Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Gebruiker on vr 04/03/2016 at 13:24:46,88. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 4/03/2016 13:30:33 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\PROGRA~3\WinZip deleted successfully C:\Users\Gebruiker\AppData\Local\ActiveSync deleted successfully C:\Users\Gebruiker\AppData\Local\NetworkTiles deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdc9b2b6-5796-4d44-bc7a-2fa644057d7f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\oldsearch deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Mgr SearchKnow deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Mccspsvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Service Mgr SearchKnow deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdc9b2b6-5796-4d44-bc7a-2fa644057d7f}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gameo"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Common Files\McAfee not found C:\Program Files (x86)\Common Files\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42 deleted C:\Program Files (x86)\McAfee deleted C:\Users\Gebruiker\AppData\Roaming\Gameo deleted C:\ProgramData\McAfee deleted C:\PROGRA~2\PC Speed Maximizer deleted C:\PROGRA~2\Search Know deleted C:\Users\Public\Pokki deleted C:\PROGRA~3\Package Cache deleted C:\Users\Gebruiker\AppData\Local\Gameo deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url deleted C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo deleted C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk deleted C:\windows\SysNative\GroupPolicy\machine deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\PluginContainer.bak" deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\PluginContainer.bak" deleted "C:\PROGRA~3\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\PluginContainer.bak" deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3\Plugin.exe" not deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3\Plugin.exe" not deleted "C:\PROGRA~3\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3\Plugin.exe" not deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42" not deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42" not deleted "C:\PROGRA~3\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42" not deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins" not deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3" not deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins" not deleted "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3" not deleted "C:\PROGRA~3\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins" not deleted "C:\PROGRA~3\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3" not deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-02-24 16:41:30 95D730526EF81792CD6848D8D10FAA1C 4502352 ----a-w- C:\WINDOWS\explorer.exe 2016-02-24 16:37:26 9A4721C52C4746019879D9F8033DCA00 52184 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-02-24 16:42:12 D44345210CAC304817FAFBD4F0671E2C 6971752 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-02-24 16:42:06 8FA6855FCD9F683BC6761B97F7F48408 13018624 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-02-24 16:41:54 A1EB9EF86954DF012BD3A48803DB36C8 6297088 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-02-24 16:41:52 A898C851127646F4F657BBC7CD9DB987 19339776 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-24 16:41:46 0FAFB579F8D0DD97D62EAF87AE552B03 21124344 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-02-24 16:41:44 8B9DDC7866BD9B1A502D000D39CD40E3 5242496 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-24 16:41:43 1C22BFBABCF389F2A985A32C01819467 5202944 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-02-24 16:41:42 104ED5E318C5EED6178BE9F4B4E1E5A2 4759040 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll 2016-02-24 16:41:40 01BFC0BC4D4986C7911B5A120E0EAC7B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-02-24 16:41:38 3B0CA32C396D84B4D3984177EA615F07 12125696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-24 16:41:35 E6EE0236D61AE1B946B9FE7F059C694F 5662208 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-24 16:41:35 AFA5A77BB7F6FEFBDB9CAE34D3A215CF 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2016-02-24 16:41:35 848606B6742D80BF6A7DD30E580BA7A9 1626624 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2016-02-24 16:41:34 8098C092B1C51D918C7FD17A0BC1B93A 18678272 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-24 16:41:31 53F74B2F4AEA9C6A7BB9DABDCC3C7431 613888 ----a-w- C:\WINDOWS\SysWOW64\winhttp.dll 2016-02-24 16:41:30 A680339559FBC02BC0854D73DDE85C7B 1174008 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll 2016-02-24 16:41:29 5E312BF7E912AAE9DA472B0027C4B8A9 709688 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2016-02-24 16:41:28 FBF8BBB141504F661FA7F6864D95C16B 2230784 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-02-24 16:41:27 FCBCED2A237DCD7EF86CED551B731742 4064320 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-02-24 16:41:27 86128937B83E51BF543CBCB854AE4FFC 405568 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2016-02-24 16:41:27 2003BE1653553FBC9D809BA40AEE4D68 1542656 ----a-w- C:\WINDOWS\SysWOW64\quartz.dll 2016-02-24 16:41:24 F29FE67D93D1EC698D8FE7B0A5BB32F1 1542816 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-24 16:41:24 CBE2DFB96C188DC8913B0CCBFA50C2FF 1824264 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2016-02-24 16:41:24 52C8B2C9A9F61F2F1BE133E6015FA288 2919320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-24 16:41:23 DDC479FA1A36285BFC1EF25B547403C3 273408 ----a-w- C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-02-24 16:41:23 7FCEAC6F67C822B63306D1F6CB8B8A4B 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-24 16:41:23 5814754D92DBD471D5AB7437B20EE3F0 687616 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-02-24 16:41:22 8A26A15B852AF385469AD62865CCAE7F 2050048 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-02-24 16:41:21 838A36729CEC0E27D760AFE625104BB6 1557776 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-24 16:41:21 4A49EC3B4063CC569134D2BA64FA5022 350720 ----a-w- C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-02-24 16:41:20 3F8B09A6D234877025A5EBECF9151F58 162816 ----a-w- C:\WINDOWS\SysWOW64\MTF.dll 2016-02-24 16:41:19 B44BC5CC78CF476028D1939A7712BD93 652312 ----a-w- C:\WINDOWS\SysWOW64\evr.dll 2016-02-24 16:41:19 7D81335F3FCD9C37DE3C8C9989428C99 431240 ----a-w- C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-02-24 16:41:19 3A280280AEA583EAB0375C330F7A6CE9 335872 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-02-24 16:41:18 A9EEEFE4CFF7EEA891C77169A4C43D0A 295264 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-24 16:41:17 FAA5A3DE34FD44C220691C4527E88453 157696 ----a-w- C:\WINDOWS\SysWOW64\SimCfg.dll 2016-02-24 16:41:17 B3A8463C47E0E7007382A12176ACBD46 200704 ----a-w- C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-02-24 16:41:17 559358D3C39A1EC0D944714C32FAD582 799744 ----a-w- C:\WINDOWS\SysWOW64\rasdlg.dll 2016-02-24 16:41:17 1C1DC38D8D6E075DE06ED174B9E81FE9 535040 ----a-w- C:\WINDOWS\SysWOW64\rastls.dll 2016-02-24 16:41:16 00ECC00ED8713D7FDE30323237C5CAEF 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-24 16:41:13 8880848DC5DEE8BF8FE34DBC57C5655C 129024 ----a-w- C:\WINDOWS\SysWOW64\SimAuth.dll 2016-02-24 16:41:13 6EB3A9117D1849AE452110A2C66CC411 820704 ----a-w- C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-24 16:41:12 650A2E42A8965FEEF24105EF3D19780B 510976 ----a-w- C:\WINDOWS\SysWOW64\wlidcli.dll 2016-02-24 16:41:10 A589CD44BDB433F727EE84792FCCF0C0 87040 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-02-24 16:41:10 9797BB52F1943B78CD245B41AE833E1F 653312 ----a-w- C:\WINDOWS\SysWOW64\rasapi32.dll 2016-02-24 16:41:09 F02A0D9F011212BC96B6DEF4F0E42AE9 1504768 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-24 16:41:07 A60B02C7D70EEBF8E362BA5C06339177 366224 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-02-24 16:41:06 F7169F42A954DEAD789529859921BD36 81112 ----a-w- C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-24 16:41:05 F87C928A9C09611670BBF6533281003C 162816 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-24 16:41:04 DBE39E4BDCC3D8F49A2B0277652120D0 41984 ----a-w- C:\WINDOWS\SysWOW64\pcaui.exe 2016-02-24 16:41:03 0B247775E6D85763E490BAE3B7CE0CB9 31232 ----a-w- C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-24 16:41:01 AD18802933E2F0BD9FDE02FF35D8AEC3 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-24 16:41:01 5A414B58FE411CC4F3F84CE0ABDB68F3 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-02-24 16:41:00 CF17C8CA575EC10ACDE1671CDED01B73 17408 ----a-w- C:\WINDOWS\SysWOW64\rasautou.exe 2016-02-24 16:41:00 0FC0E3CA4D36EB8A3BC1BA48436C1645 63488 ----a-w- C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-24 16:40:58 F7F4D3C8F419097D5219C80B811978A9 203264 ----a-w- C:\WINDOWS\SysWOW64\iassam.dll 2016-02-24 16:40:57 EC0F9E1BF64F2162F232C072BB1D6768 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-24 16:40:57 529D8C676C042EC2E6930221F81C1A4A 99840 ----a-w- C:\WINDOWS\SysWOW64\hlink.dll 2016-02-24 16:40:56 4A2AD2C3B186FFE8EFE4DC7AB492F73E 79360 ----a-w- C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-02-24 16:40:55 B7B67257F01B0B814066F245DAD34367 93696 ----a-w- C:\WINDOWS\SysWOW64\winbio.dll 2016-02-24 16:40:55 96D60277EF8CB48BD3D920298C9D7F83 11776 ----a-w- C:\WINDOWS\SysWOW64\rastlsext.dll 2016-02-24 16:40:55 3ADA661523773B1A461CCA2BB1E4478B 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-24 16:40:55 27C3814755F5078A06B3B95CC6BAD111 13312 ----a-w- C:\WINDOWS\SysWOW64\rasadhlp.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-02-24 16:42:11 E74825BF1F94A7B360FBF5CBE1FE7517 8728920 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll 2016-02-24 16:42:09 4844C11E00F0ED6100B3375C216BFB49 24603136 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-02-24 16:42:08 1CA392E9520D8B86CFC484DE04B39F55 22394368 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-02-24 16:42:05 3D6CDEB19DE3D9FD55533C28ED664EA0 22564328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-02-24 16:42:02 4F0263646FF401695E0C14FE81D3E6A5 16986112 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-02-24 16:41:53 186B00E5849DA43B2CEF58252105F3CE 5503488 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll 2016-02-24 16:41:51 3FDFB93023689FBA65741B9D92C2D75A 7979008 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-02-24 16:41:49 5CADC12CD7D8C21952AF932EFD1707B7 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-02-24 16:41:49 3BFD141B784459A10F1DA623B7BE5E6C 6605544 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2016-02-24 16:41:45 E48BBF1363F843E030757EC190DD33E6 2057216 ----a-w- C:\WINDOWS\Sysnative\wlidsvc.dll 2016-02-24 16:41:44 F25D44D09132849746A080D9BAE331D9 7835648 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-02-24 16:41:42 AB55C7400D8B5B79E299EA54BB3514A4 1946624 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2016-02-24 16:41:41 5343CC447AA0BEE71ECADCCDB5670F9A 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-02-24 16:41:40 2D6128490CEBAC2499DA97B992E919DC 1053696 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2016-02-24 16:41:39 A2001D2C8E6C237B8F01E4375B16AF4E 7476064 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-02-24 16:41:38 0B5BE1B40B2F4FA7B85752CA93819681 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2016-02-24 16:41:37 80AD89A1EF678960E13D977EF8C047A9 1750440 ----a-w- C:\WINDOWS\Sysnative\WpcMon.exe 2016-02-24 16:41:36 F202F182FF6046869E2995DF333C5B2A 7199232 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-02-24 16:41:33 BA4DB0DDCF88E0D609E085130773A034 2597888 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2016-02-24 16:41:32 FFD04E8263FC9CDB89BAD8C27C337223 794112 ----a-w- C:\WINDOWS\Sysnative\winhttp.dll 2016-02-24 16:41:32 F23708D1B4C792F35CF40710804D51A4 4894720 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-02-24 16:41:32 6BB898FE9AE437C3D9D1F4920B92B1C3 1500672 ----a-w- C:\WINDOWS\Sysnative\RecoveryDrive.exe 2016-02-24 16:41:31 C42C500565DED5DEE31EF8A2A69F4DFF 1173344 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-02-24 16:41:31 1C772A877B4724F7F56117FB899C740C 3592704 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-02-24 16:41:30 F232BE986A85BA857E7C5FDBEFC71653 1415200 ----a-w- C:\WINDOWS\Sysnative\msctf.dll 2016-02-24 16:41:30 9B98D38675D854AE9D5DC06AE62E5E53 2275328 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-02-24 16:41:29 FFE45E6684CD1628AC6ED60E3717ACA8 536256 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2016-02-24 16:41:29 E0D72868E01C22B985A9341F8295613B 2757120 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-02-24 16:41:29 A1A4838C326E1C33AACAD537E84880D3 851456 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-02-24 16:41:28 C402B84B789382748EEEC04284781732 2606824 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2016-02-24 16:41:26 BDAC897CF7F20BE4E858CC44A99D8A3C 848160 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2016-02-24 16:41:26 537DD2C51094543CE389A48341F2E00B 1318912 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll 2016-02-24 16:41:25 30A512F0E1F1F58938758CD33D69680E 590848 ----a-w- C:\WINDOWS\Sysnative\SmsRouterSvc.dll 2016-02-24 16:41:25 0307E9C189E8FD376109265BAD5E3475 784384 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-02-24 16:41:24 844EB2280A13842B9919DCD0113F5487 343552 ----a-w- C:\WINDOWS\Sysnative\SensorsApi.dll 2016-02-24 16:41:24 2EC83C9326B6731398674C0C0CB1636F 1674240 ----a-w- C:\WINDOWS\Sysnative\quartz.dll 2016-02-24 16:41:24 285D92DAC2C93818615C70A5719DD1F8 440320 ----a-w- C:\WINDOWS\Sysnative\CredProvDataModel.dll 2016-02-24 16:41:23 C2737837E8DE02DCEE93EB9E0492E607 1819720 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-02-24 16:41:23 9C17CF2D05F8DA5AC66880B6BEE64E7D 190464 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll 2016-02-24 16:41:23 72534830694CCABA9A5CBA33F9771C63 260608 ----a-w- C:\WINDOWS\Sysnative\MTFServer.dll 2016-02-24 16:41:22 3A0DBC71CBA845AB06A68DBAA1C66CA7 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2016-02-24 16:41:22 140201A765860592F320B6AD6AA35155 235008 ----a-w- C:\WINDOWS\Sysnative\MTF.dll 2016-02-24 16:41:21 B3354E631DE8174E0C38EBEB024980CA 638464 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-02-24 16:41:21 B0AD1A1DCBD8690F11C44708610974B9 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-02-24 16:41:21 642EFABF900374FA85639D83B5533AFD 621568 ----a-w- C:\WINDOWS\Sysnative\wbiosrvc.dll 2016-02-24 16:41:20 BF53DA0A9C4BC6A0D8DCF529154DBF74 538632 ----a-w- C:\WINDOWS\Sysnative\WWanAPI.dll 2016-02-24 16:41:19 D02F3E132E6AD02F2CB4F9991FB77B56 1270072 ----a-w- C:\WINDOWS\Sysnative\WinTypes.dll 2016-02-24 16:41:19 AAD4516753A9EDD1CF93B81E8B5D0CE5 359776 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-02-24 16:41:19 777F439F1E5989777805647F1684529D 2127360 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2016-02-24 16:41:18 FEF120F66B71871C35DDC154C43EAD86 617984 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2016-02-24 16:41:18 8E3B324D6479A63B6F23D663307D53A1 477696 ----a-w- C:\WINDOWS\Sysnative\srcore.dll 2016-02-24 16:41:18 80D6AF1D9BE30E386322E9E723F7B6DE 1387520 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-02-24 16:41:17 B67BE37DB6E01693A8529DBC4B2A1C88 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-02-24 16:41:16 D229D73154CD66884BEAD67393ABE5C7 726528 ----a-w- C:\WINDOWS\Sysnative\wlidcli.dll 2016-02-24 16:41:16 6B058785608DAB0D191575E12A45201D 406528 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2016-02-24 16:41:16 467F2BD2CC73E322839B3AED763BA2DC 193024 ----a-w- C:\WINDOWS\Sysnative\SimCfg.dll 2016-02-24 16:41:16 446E107CFCFECA7EF4A79414E882D8C8 574976 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.UX.EapRequestHandler.dll 2016-02-24 16:41:14 F93E9FA2A54843D6EC529E4754F12946 166400 ----a-w- C:\WINDOWS\Sysnative\MusNotification.exe 2016-02-24 16:41:14 A84812FE1FC4EAE9BBD816A2AEE4830D 383488 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2016-02-24 16:41:14 95F1566DEB77160095EC236964EE506D 1734656 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-02-24 16:41:14 6FF8248F3A9D69A095C7F3F42BC29CB2 440152 ----a-w- C:\WINDOWS\Sysnative\services.exe 2016-02-24 16:41:14 0319FFA35F366D2FD1C9776DAA98FE96 299008 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll 2016-02-24 16:41:13 85EB31A46D618AC52726253A32539082 221696 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2016-02-24 16:41:13 7E1AE9B225DEA8A142BAE7AFFC2A78F5 160768 ----a-w- C:\WINDOWS\Sysnative\SimAuth.dll 2016-02-24 16:41:13 50FED971D0FAD2B990C0A05735761D62 733184 ----a-w- C:\WINDOWS\Sysnative\rasapi32.dll 2016-02-24 16:41:13 158D628D1073D42429CB25A6F47DAE17 275456 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2016-02-24 16:41:12 F2E3456FD405F9BEACA0B8CF2BBDF0DE 202472 ----a-w- C:\WINDOWS\Sysnative\wscapi.dll 2016-02-24 16:41:12 79F73D66F612FE53C8E5E607FCDCFAB1 884736 ----a-w- C:\WINDOWS\Sysnative\rasdlg.dll 2016-02-24 16:41:12 4776D4D2D41F99CF9938A410E38FAFE3 73728 ----a-w- C:\WINDOWS\Sysnative\SMSRouter.dll 2016-02-24 16:41:11 D53F94A3F5DA461209C6128D5337FFF1 304752 ----a-w- C:\WINDOWS\Sysnative\systemreset.exe 2016-02-24 16:41:11 AFFD518026BA3F904589961003B65BB2 408120 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2016-02-24 16:41:09 D754BB9E00B5D305617461E9C3CB6057 120320 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-02-24 16:41:09 4BCE40BC42A874A57B0E1B3E0FED0ABA 475648 ----a-w- C:\WINDOWS\Sysnative\DDDS.dll 2016-02-24 16:41:09 32276D1150EB30B798BE24EB0946A9B3 457728 ----a-w- C:\WINDOWS\Sysnative\ipnathlp.dll 2016-02-24 16:41:09 18DF88220B196D0D45644BC2730D6757 55296 ----a-w- C:\WINDOWS\Sysnative\MusNotificationUx.exe 2016-02-24 16:41:08 4BB6D13AB95409AB66C8D1F1D847D4A1 274944 ----a-w- C:\WINDOWS\Sysnative\DisplayManager.dll 2016-02-24 16:41:07 FAB5054707064EA9881954F98D9150C0 85320 ----a-w- C:\WINDOWS\Sysnative\OpenWith.exe 2016-02-24 16:41:07 C177128E60700E43109584F33D0430F9 258048 ----a-w- C:\WINDOWS\Sysnative\iassam.dll 2016-02-24 16:41:06 5058E240BBD22D66CE29D9C3279C8A91 610816 ----a-w- C:\WINDOWS\Sysnative\rastls.dll 2016-02-24 16:41:06 3FAD094B789D7D8C130D474A8FD479D6 785088 ----a-w- C:\WINDOWS\Sysnative\evr.dll 2016-02-24 16:41:05 54C5C6E962A873A1D05394DFF553FD18 149504 ----a-w- C:\WINDOWS\Sysnative\FilterDS.dll 2016-02-24 16:41:05 44AEBB28BE7A26F5A4068337208B183B 713568 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-02-24 16:41:05 1C375486D1F6D0DD5281B76C750EEFA3 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-02-24 16:41:05 0EF46CAA4154B54F75E6A52D4B47CFF6 513888 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-02-24 16:41:04 F0BA42C8EB6ADB733E35D2EC7714408F 49152 ----a-w- C:\WINDOWS\Sysnative\pcaui.exe 2016-02-24 16:41:04 8A48AEAACC0F44E999BEC15BF017E74B 36864 ----a-w- C:\WINDOWS\Sysnative\ztrace_maps.dll 2016-02-24 16:41:02 D974EACE921C3B1C78DD29334CC7F861 109056 ----a-w- C:\WINDOWS\Sysnative\hlink.dll 2016-02-24 16:41:02 4A8EBDA840908BE9E41E845BA71A3BA9 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2016-02-24 16:41:01 BAAB5AE1EC2A970C16FDA670882EEE39 79360 ----a-w- C:\WINDOWS\Sysnative\cfgbkend.dll 2016-02-24 16:41:01 9CEBBE3FB11718F2B2B2086102711C2E 19456 ----a-w- C:\WINDOWS\Sysnative\rasautou.exe 2016-02-24 16:40:58 00FFABBFBEE8A064DF817885187B1D8B 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-02-24 16:40:57 DE4D2583E70B89D027CF9C5ABCD3673B 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-02-24 16:40:57 52B49D01CE8F8EEC3D557D2CCD46548B 17408 ----a-w- C:\WINDOWS\Sysnative\rasadhlp.dll 2016-02-24 16:40:57 266B9C1CC212C255ED61CB13CE3A98A4 13824 ----a-w- C:\WINDOWS\Sysnative\sscoreext.dll 2016-02-24 16:40:56 AA94C58A205952A01A58C3D18E4B987F 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-02-24 16:40:56 4F83D9D2478E3421BFA7B7F13FAD614B 130560 ----a-w- C:\WINDOWS\Sysnative\winbio.dll 2016-02-24 16:40:56 380A4E413E227A6445FDB5244181BAFF 1087488 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2016-02-24 16:40:55 F6D1F548315E07F98B6294940CCBE7FB 97280 ----a-w- C:\WINDOWS\Sysnative\winhttpcom.dll 2016-02-24 16:40:55 DD4C204506488414C8980B925445481C 99328 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll 2016-02-24 16:40:55 D60BA4C76D194472D6602FF3D2D51ADE 106496 ----a-w- C:\WINDOWS\Sysnative\rasauto.dll 2016-02-24 16:40:55 096671DD1AA23C708FC4493C41D5DB82 13824 ----a-w- C:\WINDOWS\Sysnative\rastlsext.dll 2016-02-24 16:38:50 CBE6A51D10DA701BAFF2729EAD1BAC6B 398152 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2016-02-24 16:41:22 318E816717431D3C23DC82779900C744 1089880 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-02-24 16:41:15 CC0A2F91C231E0D25EE3DBBF11B660D9 1998176 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-02-24 16:41:11 299B5570571185DB929194C40A1A0DB0 576352 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-02-24 16:41:06 A1105260EEEE3DBD8D38FD054B22BD00 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-02-24 16:41:04 BF6CA7EA5ECD6CF72D3D76652A9B8280 144384 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2016-02-24 16:41:02 F259A45D6B555B14CC8365AA6BC8DC20 67072 ----a-w- C:\WINDOWS\Sysnative\drivers\usbser.sys 2016-02-24 16:37:45 C445C4459ADC7A04E02D4646980515FC 1065720 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSnx.sys 2016-02-24 16:37:45 9949BBD5BB70C4D317B7549896132579 287016 ----a-w- C:\WINDOWS\Sysnative\drivers\aswVmm.sys 2016-02-24 16:37:45 7E66DFE6B62C6C34FD6B09DB6169E9F6 37656 ----a-w- C:\WINDOWS\Sysnative\drivers\aswHwid.sys 2016-02-24 16:37:45 43F46E7D103F46EC345B1056BDD2A60B 463744 ----a-w- C:\WINDOWS\Sysnative\drivers\aswSP.sys 2016-02-24 16:37:45 259ABA699202DCE45815128D7BEAE41E 107792 ----a-w- C:\WINDOWS\Sysnative\drivers\aswMonFlt.sys 2016-02-24 16:37:45 219D0E2348629FAE4E6E3478C21B23D6 165344 ----a-w- C:\WINDOWS\Sysnative\drivers\aswStm.sys 2016-02-24 16:37:45 0AA12ADF5F87B4A70BDBAED77F54B978 74544 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRvrt.sys 2016-02-24 16:37:45 0866D5FE02D614501B7B4AD5E1BC7B53 103064 ----a-w- C:\WINDOWS\Sysnative\drivers\aswRdr2.sys ====== C:\WINDOWS\Tasks ====== 2016-02-27 17:16:55 CFC0D76F55269B412728110F327F9DA2 4152 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2016-02-27 17:16:55 9D5A7CD8D34302345054A392145D9971 1090 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-27 17:16:55 1CA2025D7F6C8C5FBB3D2EAB6148BBCF 1094 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-27 17:16:55 007C711F96FD88DFB78261F9CEC29E58 3920 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2016-02-24 16:37:52 C709FA0B4506417FC8EC07D2C813F56C 4006 ----a-w- C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-03-03 14:44:29 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== ====== C:\Users\Gebruiker ====== 2016-03-03 14:44:18 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2016-02-27 17:16:41 986DB2DDE87193CE85821CAD7570399E 987728 ----a-w- C:\Users\Gebruiker\Downloads\ChromeSetup.exe 2016-02-25 17:09:07 -------- d-----w- C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42 2016-02-24 16:36:29 8AF53B968C7BE532966A600EB9DC01DC 5207096 ----a-w- C:\Users\Gebruiker\Downloads\avast_free_antivirus_setup_online.exe ====== C: exe-files == 2016-03-03 14:44:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2016-03-03 14:44:18 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2016-03-03 14:39:31 7713F318952BFF9588EEB83A9A3E41A6 7360688 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00008775\DAO.20494876.exe 2016-03-03 14:39:31 725036FFD22347DE003A95FC370F6F9A 609400 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00008780\CoProc update.20498246.exe 2016-03-02 12:53:22 4B888860EFE7839EDE26014930EEE71A 630200 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-03-02 12:53:20 E7E2338B0763439601290579485D5309 172984 ----a-w- C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-02-28 11:49:40 8D677EE90317A10D3369C3885C93B268 1579416 ----a-w- C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.4\software_reporter_tool.exe 2016-02-27 17:17:04 C63D17DCBEEB1A035D484C3F4A13BB11 44333984 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\48.0.2564.116\48.0.2564.116_chrome_installer.exe 2016-02-27 17:16:54 F489BF87E4B3E9CCEFA102CC347F180F 95048 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe 2016-02-27 17:16:54 A70C804C5BCC0BBFCB7E9173C32B0221 95048 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe 2016-02-27 17:16:54 986DB2DDE87193CE85821CAD7570399E 987728 ----a-w- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleUpdateSetup.exe 2016-02-27 17:16:54 8C17EAF5E4883284A75FC560C7F021AB 137544 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe 2016-02-27 17:16:54 750446ED76A5D13E902174DDDDA1A62B 154440 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2016-02-27 17:16:54 1457C6AC71CAEC4D692FDD62155A9745 95048 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleUpdateBroker.exe 2016-02-27 17:16:53 ABF64234F3462571E66527828040219B 252232 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe 2016-02-27 17:16:53 750446ED76A5D13E902174DDDDA1A62B 154440 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleUpdate.exe 2016-02-27 17:16:53 2E6215108125A42160A1EC17208A50F0 313672 ----atw- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe 2016-02-27 17:16:41 986DB2DDE87193CE85821CAD7570399E 987728 ----a-w- C:\Users\Gebruiker\Downloads\ChromeSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2641821056-3205951439-408124547-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TSVU"="c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "TCrdMain"="C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/02/2016 18:16] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/02/2016 18:16] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\App Explorer" [%LOCALAPPDATA%\Host App Service\Engine\HostAppServiceUpdater.exe] "C:\WINDOWS\SysNative\tasks\BTSchedulerTask" [C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe] "C:\WINDOWS\SysNative\tasks\DropboxOEM" ["%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe"] "C:\WINDOWS\SysNative\tasks\dts_apo_service_task" [C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec" ["C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe"] "C:\WINDOWS\SysNative\tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon" ["C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe"] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\WINDOWS\SysNative\tasks\Resolution+ Setting Task" [C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{404D3F9A-0159-43A1-8D82-CE6510996030}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{7D0B7A47-7E0B-0D79-0F11-7D057A0A110C}" [C:\WINDOWS\system32\WindowsPowershell\v1.0\powershell.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] "C:\WINDOWS\SysNative\tasks\TOSHIBA\CommonNotifier" [C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe] "C:\WINDOWS\SysNative\tasks\TOSHIBA\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [24/02/2016 17:38] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [24/02/2016 17:38] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/02/2016 22:08] Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi {scripts [background.js]}content_scripts:[{js:[content.js]matches:[]run_at:document_end}]content_security_policy:script-src 'self' 'unsafe-eval' https://searchknow-a.akamaihd.net https://searchknow-a.akamaihd.net https://cdn.searchitknow.com; object-src 'self'description:homepage_url:http://www.searchitknow.comicons:{48:icon.png}key:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHsqJ1LqaNe9tu4KQuoayN1A7CWr7rig/iEF9QRX9wTgqsTHles5Qh1iAh6FP7KRRiygdTXkB+hWfeLzNIEtfhmH5V+mZnIB70Ey2UIqlgEsJhIzQu7P1KTDMxJVRQPmiDv6gMbyW6SRdQSlirQmkcefE8/2wHv8ILs2tB2+MP37DWGYhGaa+98bwyyGi1JttJmig1yYw3BBo2gAq/vI4cWkQuUH4RFwmtQoMUry6bI0K76N9ceSA+/fWjvdqC1vS9F4XDhgL7WfEjRifpP3t3eA0C/1K4Tu1gQfpljdy1TBM1Hl3QGhDKOSkpZHO2lgL2DcZNXolWcErSxA7/DccQIDAQABmanifest_version:2name:Search Knowpermissions:[managementstoragetabswebRequestwebRequestBlockingwebNavigation]update_url:http://cdn.searchitknow.com/updateversion:1.0.5864.30020} - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idinlomicehmlengefcgeegcloblehkg Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_searchknow-a.akamaihd.net_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_searchknow-a.akamaihd.net_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_land.pckeeper.software_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.happyidiots.nl_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.happyidiots.nl_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idinlomicehmlengefcgeegcloblehkg deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idinlomicehmlengefcgeegcloblehkg_0.localstorage deleted successfully C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idinlomicehmlengefcgeegcloblehkg deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbJQkNVwATRxhAdFpbTA0SR1QOeFxeUBQQQlcTclsIBwgQRwwFIk0FA1ADB0VXfVBdFElXTwhwJVhKAlE6T1pU" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{87A2A1DC-89C3-4A70-863A-F5335DE14602}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{87A2A1DC-89C3-4A70-863A-F5335DE14602} - http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQFdUQxHGFdFbVoMAlpcFVZFIRQABF9ADFRAIgkKAwkXEFRFeR9aFQQTSEcFME0FCFwEURNNfWpdAEsSSX5NL04=&q={searchTerms} HKLM\Wow6432Node\SearchScopes "DefaultScope"="{87A2A1DC-89C3-4A70-863A-F5335DE14602}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{87A2A1DC-89C3-4A70-863A-F5335DE14602} - http://www.bing.com/search?q={searchTerms}&form=PRTOS1&src=IE11TR&pc=TBTE HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== shortcuts on Users Desktops ====================== C:\Users\Default\Desktop\eBay.lnk - C:\Program Files (x86)\eBay\DesktopShortcut\redirect.html C:\Users\Default User\Desktop\eBay.lnk - C:\Program Files (x86)\eBay\DesktopShortcut\redirect.html C:\Users\Gebruiker\Desktop\eBay.lnk - C:\Program Files (x86)\eBay\DesktopShortcut\redirect.html C:\Users\Gebruiker\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Public\Desktop\Booking.com.lnk - C:\Users\Public\Desktop\Get Dropbox.lnk - C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe manual C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Spotify.lnk - C:\Program Files (x86)\Spotify\SpotifyLauncher.exe C:\Users\Public\Desktop\Toshiba Tempro.lnk - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe /startUI C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE ==== shortcuts in Users Start Menu ====================== C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\avastui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Multimedia\Audio Enhancement.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Audio Enhancement\ToshibaAudioSettingGUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Support\Service Station.lnk - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Amazon (2).lnk - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Amazon.lnk - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Amazon (2).lnk - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Amazon.lnk - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://mmotraffic.com/catalog/goplay/1000932/MTE3NjYvLy8xMDAwOTMy?click_id=yBzztD0C0BzztBtByCtAzzzzyDyDtB0C2RtBtDtCyCtDtCtByDtCzztAtAtAyDzyyDtC C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Amazon.lnk - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonTaskbarApp.exe C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\App Explorer.lnk - C:\Users\Gebruiker\AppData\Local\Host App Service\Engine\HostAppService.exe /OPEN"4efc125e5bdfe64bf86cc73a85a9d56ebf10231c" C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - ==== shortcuts After Repair ====================== C:\Users\Gebruiker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gameo deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Speed Maximizer_is1 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default.migrated\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1071 folders=83 215435747 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3\Plugin.exe" not found "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3\Plugin.exe" not found "C:\PROGRA~3\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42\plugins\3\Plugin.exe" not found "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42" not found "C:\ProgramData\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42" not found "C:\PROGRA~3\9a4b8b26-f4e0-4529-a5b4-93ec828f7e42" not found ==== EOF on vr 04/03/2016 at 14:30:54,89 ======================