
Zoek.exe v5.0.0.0 Updated 18-01-2015
Tool run by gebruiker on ma 19-01-2015 at 19:04:32,22.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

19-1-2015 19:12:58 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\gebruiker\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13D5CF33-1BF7-4789-AC7A-FD78E0EE3062} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{165C4B93-6BCC-4EE8-99B2-61E94D23022} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B411B8B-9FA3-4042-915B-E1F5BC64C1F} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B58FD1D-DBB0-4646-8188-5FC3AF5A167B} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C41DAD1-C4B5-4E4D-B6BE-2DF8BE05CF1} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21A6CB89-B47C-4714-91E1-E4E58E42334A} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2457A2E5-DD39-4F35-A980-731540AE4658} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{313A539B-5195-4EC9-B64E-9DDD66EE3A} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32458783-183F-4C15-811E-6B825066A030} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{380F4790-A964-435D-811E-595BBACE4539} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{386CFC0F-E72D-43A8-8A4D-32CDCD52E3E1} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A1CDB92-CA7F-4C9A-9E36-B8CF3948CDA3} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B507011-DFE9-43F1-9070-A936C219E0D3} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D45A132-620E-4EBB-99DF-25612FC552AC} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{440D7907-5D35-46FA-BE5D-7B68E552A088} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{47C80781-4455-4C4C-908E-7F1050A89FD7} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5139F7E5-14A2-4771-A99-EAF5C817C1D} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{534915FA-F4D8-4575-B518-BB2A428122BA} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58155851-9FF8-4E28-B1F9-EF25DC7ECEE} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58882802-A5CC-4ED8-837-4494A9EF2AE} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AD62E80-E871-431E-94C3-60D0EF4A387F} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CC14521-ABCB-4572-A971-C773339AA2B8} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61D386F8-E16A-4C34-BD35-2B47F5CF364D} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6847B375-C137-4D72-8FC2-2FD2229D792} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6AB2A101-2FE2-41D5-9396-99F79E1A18BE} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D099CEF-B552-4B65-858F-A9DA7B3F2A29} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75009617-BCB6-418F-89BB-DFF5FECE5E36} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{788333F5-A88E-42FC-9833-DA32D736CEDE} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CBEE65A-DEDE-458F-8222-BC8B47BF326D} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88D1ABF5-C855-4E92-B815-52F3EB36BAF0} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D17F6D5-BA1E-4893-B036-F2A05DBA28C3} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D34A62C-4CB0-4BFA-9A8E-63EFBBC736D4} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7DA2761-ED31-40E4-A7EC-F919BA1BA97} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7DB0B7C-6E2-42C7-B08E-3E85A8FFA27E} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC254D63-6CFD-418B-ADC6-CECBB04F5B1} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0B37844-EB53-4173-9054-7852439A69AB} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C59E0C7-A5C4-4F75-9BB9-2A512F2F9042} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA6D53A8-EB29-4CFF-926B-7743C84F73E2} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCE4F252-EC4B-4F1F-8385-BD7C6A5AB89C} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DD5296-2B35-40F2-8FED-2C5AFBD19ADB} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D299A00F-74FB-41AB-A4CA-7098DF9AD7F1} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E012ED14-9AD7-4381-83C1-25794685952E} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D5A816-65A3-4FA6-B785-BBAEFD3CCBBF} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3DE04A2-CDAF-4D88-9379-79D3E351C239} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E69019DB-F5B0-49C1-9E80-AD35E7D923DB} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC3FB39F-6B36-422E-9452-EE97FCCD453A} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC71325B-648F-4DC3-8D5D-9A19F65156DC} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6D9F425-6A1D-4FAE-BAAB-92F5EA41F52} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8B730B-11C7-4662-8093-5EC8BE56EEA} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA54CAB8-EF7F-4017-8A48-F79AB7C6189F} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF823B8B-817F-42C2-B051-80589FA17EA2} deleted successfully
HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFB197DC-244E-472E-8969-FA4A923AFF97} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Popcorn Time deleted
C:\Program Files (x86)\Unsocialize  The Link Unsocializer deleted
C:\Program Files (x86)\uniisales deleted
C:\Program Files (x86)\unisaileS deleted
C:\ProgramData\gaielheejadmklpbjlddkdhjpjolbbno deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\Syswow64\SET1681.tmp deleted
C:\WINDOWS\Syswow64\SETEEEC.tmp deleted
C:\WINDOWS\Syswow64\SETEF6B.tmp deleted
C:\WINDOWS\Syswow64\SETEFAB.tmp deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2015-01-19 18:23:20	EFFEF020C1DA26252528E4DCB49FF9BA	1491456	----a-w-	C:\Users\gebruiker\AppData\Local\Temp\speccycpuid.dll
====== Java Cache =====
2015-01-19 18:09:50	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-70984a1a
====== C:\WINDOWS\SysWOW64 =====
2015-01-19 18:08:45	A042349B7208BF8BED858B1E9B48B06D	98216	----a-w-	C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-01-15 13:44:08	A4001C78F2806662B3BD91ACB44E6330	45	----a-w-	C:\WINDOWS\SysWOW64\initdebug.nfo
2015-01-14 13:12:01	DCE9FD22B136C127C85F285E083B928B	65536	----a-w-	C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-14 13:12:00	1F9C1925A85C6CC592C2FF612A610412	372408	----a-w-	C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 13:12:00	1EB1C1E43C1901865C5AE34A9771C069	448792	----a-w-	C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 13:12:00	1275462A4337DBC5518859316BEF262C	413136	----a-w-	C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 13:11:59	D9F17FC61102D89A67A2AA3DD21231F5	33584	----a-w-	C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 13:11:59	BFFD9961B29DAB8084278DB2314D6027	33280	----a-w-	C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 13:11:59	B5867FF96CD0F7712CB4985EAC9F9147	370424	----a-w-	C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 13:11:59	7C36A441C73F079781ABA8F3DAEDFB37	136296	----a-w-	C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 13:11:59	7B2643AE85322EA168B0E760B73258FF	424544	----a-w-	C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 13:11:59	4B07B24705A9225EB565650569BDA26B	344536	----a-w-	C:\WINDOWS\SysWOW64\AUDIOKSE.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-01-16 14:15:40	2BBE5D70A968DC31919373AE6824A4BD	372392	----a-w-	C:\WINDOWS\Sysnative\FNTCACHE.DAT
2015-01-14 13:12:01	FE11972797DED38CA55E88BD3579F6A2	360448	----a-w-	C:\WINDOWS\Sysnative\ncsi.dll
2015-01-14 13:12:01	E94EB2A95D7D016E119C4D6868788831	391680	----a-w-	C:\WINDOWS\Sysnative\nlasvc.dll
2015-01-14 13:12:01	6319232C1CE39AC35316CF51910EEEB5	86016	----a-w-	C:\WINDOWS\Sysnative\nlaapi.dll
2015-01-14 13:12:01	19424364D8C03B990C4281BE53963FD0	225280	----a-w-	C:\WINDOWS\Sysnative\profsvc.dll
2015-01-14 13:12:00	8EBC741DDE9409038262E2F317ED7CCE	535640	----a-w-	C:\WINDOWS\Sysnative\wer.dll
2015-01-14 13:12:00	6DCD12586353DC6307AC781045CA13A4	465320	----a-w-	C:\WINDOWS\Sysnative\WerFault.exe
2015-01-14 13:12:00	2C354FA91EF605007FD11BB89EED2266	413248	----a-w-	C:\WINDOWS\Sysnative\Faultrep.dll
2015-01-14 13:12:00	29A888F3136B2643E22113B5422B46F9	87040	----a-w-	C:\WINDOWS\Sysnative\TSWbPrxy.exe
2015-01-14 13:11:59	E24D3259769A0218FE19BB306821C2E5	394120	----a-w-	C:\WINDOWS\Sysnative\AUDIOKSE.dll
2015-01-14 13:11:59	D1E3B8D9130C70F6A3D4FDB52373FF34	37888	----a-w-	C:\WINDOWS\Sysnative\werdiagcontroller.dll
2015-01-14 13:11:59	A41B72F81B389786805CC4D5767B5FBC	531616	----a-w-	C:\WINDOWS\Sysnative\ci.dll
2015-01-14 13:11:59	9404704666256045F5BA9B290953B4D0	38264	----a-w-	C:\WINDOWS\Sysnative\WerFaultSecure.exe
2015-01-14 13:11:59	8779FDAE68BC948B0FE152E758CC8DA7	229888	----a-w-	C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll
2015-01-14 13:11:59	770BAA636F3B61DA7E414421444F84FD	272248	----a-w-	C:\WINDOWS\Sysnative\audiodg.exe
2015-01-14 13:11:59	6F237EE5DDA34EAF3D9C79D4A283E250	482872	----a-w-	C:\WINDOWS\Sysnative\AudioEng.dll
2015-01-14 13:11:59	61EA45A645854FE81D8A924E2D93DFFE	911360	----a-w-	C:\WINDOWS\Sysnative\audiosrv.dll
2015-01-14 13:11:59	428F083690D7AAA012338FD5A0663EE3	500016	----a-w-	C:\WINDOWS\Sysnative\AudioSes.dll
2015-01-14 13:11:59	41C501FD9D42F3F04A8532C73E09F356	108944	----a-w-	C:\WINDOWS\Sysnative\EncDump.dll
2015-01-14 13:11:59	0BCDEB035B9346D3C3C6C8BB1AA7F38C	139984	----a-w-	C:\WINDOWS\Sysnative\wermgr.exe
====== C:\WINDOWS\Sysnative\drivers =====
2015-01-14 13:12:00	F0CB6DB513CAC393D04A0FCE0A59E1BF	75776	----a-w-	C:\WINDOWS\Sysnative\drivers\ahcache.sys
2015-01-14 13:12:00	DB32958F0E704EFBF7F15161A569E39F	140800	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxdav.sys
2014-12-26 14:57:44	34DFB4ACF03D95A51021D341CAA4E1B5	31376	----a-w-	C:\WINDOWS\Sysnative\drivers\nvpciflt.sys
2014-12-26 14:57:42	ED4D88A04D22E6B00DB6BC8FACDBAFED	10345280	----a-w-	C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys
2014-12-26 14:46:54	DBFE7B2DF103F74AE51840B3C5F25FE9	38032	----a-w-	C:\WINDOWS\Sysnative\drivers\nvvad64v.sys
====== C:\WINDOWS\Tasks ======
2015-01-15 15:25:51	513D5EEBBD57381D460DFE9D9FA4881A	3018	----a-w-	C:\WINDOWS\Sysnative\Tasks\SlimComputer Run
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-01-19 13:56:26	--------	d-----w-	C:\Program Files\Enigma Software Group
======= C:\PROGRA~2 =====
2015-01-19 18:08:47	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-01-19 18:07:45	--------	d-----w-	C:\PROGRA~2\Java
2015-01-15 15:34:30	--------	d-----w-	C:\PROGRA~2\PrivaZer
2015-01-15 15:25:36	--------	d-----w-	C:\PROGRA~2\SlimComputer
======= C: =====
2015-01-19 13:57:44	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
====== C:\Users\gebruiker\AppData\Roaming ======
2015-01-19 18:24:06	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps
2015-01-15 15:34:32	--------	d-----w-	C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2015-01-15 15:34:30	--------	d-----w-	C:\Users\gebruiker\AppData\Local\PrivaZer
2015-01-15 15:25:48	--------	d-----w-	C:\Users\gebruiker\AppData\Local\SlimWare Utilities Inc
2015-01-12 15:14:28	--------	d-----w-	C:\Users\gebruiker\AppData\Local\PopcornTimeDesktop
2015-01-12 15:12:13	--------	d-----w-	C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-01-12 15:11:30	--------	d-----w-	C:\Users\gebruiker\AppData\Local\Popcorn Time
2015-01-12 15:11:02	--------	d-----w-	C:\Users\gebruiker\AppData\Local\node-webkit
====== C:\Users\gebruiker ======
2015-01-19 18:08:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-19 18:07:56	--------	d-----w-	C:\ProgramData\Oracle
2015-01-19 18:00:28	3A582BF6FD39DC6A52AAF316126B40BA	638888	----a-w-	C:\Users\gebruiker\Downloads\chromeinstall-8u25.exe
2015-01-19 15:55:05	6DD947991853486DE376C12FF20A42F7	709564	----a-w-	C:\Users\gebruiker\Downloads\delfix_10.8.exe
2015-01-19 13:57:00	--------	d-----w-	C:\Users\gebruiker\Start Menu
2015-01-19 13:54:24	B4CD9E8513C17C32224C70330A235296	3044736	----a-w-	C:\Users\gebruiker\Downloads\SpyHunter-Installer.exe
2015-01-19 11:25:06	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2015-01-15 15:34:31	--------	d-----w-	C:\ProgramData\privazer
2015-01-15 15:25:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimComputer
2015-01-15 15:25:26	--------	d-----w-	C:\Users\Public\Documents\Downloaded Installers
2015-01-15 13:44:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-01-12 15:14:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time

====== C: exe-files ==
2015-01-19 13:56:40	5F5BC9FC260F181C0390C09B960BE1F4	14680	----a-w-	C:\Program Files\Enigma Software Group\SpyHunter\native.exe
2015-01-19 13:56:28	8621D971971592A27D80EA8A820A07CE	1025920	----a-w-	C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
2015-01-19 13:56:28	633BB002E3061041EE6B1D3136E773E7	7580544	----a-w-	C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
=== C: other files ==
2015-01-19 18:08:12	CE44A9D4918DCDC7CCCF5503BF4D7A3D	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip
2015-01-19 13:57:44	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
2015-01-19 13:56:40	633BB002E3061041EE6B1D3136E773E7	7580544	----a-w-	C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.com
2015-01-19 13:56:37	7AEC5E76816178BF6C543A155D8208B6	15920	----a-w-	C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
2015-01-19 13:56:30	3B32CAA07D672F8A2E0DF5CB3A873F45	22704	----a-w-	C:\Program Files\Enigma Software Group\SpyHunter\EsgScanner.sys
2015-01-19 13:56:08	12C08317467B2B6AF04BB233B0A027B2	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2035609657-2241805967-4120172649-1002\$I33XU9F.zip
2015-01-17 20:19:56	AFEAEBD1D5E40FB40B2CF5C09DDD289A	21344	----a-w-	C:\Users\gebruiker\Downloads\Pretty Little Liars_5x15_HDTV.LOL.en.zip
2015-01-16 21:14:13	962AC97BA2737832F3233916D7C56494	201	----a-w-	C:\Users\gebruiker\AppData\Local\Popcorn Time\node_modules\nw-gyp\gyp\gyp.bat
2015-01-16 21:14:13	44EAB3875BBF898CD5164BA58FB5F7B9	196	----a-w-	C:\Users\gebruiker\AppData\Local\Popcorn Time\node_modules\nw-gyp\gyp\samples\samples.bat
2015-01-15 15:35:50	8B7D4D50E8A4E5C38583F30182894F3C	301	----a-w-	C:\Users\gebruiker\AppData\Local\PrivaZer\data_patch.tmp.doc.zip
2015-01-14 13:12:00	F0CB6DB513CAC393D04A0FCE0A59E1BF	75776	----a-w-	C:\Windows\System32\drivers\ahcache.sys
2015-01-14 13:12:00	DB32958F0E704EFBF7F15161A569E39F	140800	----a-w-	C:\Windows\System32\drivers\mrxdav.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2035609657-2241805967-4120172649-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE /EPT EPLTarget\P0000000000000000 /M XP-302 303 305 306 Series /EF HKCU"
"Spotify"="C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S"
"PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup"
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe /hide"
"Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s"
"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIIKE.EXE /EPT EPLTarget\P0000000000000000 /M XP-302 303 305 306 Series /EF HKCU"
"Spotify"="C:\Users\gebruiker\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"BtTray"="C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="?�o, C:\\Windows\\system32\\nvinitx.dll, C:\\WINDOWS\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASLDRService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASUS InstantOn]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AtherosSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ATKGFNEXSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdAndroidSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdLogRotatorSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cphs]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EpsonCustomerResearchParticipation]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) Capability Licensing Service Interface]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Intel(R) ME Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\jhi_service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMScheduler]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\McComponentHostService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NvNetworkService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NvStreamSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\nvsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ZAtheros Bt and Wlan Coex Agent]


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-01-2014 21:00]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-01-2014 21:00]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe"]
"C:\WINDOWS\SysNative\tasks\SlimComputer Run" ["C:\Program Files (x86)\SlimComputer\SlimComputer.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5051A2B2-1CFE-4FBB-8DCC-859EBF622850}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Windows Update" [C:\Users\gebruiker\AppData\Local\32138782-9AE5-4CC7-9C0F-26E8B000E0A1\svchost.exe]
"C:\WINDOWS\SysNative\tasks\Norton Family\Norton Error Analyzer" [C:\Program Files (x86)\Norton Family\Engine\2.9.5.26\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Family\Norton Error Processor" [C:\Program Files (x86)\Norton Family\Engine\2.9.5.26\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.6.0.32\coFFPlgn" [19-01-2015 17:08]

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.99 (Up to date, latest Stable version: 39.0.2171.99)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eblihieomkjeiobglmnbmidkajdcfkpa - No path found[]
iikflkcanblccfahdhdonehdalibjnif - No path found[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx[20-09-2014 09:52]

Google Docs - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
TweetDeck by Twitter - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl
Norton Identity Safe - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Google Wallet - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1639 folders=302 220590605 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\gebruiker\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001" not found

==== EOF on ma 19-01-2015 at 19:36:37,08 ======================