Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by user on ma 17/08/2015 at 12:44:40,36. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\user\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-06-23-193230.log 55316 bytes ==== Empty Folders Check ====================== C:\PROGRA~3\WinZip deleted successfully C:\Users\user\AppData\Local\Adobe deleted successfully C:\Users\user\AppData\Local\CrashDumps deleted successfully C:\Users\user\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\user\AppData\Local\EmieSiteList deleted successfully C:\Users\user\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Users\user\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\user\AppData\Roaming\Brackets deleted C:\windows\SysNative\Tasks\snf deleted C:\windows\SysNative\Tasks\snp deleted C:\PROGRA~3\Package Cache deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\73kt6umo.default\extensions\bingsearch.full@microsoft.com deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8076 MB CPU Info: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz CPU Speed: 2404,8 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | Intel(R) HD Graphics Family Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SU-228FB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 186,3GB | D: 258,3GB Hard Disks - Free: C: 102,4GB | D: 247,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. X751LA Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Firewall: avast! Antivirus disabled Default Browser: Firefox 40.0.2 Internet Explorer Version: 11.0.9600.17937 Mozilla Firefox version: 40.0.2 (x86 nl) Google Chrome version: 44.0.2403.155 Sun Java version: 1.8.0_51 (32-bit) Sun Java version: 1.8.0_51 (64-bit) Flash Player version: 18.0.0.232 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-08-15 08:27:42 FC2EA5BD5307D2CFA5AAA38E0C0DDCE9 221184 ----a-w- C:\Windows\notepad.exe 2015-07-31 07:11:50 B58952E67FC2FA0E689F4F0F4E3091E6 43112 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\user\AppData\Local\Temp ==== 2015-08-16 09:29:43 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\user\AppData\Local\Temp\BSvcProcessor.exe 2015-08-16 09:29:42 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\user\AppData\Local\Temp\BSvcUpdater.exe 2015-08-15 11:50:37 FDD26A402322F212DCA153FF8B1FFB6E 78816 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\pcwintech_tasksch.dll 2015-08-15 11:50:37 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\libiconv2.dll 2015-08-15 11:50:37 DC7A3BC0FC185CD68848DC6F7D7B026B 40960 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\SSubTmr6.dll 2015-08-15 11:50:37 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\libintl3.dll 2015-08-15 11:50:37 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe 2015-08-15 11:50:37 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\pcre3.dll 2015-08-15 11:50:37 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\regex2.dll 2015-08-15 11:50:37 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe 2015-08-14 12:29:20 5F09D271B8F4A62FC087E0D5452D2EC8 681097 ----a-w- C:\Users\user\AppData\Local\Temp\sqlite3.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-08-15 10:09:42 ED239F7D7D98E8E21A9CFCB8DA22B91C 15159296 ----a-w- C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2015-08-15 10:09:01 AC0383502A463D8FEAFA49AF6312E96C 2377 ----a-w- C:\Windows\SysWOW64\findit.xml 2015-08-15 10:07:25 A153AE01A8B83739B121D8808EFF86E2 393560 ----a-w- C:\Windows\SysWOW64\netcfgx.dll 2015-08-15 08:46:00 779267A740023E545668517E5D3CF14F 484552 ----a-w- C:\Windows\SysWOW64\msvcp120_clr0400.dll 2015-08-15 08:45:59 856DA04454A75CF6E7453D53CD90A29D 987848 ----a-w- C:\Windows\SysWOW64\msvcr120_clr0400.dll 2015-08-15 08:45:33 F51474B15B4210E93FD73CA9E52E7926 103120 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-15 08:27:46 A68963D6522B5281516B9841B6BC9919 198656 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2015-08-15 08:27:46 1467236922B38B4706BF2539D7BAC4B3 87040 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2015-08-15 08:27:42 9D12A01443D52BB25A8AD0F100F91B83 212992 ----a-w- C:\Windows\SysWOW64\notepad.exe 2015-08-14 13:49:23 703B543281B5537DEB5B8EF05D94D898 1499920 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-08-14 13:49:17 56EFA37771E7628216E9B35ED681384C 721920 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-08-14 13:49:16 B4507FD993C3F7545A637863BE756559 124928 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-08-14 13:49:16 B06236A3C5568BA063711D6E239509B9 81920 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-08-14 13:49:16 6C02E120E119B06D31EBD96DE4740111 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-08-14 13:49:05 BAAAC903BF7F9CA5F1129C972AEDE6BD 19870208 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-08-14 13:49:00 3C74EA1EC43A694060F09B7D754446C6 12856832 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-08-14 13:48:59 AB6A3699E478DEF677D48B126B223C54 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-08-14 13:48:58 3E168B5E5FEE3D09C2D4E97861B5F4B3 479232 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-08-14 13:48:58 0AC8CD2138FD10C4A0E2FF08F892359C 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-08-14 13:48:57 A37FEDFC0BC9E96AD3DFFF41D5805F04 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-08-14 13:48:56 BD3E3A13423C40E8CF4BE531EE68BAF0 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-08-14 13:48:55 FB1B7D2B2D500E067B96C56EE0B4DDAD 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-08-14 13:48:55 D4CE6BDB3225327B3FAF630287B6B446 1048576 ----a-w- C:\Windows\SysWOW64\actxprxy.dll 2015-08-14 13:48:55 C98AF04E9FC94DBF57B29A9891597664 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-08-14 13:48:55 728188684708FEF4F18E2CAB46C54DBB 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-08-14 13:48:55 66EA3446CDAC2772CC17A23DFE0169B7 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2015-08-14 13:48:55 4D036506C8359185FC52EB49DB891743 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-08-14 13:48:55 358D91656E54B03B8FFE3CF4D535A6C8 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-08-14 13:48:48 AD560C728C33F20E9D0CF37C40DB7A23 1556992 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2015-08-14 13:48:48 7D2406D3E8DEAB81A539C8FF5FB8EAE2 1901776 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2015-08-14 13:48:47 8CF33E0D6E2592BBC3A471F40358E2DB 856064 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll 2015-08-14 13:48:47 2C961D5568DA48EA25FC663411120A04 6213120 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2015-08-14 13:47:13 6CF8627C9C84CA5E6CE8DC10CE757538 1559552 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-08-14 13:47:13 6738291C76FDD47037225BD70EE3503C 35840 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2015-08-14 13:47:13 1B3D01CF06111D199380C0A7FBF5B1DE 301568 ----a-w- C:\Windows\SysWOW64\atmfd.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-08-15 10:09:53 3DCE7705F6770C90A616B149C261E8EE 411133 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2015-08-15 10:09:45 EBB3AD82E6CE2B4B978E7CBF00E6089D 18823680 ----a-w- C:\Windows\Sysnative\Windows.UI.Xaml.dll 2015-08-15 10:08:38 89DF19162B8ADE69856978CE4A979173 1116160 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-08-15 10:08:37 F6506621BF6CEE122A7CE155296299A8 743424 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-08-15 10:08:37 9D74FEC6CE8EF72CF5FF83447F45B2ED 774144 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-08-15 10:08:36 E57267B8ED09F569FA603E8868845B0E 1148416 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-08-15 10:08:36 90F1A2A33C7EC9885994746B83201D6F 25776 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2015-08-15 10:08:36 1E9B6977F7928FF9FB9DC64A21F000AD 437248 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-08-15 10:08:35 BA8572BDA108A0C54187AE9C13306FB0 69120 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-08-15 10:07:25 52DA047D3968A40CD9E353B1D256FACD 487256 ----a-w- C:\Windows\Sysnative\netcfgx.dll 2015-08-15 08:45:59 F91F5ECC8EA77D7D268C43CB3BE8749B 690016 ----a-w- C:\Windows\Sysnative\msvcp120_clr0400.dll 2015-08-15 08:45:59 23FA3A85E6AFB6E9B8277CB9D0C504D2 993632 ----a-w- C:\Windows\Sysnative\msvcr120_clr0400.dll 2015-08-15 08:45:33 AFA127EEA1E9FAE862A55A1D0B7E822C 124624 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2015-08-15 08:27:46 40F83492DB9ABBA59773A45FB487C8B2 228864 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2015-08-15 08:27:45 F077AA3AF6BF55445801661ADBC63D06 104448 ----a-w- C:\Windows\Sysnative\davclnt.dll 2015-08-15 08:27:42 FC2EA5BD5307D2CFA5AAA38E0C0DDCE9 221184 ----a-w- C:\Windows\Sysnative\notepad.exe 2015-08-14 13:49:23 C8219AC86CFE28102878B69F414F2079 7458648 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-08-14 13:49:23 3CDAF271CFC64DB18F1B6D8BF495EB58 1735000 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-08-14 13:49:22 7E85DB0463AD2403AE84AD162B162279 1217024 ----a-w- C:\Windows\Sysnative\sysmain.dll 2015-08-14 13:49:17 F3C92D851BB901EDB5C7A977EFD578A8 409088 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2015-08-14 13:49:17 DB3B4BE9021D0ADB3B34D00AB94D0895 140288 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-08-14 13:49:17 C82107E0CC8E12DE7CFBB4A9BFFD62BA 95744 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-08-14 13:49:17 BB6F53F80AA1789815963C16E303A973 3704320 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-08-14 13:49:17 7CFB5C243562FEDEE84B2BBF12BEE33E 2228736 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-08-14 13:49:17 6CDF693DB2B20604E7314F8323F52F00 136904 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-08-14 13:49:17 5B5196CFE7A703D9F9309859EA70462C 891904 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-08-14 13:49:16 6FD5F29679239BF336D9AC045EFDE74F 35840 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-08-14 13:49:07 E6CF1778145272A83E58C4AB66358AF3 25192448 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-08-14 13:49:02 995797E4DE4215715CA2040BB81F4594 14451200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-08-14 13:49:01 C6960223A6BAB3CF83DB09565D191844 5923328 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-08-14 13:48:58 E892688BB1C8B0B485C27436F2B963CF 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-08-14 13:48:58 C555B5C8142844DED9E3BD94E6313000 2427904 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-08-14 13:48:57 4E37600CED71FFCE7EEBB129A90B3431 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-08-14 13:48:57 3E4568FFE110FE81CA1A75BF1149153B 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-08-14 13:48:57 158C1D034080B9DC0A9A2CD9E8DB0199 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-08-14 13:48:57 0A11C834B8CA37AE07DF5E8727846BEC 2880000 ----a-w- C:\Windows\Sysnative\actxprxy.dll 2015-08-14 13:48:56 77A4FEE4031F90DBB5C16F6A8FC855BC 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-08-14 13:48:56 43AF91A40E44205272335E33B7BBA4C3 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-08-14 13:48:55 D25352D34FDE9AF82F6362CA86A317C3 145408 ----a-w- C:\Windows\Sysnative\iepeers.dll 2015-08-14 13:48:55 C580215DE134617942FF1740A1235CE4 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-08-14 13:48:55 9C7B3D3A9A945AED5CC97C6535C9D857 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-08-14 13:48:55 8EB07ED289C0F53E3838DC812E5A9CCC 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-08-14 13:48:55 591A23DF78E3DDE47FF769C82CAC5AC7 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2015-08-14 13:48:55 39E11AA344781CD5773BE9E2472C84E4 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-08-14 13:48:51 F776672C327EA4B8409B337422B87350 59392 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-08-14 13:48:51 05B08C20B8428ECE088CB5635696A48D 59392 ----a-w- C:\Windows\Sysnative\basesrv.dll 2015-08-14 13:48:48 753F99CF6554FD9CBCDC79E7CB94E63A 2345472 ----a-w- C:\Windows\Sysnative\msxml3.dll 2015-08-14 13:48:48 3D6FE1BAB1FCBEECCA6F64E4C0F11640 2529880 ----a-w- C:\Windows\Sysnative\msxml6.dll 2015-08-14 13:48:47 570CCDEB1D230BEFDE7A0556FB02C674 7032320 ----a-w- C:\Windows\Sysnative\mstscax.dll 2015-08-14 13:48:47 1FD24A3B2B1BBEEC69EE009F3B110286 1101824 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll 2015-08-14 13:47:16 4F9BFE0A0E3D979DE1C2C717E7FF34E0 4177408 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-08-14 13:47:13 AE0E60AE84B2E5CD261E6BD96F074841 44032 ----a-w- C:\Windows\Sysnative\atmlib.dll 2015-08-14 13:47:13 A1DB29E2E47A99E1992B6049ED838C9F 358912 ----a-w- C:\Windows\Sysnative\atmfd.dll 2015-08-14 13:47:13 6789160F360BF5BAF50CFEBC4043FA8E 1994752 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-08-14 13:47:13 1E93CBB75D167CDF85501A8C790097A8 1381888 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-08-06 18:56:20 A4DDD3B3A0B3EB00EC64D90CDF5405DD 378880 ----a-w- C:\Windows\Sysnative\aswBoot.exe ====== C:\Windows\Sysnative\drivers ===== 2015-08-16 06:57:41 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\782E69CF.sys 2015-08-15 10:07:58 26B8FED3F3B85F5F0C4BD03FD00B9941 270168 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2015-08-15 10:07:50 81285DDC994F03379DB46419300B2DCB 44560 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2015-08-15 10:07:48 CE67080F00E0AF32755096CEA6430ABA 114520 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2015-08-15 10:07:25 97DC5967F65503213FD1F1B3E4A6F983 1113944 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2015-08-15 10:07:18 746DDF7D59AB8D721C88D48434597E8D 2476376 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2015-08-15 10:07:17 25991A1635AF725E9DC840A6A36824EC 428888 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2015-08-14 13:49:23 9A788037D768809DFD677F4BA08A224A 101720 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-08-02 07:26:32 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\31B33A07.sys 2015-07-29 11:31:23 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\14DA3CE6.sys 2015-07-20 18:29:24 C88EB6EA6819740B97DECE3E6FD1C7BA 115152 ----a-w- C:\Windows\Sysnative\drivers\ngvss.sys 2015-07-20 12:46:04 BCBD64220AD85C26823453FF1DC3EFBD 284672 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-07-20 12:46:04 6FBDF2B1B025A8E6E069234362FFFFB7 401408 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-07-20 12:46:04 57C2473D501331211D6885FD59F3E44B 202240 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-07-20 12:46:03 46711F40D0F9E63F786ED23F9BD5215E 178008 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-07-20 12:45:52 8CD840A062F6BDF41DDE3ACB96164B72 32256 -c--a-w- C:\Windows\Sysnative\drivers\kbdhid.sys 2015-07-20 12:45:52 5FCBAB60598AE119E02B4C27DE6B99EA 30208 -c--a-w- C:\Windows\Sysnative\drivers\mouhid.sys 2015-07-20 12:45:52 5917AFE4A3F695A54B99C1849C8207FE 59712 -c--a-w- C:\Windows\Sysnative\drivers\kbdclass.sys 2015-07-20 12:45:52 49EE0AE9E5B64FFBBD06D55C4984B598 108544 -c--a-w- C:\Windows\Sysnative\drivers\i8042prt.sys 2015-07-20 12:45:52 148195AE95D9BC7375A08846439FDAC1 26112 -c--a-w- C:\Windows\Sysnative\drivers\sermouse.sys 2015-07-20 12:45:52 08374E4E5B8914DE6067CBA99F61E930 51008 -c--a-w- C:\Windows\Sysnative\drivers\mouclass.sys 2015-07-20 12:45:51 312BB35275EB15145F4B6D1FFCE56C50 20992 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys 2015-07-20 12:45:51 0CC00ADC1B84C93FB46E1A0974E956E1 1201664 -c--a-w- C:\Windows\Sysnative\drivers\bthport.sys ====== C:\Windows\Tasks ====== 2015-08-15 15:36:07 E6993B1B5886076CF841CC948EEC1202 1074 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-15 15:36:07 1A60CAF9211C32E94B9C7B382D47119F 4046 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-08-15 15:36:06 2299F146EA03046AEAF7D74201B04D37 3810 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-08-15 15:36:06 18F642CBCA00B5D1FFD34E153E5A05B6 1070 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-25 11:39:41 0BB746BEBA3A8C3E7586CE05103AA82B 5052 ----a-w- C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for USERPCASUS-user userpcasus 2015-07-23 18:44:22 9658EAF79A03A3616E9AD7A1E66A45FF 3464 ----a-w- C:\Windows\Sysnative\Tasks\ASUS Live Update2 2015-07-23 18:41:38 F4E34995F85FB6F7596DDC54B2015127 3474 ----a-w- C:\Windows\Sysnative\Tasks\ASUS Live Update1 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-07-25 11:20:40 -------- d-----w- C:\Program Files\IIS Express ======= C:\PROGRA~2 ===== 2015-08-15 12:16:06 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2015-07-25 11:20:40 -------- d-----w- C:\PROGRA~2\IIS Express 2015-07-25 10:41:41 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 14.0 2015-07-24 12:01:32 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 11.0 2015-07-20 18:23:07 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== 2015-08-15 15:52:27 ECA91D942FB75953744B5B7D169FF37E 941 ----a-w- C:\AdwCleaner[C7].txt 2015-08-15 15:49:58 A1D5EF33A10A60C19AE395F6669D9F12 788 ----a-w- C:\AdwCleaner[S8].txt 2015-08-15 11:31:20 C5EF5E93505A3926A06047ACE61D79A0 2732 ----a-w- C:\AdwCleaner[C6].txt 2015-08-15 11:30:10 4D24C9F38615578514857ADFF1A80688 2438 ----a-w- C:\AdwCleaner[S6].txt ====== C:\Users\user\AppData\Roaming ====== 2015-08-17 07:48:17 -------- d-----w- C:\Users\user\AppData\Local\VSIXInstaller 2015-08-16 09:19:33 -------- d-----w- C:\Users\user\AppData\Local\Skype 2015-08-16 09:19:29 -------- d-----w- C:\Users\user\AppData\Roaming\Skype 2015-08-15 10:09:27 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\A 2015-07-31 07:33:13 0C4B1ACB72943D8D024DABD9CDC37F85 7605 ----a-w- C:\Users\user\AppData\Local\resmon.resmoncfg 2015-07-31 07:14:34 CE2238B3996D0F691B8484AF2EEB9756 2925008 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2015-07-27 19:32:08 -------- d-----w- C:\Users\user\AppData\Roaming\MySQL 2015-07-25 12:06:01 -------- d-----w- C:\Users\user\AppData\Locallow\Temp ====== C:\Users\user ====== 2015-08-16 09:30:31 F0EE0FE6CC055FCEBE2B417D6ACAEF57 5239920 ----a-w- C:\Users\user\Downloads\ParetoLogic PC Health Advisor_nl.exe 2015-08-16 09:18:51 -------- d-----w- C:\ProgramData\Skype 2015-08-16 09:12:40 1556AF250931B1C3FD861D88DC131692 40698384 ----a-w- C:\Users\user\Downloads\SkypeSetupFull.exe 2015-08-15 17:37:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2015-08-15 16:35:21 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\user\Downloads\RSITx64(1).exe 2015-08-15 15:49:35 3C6C0EB7EC03E174E33B38460B2EF80F 1563648 ----a-w- C:\Users\user\Downloads\adwcleaner_5.000.exe 2015-08-15 15:37:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-15 15:35:51 6A8B47052DCAAEBF8ACB9CFFC629C7F4 931408 ----a-w- C:\Users\user\Downloads\ChromeSetup.exe 2015-08-15 12:14:50 FB79440CDFFC08CBA5EB5935E5B35ED1 242864 ----a-w- C:\Users\user\Downloads\Firefox Setup Stub 40.0.2 (2).exe 2015-08-15 12:13:48 FB79440CDFFC08CBA5EB5935E5B35ED1 242864 ----a-w- C:\Users\user\Downloads\Firefox Setup Stub 40.0.2 (1).exe 2015-08-15 11:56:03 FB79440CDFFC08CBA5EB5935E5B35ED1 242864 ----a-w- C:\Users\user\Downloads\Firefox Setup Stub 40.0.2.exe 2015-08-15 11:46:03 764418F24D7B2CDFD0CC1781974C383F 855720 ----a-w- C:\Users\user\Downloads\AdwCleaner Setup.exe 2015-08-15 10:09:00 -------- d-----w- C:\ProgramData\Tristips 2015-08-15 10:08:17 F3E543DCE2ABC69ACE60DA130BF346FA 6483456 ----a-w- C:\Users\user\Downloads\FileZilla_3.12.0.2_win64-setup.exe 2015-08-15 10:07:38 BD985D6D46B5B7CE65D799AA7F79CC57 880728 ----a-w- C:\Users\user\Downloads\FileZilla_3.exe 2015-08-14 10:48:10 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2015-07-25 11:31:58 -------- d-----w- C:\ProgramData\Microsoft DNX 2015-07-25 10:15:38 -------- d-----w- C:\ProgramData\VsTelemetry ====== C: exe-files == 2015-08-16 09:30:31 F0EE0FE6CC055FCEBE2B417D6ACAEF57 5239920 ----a-w- C:\Users\user\Downloads\ParetoLogic PC Health Advisor_nl.exe 2015-08-16 09:29:45 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\user\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe 2015-08-16 09:29:43 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\user\AppData\Local\Microsoft\BingSvc\BSvcUpdater.exe 2015-08-16 09:29:43 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\user\AppData\Local\Temp\BSvcProcessor.exe 2015-08-16 09:29:43 653B6E4FFE8094F6C57592C0A9395130 1068696 ----a-w- C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\5E7QF0BV\BSvcProcessor[1].exe 2015-08-16 09:29:42 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\user\AppData\Local\Temp\BSvcUpdater.exe 2015-08-16 09:29:42 AD80D48457F44133625D582E6002EF22 169104 ----a-w- C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\M2YN8NI2\BSvcUpdater[1].exe 2015-08-16 09:19:41 77C01F1850E55373280A1B865D824F58 144008 ----a-w- C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe 2015-08-16 09:19:40 67935AE83509795F8A4315B9504C9C69 2650776 ----a-w- C:\Users\user\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe 2015-08-16 09:12:40 1556AF250931B1C3FD861D88DC131692 40698384 ----a-w- C:\Users\user\Downloads\SkypeSetupFull.exe 2015-08-15 16:35:21 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\user\Downloads\RSITx64(1).exe 2015-08-15 15:49:35 3C6C0EB7EC03E174E33B38460B2EF80F 1563648 ----a-w- C:\Users\user\Downloads\adwcleaner_5.000.exe 2015-08-15 15:37:14 D1FD0793E44303E42A19B1437BC5AB68 42980432 ----a-w- C:\Program Files (x86)\Google\Update\Install\{0DD3A7A4-F0A5-4AC0-A3FE-833BA854DAD6}\44.0.2403.155_chrome_installer.exe 2015-08-15 15:37:12 D1FD0793E44303E42A19B1437BC5AB68 42980432 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.155\44.0.2403.155_chrome_installer.exe 2015-08-15 15:36:06 93EE27EEA252951660682E891B72D7F5 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe 2015-08-15 15:36:05 D7E523E6F4C911EDFF6A8325ACAEE56C 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe 2015-08-15 15:36:05 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2015-08-15 15:36:05 81A1D591D429FF81D443A993B9B91301 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe 2015-08-15 15:36:05 6A8B47052DCAAEBF8ACB9CFFC629C7F4 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe 2015-08-15 15:36:03 FC8EE235C4F75C96907C25EF1349CB81 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe 2015-08-15 15:36:03 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe 2015-08-15 15:36:03 92D840650F95EB60659952AEECAFCE85 305992 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe 2015-08-15 15:36:03 54FB3B0B29F76E839C648D2F5983A22C 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe 2015-08-15 15:35:51 6A8B47052DCAAEBF8ACB9CFFC629C7F4 931408 ----a-w- C:\Users\user\Downloads\ChromeSetup.exe 2015-08-15 12:16:07 F3B84FAF62F9FC5520C4EF92125553C6 88670 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2015-08-15 12:16:06 2E1F005987F6C31ADE25B67C2D172DF6 149160 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2015-08-15 12:14:50 FB79440CDFFC08CBA5EB5935E5B35ED1 242864 ----a-w- C:\Users\user\Downloads\Firefox Setup Stub 40.0.2 (2).exe 2015-08-15 12:13:48 FB79440CDFFC08CBA5EB5935E5B35ED1 242864 ----a-w- C:\Users\user\Downloads\Firefox Setup Stub 40.0.2 (1).exe 2015-08-15 11:56:03 FB79440CDFFC08CBA5EB5935E5B35ED1 242864 ----a-w- C:\Users\user\Downloads\Firefox Setup Stub 40.0.2.exe 2015-08-15 11:50:37 A107DE2D120C0571B544EEC53D1971AB 1406208 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe 2015-08-15 11:50:37 1B128828BF5E4353811B6DA58156B7F4 6656 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe 2015-08-15 11:46:03 764418F24D7B2CDFD0CC1781974C383F 855720 ----a-w- C:\Users\user\Downloads\AdwCleaner Setup.exe 2015-08-15 10:08:36 90F1A2A33C7EC9885994746B83201D6F 25776 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2015-08-15 10:08:17 F3E543DCE2ABC69ACE60DA130BF346FA 6483456 ----a-w- C:\Users\user\Downloads\FileZilla_3.12.0.2_win64-setup.exe 2015-08-15 10:07:38 BD985D6D46B5B7CE65D799AA7F79CC57 880728 ----a-w- C:\Users\user\Downloads\FileZilla_3.exe 2015-08-15 08:27:42 FC2EA5BD5307D2CFA5AAA38E0C0DDCE9 221184 ----a-w- C:\Windows\System32\notepad.exe 2015-08-15 08:27:42 FC2EA5BD5307D2CFA5AAA38E0C0DDCE9 221184 ----a-w- C:\Windows\notepad.exe 2015-08-15 08:27:42 9D12A01443D52BB25A8AD0F100F91B83 212992 ----a-w- C:\Windows\SysWOW64\notepad.exe 2015-08-14 13:49:23 C8219AC86CFE28102878B69F414F2079 7458648 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-08-14 13:49:17 6CDF693DB2B20604E7314F8323F52F00 136904 ----a-w- C:\Windows\System32\wuauclt.exe 2015-08-14 13:49:16 6FD5F29679239BF336D9AC045EFDE74F 35840 ----a-w- C:\Windows\System32\wuapp.exe 2015-08-14 13:49:16 6C02E120E119B06D31EBD96DE4740111 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe === C: other files == 2015-08-16 06:57:41 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\782E69CF.sys 2015-08-15 11:50:37 F206D8CBAD79E949AC9ADBE8AF2D60B7 2374 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\medfos.bat 2015-08-15 11:50:37 D574912A12CAAFD0E47A7757A0D9527F 9174 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\searchlnk.bat 2015-08-15 11:50:37 C16EBCAA02F2976408D2F5A68D2562FF 1771 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\delfolders.bat 2015-08-15 11:50:37 BD130F08F50D61C3859B6F819F3558A5 31138 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\iexplore.bat 2015-08-15 11:50:37 B23B16209341AEAE62A7D32117A36F55 1192 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\TDL4.bat 2015-08-15 11:50:37 A8F5541C419593F3ECAC0E0A3FB0F2BA 1162 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\surfvox.bat 2015-08-15 11:50:37 A6DEDFDFF4E2321F44790819C5F310F1 13907 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\chrome.bat 2015-08-15 11:50:37 A337A318BC530E1C231F4148DDFE4C60 7393 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\runvalues.bat 2015-08-15 11:50:37 93A6196509429319C854A941F14F1E7C 252 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\ev_clear.bat 2015-08-15 11:50:37 9246BABAAAE2978EABF6F0D784B0683D 34543 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\prelim.bat 2015-08-15 11:50:37 78551B6A98FF3EE95DB330BB742F7AD0 152662 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\firefox.bat 2015-08-15 11:50:37 749C44588AD7BD398F1BDCD030F2B081 21096 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\ask.bat 2015-08-15 11:50:37 654E99115CFEC77263269E5EB6717E4C 131287 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\misc.bat 2015-08-15 11:50:37 49B4FCAB4947D8A494C0108127101009 4756 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\chrome_pref.bat 2015-08-15 11:50:37 2719B06EF921402D7D820120D79D4E88 14504 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\mws.bat 2015-08-15 11:50:37 05E06D3F96DDF25998D8C3117035B7B6 17011 ----a-w- C:\Users\user\AppData\Local\Temp\jrt\get.bat 2015-08-15 10:07:58 26B8FED3F3B85F5F0C4BD03FD00B9941 270168 ----a-w- C:\Windows\System32\drivers\WdFilter.sys 2015-08-15 10:07:50 81285DDC994F03379DB46419300B2DCB 44560 ----a-w- C:\Windows\System32\drivers\WdBoot.sys 2015-08-15 10:07:48 CE67080F00E0AF32755096CEA6430ABA 114520 ----a-w- C:\Windows\System32\drivers\WdNisDrv.sys 2015-08-15 10:07:25 97DC5967F65503213FD1F1B3E4A6F983 1113944 ----a-w- C:\Windows\System32\drivers\ndis.sys 2015-08-15 10:07:18 746DDF7D59AB8D721C88D48434597E8D 2476376 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2015-08-15 10:07:17 25991A1635AF725E9DC840A6A36824EC 428888 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2015-08-15 09:28:11 E99127090F84BE08ED26E0A303D31C91 7289035 ----a-w- C:\wamp\www\EnTousCoeur\wordpress-4.2.3-nl_NL.zip 2015-08-14 13:49:23 9A788037D768809DFD677F4BA08A224A 101720 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2015-08-14 13:47:16 4F9BFE0A0E3D979DE1C2C717E7FF34E0 4177408 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3143911281-1452477061-804109539-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "EPSON331930 (Epson Stylus SX235)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\user\AppData\Local\Temp\E_S353D.tmp /EF HKCU" "BingSvc"="C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "WebStorage"="C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "EPSON331930 (Epson Stylus SX235)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU C:\Users\user\AppData\Local\Temp\E_S353D.tmp /EF HKCU" "BingSvc"="C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DptfPolicyLpmServiceHelper"="C:\Windows\system32\DptfPolicyLpmServiceHelper.exe" ==== Startup Folders ====================== 2014-12-24 11:58:08 1383 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk 2015-06-26 11:23:33 2073 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk 2015-06-26 11:23:33 1978 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/08/2015 12:54] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/08/2015 17:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/08/2015 17:36] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update1" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS Live Update2" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\ASUS Splendid ColorU" [C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe] "C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\Windows\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [C:\Program Files\ASUS\P4G\IntlDPST.exe] "C:\Windows\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\Windows\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{526B9F7C-EC1A-41CE-9A9A-92F2F119B2DD}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\73kt6umo.default user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006"); user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006"); user_pref("browser.search.defaultengine", "Google (avast)"); user_pref("browser.search.defaultenginename", "Google (avast)"); user_pref("browser.search.selectedEngine", "Google (avast)"); user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "MFVersion"="MF40.0.2 (x86 nl)" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\73kt6umo.default EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.155 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/03/2015 14:12] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bmkckgpgekmanipelfidlhmkfcjicion - No path found[] Chrome Web Store Payments - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences _stats":{"srtt":45623}},"r2---sn-i3b7rne7.gvt1.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"r3---sn-uxaxoxu-5oge.c.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"r3---sn-uxaxoxu-cg0s.c.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"r4---sn-uxaxoxu-cg0z.c.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0.01,"protocol_str":"quic"}]},"r5---sn-uxaxoxu-cg0s.c.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"r7---sn-uxaxoxu-cg0s.c.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"r9---sn-4g57kn67.googlevideo.com:443":{"alternative_service":[{"port":443,"probability":0.001,"protocol_str":"quic"}]},"redirector.gvt1.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"s-v6exp1-ds.metric.gstatic.com:443":{"supports_spdy":true},"s.youtube.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}]},"s.ytimg.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":112818},"supports_spdy":true},"s.zkcdn.net:443":{"supports_spdy":true},"s0.2mdn.net:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"s0.2mdn.net:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}],"network_stats":{"srtt":39774}},"search.yahoo.com:443":{"supports_spdy":true},"securepubads.g.doubleclick.net:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true},"ssl.google-analytics.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":60952},"supports_spdy":true},"ssl.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":60633},"supports_spdy":true},"static.doubleclick.net:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}]},"stats.g.doubleclick.net:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":40616},"supports_spdy":true},"stats.g.doubleclick.net:80":{"alternative_service":[{"port":80,"probability":1,"protocol_str":"quic"}]},"syndication.twitter.com:443":{"supports_spdy":true},"t0.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"tpc.googlesyndication.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":39196},"supports_spdy":true},"tpc.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":44230}},"wallet.google.com:443":{"supports_spdy":true},"wordpress.org:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":51457},"supports_spdy":true},"www.google-analytics.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}],"network_stats":{"srtt":25187}},"www.google.be:443":{"network_stats":{"srtt":50346},"supports_spdy":true},"www.google.be:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}],"network_stats":{"srtt":40961}},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":54283},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}],"network_stats":{"srtt":35141}},"www.google.fr:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":54815},"supports_spdy":true},"www.google.nl:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":39899},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1,"protocol_str":"quic"}]},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":59794},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":62412},"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}]},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}]},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":45623}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":61724},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":1,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}]},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"network_stats":{"srtt":56875},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0,"protocol_str":"quic"}],"network_stats":{"srtt":142492}},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1,"protocol_str":"quic"}],"supports_spdy":true}},"supports_quic":{"address":"2a02:1811:b20e:5400:84b9:9aee:16f5:60f3","used_quic":true},"version":3}},"partition":{"per_host_zoom_levels":{"2166136261":{"localhost":1.2239010857415449,"nl.wikibooks.org":-0.5778829311823857}}},"password_bubble":{"nopes":1},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":26,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13062706124230672"},"sync_promo":{"show_on_first_run_allowed":false},"translate_accepted_count":{"en":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":3},"translate_denied_count_for_language":{"en":3},"translate_last_denied_time":1.42739e+12,"translate_last_denied_time_for_language":{"en":1.437994e+12},"translate_too_often_denied":true,"translate_too_often_denied_for_language":{"en":true},"translate_whitelists":{}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43Tdr0dpL6-OiemkNfPSdyh6ozLJefJsT3fqAAFF1Ma8sNmrO_2fTCunNG0uHpPCoo7mLqC56wL6tAg,," "Old Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" "Search Bar"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" "SearchAssistant"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43Tdr0dpL6-OiemkNfPSdyh6ozLJefJsT3fqAAFF1Ma8sNmrO_2fTCunNG0uHpPCoo7mLqC56wL6tAg,," "Old Start Page"="http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43Tdr0dpL6-OiemkNfPSdyh6ozLJefJsT3fqAAFF1Ma8sNmrO_2fTCunNG0uHpPCoo7mLqC56wL6tAg,," "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}" {ielnksrch} Search the web Url="http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ-5pHe0vwjxOLA8_5R_aA_zMIvmXN5YwEpYoWTvHh75QGFNneqDzz2BgFd90R-rYFkpeS394yLBc43TsxGZ_x0I63InF5lWw5wK2brCDG5CSSPz2q_H0GraAgcWk0IBUfc0nR3wVIIvlV7OJARTI5nk03Lg,,&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\user\Desktop\Crimson Editor SVN286M.lnk - C:\Program Files (x86)\Emerald Editor Community\Crimson Editor SVN286M\cedt.exe C:\Users\user\Desktop\MioMore Desktop 7.50.lnk - C:\Program Files (x86)\Mio\MioMore Desktop 7.50\MioMore.exe C:\Users\user\Desktop\Polar CS400 manual.lnk - C:\Program Files (x86)\Polar\Manuals\CS400\index.html ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Polar ProTrainer.lnk - C:\Program Files (x86)\Polar\Polar ProTrainer\Polar 32.exe C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe C:\Users\Public\Desktop\SketchUp 2015.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2015\SketchUp.exe C:\Users\Public\Desktop\WebStorage.lnk - C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE ==== shortcuts in Users Start Menu ====================== C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFIsc&co=BE&userid=6ba25edf-e820-d4c8-9ca2-821b21752ee3&searchtype=sc&installDate=15/08/2015&barcodeid=50028003&channelid=3 C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio\MioMore Desktop 7.50.lnk - C:\Program Files (x86)\Mio\MioMore Desktop 7.50\MioMore.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brackets.lnk - C:\Program Files (x86)\Brackets\Brackets.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\BaseCamp (2D only).lnk - C:\Program Files (x86)\Garmin\BaseCamp\BaseCamp.exe /Disable3D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\BaseCamp.lnk - C:\Program Files (x86)\Garmin\BaseCamp\BaseCamp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\MapInstall.lnk - C:\Program Files (x86)\Garmin\MapInstall\MapInstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\WebUpdater.lnk - C:\Program Files (x86)\Garmin\WebUpdater\WebUpdater.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JaVaWa\JaVaWa GMTK\JaVaWa GMTK.lnk - C:\Program Files (x86)\JaVaWa GMTK\GMTK.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JaVaWa\JaVaWa GMTK\Verwijder JaVaWa GMTK.lnk - C:\Program Files (x86)\JaVaWa GMTK\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\accicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\outicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Skype for Business 2015.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Verzenden naar OneNote 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Lync opnamebeheer.lnk - C:\Windows\Installer\{90150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK\Welcome.lnk - C:\Program Files (x86)\Microsoft SDKs\Silverlight\v3.0\SDK Help\en-US\Welcome.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec\1.0b beta\Uninstall.lnk - C:\Program Files (x86)\MyFree Codec\1.0b beta\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Workbench 6.3 CE.lnk - C:\Program Files (x86)\MySQL\MySQL Workbench 6.3 CE\MySQLWorkbench.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Connector Net 6.9.6\ChangeLog.lnk - C:\Program Files (x86)\MySQL\MySQL Connector Net 6.9.6\CHANGES C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Connector Net 6.9.6\Documentation.lnk - C:\Program Files (x86)\MySQL\MySQL Connector Net 6.9.6\Documentation\ConnectorNET.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL\MySQL Connector Net 6.9.6\Release Notes.lnk - C:\Program Files (x86)\MySQL\MySQL Connector Net 6.9.6\Release Notes.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Kies\Uninstall Kies.lnk - C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe /removeonly C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\FAH.lnk - C:\Program Files (x86)\WinZip\FAH\FAHConsole.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\WinZip Preloader.lnk - C:\Program Files (x86)\WinZip\WzPreloader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer\start WampServer64.lnk - C:\wamp\wampmanager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 19.5.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFIsc&co=BE&userid=6ba25edf-e820-d4c8-9ca2-821b21752ee3&searchtype=sc&installDate=15/08/2015&barcodeid=50028003&channelid=3 C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE /recycle C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ASUS Install.lnk - C:\eSupport\eDriver\AsInsWiz.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\eManual.Lnk - C:\eSupport\Manual\eManual.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFIsc&co=BE&userid=6ba25edf-e820-d4c8-9ca2-821b21752ee3&searchtype=sc&installDate=15/08/2015&barcodeid=50028003&channelid=3 C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MySQL Workbench 6.3 CE.lnk - C:\Program Files (x86)\MySQL\MySQL Workbench 6.3 CE\MySQLWorkbench.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe ==== shortcuts After Repair ====================== C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.0.496\ASUSWSLoader.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [EPSON331930 (Epson Stylus SX235)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\user\AppData\Local\Temp\E_S353D.tmp" /EF "HKCU" O4 - HKCU\..\Run: [BingSvc] C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAH\FAHConsole.exe O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @oem15.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing) O23 - Service: @oem15.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\system32\DptfPolicyConfigTDPService.exe (file missing) O23 - Service: @oem15.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\Windows\system32\DptfPolicyCriticalService.exe (file missing) O23 - Service: @oem15.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\Windows\system32\DptfPolicyLpmService.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: wampapache64 - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\73kt6umo.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3177 folders=768 2297147799 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\user\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\user\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 17/08/2015 at 13:33:52,09 ======================