF 197120 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-10-15 11:48:54 B4BFBCE9FA8F427D358882F8D052DB1E 451584 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-10-15 11:48:54 B42351525BDD4CDB62867BEBD19923B9 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-10-15 11:48:54 3B079C9A07F21A1448E9C20F6B43AE43 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll 2014-10-15 11:48:52 E898BBB00B139598B99FC1F0AEFC6E69 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-10-15 11:48:52 3DB1322136D36AF092CF833DAF0FA1F8 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-10-15 11:48:51 4570FBBD4CFF7797D8C3FF85698B70D7 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-10-15 11:48:48 FBAC2595851C12CCD65FE0379E34152D 275968 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-10-15 11:48:47 14DABAAE4E72DE886B55D56C2B3C5502 693248 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-10-15 11:48:45 EB0D28C4F59108AA36BA6A981B7793DB 556544 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-10-15 11:48:42 B70195713474BB161AB88AF3FAA8B99A 585728 ----a-w- C:\Windows\Sysnative\rastls.dll 2014-10-15 11:48:28 FAC7814096952227B0EBB08175D82B40 1341952 ----a-w- C:\Windows\Sysnative\user32.dll 2014-10-15 11:48:28 05A5B36592BB5F371B6AB020A2691E42 305664 ----a-w- C:\Windows\Sysnative\srvsvc.dll 2014-10-15 11:48:27 4E94CA181141C246CBC25CCE2BF05DCF 1549824 ----a-w- C:\Windows\Sysnative\msdtctm.dll 2014-10-15 11:48:25 05A31B89EAF676D2A57A51CC2462F4A1 35840 ----a-w- C:\Windows\Sysnative\sscore.dll 2014-10-15 11:48:24 B6F423906D3E10BE38C16726C0905033 388729 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2014-10-15 11:48:06 EFE13CACCBD47864A433C6B7A64DB96A 4068352 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-10-15 11:48:00 AF6D3CC749D97FDC7E4C6051CA296B7F 2146304 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2014-10-15 11:48:00 9BFDECBDE64A16E2015993DAF2197DF3 10115072 ----a-w- C:\Windows\Sysnative\twinui.dll 2014-10-15 11:48:00 160CB3ED0A8FB7F0147B939AAD03D30A 2885120 ----a-w- C:\Windows\Sysnative\msi.dll 2014-10-15 11:47:58 2D9FC71B37E93E235969D4DCA6C1FD44 2306560 ----a-w- C:\Windows\Sysnative\authui.dll ====== C:\Windows\Sysnative\drivers ===== 2014-10-15 11:51:19 AA37946941ED3805AB3A924965907147 328000 ----a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2014-10-15 11:48:29 B56A855B23676CCE05B626C6037FD02F 674304 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2014-10-15 11:48:29 14EE56050E1637926F5CFA65B1F4209B 404480 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2014-10-15 11:48:28 78E9665C8DC59106D133CBEF0F0C3DE3 250368 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2014-10-15 11:48:28 0AA400AB21745F1153ECE75E0186509A 211456 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2014-10-15 11:48:27 FAAB461D5AEB21EE5FC5C0DBD6648223 447296 ----a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-19 12:56:21 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-10-11 19:16:49 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-10-11 19:16:49 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\Wout\AppData\Roaming ====== 2014-10-19 09:32:43 -------- d-----w- C:\Users\Wout\AppData\Roaming\AVG2015 2014-10-19 09:31:53 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2014-10-19 09:31:31 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2014-10-19 09:30:05 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2014-10-19 09:09:44 -------- d-----w- C:\Users\Wout\AppData\Local\Avg2015 ====== C:\Users\Wout ====== 2014-10-19 12:56:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Wout\Downloads\RSITx64.exe 2014-10-19 09:30:19 -------- d-----w- C:\ProgramData\AVG2015 2014-10-11 19:16:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2014-10-19 12:56:21 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Wout.exe 2014-10-19 12:56:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Wout\Downloads\RSITx64.exe 2014-10-17 15:29:07 F33B2BAC968BE5A7AE84964B2B6465FD 423664 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00006647\CoProc update.18983142.exe 2014-10-17 15:29:01 03FADD218D9074D3548ADCD6AD30D1AE 4189280 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00006645\DAO.18983047.exe 2014-10-16 16:36:30 8794F606864361680F1E380A7C119A9C 705480 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-10-16 13:06:44 5129A344005E24D4EC4BB90D5011E013 4170416 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\00006604\DAO.18975834.exe 2014-10-15 14:13:39 C321DE25CEE33C6F4C9FE2881B1535F9 254784 ----a-w- C:\Program Files (x86)\PokerStars.EU\backup\br\PokerStarsBr.exe 2014-10-15 14:13:39 4C75827745C7992EE5872893ADA502D7 152896 ----a-w- C:\Program Files (x86)\PokerStars.EU\backup\ftpcs.exe 2014-10-15 11:51:23 9C7C5190CD04EFAD1A71A4D6A8A44FDE 1271664 ----a-w- C:\Windows\System32\winload.exe 2014-10-15 11:51:23 9C7C5190CD04EFAD1A71A4D6A8A44FDE 1271664 ----a-w- C:\Windows\System32\Boot\winload.exe 2014-10-15 11:51:15 9BD3DE5E420C4123BA08613270764AC4 181248 ----a-w- C:\Windows\System32\Defrag.exe 2014-10-15 11:49:37 155779F35206A76C7126273F9D5AD2EE 1125376 ----a-w- C:\Windows\System32\mstsc.exe 2014-10-15 11:49:36 2BE2BCA9EE6BACA15D57871657E58B0C 1049600 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-10-15 11:49:01 C13A4B9FB6B1D150D542C107ACB6A0EA 775312 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-10-15 11:49:00 316B181B800DB2A830BB2D4B894246D0 770712 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-10-15 11:48:59 A6574ACC1057853B9CEC400C550C8E4D 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-10-15 11:48:59 0DAB17C4DAC514588A5C396D1BFC929F 485376 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-10-15 11:48:55 00D412368D9EB874BDCBC8050DD21A39 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-10-15 11:48:45 D43F34B4901C499FE13798149879DCD8 161960 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe 2014-10-15 11:34:39 4BF710A00FF08588F6896D01B1C8D2E8 422800 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000065b7\CoProc update.18973585.exe 2014-10-15 11:34:30 DB70C750E647C4EF0024087185EAE0F7 4157720 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\000065a4\DAO.18971568.exe 2014-10-14 21:31:39 68270679465EC5A66B65489C6E44AD64 11100752 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.104\38.0.2125.104_37.0.2062.124_chrome_updater.exe 2014-10-14 09:34:28 0E5E8AC1F4C991206FC97CBE647D4518 4164448 ----a-w- C:\ProgramData\NVIDIA\Updatus\Packages\0000659c\DAO.18968338.exe === C: other files == 2014-10-19 09:30:29 F4D6665EAABA19E9DCCD134613A21952 17424 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Drivers\avgbootx.sys 2014-10-19 09:30:29 4EB2E8EE8BA47B58E08B67139C31CB41 20496 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Drivers\avgboota.sys 2014-10-15 11:51:19 AA37946941ED3805AB3A924965907147 328000 ----a-w- C:\Windows\System32\Drivers\volsnap.sys 2014-10-15 11:48:29 B56A855B23676CCE05B626C6037FD02F 674304 ----a-w- C:\Windows\System32\Drivers\srv2.sys 2014-10-15 11:48:29 14EE56050E1637926F5CFA65B1F4209B 404480 ----a-w- C:\Windows\System32\Drivers\mrxsmb.sys 2014-10-15 11:48:28 78E9665C8DC59106D133CBEF0F0C3DE3 250368 ----a-w- C:\Windows\System32\Drivers\srvnet.sys 2014-10-15 11:48:28 0AA400AB21745F1153ECE75E0186509A 211456 ----a-w- C:\Windows\System32\Drivers\mrxsmb20.sys 2014-10-15 11:48:27 FAAB461D5AEB21EE5FC5C0DBD6648223 447296 ----a-w- C:\Windows\System32\Drivers\USBHUB3.SYS 2014-10-15 11:48:06 EFE13CACCBD47864A433C6B7A64DB96A 4068352 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ASUSWebStorage"="C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2014-08-05 10:42:32 1012 ----a-w- C:\Users\Wout\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-04-2014 19:22] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-04-2014 19:22] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files\ASUS\P4G\InsOnCfg.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe] "C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\Windows\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{1EB8D1C0-1B47-4964-A537-E66A5CD6D3D3}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{71210334-4B3A-427D-9583-A50C247D61FC}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] ==== Chromium Look ====================== Google Docs - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom {scripts [scripts/common.jsscripts/background.js]}content_scripts:[{all_frames:falsejs:[scripts/content.jsscripts/contentInit.js]matches:[]run_at:document_end}]description:Search the web safely using the AVG SafeGuard toolbar.icons:{128:icons/avg_icon_128.png}key:MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaBhCcd8V6V8SwALoaT+A51wnypeg3PtHPFZ6/1OKPFykl5ejJUJj4iBdO6hwupZS9r69OFb9AF0NPAxXqMfuh/mVqguifgJiqVV7tLaQ5tGAIy0pACKYaTICVePngldEIu1VNSf8A+YoQIt0LL7arZL5E/0iIoqX4Yd04Q8X2HwIDAQABmanifest_version:2name:AVG SafeGuardpermissions:[tabsnativeMessaginghistory]update_url:https://clients2.google.com/service/update2/crxversion:18.1.5.512} - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Google Wallet - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Wout\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://mysearch.avg.com?cid={50BD4B59-5582-4DD9-A891-870F9C2E785B}&mid=994b34e9ed6e47d29dcd915f38e287fa-3ef91178a597fc0d0bcfd0cd5f20aacb3cbb0dd6&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-05 16:40:42&v=18.1.5.512&pid=safeguard&sg=&sap=hp", "homepage": "http://mysearch.avg.com/?cid={50BD4B59-5582-4DD9-A891-870F9C2E785B}&mid=994b34e9ed6e47d29dcd915f38e287fa-3ef91178a597fc0d0bcfd0cd5f20aacb3cbb0dd6&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-05%2016:40:42&v=18.1.5.512&pid=safeguard&sg=&sap=hp", "homepage": "http://mysearch.avg.com?cid={50BD4B59-5582-4DD9-A891-870F9C2E785B}&mid=994b34e9ed6e47d29dcd915f38e287fa-3ef91178a597fc0d0bcfd0cd5f20aacb3cbb0dd6&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-05 16:40:42&v=18.1.0.443&pid=safeguard&sg=&sap=hp", "session.startup_urls": [ "http://mysearch.avg.com/?cid={50BD4B59-5582-4DD9-A891-870F9C2E785B}&mid=994b34e9ed6e47d29dcd915f38e287fa-3ef91178a597fc0d0bcfd0cd5f20aacb3cbb0dd6&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-05%2016:40:42&v=18.1.0.443&pid=safeguard&sg=&sap=hp" ] "startup_urls": [ "http://mysearch.avg.com?cid={50BD4B59-5582-4DD9-A891-870F9C2E785B}&mid=994b34e9ed6e47d29dcd915f38e287fa-3ef91178a597fc0d0bcfd0cd5f20aacb3cbb0dd6&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-05 16:40:42&v=18.1.0.443&pid=safeguard&sg=&sap=hp" ], ==== Chromium Fix ====================== C:\Users\Wout\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully C:\Users\Wout\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage deleted successfully C:\Users\Wout\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {77AA745B-F4F8-45DA-9B14-61D2D95054C8} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3797447156-1396509543-314429029-1002\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:52256;https=127.0.0.1:52256" "ProxyOverride"="<-loopback>" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - Startup: Dropbox.lnk = C:\Users\Wout\AppData\Roaming\Dropbox\bin\Dropbox.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files\ASUS\P4G\InsOnSrv.exe O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wout\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wout\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Wout\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=481 folders=152 106279108 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\Wout\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Wout\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\AVG SafeGuard toolbar" not found "C:\Program Files (x86)\Avg Secure Update" not found "C:\PROGRA~2\AVG SafeGuard toolbar" not found ==== EOF on ma 20-10-2014 at 11:50:40,50 ======================