
Zoek.exe v5.0.0.0 Updated 21-09-2015
Tool run by Leo on di 22/09/2015 at 14:20:16,90.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rita\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

22/09/2015 14:22:24 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~3\Office2013 deleted successfully
C:\Users\Rita\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Rita\AppData\Local\EmieSiteList deleted successfully
C:\Users\Rita\AppData\Local\EmieUserList deleted successfully
C:\Users\Rita\AppData\Local\LSC deleted successfully
C:\Users\Rita\AppData\Local\PackageStaging deleted successfully
C:\Users\Rita\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\New Folder not found
C:\Users\Public\Pokki deleted
C:\PROGRA~3\eBay deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk deleted
C:\windows\SysNative\config\systemprofile\Searches deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\Rita\AppData\Local\Temp ====
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2015-09-16 16:03:16	92F70A87793C9CE2F8D9B8141B10E2DF	4068352	----a-w-	C:\windows\SysWOW64\d2d1.dll
2015-09-16 16:02:55	F895850807E42A73F3C3791DF841C479	1499920	----a-w-	C:\windows\SysWOW64\ntdll.dll
2015-09-16 16:02:55	AEC3471F4ABB8E13B5246E93A8FA98AB	561664	----a-w-	C:\windows\SysWOW64\nshwfp.dll
2015-09-16 16:02:55	9064FD3D77F14A8ECD285086E4DE05E8	507176	----a-w-	C:\windows\SysWOW64\advapi32.dll
2015-09-16 16:02:55	66BA7437F48833EA0D8F10EE1E7A43AA	272384	----a-w-	C:\windows\SysWOW64\FWPUCLNT.DLL
2015-09-16 16:02:55	39D7164FA89DC59C4E496121F6025D6F	862720	----a-w-	C:\windows\SysWOW64\KernelBase.dll
2015-09-16 16:02:47	E3ED5B5BA03A80952DCB253587762DE3	536576	----a-w-	C:\windows\SysWOW64\hhctrl.ocx
2015-09-16 16:02:35	CBF3CFC9EE1FD29707D95C63A5E7A78B	19808	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 16:02:35	C1096DA4634AD3356A10C00B24F53393	22368	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 16:02:35	B23936CF83DAC4B64660A88711B5234A	12128	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-16 16:02:35	9F9FE5F52E9B2AD655C896B849883B1A	12128	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-16 16:02:35	9D66FCC681389EC619D4E801F1DDBB2F	17760	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 16:02:35	94FEB4417CF3E39C8C58A1B73620687E	66400	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 16:02:35	8E534F49C77D787DB69BABFF931A497A	12640	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-16 16:02:35	85CEBA9A21CE5D51B35EF2DE9EBFBAC4	12128	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-16 16:02:35	73CED8B30963E54D262DAE2559116E46	13664	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 16:02:35	6C7F782FDBF9AEFFE7663FA1579A610E	17760	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 16:02:35	5B55E9A1360A6C52CC988DA6804D6CA2	901264	----a-w-	C:\windows\SysWOW64\ucrtbase.dll
2015-09-16 16:02:35	4669249FB01EA369C7FD40A530966FA1	12640	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 16:02:35	408019E57D3D2DA62A9F28389EED0AC1	16224	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 16:02:35	39F9D0F1B698D53D78C79576C7C60526	14176	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 16:02:35	33E8CCBE05123C8146CD16293B688417	15712	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 16:02:35	00A0A24BB2E9AADE11494B627EB164C4	12640	----a-w-	C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-09-09 10:01:40	7A88A2F50CC53DF2DDCA544B4A58F95C	1556992	----a-w-	C:\windows\SysWOW64\msxml3.dll
2015-09-09 10:01:40	2D2C20DF59F51A8EEA12F3D6DE2E7D9B	1903848	----a-w-	C:\windows\SysWOW64\msxml6.dll
2015-09-09 09:45:37	0C0F9AAF13415DE6C9F73FF7BEF88314	230912	----a-w-	C:\windows\SysWOW64\InkEd.dll
2015-09-09 09:45:32	164FE7DB9C7819F2F60A33F9BADD3B99	19856384	----a-w-	C:\windows\SysWOW64\mshtml.dll
2015-09-09 09:45:30	DA36D4C0F6EF1C3A3FD848BB7A88A728	12857344	----a-w-	C:\windows\SysWOW64\ieframe.dll
2015-09-09 09:45:29	7FE6E42911FCD9EA43AC111558E794C1	4520448	----a-w-	C:\windows\SysWOW64\jscript9.dll
2015-09-09 09:45:28	C2CDCD4EFD66AF2DE22EBB1EDAD70A92	2279424	----a-w-	C:\windows\SysWOW64\iertutil.dll
2015-09-09 09:45:28	9BCDFFECF276DBFB1EC8E2D3DD038E00	1951232	----a-w-	C:\windows\SysWOW64\wininet.dll
2015-09-09 09:45:28	912A76E83F974A8EE728A109C9905685	504832	----a-w-	C:\windows\SysWOW64\vbscript.dll
2015-09-09 09:45:28	21FA5416257D628DE9100B22C6F4E011	665600	----a-w-	C:\windows\SysWOW64\jscript.dll
2015-09-09 09:45:26	DB87011A9EA9E44EB716C472E09921F8	1310720	----a-w-	C:\windows\SysWOW64\urlmon.dll
2015-09-09 09:45:26	A030A4D208BB0FEA97702F56A75CE7D2	2052608	----a-w-	C:\windows\SysWOW64\inetcpl.cpl
2015-09-09 09:45:26	59C13F923C30AE909129C1B28139E32B	327168	----a-w-	C:\windows\SysWOW64\iedkcs32.dll
2015-09-09 09:45:25	BD197D0865A8C858BB9AB153D5B22EF7	230400	----a-w-	C:\windows\SysWOW64\webcheck.dll
2015-09-09 09:45:25	97B61B2A69D381FB4B354A742D77438A	880128	----a-w-	C:\windows\SysWOW64\inetcomm.dll
2015-09-09 09:45:25	7282DBD37A639459F907B8C9307D1041	710144	----a-w-	C:\windows\SysWOW64\ieapfltr.dll
2015-09-09 09:45:25	12051337325500C8E68ADDE4E3706908	689152	----a-w-	C:\windows\SysWOW64\msfeeds.dll
2015-09-09 09:45:13	F1BB02F06DF4A6D37508A65E0A2EE881	301568	----a-w-	C:\windows\SysWOW64\atmfd.dll
2015-09-09 09:45:13	A81B57D0157AC51C312BADB2D7153252	520192	----a-w-	C:\windows\SysWOW64\SettingSync.dll
2015-09-09 09:45:13	78FE64758E3396A13EE8CBE0EF435B32	35840	----a-w-	C:\windows\SysWOW64\atmlib.dll
2015-09-09 09:45:13	70C34F5CC9B0E51B87C417FB65C120F9	1546752	----a-w-	C:\windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 09:45:13	560120EE098272BF187C9FC470F290FA	2461184	----a-w-	C:\windows\SysWOW64\authui.dll
2015-09-09 09:45:13	4615D4A2D7990F604130002F48EE0B87	148480	----a-w-	C:\windows\SysWOW64\shacct.dll
2015-09-09 09:45:12	F418F268721B183BB5C42DFA23D9D9C2	359936	----a-w-	C:\windows\SysWOW64\taskeng.exe
2015-09-09 09:45:12	9FA27757540B4AAD5EDAAEE1E1D33FA9	182784	----a-w-	C:\windows\SysWOW64\schtasks.exe
2015-09-09 09:45:12	2EE41D7C3CE1F2574DAF1FA72AD8564B	65600	----a-w-	C:\windows\SysWOW64\appidapi.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2015-09-17 01:30:11	1AA44760FF8C145BA1CD0359E0D55320	306	----a-w-	C:\windows\Sysnative\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2015-09-16 16:03:17	F650501012976E0FED6FA458F0DC77FA	1487008	----a-w-	C:\windows\Sysnative\winresume.efi
2015-09-16 16:03:17	B6B719B6B0B9D61AC5EA28F45CCD6F43	1355848	----a-w-	C:\windows\Sysnative\winresume.exe
2015-09-16 16:03:17	62296CC86C8E00A4B528A9B1436960FB	1519592	----a-w-	C:\windows\Sysnative\winload.exe
2015-09-16 16:03:17	1060B61816096D55728CDF60B6969D72	1658544	----a-w-	C:\windows\Sysnative\winload.efi
2015-09-16 16:03:16	7E573742DFD7452474D8113DD2BB8C47	4710400	----a-w-	C:\windows\Sysnative\d2d1.dll
2015-09-16 16:02:55	DA28CCE042932C653E392DBF5E355BA8	686960	----a-w-	C:\windows\Sysnative\advapi32.dll
2015-09-16 16:02:55	AE3054F207A35B6C6C7E291F40B54077	1134752	----a-w-	C:\windows\Sysnative\KernelBase.dll
2015-09-16 16:02:55	A2BA40C2ECCFE8281C608F65303AFBF9	1736520	----a-w-	C:\windows\Sysnative\ntdll.dll
2015-09-16 16:02:55	8F2AD111B47A190F325EE7495D3C1803	845312	----a-w-	C:\windows\Sysnative\BFE.DLL
2015-09-16 16:02:55	4D3905777E83DA8C466344797F02EBA5	422400	----a-w-	C:\windows\Sysnative\FWPUCLNT.DLL
2015-09-16 16:02:55	2DA8D165A37833EF0C60FEC24D4DF66A	713216	----a-w-	C:\windows\Sysnative\nshwfp.dll
2015-09-16 16:02:55	1EF41003FADB93DC4170803D70C63A9E	1084928	----a-w-	C:\windows\Sysnative\IKEEXT.DLL
2015-09-16 16:02:55	06E5556D9FF001F0E6428975A1BB883E	7460168	----a-w-	C:\windows\Sysnative\ntoskrnl.exe
2015-09-16 16:02:47	0ADF17C3A81FDB3DE666B872349C4CCE	669184	----a-w-	C:\windows\Sysnative\hhctrl.ocx
2015-09-16 16:02:35	F97E7878A2B372291B1269D80327BBF6	12640	----a-w-	C:\windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 16:02:35	ED14B64C94F543974B7FDC592FA0594B	12640	----a-w-	C:\windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll
2015-09-16 16:02:35	ECCF5973B80D771A79643732017CEA9A	17760	----a-w-	C:\windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 16:02:35	E9F6D776545843A9817D8ACF38D06D09	19808	----a-w-	C:\windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 16:02:35	CC337898E64D9078CB697AC19F995C7F	12128	----a-w-	C:\windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll
2015-09-16 16:02:35	BBAE7B5436D6D1B0FC967FF67E35415F	16224	----a-w-	C:\windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 16:02:35	AF851DFD0D9FECB76FF2B403F3C30F5B	12128	----a-w-	C:\windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll
2015-09-16 16:02:35	761DDD8669A661D57D9CF9C335949C06	12128	----a-w-	C:\windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll
2015-09-16 16:02:35	6631C212F79350458589A5281374B38B	12640	----a-w-	C:\windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll
2015-09-16 16:02:35	653CB5DF3CEC6A4A0E402B33D8AA5C08	63840	----a-w-	C:\windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 16:02:35	56556659C691DD043DBE24B0A195D64C	20832	----a-w-	C:\windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 16:02:35	53E9526AF1FDCE39F799BFE9217397A8	17760	----a-w-	C:\windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 16:02:35	2381E189321EAD521FF71E72D08A6B17	984448	----a-w-	C:\windows\Sysnative\ucrtbase.dll
2015-09-16 16:02:35	1908861649E67CDC20C563C234A89914	15712	----a-w-	C:\windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 16:02:35	0F143310FADE4DE116070A3917A79C18	13664	----a-w-	C:\windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 16:02:35	090DD0BB2BDDEE3EAAE5B6FF15FAE209	14176	----a-w-	C:\windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 16:02:35	0813B71EAF097208DC76CE0605B48AF0	74752	----a-w-	C:\windows\Sysnative\NcdAutoSetup.dll
2015-09-09 10:01:40	C2840E77C27B5F90F60F5C3CAE8787A7	2531400	----a-w-	C:\windows\Sysnative\msxml6.dll
2015-09-09 10:01:40	54FCD2135049B5121BD8879E220E773A	2345472	----a-w-	C:\windows\Sysnative\msxml3.dll
2015-09-09 09:45:37	5AA5D3EE2A87385B6E567D6B48B13A84	268288	----a-w-	C:\windows\Sysnative\InkEd.dll
2015-09-09 09:45:35	B73856CE663B16B980D635922B6A5EA6	25188352	----a-w-	C:\windows\Sysnative\mshtml.dll
2015-09-09 09:45:30	06A02C37847A859E10EACE1A9032387C	14451712	----a-w-	C:\windows\Sysnative\ieframe.dll
2015-09-09 09:45:29	CC4D00C985EC6E0F67EE3CF69FABAC4B	2886144	----a-w-	C:\windows\Sysnative\iertutil.dll
2015-09-09 09:45:29	13FAD8FFBB0E85761B42594FDAE425F7	5923840	----a-w-	C:\windows\Sysnative\jscript9.dll
2015-09-09 09:45:28	9D7B2EBCE72DBF36A8B502ED7FF230A7	817664	----a-w-	C:\windows\Sysnative\jscript.dll
2015-09-09 09:45:28	1F3DBB57E9EAC4E4BDD4DD523EEAC701	1545728	----a-w-	C:\windows\Sysnative\urlmon.dll
2015-09-09 09:45:28	096A832FCF5A01003E96DD7FEE45618D	2427392	----a-w-	C:\windows\Sysnative\wininet.dll
2015-09-09 09:45:27	F6EA92A7954C4BE5916BD791F1B2FA3F	720384	----a-w-	C:\windows\Sysnative\ie4uinit.exe
2015-09-09 09:45:27	C3BBD7A0B4E8E4208E8C88D9D4D0E835	585216	----a-w-	C:\windows\Sysnative\vbscript.dll
2015-09-09 09:45:27	504D90662FEFEF8EA6E19BFE5C10229C	2126336	----a-w-	C:\windows\Sysnative\inetcpl.cpl
2015-09-09 09:45:27	2ED806192EEB92E963B30B250F946C04	374784	----a-w-	C:\windows\Sysnative\iedkcs32.dll
2015-09-09 09:45:25	FCE64E50B3E81A69C1CA767015AA1917	800768	----a-w-	C:\windows\Sysnative\ieapfltr.dll
2015-09-09 09:45:25	F5886DC6A5386A1EC938C93A40554C15	801280	----a-w-	C:\windows\Sysnative\msfeeds.dll
2015-09-09 09:45:25	C5760EA4180AD13CF49F04D2E806DE8F	1032704	----a-w-	C:\windows\Sysnative\inetcomm.dll
2015-09-09 09:45:25	B0ED8AEF452E9294E73C0C70BD301A4F	262144	----a-w-	C:\windows\Sysnative\webcheck.dll
2015-09-09 09:45:13	FA3A2F366A8D4A2BFE2FBD6BF99D8BD2	2775552	----a-w-	C:\windows\Sysnative\authui.dll
2015-09-09 09:45:13	F5A987C9AE37B5A0E596FD6C61B2786E	194048	----a-w-	C:\windows\Sysnative\shacct.dll
2015-09-09 09:45:13	D29E5AA3BDB179B68BB80918008B6D55	655872	----a-w-	C:\windows\Sysnative\SettingSync.dll
2015-09-09 09:45:13	BB13532E840F4B6842E789DDA8382FE2	358912	----a-w-	C:\windows\Sysnative\atmfd.dll
2015-09-09 09:45:13	452F2B00E71FB1B216957539D15F3159	4175872	----a-w-	C:\windows\Sysnative\win32k.sys
2015-09-09 09:45:13	447B30071910564528542F80343C74CB	44032	----a-w-	C:\windows\Sysnative\atmlib.dll
2015-09-09 09:45:13	3D50654EB342ED42EDA48F4CD8EF82B1	1728000	----a-w-	C:\windows\Sysnative\Windows.UI.Immersive.dll
2015-09-09 09:45:12	A21AC8D41E63CF1AA24EBC165AE82C9A	468992	----a-w-	C:\windows\Sysnative\taskeng.exe
2015-09-09 09:45:12	88358135810B9DFD830A9D3A8C3D149A	39936	----a-w-	C:\windows\Sysnative\appidsvc.dll
2015-09-09 09:45:12	3F44A679845792E68F1A6FDA59309E92	74928	----a-w-	C:\windows\Sysnative\appidapi.dll
2015-09-09 09:45:12	3151A020E03DDE31AAC49F35C5EFB4DB	1265152	----a-w-	C:\windows\Sysnative\schedsvc.dll
2015-09-09 09:45:12	2E9E198247BF0E9BD94B42286798A5AC	229376	----a-w-	C:\windows\Sysnative\schtasks.exe
====== C:\windows\Sysnative\drivers =====
2015-08-27 16:20:10	CEFA6BDB4789F3DA003ACBDCC64F5877	3797424	----a-w-	C:\windows\Sysnative\drivers\igdkmd64.sys
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-09-01 09:37:32	--------	d-----w-	C:\PROGRA~2\VS Revo Group
======= C: =====
====== C:\Users\Rita\AppData\Roaming ======
2015-08-29 06:18:16	1C71395D8A668E6B2A073F0B14D24B98	3584	----a-w-	C:\Users\Rita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
====== C:\Users\Rita ======
2015-09-22 09:32:24	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rita\Downloads\RSITx64.exe
2015-09-22 09:17:00	--------	d-----w-	C:\windows\serviceprofiles\Localservice\winhttp

====== C: exe-files ==
2015-09-22 09:32:24	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rita\Downloads\RSITx64.exe
2015-09-16 16:17:57	5756C4DE80A7C27366DED14CA6284971	2480880	----a-w-	C:\Windows\LastGood.Tmp\system32\IntelWiDiVAD64.exe
2015-09-16 16:17:57	4BFCBC4BA7D185C1491F51494E6BAD9C	418704	----a-w-	C:\Windows\LastGood.Tmp\system32\IntelWiDiUMS64.exe
2015-09-16 16:17:25	797CB5E9F3BDACF2A54F44E665669E87	193936	----a-w-	C:\Windows\LastGood.Tmp\system32\igfxext.exe
2015-09-16 16:17:24	AA7644A731A192660A0619325618F3CE	546704	----a-w-	C:\Windows\LastGood.Tmp\system32\DPTopologyApp.exe
2015-09-16 16:17:24	A9C8F094A0D61505C9D2C6EFBCD5DA3E	546192	----a-w-	C:\Windows\LastGood.Tmp\system32\DPTopologyAppv2_0.exe
2015-09-16 16:17:24	A923F9AA853AFB3E1C779C6696E344D2	246672	----a-w-	C:\Windows\LastGood.Tmp\system32\igfxHK.exe
2015-09-16 16:17:24	9938BD08B8D2EF59A49A992B4EB56A8D	400272	----a-w-	C:\Windows\LastGood.Tmp\system32\CustomModeApp.exe
2015-09-16 16:17:24	308CC174A7E42C8EBF41C68228D59E6B	399760	----a-w-	C:\Windows\LastGood.Tmp\system32\CustomModeAppv2_0.exe
2015-09-16 16:17:23	C814D4A0B7B91E936B2DC0828C69ACAB	319376	----a-w-	C:\Windows\LastGood.Tmp\system32\igfxCUIService.exe
2015-09-16 16:17:23	8EC9EF60E24E88DC5DC74D305925E2CF	448912	----a-w-	C:\Windows\LastGood.Tmp\system32\igfxTray.exe
2015-09-16 16:17:22	6A10F75CFFCEFB5060C468E60352D101	4354448	----a-w-	C:\Windows\LastGood.Tmp\system32\Gfxv4_0.exe
2015-09-16 16:17:22	30F017B09C0E5571497E7E03CA8A9B73	4350864	----a-w-	C:\Windows\LastGood.Tmp\system32\Gfxv2_0.exe
2015-09-16 16:17:21	F736D121FF053AF9E860B91912E4D6F1	504208	----a-w-	C:\Windows\LastGood.Tmp\system32\igfxEM.exe
2015-09-16 16:17:21	148E93FEBFCF6A443D40510B0AB5F9FE	932752	----a-w-	C:\Windows\LastGood.Tmp\system32\GfxUIEx.exe
2015-09-16 16:17:20	45304967A5F95E7972F8FC32A0D3DCE1	155536	----a-w-	C:\Windows\LastGood.Tmp\system32\difx64.exe
2015-09-16 16:17:19	D8724B606616B2B75AF54096119580F5	281488	----a-w-	C:\Windows\LastGood.Tmp\SysWow64\IntelCpHeciSvc.exe
2015-09-16 16:03:17	B6B719B6B0B9D61AC5EA28F45CCD6F43	1355848	----a-w-	C:\Windows\System32\winresume.exe
2015-09-16 16:03:17	B6B719B6B0B9D61AC5EA28F45CCD6F43	1355848	----a-w-	C:\Windows\System32\Boot\winresume.exe
2015-09-16 16:03:17	62296CC86C8E00A4B528A9B1436960FB	1519592	----a-w-	C:\Windows\System32\winload.exe
2015-09-16 16:03:17	62296CC86C8E00A4B528A9B1436960FB	1519592	----a-w-	C:\Windows\System32\Boot\winload.exe
2015-09-16 16:03:17	2191719D07C8F474BBD83624103D780A	1193288	----a-w-	C:\Windows\Boot\PCAT\memtest.exe
2015-09-16 16:02:55	06E5556D9FF001F0E6428975A1BB883E	7460168	----a-w-	C:\Windows\System32\ntoskrnl.exe
=== C: other files ==
2015-09-17 01:30:11	1AA44760FF8C145BA1CD0359E0D55320	306	----a-w-	C:\Windows\System32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2015-09-16 16:18:18	56BF61A0F2CB461DFC78AC5260739D5C	449528	----a-w-	C:\Windows\LastGood.Tmp\system32\DRIVERS\IntcDAud.sys
2015-09-16 16:17:15	076023219E918D34585B231029A44571	3828152	----a-w-	C:\Windows\LastGood.Tmp\system32\DRIVERS\igdkmd64.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-650239505-3546471908-3324621700-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"="C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"UpdateP2GShortCut"="C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Lenovo\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\5.0"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Energy Management"="C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"EnergyUtility"="C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/09/2015 11:40]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\PDVDServ Task" [C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE]
"C:\windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"]
"C:\windows\SysNative\tasks\User_Feed_Synchronization-{DAFF17FC-7934-4CE9-9E3E-5BBA695F2FBE}" [C:\windows\system32\msfeedssync.exe]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\windows\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe]
"C:\windows\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe]
"C:\windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\windows\SysNative\tasks\Lenovo\LSC\RebootCountTask" ["C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe"]
"C:\windows\SysNative\tasks\Lenovo\LSC\Time72Task" ["C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe"]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\xqboig2v.default
user_pref("browser.startup.homepage", "http://www.msn.com/nl-be/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22/09/2015 11:15]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\xqboig2v.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\xqboig2v.default
EC55112EDB2CE5BC2BFCACDB9C2150F4	- C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll -	Shockwave Flash
1A62BB86D17B8DC0D4339BACC8D60635	- C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll -	Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[10/04/2015 14:17]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10/04/2015 14:17]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/nl-be/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{B7A6385D-CCEC-447C-931E-80EFBE823F64}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/nl-be/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{B7A6385D-CCEC-447C-931E-80EFBE823F64} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-650239505-3546471908-3324621700-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B7A6385D-CCEC-447C-931E-80EFBE823F64} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7A6385D-CCEC-447C-931E-80EFBE823F64} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7A6385D-CCEC-447C-931E-80EFBE823F64} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rita\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rita\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rita\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Rita\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Rita\AppData\Local\Mozilla\Firefox\Profiles\xqboig2v.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5623 folders=111 250256618 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Rita\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Rita\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on di 22/09/2015 at 16:29:49,55 ======================