Zoek.exe v5.0.0.0 Updated 24-11-2014 Tool run by Tine on di 25/11/2014 at 8:01:29,52. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tine\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 25/11/2014 8:05:37 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\iMesh Applications deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\Richard Z.H. Wang deleted successfully C:\Users\Tine\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Tine\AppData\Roaming\TP deleted successfully C:\Users\Tine\AppData\Roaming\UpdaterEX deleted successfully C:\Users\Tine\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-380967283-3411872672-2172962229-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KMService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\KMService deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\Tine\AppData\Roaming\UpdaterEX not found C:\ProgramData\APN deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\Users\Tine\AppData\Roaming\WB.CFG deleted C:\PROGRA~3\AVG January 2013 Campaign deleted C:\Users\Tine\AppData\Local\CRE deleted C:\Users\Tine\Downloads\avg_avct_stb_all_2015_5557_cnet.exe deleted C:\Users\Tine\Downloads\avg_free_stb_all_2015_5557_cnet.exe deleted C:\Users\Tine\Downloads\FreeYouTubeToMP3Converter (1).exe deleted C:\Users\Tine\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted C:\windows\SysNative\tasks\ROC_REG_JAN_DELETE deleted C:\windows\SysNative\tasks\UpdaterEX deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted C:\Windows\tasks\UpdaterEX.job deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Tine\Documents\Optimizer Pro deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Tine\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-11-20 16:56:36 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-20 16:54:50 ADFB31FA72AFE0298A60BF4AC1045A42 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-11-20 16:54:50 98B3C919C6B9C5F810FF2CAFA339822B 186880 ----a-w- C:\Windows\SysWOW64\pku2u.dll 2014-11-13 09:11:27 0F39AC3274312EFFD03928291E8BA7CA 67584 ----a-w- C:\Windows\SysWOW64\packager.dll 2014-11-13 09:11:19 980EEEE8815DA7593708774D1225BD35 681984 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2014-11-13 09:11:18 9AB39ADD28C7C1A685B1EA8C6A25CF08 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2014-11-13 09:11:18 9216ABFD53F5EC1F35C3554AD1A175DE 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-11-13 09:11:18 13E5B1CD503A4B21E9F0A2D55A00198B 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2014-11-13 09:11:09 B6273619A3DF28F03B64E911E45A6AB2 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-11-13 09:11:09 A6E51BDCB8F4B84E874F918F0452763D 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-11-13 09:11:09 5D5640C34C4A97467F77489DBB157568 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-13 09:11:08 FB56C76FEA44693752BD99D7D9930ABA 341168 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-11-13 09:11:08 93074C4FA92A8399404D032F6AF72C1B 19781632 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-11-13 09:11:08 843BD9DAF03ABB6761DEE6D155301F28 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-13 09:11:08 66F4FFDBCD501260ABC198317D2B0D10 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-11-13 09:11:08 4772DB007FFBD4BBE3F526704BCA67FE 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-11-13 09:11:08 26EE6C9780A8FC872C60F9E35D7EBD4B 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-11-13 09:11:07 5972510EF1C6097D9C14C17387A5EDB2 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-11-13 09:11:06 7748B3DDDC92C7FC11F7462DB872E8E7 2051072 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-11-13 09:11:06 5E01004CBC35A78FE2AB4016CCAD4760 708096 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-11-13 09:11:06 19D68FDEE62519C5A0387EB4E88A01EF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-11-13 09:11:05 FA310BD4A5DE904445DDDE54C5A654F2 2277376 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-11-13 09:11:05 8A46404AC1AEB22AA2D4C906D0FC86C2 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-11-13 09:11:05 6DDC0F44A70976C492CB1666BA9A7912 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-11-13 09:11:05 4F8CD74CD69A94ED1A5D7E837A356F4E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-11-13 09:11:04 A1A2EE55A2C69F79AED00973E604B9C4 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-11-13 09:11:03 8585BC27224F97458C186AA085B754A7 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-11-13 09:11:03 36EE0A2A981617610F921BCBB997DB06 12819456 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-11-13 09:11:01 AE39939F1E25401B9A4952A7A8D372AC 4298240 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-11-13 09:11:01 4169C6A6613856D69224498620F0C2B5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-13 09:11:00 9ED3132B7F0D36FA9911721E8B2CB968 501248 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-11-13 09:11:00 755D0A90CFC4BCB178D7070B0351F0AE 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-13 09:11:00 6DD7D61A8EF3DFEC4FAEFEB395E77424 1892864 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-11-13 09:11:00 139E85C4E5DF322AE1BF6544D8C32B0A 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-11-13 09:10:09 537184E7306E06BB22C5B93D2AFA4DF8 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-11-13 09:10:08 09FA271EE1F9AD68B2D1C1C210F4B71F 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-11-13 09:10:03 5FDBDEECA34E73325D87C5ACD16A3EEC 701440 ----a-w- C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-13 09:10:01 8D338464B851DDD76E2B876A3E09EB70 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-13 09:09:58 FD79B005E849DF3D7E9B5EB7A637C528 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2014-11-13 09:09:58 AA7325057A1E1CC401798C0B1238E182 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2014-11-13 09:09:51 8FE6AB488ECDC60930CE973A7051B0D4 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-11-13 09:09:51 8CFAEFCD7F1E004950FCAE870A501B3E 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-11-13 09:09:49 B580A6B9932669DE703001AEE66D5BB1 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-11-13 09:09:49 37BC079204BF9B087D6DE6B728908B4B 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-11-13 09:09:47 9CEA80FFC617E6B6DD7B52E6225C0D38 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-11-13 09:09:47 8205E55DFB11809E5F2AAD1C48840535 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-11-13 09:08:35 CB55B9AAB060C803BE4AD229AA0FEC28 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-11-13 09:07:56 EDA54D2E17C0271D2CDA946ABE344110 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2014-11-13 09:01:13 1116A6BC802EE28CE3DEBE4934C05D0D 17926832 ----a-w- C:\Windows\SysWOW64\FlashPlayerInstaller.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-20 16:54:50 8A8CB073A4B9F9D97CFA8CA9C1C851CE 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-11-20 16:54:50 1306E6A1BF4D506CD687DF9F947270F2 241152 ----a-w- C:\Windows\Sysnative\pku2u.dll 2014-11-13 09:11:27 934735F508E297504460935B71E99F0B 77824 ----a-w- C:\Windows\Sysnative\packager.dll 2014-11-13 09:11:26 F992AAE3F2DF1D7D2A75B681B0C5280E 304640 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-11-13 09:11:25 9F1FA4F36406693C77CC5779AA7E532D 228864 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-11-13 09:11:25 6021CF6A11DE9B5FC1BD210B6855C497 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-11-13 09:11:19 58F87BF5659C8EBC61EB439C916F2F9A 681984 ----a-w- C:\Windows\Sysnative\adtschema.dll 2014-11-13 09:11:19 008CD4EBFABCF78D0F19B3778492648C 683520 ----a-w- C:\Windows\Sysnative\termsrv.dll 2014-11-13 09:11:18 C4C1B73FC2FF151BA08E1EAFDE2A2FAF 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-11-13 09:11:18 7184AEACDA13E64B10F84E9DD79C8A01 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2014-11-13 09:11:09 7293701905DF1F40760C851F20DDC9EC 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-11-13 09:11:09 1F3794CE1AEA5DA12ACF90210EAE4ECB 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-11-13 09:11:08 854B230F5D77486B67D809FFB8A10C7E 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-11-13 09:11:08 4E47ABA3C6C5032446A2AF7EFD026037 716800 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-11-13 09:11:08 33098C85B789630865CD3F5D22FB0DFC 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-11-13 09:11:08 26BC4EC95E363DD59171710E22108F15 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-11-13 09:11:06 56651A76C63DAF2C593F1F767FC8A856 1550336 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-11-13 09:11:06 1C216980E7D21100A357B52B3C45F78D 388272 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-11-13 09:11:05 E17C34BECCD1388E9B386A9F82F01222 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-11-13 09:11:04 C6A719FD0B07B2DD0ADACD07636F4BAD 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-11-13 09:11:04 2A1A7F17C906941334C6A67E935F214B 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-11-13 09:11:03 6507CA9349500A535AF70670F248E525 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-11-13 09:11:03 1E30BECF0DB35481588FB72C9CF97CA2 800768 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-11-13 09:11:02 BD708EBEDB35E474F1A19747154ACC47 799232 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-11-13 09:11:02 5C9D58591D0091630452B04F35527240 2124288 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-11-13 09:11:01 BA4EC6139B8830BBA9CC5D065CA5796C 2884096 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-11-13 09:11:00 31F2A5ECFD2C75F970A3007ACD5627C7 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-11-13 09:11:00 08BCDD6C9E23D00309F359620461DFE8 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-11-13 09:10:59 69602F6259598A7837CB83D3608FE293 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-11-13 09:10:59 277A4735954F1BF29EE3D138A5251BFE 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-11-13 09:10:59 154B8555A118BCFD95F358390E418B00 14390272 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-11-13 09:10:58 F208D7FB40FD80EA9F123BABF687359C 6040064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-11-13 09:10:58 B6DC4597FF946B0C8B29650A71F52D4E 580096 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-11-13 09:10:58 98088A13F65BE35DA3693F264740CEEC 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-11-13 09:10:58 7EE5FBD190BF5B27F7977EA6CBF0DCAC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-11-13 09:10:58 7EC80DB959695D4F927D2D601DA59F35 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-11-13 09:10:57 EE3592B010E3F69D141323E592C01A1A 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-11-13 09:10:57 6FC2819A4F80AAB2DADEDFC1EFEE3C3F 2365440 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-11-13 09:10:57 4B6D9AB2ECD11AF5F6B1C42D938E0A85 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-11-13 09:10:56 BBD6A636AAA65D874F3863280CD8373D 25110016 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-11-13 09:10:09 364ECFF4ABD9D575F4F7CF7EB7928EF3 1882624 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-11-13 09:10:08 D005697F0467BBDDAB7638496DA5DB52 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-11-13 09:10:03 1FEBD408F32DFC523882E7DA5AC57819 878080 ----a-w- C:\Windows\Sysnative\IMJP10K.DLL 2014-11-13 09:10:01 DE3E38431B00C2EA247C53675DCF01A0 680960 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2014-11-13 09:10:01 9383B21A4B77C130940262DDC5F3F49B 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2014-11-13 09:10:00 FAFCB80D42A65964B6F4945283B8C10F 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2014-11-13 09:10:00 B1BB7B91C3C878FDB2874138CE81C4EF 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll 2014-11-13 09:10:00 A2C9E45F4069A002E985D1563D16813B 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2014-11-13 09:09:52 A71B81AC2C14ABA013CCF1225D9E3E36 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-11-13 09:09:51 109CC0DF72CC07A6CB59D2995255A1DA 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-11-13 09:09:49 DF30FC54FFF79BC744B22A4850A3CF92 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-11-13 09:09:49 55F0CF40479A1FC89CFA578909A540F2 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-11-13 09:09:49 47C48C705F4F1EFC99B50B43AE4301FE 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-11-13 09:09:47 336BA030AB7B05300CB0B5C6AFB27176 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-11-13 09:08:44 93C055B6AAD76360A60CB7E59A491531 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-11-13 09:08:36 2720C94ADCC1727A66365CCB1CE456C4 3241984 ----a-w- C:\Windows\Sysnative\msi.dll 2014-11-13 09:07:57 B938AF16A521C913791C6F7AFF032757 861696 ----a-w- C:\Windows\Sysnative\oleaut32.dll ====== C:\Windows\Sysnative\drivers ===== 2014-11-14 18:45:17 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf 2014-11-14 09:44:45 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-14 09:44:27 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-14 09:44:27 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-11-13 09:11:19 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-10-29 20:35:16 4A989DB4EABAC4297A9DE0D70A9483CB 263960 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-19 20:51:15 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-11-20 16:56:40 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-11-20 16:55:20 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Tine\AppData\Roaming ====== 2014-11-20 16:53:53 -------- d-----w- C:\Users\Tine\AppData\Locallow\Sun 2014-11-20 16:52:39 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun 2014-11-20 16:19:27 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun 2014-11-14 09:47:12 -------- d-sh--w- C:\Users\Tine\AppData\Local\EmieBrowserModeList 2014-11-13 18:05:15 -------- d-sh--w- C:\Users\Tine\AppData\Locallow\EmieBrowserModeList 2014-11-11 11:57:29 -------- d-----w- C:\Users\Tine\AppData\Roaming\AVG2015 2014-11-11 11:57:11 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2014-11-11 11:56:37 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2014-11-11 11:53:43 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 ====== C:\Users\Tine ====== 2014-11-23 19:16:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-11-20 16:55:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-20 16:55:24 -------- d-----w- C:\ProgramData\Oracle 2014-11-19 20:50:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tine\Desktop\RSITx64.exe 2014-11-14 18:40:17 5DE7F38DDF7BA23895D8849C244F8D2D 2293608 ----a-w- C:\Users\Tine\Downloads\VASCOSmartCardReaderPlugin.exe 2014-11-14 17:53:49 EC1C3E970DCCB51F33816C107911B05F 4977216 ----a-w- C:\Users\Tine\Downloads\ccsetup419.exe 2014-11-11 11:55:03 -------- d-----w- C:\ProgramData\AVG2015 2014-10-29 12:09:06 -------- d-----w- C:\ProgramData\Windows Genuine Advantage ====== C: exe-files == 2014-11-24 20:50:00 2E8714C7BABFBACAEC0FFB25DDFC01A4 9662 ----a-r- C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\Tine\AppData\Roaming\Microsoft\Installer\{D8A1AE00-9245-400A-B125-138735C0C5A8}\_6C6023567F69915030FCE3.exe 2014-11-20 16:55:39 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-11-20 16:55:39 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-11-20 16:55:39 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-11-20 16:55:28 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-11-20 16:55:28 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-11-20 16:55:28 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-11-20 16:55:28 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-11-20 16:55:28 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-11-20 16:55:28 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-11-20 16:55:28 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-11-20 16:55:28 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-11-20 16:55:28 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-11-20 16:55:28 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-11-20 16:55:28 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-11-20 16:55:28 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-11-20 16:55:28 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-11-20 16:55:28 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-11-20 16:55:28 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-11-20 16:55:28 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-11-20 16:55:28 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-11-20 16:55:28 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-11-20 16:55:28 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-11-20 16:55:28 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-11-20 16:55:28 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-11-20 16:28:00 DBDC93187B17D055F0B17838C7D264BE 6838864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.65\39.0.2171.65_38.0.2125.111_chrome_updater.exe 2014-11-19 20:51:16 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Tine.exe 2014-11-19 20:50:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tine\Desktop\RSITx64.exe === C: other files == 2014-11-20 16:55:29 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-380967283-3411872672-2172962229-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_803A465159007EBA9394817FB66C8588"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "ISBMgr.exe"="C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_803A465159007EBA9394817FB66C8588"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" "AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Apoint"="%ProgramFiles%\Apoint\Apoint.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" ==== Startup Folders ====================== 2014-11-13 08:48:12 806 ----a-w- C:\Users\Tine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\program.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/11/2014 19:00] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/10/2013 12:00] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/10/2013 12:00] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\USER_ESRV_SVC" ["C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{640BDE69-7D2E-40E7-AF4E-1E5099B266C1}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\SONY\VAIO Gate\StartExecuteProxy" ["%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe"] "C:\Windows\SysNative\tasks\SONY\VAIO Gate\VAIO Gate" [C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\CheckSystemInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\DeployCRMflag" ["%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\GetPOTInfo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\UpdateSolution" ["%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\UploadPOT" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VAIO Care" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCCheckIolo" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCMetrics" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCOneClick" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCRLog" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Care\VCSelfHeal" ["%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader" [C:\Program Files\Sony\VAIO Improvement\viuploader.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation" [C:\Program Files\Sony\VAIO Improvement Validation\viv.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start" [C:\Program Files\Sony\VAIO Smart Network\VSNClient] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\Launch Application" [C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update" ["C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe"] "C:\Windows\SysNative\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair" [C:\Program Files\Sony\VAIO Update\VUSR.exe] ==== Chromium Look ====================== Google Docs - Tine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Tine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Tine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Tine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Tine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Tine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{43F01C89-E4AC-4647-81C8-63B7077122A2}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {43F01C89-E4AC-4647-81C8-63B7077122A2} Google Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}" {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-380967283-3411872672-2172962229-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\32KF5H63 will be deleted at reboot C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F10JA7QR will be deleted at reboot C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O8O2W9PB will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Tine\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=238 folders=34 96756142 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Tine\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Tine\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\32KF5H63" not found "C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F10JA7QR" not found "C:\Users\Tine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O8O2W9PB" not found ==== EOF on di 25/11/2014 at 17:49:51,59 ======================