
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by rossi on zo 05-02-2017 at 13:29:37,29.
Microsoft Windows 10 Home 10.0.14393  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\rossi\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2017-02-05-121710.log	52908 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Adobe Acrobat Reader DC - Nederlands  
Adobe Refresh Manager  
Around the World in 80 Days  
ASUS GIFTBOX Desktop  
ASUS Live Update  
Asus Sonic Suite Plugins  
ASUS Splendid Video Enhancement Technology  
ASUS USB Charger Plus  
ATK Package  
AVG  
AVG 2016  
AVG Protection  
AVG Web TuneUp  
AVS Video Converter 9.1  
Belgium e-ID middleware 4.1.20 (build 1779)  
CheckDevicesConfigurator  
D3DX10  
Dacia Media Nav Toolbox  
Device Setup  
Dropbox 25 GB  
Evernote v. 5.8.6  
Facebook Gameroom 1.2.1.1  
FMW 1  
GameFirst IV  
Genesys USB Mass Storage Device  
Google Chrome  
Google Drive  
Google Update Helper  
GrabIt 1.7.3 Beta (build 1010)  
Hitman: Absolution  
Intel(R) Chipset Device Software  
Intel(R) Dynamic Platform and Thermal Framework  
Intel(R) Management Engine Components  
Intel(R) ME UninstallLegacy  
Intel(R) PRO/Wireless Driver  
Intel(R) Serial IO  
Intel(R) Wireless Bluetooth(R)  
Intel© PROSet/Wireless Software  
Intel© PROSet/Wireless WiFi Software  
Intel© Security Assist  
Intel© Trusted Connect Service Client  
Intel© Watchdog Timer Driver (Intel© WDT)  
Junk Mail filter update  
LauncherSetup  
Microsoft Application Error Reporting  
Microsoft ASP.NET MVC 4 Runtime  
Microsoft Office 365 - nl-nl  
Microsoft OneDrive  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005  
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  
Mozilla Firefox 49.0.1 (x86 nl)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT_amd64  
MSVCRT110  
MSVCRT110_amd64  
NahimicSettingsConfigurator  
Naviextras Toolbox Prerequesities  
NVIDIA-configuratiescherm 369.09  
NVIDIA 3D Vision Driver 354.35  
NVIDIA Graphics Driver 354.35  
NVIDIA HD Audio Driver 1.3.34.3  
NVIDIA Install Application  
NVIDIA Network Service  
NVIDIA PhysX System Software 9.15.0428  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 2.11.4.1  
NVIDIA Update Core  
NVIDIA Virtual Audio 1.2.40  
Office 16 Click-to-Run Extensibility Component  
Office 16 Click-to-Run Extensibility Component 64-bit Registration  
Office 16 Click-to-Run Licensing Component  
Office 16 Click-to-Run Localization Component  
Online.io Application  
Photo Common  
ProductDaemonSetup  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
ROG Gaming Center  
ROG MacroKey  
SABnzbd 1.1.1RC3  
SHIELD Streaming  
SHIELD Wireless Controller Driver  
SonicRadarSetup  
SonicStudioSetup  
Spotify  
Spotnet  
Steam  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (08/08/2015 4.1.5)  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (11/30/2016 4.1.9)  
Thunderbolt(TM) Software  
Traffic Exchange  
UltraISO Premium V9.52  
Update Installer for WildTangent Games App  
Visual Studio 2012 x64 Redistributables  
WebStorage  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Installer  
Windows Live Mail  
Windows Live MIME IFilter  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
WinFlash  
WinRAR 5.40 bŠta 3 (64-bit)  
WPS Office for ASUS  
XSplit Gamecaster  

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe
C:\WINDOWS\SysWoW64\svchost.exe
C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe
C:\Program Files (x86)\ASUS\ROG MacroKey\AsListen.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\rossi\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\rossi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
C:\Users\rossi\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\rossi\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Users\rossi\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe

==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] 
"{56013B22-DE4B-11E6-A73A-64006A5CFC23}"=- 

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AVG Web TuneUp not found
C:\ProgramData\Hotfresh not found
C:\Program Files (x86)\Common Files\AVG Secure Search not found
C:\Users\rossi\AppData\Roaming\Appyphinek not found
C:\ProgramData\Avira not found
C:\ProgramData\AVAST Software not found
C:\ProgramData\Hotfreshs not found
C:\ProgramData\AVG Web TuneUp not found
"C:\Users\rossi\AppData\Roaming\Mozilla\Firefox\Profiles\9zl721p2.default\searchplugins\avg-secure-search.xml" not found

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 16323 MB
CPU Info: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
CPU Speed: 2593,8 MHz
Sound Card: Speakers (Realtek High Definiti | 
Realtek Digital Output (Realtek | 
Display Adapters: NVIDIA GeForce GTX 970M | NVIDIA GeForce GTX 970M | NVIDIA GeForce GTX 970M | NVIDIA GeForce GTX 970M
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | Bluetooth PAN HelpText | Intel(R) Dual Band Wireless-AC 7265 | Microsoft Wi-Fi Direct Virtual Adapter
CD / DVD Drives: 2x (E: | F: | ) E: TSSTcorpCDDVDW SU-228GB  | F: EZBSYS  ISO CDVD DRIVE
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  237,7GB | D:  931,5GB
Hard Disks - Free: C:  93,7GB | D:  856,5GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE |  | _ASUS_ - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. G752VT
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Default Browser: Internet Explorer	11.00.14393.0 (rs1_release.160715-1616)
Internet Explorer Version: 11.576.14393.0 
Mozilla Firefox version: 49.0.1 (x86 nl)
Google Chrome version: 56.0.2924.87
Adobe Reader version: 15.23.20056.213124

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2017-02-04 23:07:43	AA6B2587095984518F7D32D4859A585C	187904	----a-w-	C:\WINDOWS\rsrcs.dll
====== C:\Users\rossi\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2017-02-04 23:07:18	2E51E1497BF05AA30BB02DF6C1D52284	2398	----a-w-	C:\WINDOWS\SysWOW64\findit.xml
2017-01-25 10:09:41	843C2631C34C245D29FFD0661933165A	120320	----a-w-	C:\WINDOWS\SysWOW64\poqexec.exe
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2017-01-25 10:09:41	203E65625ACC8E1E8E5F4DC1E0B5BC32	142848	----a-w-	C:\WINDOWS\Sysnative\poqexec.exe
====== C:\WINDOWS\Sysnative\drivers =====
2017-02-04 23:08:46	FEE53173263B621656360F99E68DCDA5	92832	----a-w-	C:\WINDOWS\Sysnative\drivers\KuaiZipDrive.sys
2017-01-11 14:13:34	90C07EB909C42316982E753BDAA7860D	624048	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2017-01-11 14:13:20	3BB8D153A9A514EC9FFCB586251A1925	715104	----a-w-	C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2017-01-11 14:13:19	29AF16726F4DD84376ECA85AB6AFF2C6	335712	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
====== C:\WINDOWS\Tasks ======
2017-02-04 23:23:35	3A9BB66D1DEFB5B74D57EAB43E0E4DEC	3668	----a-w-	C:\WINDOWS\Sysnative\Tasks\AVG EUpdate Task
2017-02-04 23:09:09	36B389E329A73D930A9C6F7D3FE9EEF6	3476	----a-w-	C:\WINDOWS\Sysnative\Tasks\UCBrowserSecureUpdater
2017-02-04 23:08:00	EDCA8E9F44BA687107CDB4C9FA3B613E	2634	----a-w-	C:\WINDOWS\Sysnative\Tasks\System HealerStartUp
2017-02-04 23:08:00	8814DAC33682420FDD8DD8C132D3525C	304	----a-w-	C:\WINDOWS\Tasks\System HealerStartUp.job
2017-02-04 23:08:00	4EF4F0E72169E61F747D23CC73C7A4D1	2928	----a-w-	C:\WINDOWS\Sysnative\Tasks\System HealerPeriod
2017-02-04 23:08:00	4B9156F28686BA7F0452231DD0134115	304	----a-w-	C:\WINDOWS\Tasks\System HealerPeriod.job
2017-02-04 23:07:55	1E2D1CB746B050A8644CD562AA720482	3682	----a-w-	C:\WINDOWS\Sysnative\Tasks\System Healer Task
2017-02-04 23:07:54	4D83FC34A60EED007F5727E6E8E92CA9	24698	----a-w-	C:\WINDOWS\Sysnative\Tasks\{7D7E7847-0C79-7A0E-0A11-0D0B08791179}
2017-02-04 23:07:48	95948BCDC91C50AC5093F095474BD23F	3432	----a-w-	C:\WINDOWS\Sysnative\Tasks\SystemHealer Run Delay
2017-02-04 23:07:48	5FB327656D47B19EA1379FDA80821D15	3362	----a-w-	C:\WINDOWS\Sysnative\Tasks\SystemHealer Monitor
2017-02-04 23:07:40	BDF700C4CA31BC7C5F2DBA4A445827BC	3132	----a-w-	C:\WINDOWS\Sysnative\Tasks\PC Clean Plus_UPDATES
2017-02-04 23:07:40	7A5A47097513A1365A4D96119B411D6B	3306	----a-w-	C:\WINDOWS\Sysnative\Tasks\PC Clean Plus_DEFAULT
2017-02-04 23:07:40	75C5C243A85BDDC4E8FA3AB3A0E867EC	310	----a-w-	C:\WINDOWS\Tasks\PC Clean Plus_DEFAULT.job
2017-02-04 23:07:40	6756BAC14C2B3623E39CCCA232B3AC5D	318	----a-w-	C:\WINDOWS\Tasks\PC Clean Plus_UPDATES.job
2017-02-04 23:07:39	DF8C067D1CBB7BE5A2D3182E95A255F2	3780	----a-w-	C:\WINDOWS\Sysnative\Tasks\Thovuy
2017-02-04 23:07:38	DB1C8376A35F81B1531617B16CA1C0D7	3106	----a-w-	C:\WINDOWS\Sysnative\Tasks\RunAtStartup
2017-02-04 23:07:37	F9A79C3BC14C90B7B029F7ACFF0B2838	3184	----a-w-	C:\WINDOWS\Sysnative\Tasks\PC Clean Plus
2017-02-04 23:07:36	9D154A7DABC5FB4B86DE02A6388CF20E	3702	----a-w-	C:\WINDOWS\Sysnative\Tasks\Traffic Exchange Guard
2017-02-04 23:07:35	FDB99E3E51CC5F31B16606322CE6033C	3242	----a-w-	C:\WINDOWS\Sysnative\Tasks\Traffic Exchange v2 - 3
2017-02-04 23:07:35	EC416B1441F67079FEFE79A364B44498	354	----a-w-	C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job
2017-02-04 23:07:35	BDBB39564A56051DFEE6ADB405701C89	3294	----a-w-	C:\WINDOWS\Sysnative\Tasks\Traffic Exchange Updater
2017-02-04 23:07:35	98F557FBF7563C4E7C9CB1546951D24D	3708	----a-w-	C:\WINDOWS\Sysnative\Tasks\Traffic Exchange Guardian
2017-02-04 23:07:35	9205CBE71E98802E34A5213DB685128E	3242	----a-w-	C:\WINDOWS\Sysnative\Tasks\Traffic Exchange v2 - 1
2017-02-04 23:07:35	62E6590A2893DA066050B4B004656F14	354	----a-w-	C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job
2017-02-04 23:07:35	57E7208D97638CDF502A2B5DD4D9CB94	3690	----a-w-	C:\WINDOWS\Sysnative\Tasks\Traffic Exchange
2017-02-04 23:07:35	41E78AC6B5136504120E77DBCEA447FA	354	----a-w-	C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job
2017-02-04 23:07:35	21E72CA26C01E8F7B56F0AC075F819A9	406	---ha-w-	C:\WINDOWS\Tasks\Traffic Exchange Updater.job
2017-02-04 23:07:35	1D9AEC584C3994BF182C982957DCBD39	3242	----a-w-	C:\WINDOWS\Sysnative\Tasks\Traffic Exchange v2 - 2
2017-02-04 23:07:32	4ACC39DBBD26C0C021EC850F9A2D4A40	6068	----a-w-	C:\WINDOWS\Sysnative\Tasks\Thuqogh Reports
2017-02-04 23:07:22	E8A86C60EAA87D4341729822B042C4C1	3722	----a-w-	C:\WINDOWS\Sysnative\Tasks\Online Application Guardian
2017-02-04 23:07:22	E328496FC37E2B3D12F129DD3231CA72	3716	----a-w-	C:\WINDOWS\Sysnative\Tasks\Online Application Guard
2017-02-04 23:07:22	DA3E6B676E40067E9BF7583C5FB4B45E	3728	----a-w-	C:\WINDOWS\Sysnative\Tasks\Online Application v2 Guard
2017-02-04 23:07:22	8E519C939EAEC2F2744DB58BDACFE764	3704	----a-w-	C:\WINDOWS\Sysnative\Tasks\Online Application
2017-02-04 23:07:22	77C79DA8395241042BD53ACF0FB0125A	3784	----a-w-	C:\WINDOWS\Sysnative\Tasks\Online Application Updater
2017-02-04 23:07:22	6B247FEAF353382CB5BC68B1DD41BDD5	3716	----a-w-	C:\WINDOWS\Sysnative\Tasks\Online Application v2
2017-02-04 23:07:22	3BD657D136DEA55FAB7FE69A799B08FF	3734	----a-w-	C:\WINDOWS\Sysnative\Tasks\Online Application v2 Guardian
2017-01-16 18:23:31	F430BF9C2A8838592BFAE98D88047C29	604	----a-w-	C:\WINDOWS\Tasks\WpsExternal_rossi_20170116192331.job
2017-01-16 18:23:31	7040FB151AFB3FEA4E4683678B487911	3648	----a-w-	C:\WINDOWS\Sysnative\Tasks\WpsExternal_rossi_20170116192331
2017-01-16 18:23:30	E05C0760976D544D2D842291614A3C53	3432	----a-w-	C:\WINDOWS\Sysnative\Tasks\WpsUpdateTask_rossi
2017-01-16 18:23:28	4079C54B4ED66DE1CA80952B811A2879	410	----a-w-	C:\WINDOWS\Tasks\WpsUpdateTask_rossi.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2017-02-05 09:41:38	--------	d-----w-	C:\Program Files\trend micro
2017-02-04 23:08:40	--------	d-----w-	C:\Program Files\¿ìÑ¹
2017-02-04 23:07:45	--------	d-----w-	C:\Program Files\Common Files\Noobzo
2017-02-04 23:07:32	--------	d-----w-	C:\Program Files\VVMSRFBC81
2017-02-04 23:07:32	--------	d-----w-	C:\Program Files\HMK1V16H4A
======= C:\PROGRA~2 =====
2017-02-04 23:08:44	--------	d-----w-	C:\PROGRA~2\UCBrowser
2017-02-04 23:07:16	--------	d-----w-	C:\PROGRA~2\COMMON~1\Tonkix
2017-02-03 09:02:52	--------	d---a-w-	C:\PROGRA~2\COMMON~1\DESIGNER
2017-01-20 05:39:41	--------	d-----w-	C:\PROGRA~2\Opera
======= C: =====
2017-02-05 11:30:13	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
2017-02-04 23:07:27	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\TOSTACK
====== C:\Users\rossi\AppData\Roaming ======
2017-02-05 11:13:24	--------	d-----w-	C:\Users\rossi\AppData\Local\IIIQF
2017-02-04 23:30:16	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\UCBrowser
2017-02-04 23:29:16	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Programs
2017-02-04 23:09:19	--------	d-----w-	C:\Users\rossi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
2017-02-04 23:09:08	--------	d-----w-	C:\Users\rossi\AppData\Local\UCBrowser
2017-02-04 23:07:55	--------	d-----w-	C:\Users\rossi\AppData\Local\app
2017-02-04 23:07:38	--------	d-----w-	C:\Users\rossi\AppData\Local\tuto_monetize_120170124
2017-02-04 23:07:31	--------	d-----w-	C:\Users\rossi\AppData\Local\Derberycekerck
2017-02-04 23:07:18	--------	d-----w-	C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-04 23:07:18	--------	d-----w-	C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-01-20 05:39:57	--------	d-----w-	C:\Users\rossi\AppData\Local\Opera Software
2017-01-09 12:48:27	--------	d-----w-	C:\Users\rossi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2017-01-09 12:48:25	--------	d-----w-	C:\Users\rossi\AppData\Local\Facebook
====== C:\Users\rossi ======
2017-02-05 11:29:57	--------	d-----w-	C:\Users\rossi\Start Menu
2017-02-05 11:13:33	--------	d-----w-	C:\ProgramData\Solvusoft
2017-02-05 11:13:19	FF705FCACBC099BDBFA7A3B916A8822F	8932000	----a-w-	C:\Users\rossi\Downloads\Setup_WinThruster_2016.exe
2017-02-05 10:53:55	BE55308FC11137DB1B56E41D23A4EBCE	1129376	----a-w-	C:\Users\rossi\Downloads\ChromeSetup.exe
2017-02-05 10:46:32	3D8428BC755A6BD0B7CF7D147B93919F	18309328	----a-w-	C:\Users\rossi\Desktop\MediaCreationTool.exe
2017-02-05 09:41:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\rossi\Desktop\RSITx64.exe
2017-02-04 23:24:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-02-04 23:10:01	--------	d-----w-	C:\ProgramData\Microleaves
2017-02-04 23:07:54	--------	d-----w-	C:\ProgramData\e67e9419-59a3-0
2017-02-04 23:07:54	--------	d-----w-	C:\ProgramData\e67e9419-1165-1
2017-02-04 23:07:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2017-02-04 23:07:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Clean Plus
2017-02-04 23:07:15	--------	d-----w-	C:\ProgramData\Logic Handler
2017-02-04 23:07:04	--------	d-----w-	C:\ProgramData\CloudPrinter
2017-01-16 18:23:31	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2017-01-12 12:19:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID

====== C: exe-files ==
2017-02-05 12:28:34	CEBBD45985EB8D30A37B6E8D22DCAB11	257192	----a-w-	C:\Windows\Temp\DPTF\esif_assist_64.exe
2017-02-05 11:28:52	989B20DC341851FBB85EFFA48785EEA4	3237248	----a-w-	C:\Users\rossi\Downloads\SpyHunter 421104585 Final Nederlands REPOST\SpyHunter-Installer.exe
2017-02-05 11:28:52	3B946021A35AC10C74805EA895027DB9	7175552	----a-w-	C:\Users\rossi\Downloads\SpyHunter 421104585 Final Nederlands REPOST\Crack\SpyHunter4.exe
2017-02-05 11:14:09	C7489D70D684A305F49B8A59C2A38369	441896	----a-w-	C:\Users\rossi\AppData\Roaming\Solvusoft\Tray\AutoInstall\DM.exe
2017-02-05 11:13:19	FF705FCACBC099BDBFA7A3B916A8822F	8932000	----a-w-	C:\Users\rossi\Downloads\Setup_WinThruster_2016.exe
2017-02-05 10:54:04	721158605BEC0ABE136238B0BAA809C5	48698472	----a-w-	C:\Program Files (x86)\Google\Update\Install\{77DA3BE9-8604-4E7E-8E38-ED138540B39D}\56.0.2924.87_chrome_installer.exe
2017-02-05 10:53:55	BE55308FC11137DB1B56E41D23A4EBCE	1129376	----a-w-	C:\Users\rossi\Downloads\ChromeSetup.exe
2017-02-05 10:53:35	721158605BEC0ABE136238B0BAA809C5	48698472	----a-w-	C:\Program Files (x86)\Google\Update\Install\{3E5BF777-C4B1-4FCB-B6B6-68D0B0FF5D11}\56.0.2924.87_chrome_installer.exe
2017-02-05 10:46:32	3D8428BC755A6BD0B7CF7D147B93919F	18309328	----a-w-	C:\Users\rossi\Desktop\MediaCreationTool.exe
2017-02-05 10:20:52	EEF49D58D4FECB3671C37280E5E57C74	376528	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\3WGG1OS4\RefreshWindowsTool.exe
2017-02-05 09:41:38	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\rossi.exe
2017-02-05 09:41:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\rossi\Desktop\RSITx64.exe
2017-02-05 08:16:21	AFC61E04C0880A0A41DA861A47601E3B	1214872	----a-w-	C:\Users\rossi\AppData\Roaming\KuaiZip\ktpop3.exe
2017-02-05 00:06:38	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\rossi\AppData\Local\Temp\{9bc189b1acce41dc9ca0c373ca55023d}\O47W7NpHTy\uninstall.exe
2017-02-05 00:06:27	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\rossi\AppData\Local\Temp\{3cf0da58854040d2b459b7508d504ae0}\as3OxEYuv7\uninstall.exe
2017-02-04 23:49:46	5B504B0D0DFB24B4AD0D3004019DA842	446168	----a-w-	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\AegisI5.exe
2017-02-04 23:49:46	260402E5F4C9EE3CA15C7AADE09EF6EA	6635632	----a-w-	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\UCWiFi.exe
2017-02-04 23:36:47	721158605BEC0ABE136238B0BAA809C5	48698472	----a-w-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\56.0.2924.87\56.0.2924.87_chrome_installer.exe
2017-02-04 23:36:26	FCAEDFFAA41EA74BA53FDADABBB8B21A	1129376	----a-w-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleUpdateSetup.exe
2017-02-04 23:36:26	33DF23DDDE222C6270C99885D7A70DE2	96920	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleUpdateWebPlugin.exe
2017-02-04 23:36:25	FE9E6388A039441098EB09C070EA5049	601752	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleUpdateCore.exe
2017-02-04 23:36:25	FE40EC349D80C0ED24A5808DCFE9A0D2	288920	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleCrashHandler.exe
2017-02-04 23:36:25	FACC7DC5EEF8AF0D969BC2481AAA3EFC	174232	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleUpdateComRegisterShell64.exe
2017-02-04 23:36:25	B5C7D56B6DB76C66E24B4B735BB66509	366232	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleCrashHandler64.exe
2017-02-04 23:36:25	5E7ADCF81096860FED5AB569A8ADE3AB	96920	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleUpdateOnDemand.exe
2017-02-04 23:36:25	57769E78CCB9F3DE92B507B72D49AF99	96920	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleUpdateBroker.exe
2017-02-04 23:36:25	2D8BBF6C7241AAD9EDE7708EBB7B43A4	153752	----atw-	C:\Users\rossi\AppData\Local\Temp\{4266A64A-79E7-4D96-841E-15D2E504F28F}\GoogleUpdate.exe
2017-02-04 23:30:26	5B504B0D0DFB24B4AD0D3004019DA842	446168	----a-w-	C:\Windows\Temp\5344_7542\AegisI5.exe
2017-02-04 23:29:15	D8E31A076F98DF2140EFAEC5D12BCF55	766752	----a-w-	C:\Windows\Temp\scs_setup_1.0.40.0.exe
2017-02-04 23:24:49	F7B101AED536C1DEBDA499605C549C97	6505120	----a-w-	C:\ProgramData\Avg\Setup\av\avgmfapx.exe
2017-02-04 23:24:11	2811B2ECDE178F07A715D0D5E3866AFE	210840	----a-w-	C:\Users\rossi\AppData\Local\Temp\mininewsrepair.exe
2017-02-04 23:23:54	5A8D4D6C287959F86E2BB2A5280746AC	1157904	----a-w-	C:\Program Files (x86)\AVG\Av\avgndisa.exe
2017-02-04 23:23:40	C269764AB1C91FEF2E9BBD22AB52ABFC	32016	----a-w-	C:\ProgramData\Avg\Setup\fmw\avgrdsttestx.exe
2017-02-04 23:23:40	3C334FBC87CCBC245F7ED3F85404A935	33040	----a-w-	C:\ProgramData\Avg\Setup\fmw\avgrdsttesta.exe
2017-02-04 23:23:35	5107A11D6C9ABFDFF20E268CEF6401F4	1871632	----a-w-	C:\Program Files (x86)\AVG\Setup\avgsetupwrkx.exe
2017-02-04 23:23:34	B2927ECB5E5ABD819818BD0E8F18B41F	3672848	----a-w-	C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
2017-02-04 23:23:34	2FEE1962AA96595442ABBCFD64A55D0A	711952	----a-w-	C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe
2017-02-04 23:18:51	3E9D0839F43CBDC4DC4732805B5DE698	451934	----a-w-	C:\Users\rossi\AppData\Local\Temp\LMIZ031NN9.exe
2017-02-04 23:18:51	246EB1B30E30D2D34F97607052758AAB	308538	----a-w-	C:\Users\rossi\AppData\Local\Temp\X8YWDVUX7A.exe
2017-02-04 23:18:50	60C38202C2EEA8419703FFBD67C0916F	725504	----a-w-	C:\Users\rossi\AppData\Local\Temp\KUS6NQYK0\KUS6NQYK0.exe
2017-02-04 23:18:47	9BC3E9FCF5D08E7512E634E2662A66E9	624509	----a-w-	C:\Users\rossi\AppData\Local\Temp\KT94IXLQX\KT94IXLQX.exe
2017-02-04 23:17:44	A0EA5D574FB5344E0DEBD49C25CFF227	2181632	----a-w-	C:\Users\rossi\AppData\Local\Temp\8N66OAY1YK\advise.exe
2017-02-04 23:13:52	A0EA5D574FB5344E0DEBD49C25CFF227	2181632	----a-w-	C:\Users\rossi\AppData\Local\Temp\EUAF1SXQCR\advise.exe
2017-02-04 23:13:52	29EC7D9251C8ABC360B30CFDB270C8B2	43520	----a-w-	C:\Users\rossi\AppData\Local\Temp\EUAF1SXQCR\caster19.exe
2017-02-04 23:13:52	29EC7D9251C8ABC360B30CFDB270C8B2	43520	----a-w-	C:\Users\rossi\AppData\Local\Temp\EUAF1SXQCR\caster12.exe
2017-02-04 23:13:40	795268B071EAE18F49BB882764C4E684	1195716	----a-w-	C:\Users\rossi\AppData\Local\Temp\B0F3.tmp.exe
2017-02-04 23:12:04	260402E5F4C9EE3CA15C7AADE09EF6EA	6635632	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\UCWiFi.exe
2017-02-04 23:12:03	5B504B0D0DFB24B4AD0D3004019DA842	446168	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\AegisI5.exe
2017-02-04 23:11:52	09020CB0158DCE6E7EE117071BD24C04	725504	----a-w-	C:\Users\rossi\AppData\Local\Temp\NT6K1YXUE\NT6K1YXUE.exe
2017-02-04 23:10:53	5B504B0D0DFB24B4AD0D3004019DA842	446168	----a-w-	C:\Users\rossi\AppData\Local\Temp\5208_2596\AegisI5.exe
2017-02-04 23:10:44	29EC7D9251C8ABC360B30CFDB270C8B2	43520	----a-w-	C:\Users\rossi\AppData\Local\Temp\97S9BFBCE\97S9BFBCE.exe
2017-02-04 23:10:25	9CFA6FE70F0886EE46BB3B35F768CD0D	1866120	----a-w-	C:\ProgramData\Microleaves\Online.io Application\updates\1.15.0\Online.IO-installer1.15.0.exe
2017-02-04 23:10:24	4C282CB7BA59C9B53878AF31F9DA78DE	775024	------w-	C:\Windows\Temp\2eb9ee42e12d953bcdf487c7c30f4a51\Online Application Updater.exe
2017-02-04 23:09:40	D6D2B64E441FED635993CDEE81DB3123	43008	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.3_0\bin\PPHelper\DriverInstallerX86.exe
2017-02-04 23:09:40	79356850FFA4F4146D7C6EA92482E7B9	688640	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.3_0\bin\PPHelper\PPAdbServer.exe
2017-02-04 23:09:40	64DA8FE5680C553E26F8BD9364BB7314	88832	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.3_0\bin\PPHelper\conx64.exe
2017-02-04 23:09:40	4DB1654048A8745CFDF47B5B54573B31	1656320	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.3_0\bin\PPHelper\ucppahelper.exe
2017-02-04 23:09:40	10AB3710B1837E0E1506649B7C3CC3F1	41984	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.3_0\bin\PPHelper\DriverInstallerX64.exe
2017-02-04 23:09:40	0D57231EF1A43430DC4A89EC7A8384DD	85248	----a-w-	C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.3_0\bin\PPHelper\conx86.exe
2017-02-04 23:08:54	CD5303C4F02224FB139F466EC5C4384A	602117	----a-w-	C:\Users\rossi\AppData\Local\Temp\H53JWO31J\H53JWO31J.exe
2017-02-04 23:08:52	4DBE0F1A992D9B1623D6C77EE853C266	2171904	----a-w-	C:\Users\rossi\AppData\Local\Temp\KQ8BAH0U04\appsoft.exe
2017-02-04 23:08:52	3E9D0839F43CBDC4DC4732805B5DE698	451934	----a-w-	C:\Users\rossi\AppData\Local\Temp\WTLMRL1KY3.exe
2017-02-04 23:08:52	2238415466EA09ADC11052B8A6A08CE0	11776	----a-w-	C:\Users\rossi\AppData\Local\Temp\KQ8BAH0U04\asasa.exe
2017-02-04 23:08:51	246EB1B30E30D2D34F97607052758AAB	308538	----a-w-	C:\Users\rossi\AppData\Local\Temp\ZQQ2KOOO5W.exe
2017-02-04 23:08:50	60C38202C2EEA8419703FFBD67C0916F	725504	----a-w-	C:\Users\rossi\AppData\Local\Temp\VG1PNDU6A\VG1PNDU6A.exe
2017-02-04 23:08:46	9BC3E9FCF5D08E7512E634E2662A66E9	624509	----a-w-	C:\Users\rossi\AppData\Local\Temp\559UYXH5E\559UYXH5E.exe
2017-02-04 23:08:44	70A8F75DA0916EE2E24A4A3F32069A26	300952	----a-w-	C:\Program Files\¿ìÑ¹\X86\SetupHelper.exe
2017-02-04 23:08:44	5827B339B6BDA1B0E3A1A525102E2371	1738648	----a-w-	C:\Program Files\¿ìÑ¹\X86\Uninst.exe
2017-02-04 23:08:44	38C4210EAD0236CAB8EB9A16E01B1FC5	925592	----a-w-	C:\Program Files\¿ìÑ¹\X86\Update.exe
2017-02-04 23:08:44	25915622E9F4EF9F338B4E6C92752BE1	579992	----a-w-	C:\Program Files\¿ìÑ¹\X86\UpdateChecker.exe
2017-02-04 23:08:43	BADA1B657CCBD55FF557C1E05CB29761	796568	----a-w-	C:\Program Files\¿ìÑ¹\X86\KZTui.exe
2017-02-04 23:08:43	0537AB91A6B652A217FFF0109B72DC4B	273304	----a-w-	C:\Program Files\¿ìÑ¹\X64\SetupHelper.exe
2017-02-04 23:08:42	FF20A4021C1E03EDED72EEB1112CDB30	2155928	----a-w-	C:\Program Files\¿ìÑ¹\X86\KuaiZip.exe
2017-02-04 23:08:42	C96B47E6433E8A0DDC87F88F398BC140	478616	----a-w-	C:\Program Files\¿ìÑ¹\X64\KZMount2.exe
2017-02-04 23:08:42	BC943BA6A2C19F312624C29A8A0E6D86	957336	----a-w-	C:\Program Files\¿ìÑ¹\X86\KZReport.exe
2017-02-04 23:08:41	FB69E4B00E3F7880AD39E15065099B19	706968	----a-w-	C:\Program Files\¿ìÑ¹\X86\DiskOpt.exe
2017-02-04 23:08:41	EEDC3A5EB5A637F892744FDE15BC1D52	51136912	----a-w-	C:\Users\rossi\AppData\Roaming\UCChannel\Package\UCBrowser.exe
2017-02-04 23:08:22	987A5FC2E3ED22F47CCA3088F19AAA14	2072064	----a-w-	C:\Windows\Temp\00001098\msiql.exe
2017-02-04 23:08:16	F2836385D67558B357D3337E72B19B03	7494040	----a-w-	C:\Users\rossi\AppData\Local\Temp\00001079\KuaiZip_Setup_129823379_zzlm_013.exe
2017-02-04 23:08:15	F6BDF5961304000D60E0D6B6A5074E39	404880	----a-w-	C:\Users\rossi\AppData\Local\Temp\00001075\UCBrowser_V6.0.1471.3_4043_(Build1701111618)_ChannelU_01121710.exe
2017-02-04 23:08:09	3202E8A5A94BFB7F1DE3146BB24A7052	373760	----a-w-	C:\Users\rossi\AppData\Local\Temp\00001056\RandomDelJiheReg.exe
2017-02-04 23:07:58	795268B071EAE18F49BB882764C4E684	1195716	----a-w-	C:\Users\rossi\AppData\Local\Temp\7A1B.tmp.exe
2017-02-04 23:07:43	CD5303C4F02224FB139F466EC5C4384A	602117	----a-w-	C:\Users\rossi\AppData\Local\Temp\YLOPD64XK\YLOPD64XK.exe
2017-02-04 23:07:43	80F97D845229C4987844B474C3F79131	4446120	----a-w-	C:\Users\rossi\AppData\Local\Temp\R13O8Q0WC\LFKV0UQF7.exe
2017-02-04 23:07:42	A2384665E0811BCC6175E5D14EE0A34E	326144	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\KILTJSMC\smp2[1].exe
2017-02-04 23:07:41	F0BA5F66F7D9E01B77C2E575B86970C7	418040	----a-w-	C:\Users\rossi\AppData\Local\Temp\7b62a53985ce406e99733c9b2739daaa\Setup.exe
2017-02-04 23:07:38	3EE5479E593FAE0C6B2711CD6AC26F23	2320888	----a-w-	C:\Users\rossi\AppData\Local\Derberycekerck\SwReporter\16.90.0\software_reporter_tool.exe
2017-02-04 23:07:36	5F5765C9749E7B849BEB4D4153416278	51191696	----a-w-	C:\Users\rossi\AppData\Local\Temp\Browser_V6.0.1121.13_f_4730_(Build1612191708).exe
2017-02-04 23:07:34	4DBE0F1A992D9B1623D6C77EE853C266	2171904	----a-w-	C:\Users\rossi\AppData\Local\Temp\QQLOQ8FPNJ\appsoft.exe
2017-02-04 23:07:34	2238415466EA09ADC11052B8A6A08CE0	11776	----a-w-	C:\Users\rossi\AppData\Local\Temp\QQLOQ8FPNJ\asasa.exe
2017-02-04 23:07:33	26977CB66F5E96AC449C810C03FB829B	35328	----a-w-	C:\Program Files\VVMSRFBC81\uninstaller.exe
2017-02-04 23:07:32	26977CB66F5E96AC449C810C03FB829B	35328	----a-w-	C:\Program Files\HMK1V16H4A\uninstaller.exe
2017-02-04 23:07:31	9486B846677AC228B40699239D7C1649	1516612	----a-w-	C:\Users\rossi\AppData\Local\Temp\I1JOXX7IM5.exe
2017-02-04 23:07:31	900458F3ADBFB0D808AF0170DAA58B5A	616616	----a-w-	C:\Users\rossi\AppData\Local\Temp\11CC.tmp.exe
2017-02-04 23:07:31	25A14756C0DCE6A2EB52BFA01D7C04F9	283648	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\7WJE0R3U\brastub6abb_trmbl_inst[1].exe
2017-02-04 23:07:30	F3146B8D300C56827DB1C534336BF875	146432	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\KILTJSMC\GreenStar[1].exe
2017-02-04 23:07:30	B827254865808E6DA1C6ACE8975FC42C	47959	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\KILTJSMC\WDSrvWrapper[1].exe
2017-02-04 23:07:27	41D8DCE02DB638336364854FA56B0E1B	409088	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\3WGG1OS4\4ZtiCtfb4[1].exe
2017-02-04 23:07:22	40D4FD077DDC40E67E7F7748E5F18BBC	190504	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\3WGG1OS4\CoBEk[1].exe
2017-02-04 23:05:58	EEDCE8878140AC01C6E9252A06B14606	908288	----a-w-	C:\Users\rossi\AppData\Local\Temp\Ultra$ISO\Top Eleven 2017 Hack Unlimited Tokens Cheats AndroidiOSFaceb.exe
2017-02-04 20:45:32	3FD077BDE98C6DAB25DDACAFBB0C499B	975360	----a-w-	C:\Program Files\Common Files\Noobzo\GNUpdate\smi64.exe
2017-02-03 15:38:51	6E0A4B2554CF031AE63B528BCCB61759	22721536	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\KILTJSMC\Opera_42.0.2393.517_Setup[1].exe
2017-02-02 09:22:59	50E354D02C958F5B423E4F3C7F7F34D8	1368920	----a-w-	C:\Windows\Temp\CR_908B6.tmp\setup.exe
2017-02-02 09:22:59	0A17ED8457977ACA1F119E87755336D2	2432104	----a-w-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\56.0.2924.87\56.0.2924.87_56.0.2924.76_chrome_updater.exe
2017-02-01 21:54:04	2916201F4AC90ABD435BB54B87C7C697	105984	----a-w-	C:\Users\rossi\AppData\Local\Packages\D52A8D61.FarmVille2CountryEscape_jwbwg6xx0377a\AC\Microsoft\CLR_v4.0_32\NativeImages\FVCE\7c1feaa48d70b153d1ed176caa7d8477\FVCE.ni.exe
=== C: other files ==
2017-02-05 12:17:34	B27916DB5C67310785DC029266E460CD	4854	----a-w-	C:\Users\rossi\AppData\Local\Temp\xpi\tmp.zip
2017-02-05 11:51:41	373EB7F27F1C82602B246E20018447BA	64	----a-w-	C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE\3WGG1OS4\G752VT[1].zip
2017-02-05 11:30:13	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
2017-02-05 08:16:37	7660A8D72CA9625C085A28441C5D66F4	6708	----a-w-	C:\Users\rossi\AppData\Roaming\KuaiZip\tpop3.zip
2017-02-04 23:10:24	E9CDAC6FB0451C83AFF9522D8F6928F8	631	----a-w-	C:\Windows\Temp\{91557C37-225D-4901-8A5E-2DA8F14E24D5}.bat
2017-02-04 23:08:46	FEE53173263B621656360F99E68DCDA5	92832	----a-w-	C:\Windows\System32\drivers\KuaiZipDrive.sys
2017-02-04 23:08:46	FEE53173263B621656360F99E68DCDA5	92832	----a-w-	C:\Program Files\¿ìÑ¹\X64\KuaiZipDrive.sys
2017-02-04 23:07:32	42910AD54D5C1E030808FE0871BF87B1	781661	----a-w-	C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default\features\{8905ac74-e9d3-41b2-aac7-ab8262267994}\firefox@getpocket.com.xpi
2017-02-04 23:07:32	32F9E6D9F7D3A167A516DA371F14C20C	5391	----a-w-	C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default\features\{8905ac74-e9d3-41b2-aac7-ab8262267994}\loop@mozilla.org.xpi
2017-02-04 23:07:32	2CC7CB51551F1F03AE356E07593E970E	23373	----a-w-	C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default\extensions\firefox-hotfix@mozilla.org.xpi
2017-02-04 23:07:32	0E4CDC2C6803624E4E5EB45A5C2D4FE7	181610	----a-w-	C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default\extensions\avg@toolbar.xpi
2017-02-04 23:07:32	095A9E59F9E0DE5C4CA42F46956E8D1B	7076	----a-w-	C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default\features\{8905ac74-e9d3-41b2-aac7-ab8262267994}\e10srollout@mozilla.org.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-581751278-323587240-2487430462-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\rossi\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Users\rossi\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\rossi\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"svchost0"="C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe\UUC0789.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe"
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=fmw"
"AVG_UI"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=av"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\rossi\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Users\rossi\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\rossi\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"svchost0"="C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe\UUC0789.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"SS2UILauncher"="C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe /noUI"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\ProgramData\\Hotfresh\\Saolight.dll"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\PC Clean Plus_DEFAULT.job --a-------- C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe []
C:\WINDOWS\tasks\PC Clean Plus_UPDATES.job --a-------- C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe []
C:\WINDOWS\tasks\System HealerPeriod.job --a-------- C:\e0s-F s 5C:\Program Files (x86)\SystemHealer\SystemHealer.exe []
C:\WINDOWS\tasks\System HealerStartUp.job --a-------- C:\Program Files (x86)\SystemHealer\SystemHealer.exe []
C:\WINDOWS\tasks\Traffic Exchange Updater.job --ah------- C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe []
C:\WINDOWS\tasks\Traffic Exchange v2 - 1.job --a-------- C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe []
C:\WINDOWS\tasks\Traffic Exchange v2 - 2.job --a-------- C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe []
C:\WINDOWS\tasks\Traffic Exchange v2 - 3.job --a-------- C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe []
C:\WINDOWS\tasks\WpsExternal_rossi_20170116192331.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\WpsKtpcntrQingTask_rossi.job --a-------- C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5811\office6\ktpcntr.exe [16-01-2017 19:23]
C:\WINDOWS\tasks\WpsUpdateTask_rossi.job --a-------- C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5811\wtoolex\wpsupdate.exe [16-01-2017 19:23]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\WINDOWS\SysNative\tasks\ASUS ROG Macro Key Listener" [C:\Program Files (x86)\ASUS\ROG MacroKey\AsListen.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\WINDOWS\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"]
"C:\WINDOWS\SysNative\tasks\ATK Package A22126881260" ["C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe"]
"C:\WINDOWS\SysNative\tasks\AVG EUpdate Task" [avgsetupx.exe]
"C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe]
"C:\WINDOWS\SysNative\tasks\DropboxOEM" ["%ProgramFiles(x86)%\Dropbox\DropboxOEM\DropboxOEM.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\rossi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Online Application" [C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe]
"C:\WINDOWS\SysNative\tasks\Online Application Guard" [C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe]
"C:\WINDOWS\SysNative\tasks\Online Application Guardian" [C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe]
"C:\WINDOWS\SysNative\tasks\Online Application Updater" [C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe]
"C:\WINDOWS\SysNative\tasks\Online Application v2" [C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe]
"C:\WINDOWS\SysNative\tasks\Online Application v2 Guard" [C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe]
"C:\WINDOWS\SysNative\tasks\Online Application v2 Guardian" [C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe]
"C:\WINDOWS\SysNative\tasks\PC Clean Plus" [C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe]
"C:\WINDOWS\SysNative\tasks\PC Clean Plus_DEFAULT" [C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe]
"C:\WINDOWS\SysNative\tasks\PC Clean Plus_UPDATES" [C:\Program Files (x86)\PC Clean Plus\PCCleanPlus.exe]
"C:\WINDOWS\SysNative\tasks\ROG Gaming Center" [C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe]
"C:\WINDOWS\SysNative\tasks\RtHDVBg_ListenToDevice" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\WINDOWS\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe"]
"C:\WINDOWS\SysNative\tasks\RunAtStartup" [C:\Users\rossi\AppData\Roaming\Event Monitor\em.exe]
"C:\WINDOWS\SysNative\tasks\SS2svc32Run" ["C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe"]
"C:\WINDOWS\SysNative\tasks\SS2svc64Run" ["C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe"]
"C:\WINDOWS\SysNative\tasks\SS2UILauncherRun" ["C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe"]
"C:\WINDOWS\SysNative\tasks\System Healer Task" [C:\PROGRA~2\SYSTEM~1\RESCUE~1.EXE]
"C:\WINDOWS\SysNative\tasks\System HealerPeriod" [C:\Program Files (x86)\SystemHealer\SystemHealer.exe]
"C:\WINDOWS\SysNative\tasks\System HealerStartUp" [C:\Program Files (x86)\SystemHealer\SystemHealer.exe]
"C:\WINDOWS\SysNative\tasks\SystemHealer Monitor" ["C:\Program Files (x86)\SystemHealer\HealerConsole.exe"]
"C:\WINDOWS\SysNative\tasks\SystemHealer Run Delay" ["C:\Program Files (x86)\SystemHealer\SystemHealer.exe"]
"C:\WINDOWS\SysNative\tasks\Thovuy" [msiexec]
"C:\WINDOWS\SysNative\tasks\Thuqogh Reports" ["C:\Program Files (x86)\Phediktebaght\pranipy.exe"]
"C:\WINDOWS\SysNative\tasks\Traffic Exchange" [C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe]
"C:\WINDOWS\SysNative\tasks\Traffic Exchange Guard" [C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe]
"C:\WINDOWS\SysNative\tasks\Traffic Exchange Guardian" [C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe]
"C:\WINDOWS\SysNative\tasks\Traffic Exchange Updater" [C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe]
"C:\WINDOWS\SysNative\tasks\Traffic Exchange v2 - 1" [C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe]
"C:\WINDOWS\SysNative\tasks\Traffic Exchange v2 - 2" [C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe]
"C:\WINDOWS\SysNative\tasks\Traffic Exchange v2 - 3" [C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe]
"C:\WINDOWS\SysNative\tasks\UCBrowserSecureUpdater" ["C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe"]
"C:\WINDOWS\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{F4339F9A-23BC-41AA-839C-2B9A3BF32F28}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\WpsExternal_rossi_20170116192331" [C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe]
"C:\WINDOWS\SysNative\tasks\WpsKtpcntrQingTask_rossi" [C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5657\office6\ktpcntr.exe]
"C:\WINDOWS\SysNative\tasks\WpsUpdateTask_rossi" [C:\Program Files (x86)\Kingsoft\WPS Office\10.2.0.5811\wtoolex\wpsupdate.exe]
"C:\WINDOWS\SysNative\tasks\{7D7E7847-0C79-7A0E-0A11-0D0B08791179}" [C:\WINDOWS\system32\WindowsPowershell\v1.0\powershell.exe]
"C:\WINDOWS\SysNative\tasks\ASUS\ASUS Product Register Service" [C:\Program Files (x86)\ASUS\APRP\aprp.exe]
"C:\WINDOWS\SysNative\tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up" [Thunderbolt.exe]
"C:\WINDOWS\SysNative\tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected" [Thunderbolt.exe]
"C:\WINDOWS\SysNative\tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up" [tbtsvc.exe]
"C:\WINDOWS\SysNative\tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected" [sc.exe start ThunderboltService]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default
user_pref("browser.startup.homepage", "http://www.youndoo.com/?z=406cbd47d4b0baa238d5532g9z2b7q9obz3t3q8qbw&from=bcn&uid=HGSTXHTS721010A9E630_JR10044M0EH99N0EH99NX&type=hp");
user_pref("browser.newtab.url", "http://www.youndoo.com/?z=406cbd47d4b0baa238d5532g9z2b7q9obz3t3q8qbw&from=bcn&uid=HGSTXHTS721010A9E630_JR10044M0EH99N0EH99NX&type=hp");
user_pref("browser.search.defaultenginename", "youndoo");
user_pref("browser.search.selectedEngine", "youndoo");

ProfilePath: C:\Users\rossi\AppData\Roaming\Mozilla\Firefox\Profiles\9zl721p2.default
user_pref("browser.startup.homepage", "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H24ztrmbl10AU,eb4d6126-b5b0-4b74-9d11-36ba594b1fb7,");
user_pref("browser.newtab.url", "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H24ztrmbl10AU,eb4d6126-b5b0-4b74-9d11-36ba594b1fb7,");
user_pref("browser.search.selectedEngine", "");
user_pref("keyword.URL", "http://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=H24ztrmbl10AU,eb4d6126-b5b0-4b74-9d11-36ba594b1fb7,");

ProfilePath: C:\Users\rossi\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\9zl721p2.default
user_pref("browser.startup.homepage", "C:\ProgramData\Hotfreshs\ff.HP");
user_pref("browser.newtab.url", "C:\ProgramData\Hotfreshs\ff.NT");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [02-02-2017 15:05]

==== Firefox Extensions ======================

ProfilePath: C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default
- AVG Web TuneUp - %ProfilePath%\extensions\avg@toolbar.xpi
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

ProfilePath: C:\Users\rossi\AppData\Roaming\Mozilla\Firefox\Profiles\9zl721p2.default
- AVG Web TuneUp - %ProfilePath%\extensions\avg@toolbar.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default\extensions\avg@toolbar.xpi deleted
C:\Users\rossi\AppData\Roaming\Mozilla\Firefox\Profiles\9zl721p2.default\extensions\avg@toolbar.xpi deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

Google Slides - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Seen On Screen - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebihnhbcbbahklkdljfhnobbhbieebed
Adobe Acrobat - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Google Sheets - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
MySearch DS-1 - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdmmdddogjfdieakdheelnfpmpemeegg
Google Docs Offline - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - rossi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
UCæµè§ˆå™¨æ´»åŠ¨ - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\acbckhilidhkcoenjgmejpgnnmcbhjhi
Adobe Acrobat - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
UC Image Previewer - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\hdgdpmpallofembldhflnlkcfappghhc
UC Resource Hunter - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\hkmogefbfdmboplojeicpibfpcndjjbm
Generate QR code of this webpage - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe
UC Nexus - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pogijhnlcfmcppgimcaccdkmbedjkmhi

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131307240233226372&GUID=DD403D68-AD6F-409F-9FD4-BA0819408E59"
"Search Page"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"
"Search Bar"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"
"SearchAssistant"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{ielnksrch}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131307240233226372&GUID=DD403D68-AD6F-409F-9FD4-BA0819408E59"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox"
{ielnksrch} Search the web Url="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=wscript C:\WINDOWS\run.vbs,
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=av
O4 - HKCU\..\Run: [OneDrive] "C:\Users\rossi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\rossi\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\rossi\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [svchost0] "C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe"\UUC0789.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: []  (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: []  (User 'Default user')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\rossi\AppData\Local\Facebook\Games\FacebookGameroom.exe
O8 - Extra context menu item: Clip Image - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: New Note - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS HID Access Service (AsHidService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ASUS Rog Macro Key Service (ASUS Rog Macro Key) - ASUS - C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
O23 - Service: Asus GiftBox Desktop (ASUSGiftBoxDekstop) - ASUS - C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfwsa.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem34.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWoW64\esif_uf.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem96.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ROG Gaming Center Service (ROGGamingCenterService) - ASUSTeK COMPUTER INC. - C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SpyHunter 4 Service - Unknown owner - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WPS Office Cloud Service (wpscloudsvr) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\rossi\AppData\Local\Mozilla\Firefox\Profiles\9zl721p2.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\rossi\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\rossi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=805 folders=231 361246750 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\rossi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\rossi\AppData\Roaming\Appyphinek"  not found
"C:\Users\rossi\AppData\Roaming\Appyphinek"  not found

==== EOF on zo 05-02-2017 at 13:44:46,08 ======================