
Zoek.exe v5.0.0.1 Updated 18-November-2015
Tool run by C Wismeyer on wo 18-11-2015 at 22:42:43,19.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\C Wismeyer\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

18-11-2015 22:44:34 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\COMMON~1\VST3 deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\C Wismeyer\AppData\Local\Adobe deleted successfully
C:\Users\C Wismeyer\AppData\Local\Opera Software deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

7-Zip 15.11 (x64 edition)  
Adobe Flash Player 19 NPAPI  
ASIO4ALL  
Audacity 2.1.0  
Avast Free Antivirus  
CCleaner  
Classic Shell  
CSR Harmony Wireless Software Stack  
CSR Harmony Wireless Software Stack Packages  
Free YouTube To MP3 Converter  
globalupdate Helper  
Google Chrome  
Google Update Helper  
HandBrake 0.10.2  
Intel(R) Chipset Device Software  
Java 8 Update 65 (64-bit)  
Java Auto Updater  
Korg Legacy Collection v1.1.9  
Malwarebytes Anti-Malware versie 2.2.0.1024  
Microsoft Silverlight  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030  
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030  
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501  
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  
Miroslav Philharmonik  
Miroslav Philharmonik Instruments  
Mozilla Firefox 42.0 (x86 nl)  
Mozilla Maintenance Service  
MSVCRT Redists  
Native Instruments Absynth 2  
Native Instruments B4 II  
Native Instruments Elektrik Piano 1.5  
Native Instruments FM8  
Notepad++  
NVIDIA-configuratiescherm 355.82  
NVIDIA 3D Vision controllerstuurprogramma 337.88  
NVIDIA GeForce Experience 2.0.1  
NVIDIA Grafisch stuurprogramma 355.82  
NVIDIA Install Application  
NVIDIA LED Visualizer 1.0  
NVIDIA Network Service  
NVIDIA PhysX  
NVIDIA PhysX systeemsoftware 9.13.1220  
NVIDIA ShadowPlay 12.4.67  
NVIDIA Update 12.4.67  
NVIDIA Update Core  
NVIDIA Virtual Audio 1.2.23  
Oberheim OB-Tune  
Open Broadcaster Software  
OpenOffice 4.1.1  
paint.net  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
Rob Papen Albino 3  
Rob Papen BLUE Version 1.6.1  
Rob Papen Predator V1.01b release  
ROBLOX Player for C Wismeyer  
SHIELD Streaming  
Skype Click to Call  
SkypeT 7.12  
Software voor Intel© Chipset-apparaten  
Steinberg Cubase 5  
Steinberg Drum Loop Expansion 01  
Steinberg Groove Agent ONE Content  
Steinberg HALionOne  
Steinberg HALionOne Additional Content Set 01  
Steinberg HALionOne Expression Set  
Steinberg HALionOne GM Drum Set  
Steinberg HALionOne GM Set  
Steinberg HALionOne Pro Set  
Steinberg HALionOne Studio Drum Set  
Steinberg HALionOne Studio Set  
Steinberg LoopMash Content  
Steinberg REVerence Content 01  
TruePianos 1.5.0  
TruePianos: Amber Module 1.4.0  
TruePianos: Diamond Module 1.4.0  
TruePianos: Emerald Module 1.4.0  
TruePianos: Sapphire Module 1.4.0  
Unity Web Player  
Vegas Pro 13.0 (64-bit)  
VLC media player  

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\C Wismeyer\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
"C:\Users\C Wismeyer\AppData\Roaming\Oeci9slxAeZwM.exe" not found
C:\Users\C Wismeyer\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\C Wismeyer\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\C Wismeyer\AppData\LocalLow\Unity deleted
"C:\Windows\tasks\Oeci9slxAeZwM.job" deleted
"C:\Users\C Wismeyer\AppData\Roaming\Oeci9slxAeZwM" deleted
"C:\Windows\tasks\Oeci9slxAeZwM.job" deleted
"C:\Windows\SysNative\tasks\Oeci9slxAeZwM" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 16313 MB
CPU Info: Intel(R) Core(TM) i5-4460  CPU @ 3.20GHz
CPU Speed: 3241,0 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Display Adapters: NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1360 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | Bluetooth Personal Area Network Device
CD / DVD Drives: 1x (E: | ) E: Optiarc DVD RW AD-7170S
Ports: COM1 | COM4 | COM3 LPT1
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  467,0GB | D:  463,9GB
Hard Disks - Free: C:  352,7GB | D:  445,2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE |  | ALASKA - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: MSI B85-G41 PC Mate(MS-7850)
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Default Browser: Firefox	42.0
Internet Explorer Version: 11.0.10240.16590 
Mozilla Firefox version: 42.0 (x86 nl)
Google Chrome version: 46.0.2490.86
Sun Java version: 1.8.0_65 (32-bit) 
Sun Java version: 1.8.0_65 (64-bit) 
Flash Player version: 19.0.0.245

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\CWISME~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-11-15 11:31:44	D794DE423CD7C96DB38917C553665E13	19326464	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-11-15 11:31:43	18CCB72B537EEE6CB24E8A4A3803475E	18803712	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2015-11-15 11:31:42	FD47D5526827398C371D100284664078	2049536	----a-w-	C:\Windows\SysWOW64\Windows.StateRepository.dll
2015-11-15 11:31:42	B9573AE51518377CC31D9F3C92839298	441344	----a-w-	C:\Windows\SysWOW64\dlnashext.dll
2015-11-15 11:31:42	988FE631BF928BF4FE0A0AB856FAE574	11262976	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-11-15 11:31:41	52432E91FF09B6AA8113F241ADEA1E1A	2878512	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-11-15 11:31:41	2986B2B617DD50857FC614B64E9BE1F9	2647040	----a-w-	C:\Windows\SysWOW64\Windows.Media.dll
2015-11-15 11:31:40	EE04BA6667EC970382AEB544F1D89283	1918976	----a-w-	C:\Windows\SysWOW64\MFMediaEngine.dll
2015-11-15 11:31:38	BBF8ACF14694C6E2DA08CA22E7C544A4	961376	----a-w-	C:\Windows\SysWOW64\LicenseManager.dll
2015-11-15 11:31:38	16271541E6C89AC46316DC276DF33C76	2639872	----a-w-	C:\Windows\SysWOW64\esent.dll
2015-11-15 11:31:37	DF3F02FA4AEB7064FAC76D2E31BE4DC4	311296	----a-w-	C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2015-11-15 11:31:37	C15E2900919126DCE4C2A927D3D45158	464896	----a-w-	C:\Windows\SysWOW64\Windows.UI.dll
2015-11-15 11:31:37	99F56FA8CC016E026C38D4CC338B0A15	762888	----a-w-	C:\Windows\SysWOW64\twinapi.appcore.dll
2015-11-15 11:31:37	29975419D8EE4827301777ECE10AF30F	1380864	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-11-15 11:31:37	10BD43B952C7A59D31EA976566B624E6	767488	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-11-15 11:31:36	BDD296468C14755DB20DB5C22C8880B6	650240	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-11-15 11:31:36	4F5230393F48421846F1EEC44F98148B	539728	----a-w-	C:\Windows\SysWOW64\fontdrvhost.exe
2015-11-12 21:55:42	7C8A12D67851D10ACACD98ED014DD41E	247744	----a-w-	C:\Windows\SysWOW64\StartMenuHelper32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-11-18 21:40:11	E4464CDD9A38DAFC27E30F21D46D769C	16148	----a-w-	C:\Windows\Sysnative\DESKTOP-S05914D_C Wismeyer_HistoryPrediction.bin
2015-11-15 11:31:45	FF5819053CE86FBDC4D7BFA4536A1ABE	24597504	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-11-15 11:31:45	B622D84C585A82A42E6C9EEF3320D505	21873664	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2015-11-15 11:31:42	B1622CB61E1C2166C0DEADBCDA611378	541024	----a-w-	C:\Windows\Sysnative\mcupdate_GenuineIntel.dll
2015-11-15 11:31:42	8F643B386A381879A90946ACB6E7F30D	502272	----a-w-	C:\Windows\Sysnative\dlnashext.dll
2015-11-15 11:31:42	78760751FBCB900F6F68CA1700DAE2DC	2675200	----a-w-	C:\Windows\Sysnative\Windows.StateRepository.dll
2015-11-15 11:31:42	736BB47B4D0F66039E0AB9A7B885D0F0	3248128	----a-w-	C:\Windows\Sysnative\Windows.Media.dll
2015-11-15 11:31:42	4452B7B47A0BA77457B5173D6E46776F	1083072	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-11-15 11:31:42	0D75CBD29B38A8D9361033A6884848AF	25280	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-11-15 11:31:41	ADDBAD6945DFB0590B053C3BB4B1C833	8020832	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-11-15 11:31:41	63CCD4D03566A23A26E00A85452B7816	1392480	----a-w-	C:\Windows\Sysnative\LicenseManager.dll
2015-11-15 11:31:41	19C4F8570B675E940CFFA9DB25CBDA05	2418688	----a-w-	C:\Windows\Sysnative\MFMediaEngine.dll
2015-11-15 11:31:39	02EEC53EA6C2382001A5B471F76B827B	3621248	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-11-15 11:31:38	EBBD7066B59D8D0C22E6F59DD22AB486	76800	----a-w-	C:\Windows\Sysnative\browserbroker.dll
2015-11-15 11:31:38	D920A8B070A9BA5C9DEFC3BA7C3883B5	145408	----a-w-	C:\Windows\Sysnative\dssvc.dll
2015-11-15 11:31:38	A09B1B7581BEE8BAC7502A55E71E48EB	12504064	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-11-15 11:31:38	6300722E8527EC54D426FD00EE5196B2	1068032	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-11-15 11:31:38	5D1F633C10EC9E00211E6C3D429AC1FB	2987520	----a-w-	C:\Windows\Sysnative\esent.dll
2015-11-15 11:31:38	57A3E25D7DA89E65953D254A946C5734	1795072	----a-w-	C:\Windows\Sysnative\AppXDeploymentExtensions.dll
2015-11-15 11:31:38	429E7B01BBEB38EA55464918811D3373	515072	----a-w-	C:\Windows\Sysnative\internetmail.dll
2015-11-15 11:31:38	34E38B59C1AF16BE0531A72326CF144C	3587072	----a-w-	C:\Windows\Sysnative\win32kfull.sys
2015-11-15 11:31:38	19DB66E644058AA880AE20144FA40839	713216	----a-w-	C:\Windows\Sysnative\usermgr.dll
2015-11-15 11:31:37	E650DD63BF9C8F4369C547B72DC81888	333312	----a-w-	C:\Windows\Sysnative\MusUpdateHandlers.dll
2015-11-15 11:31:37	DF84555A734BA2BDA55BCCCC47095ADD	1015808	----a-w-	C:\Windows\Sysnative\RDXService.dll
2015-11-15 11:31:37	D33C8E7B495A668F4F9740CC93AF6496	453120	----a-w-	C:\Windows\Sysnative\Windows.Devices.Usb.dll
2015-11-15 11:31:37	CA7800F03BF0281D4D38E1006618E82E	627712	----a-w-	C:\Windows\Sysnative\Windows.UI.dll
2015-11-15 11:31:37	C6BA8ADCD2F2A626E01B20D740C5A9AF	1602560	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-11-15 11:31:37	A7C48B051A9C5D5054916DE5BEBBCA2D	579072	----a-w-	C:\Windows\Sysnative\winlogon.exe
2015-11-15 11:31:37	43BE4036BC793A48BB0021B0FFF943CF	2180608	----a-w-	C:\Windows\Sysnative\AppXDeploymentServer.dll
2015-11-15 11:31:37	3CCF1EDBF6EC23174F4700E6DB3FFBDF	966416	----a-w-	C:\Windows\Sysnative\twinapi.appcore.dll
2015-11-15 11:31:37	378FB144F13D0FB94A5794C3D104AD2C	1383936	----a-w-	C:\Windows\Sysnative\win32kbase.sys
2015-11-15 11:31:36	C56E82DA13F1433C7E8AC8E31529E41E	949760	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-11-15 11:31:36	74C965E6A46F070196BDBC1CBD7DB8F8	607408	----a-w-	C:\Windows\Sysnative\fontdrvhost.exe
2015-11-15 11:31:36	2417466C4F7DE615EFD9717CB569322F	826880	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-11-15 11:26:41	36F4012709319D4D2F8858DAF2C3117E	378880	----a-w-	C:\Windows\Sysnative\aswBoot.exe
2015-11-12 21:55:42	FE3FF5C622DC420CDF23EFAAA1BFBD87	289216	----a-w-	C:\Windows\Sysnative\StartMenuHelper64.dll
2015-11-07 18:05:51	FDCCBE7DBE494B1C7CBA362322883954	269672	----a-w-	C:\Windows\Sysnative\hpinkcoiB011.dll
2015-11-07 18:05:51	4A186C359A56C04951B80E9822881558	2871656	----a-w-	C:\Windows\Sysnative\hpinkinsB011.exe
2015-11-07 18:05:51	0E42FCF73DD577715B769E9F7F96DAD3	328552	----a-w-	C:\Windows\Sysnative\hpinkstsB011LM.dll
====== C:\Windows\Sysnative\drivers =====
2015-11-17 09:42:34	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-11-17 09:42:26	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-11-17 09:42:26	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-11-17 09:42:26	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-11-15 11:31:45	A3D96563BF46FC8A0E5756B796127D14	577888	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2015-11-15 11:31:41	D42AC03ACF9CA67693D1D9BB4D2A0BC8	116064	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2015-11-15 11:31:41	91756EE69E63D66F77E3B791D33F7078	459104	----a-w-	C:\Windows\Sysnative\drivers\netio.sys
2015-10-22 13:38:39	A0A527569856B9814E8920F52EBB67F5	351520	----a-w-	C:\Windows\Sysnative\drivers\lvrs64.sys
2015-10-22 13:38:27	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\Sysnative\drivers\lvuvc.hs
2015-10-22 13:38:22	835C775A6871D2A2EA6FC343B6B4C9A2	266828	----a-w-	C:\Windows\Sysnative\drivers\LVAFT.cfg
2015-10-22 13:38:22	415E344294D1C0D04627B29146F68481	4758176	----a-w-	C:\Windows\Sysnative\drivers\lvuvc64.sys
====== C:\Windows\Tasks ======
2015-11-15 11:55:14	F7B397F13B3FF75359990CF6FC2D8865	214	----a-w-	C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2015-11-06 15:56:14	30311707FCE266ACCEC65E41CEA97353	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-06 15:56:14	160769560B0532E73EC29821B8D37A51	3926	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-11-16 20:57:12	--------	d-----w-	C:\Program Files\trend micro
2015-11-15 12:27:48	--------	d-----w-	C:\Program Files\Classic Shell
2015-11-01 14:36:46	--------	d-----w-	C:\Program Files\paint.net
2015-10-22 13:38:24	--------	d-----w-	C:\Program Files\Common Files\logishrd
2015-10-21 18:50:56	--------	d-----w-	C:\Program Files\Handbrake
======= C:\PROGRA~2 =====
2015-11-17 11:52:59	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-11-07 12:24:17	--------	d-----w-	C:\PROGRA~2\COMMON~1\InstallShield
2015-10-22 15:51:20	--------	d-----w-	C:\PROGRA~2\Faasoft
2015-10-22 15:49:43	--------	d-----w-	C:\PROGRA~2\Audacity
2015-10-22 13:38:24	--------	d-----w-	C:\PROGRA~2\COMMON~1\logishrd
2015-10-21 17:28:48	--------	d-----w-	C:\PROGRA~2\Notepad++
======= C: =====
====== C:\Users\C Wismeyer\AppData\Roaming ======
2015-11-17 12:09:21	407AAB8C27CF7081EECE071C90A65B83	17	----a-w-	C:\Users\C Wismeyer\AppData\Local\resmon.resmoncfg
2015-11-16 22:10:32	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2015-11-16 21:22:20	--------	d-----w-	C:\Users\C Wismeyer\AppData\Local\Apps
2015-11-15 12:33:04	--------	d-----w-	C:\Users\C Wismeyer\AppData\Local\ClassicShell
2015-11-04 12:19:26	--------	d-----w-	C:\Users\C Wismeyer\AppData\Local\Roblox
2015-11-01 14:36:24	--------	d-----w-	C:\Users\C Wismeyer\AppData\Local\paint.net
====== C:\Users\C Wismeyer ======
2015-11-17 22:14:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\C Wismeyer\Downloads\RSITx64(1).exe
2015-11-17 11:40:29	3BC8A1F156BCB1EBB190418FCDA4739D	1732096	----a-w-	C:\Users\C Wismeyer\Downloads\adwcleaner_5.021.exe
2015-11-17 09:41:48	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\C Wismeyer\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-16 20:56:53	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\C Wismeyer\Downloads\RSITx64.exe
2015-11-16 19:32:55	64450A7A4B1D6D92F01828EDE4043B1A	404	----a-w-	C:\Users\C Wismeyer\Downloads\fix.bat
2015-11-15 12:33:04	--------	d-----w-	C:\ProgramData\ClassicShell
2015-11-15 12:27:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-11-15 12:27:23	4E2E654403AF6C62FC229ED459D864F2	6968048	----a-w-	C:\Users\C Wismeyer\Downloads\ClassicShellSetup_4_2_5.exe
2015-11-15 12:05:30	9B22512845511901DE62BA05A5AC7D71	21545336	----a-w-	C:\Users\C Wismeyer\Downloads\mbam-setup-sem-2.1.6.1022(1).exe
2015-10-21 17:28:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

====== C: exe-files ==
2015-11-18 14:43:49	AB2F65520968B9D4FDBD02DF9CB94D43	6874520	----a-w-	C:\Users\C Wismeyer\AppData\Local\NVIDIA\NvBackend\Packages\000082e4\DAO.20179893.exe
2015-11-18 12:33:02	613709CE116968518CD601B5594D027E	630200	----a-w-	C:\Users\C Wismeyer\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-11-18 12:32:58	AD0B739CA663E3D88B0BA856B7DAFA8C	172984	----a-w-	C:\Users\C Wismeyer\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-11-17 22:14:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\C Wismeyer\Downloads\RSITx64(1).exe
2015-11-17 11:52:39	FFF19CE65ED38F1AC6B2F52254F66F46	197216	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\unpack200.exe
2015-11-17 11:52:39	DBB86BB8973879E34D666FEFBC72D0DE	15968	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\rmid.exe
2015-11-17 11:52:39	7DBA278763EEAEA3996742DED662E5A1	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\servertool.exe
2015-11-17 11:52:39	70035D2E3F94E0B3B62F1F3F1E61D389	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\tnameserv.exe
2015-11-17 11:52:39	6B9DB4BBAEB4637E9C14C5C2308D8ECC	66144	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\ssvagent.exe
2015-11-17 11:52:39	027C1ECAEFEC51EE93AF660D23A1EE56	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\rmiregistry.exe
2015-11-17 11:52:38	EBAD0927135B10F8D04941A261A6B6AC	15968	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\java-rmi.exe
2015-11-17 11:52:38	E051C7EEEE32603591A982021498A0AB	206944	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\javaw.exe
2015-11-17 11:52:38	AE7CB3D55C119F7CC0EB6B8C701D3704	15968	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\keytool.exe
2015-11-17 11:52:38	94211863796DB5CAEFF4A58703A8EC69	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\ktab.exe
2015-11-17 11:52:38	7BC33C3480E3B9EF5012691E78B34BB7	326752	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\javaws.exe
2015-11-17 11:52:38	7A4DBEB238771ADE2996E67434EFB0E0	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\kinit.exe
2015-11-17 11:52:38	6450AFA826C090194F5EC933812C3FF0	76896	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\javacpl.exe
2015-11-17 11:52:38	592DEC8D7C7F0D5354FE9C0DA181BEF8	206944	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\java.exe
2015-11-17 11:52:38	4BB826E82860E43DAA99EB5A4F45A2DE	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\pack200.exe
2015-11-17 11:52:38	48E58A58FDC415773FFD0CC3B0C6D7B1	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\klist.exe
2015-11-17 11:52:38	4669F71EAF66BC61906449EBE61EC886	100448	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\jp2launcher.exe
2015-11-17 11:52:38	2EA0E1812350288086FA271D7D4E9C58	15968	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\jjs.exe
2015-11-17 11:52:38	1D59A6FEFFE25A7BBB70BF9785C9AAF4	34400	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\jabswitch.exe
2015-11-17 11:52:38	107819BC3489C9DE33D7301B6721CADF	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\policytool.exe
2015-11-17 11:52:38	0E2857B51EB6194A74397F667F801338	16480	----a-w-	C:\Program Files\Java\jre1.8.0_65\bin\orbd.exe
2015-11-17 11:52:07	F6503142E8E5F2BF522DF2D88ED7F8B6	585824	----a-w-	C:\Users\C Wismeyer\AppData\Local\Temp\jre-8u65-windows-au.exe
2015-11-17 11:40:29	3BC8A1F156BCB1EBB190418FCDA4739D	1732096	----a-w-	C:\Users\C Wismeyer\Downloads\adwcleaner_5.021.exe
2015-11-17 10:12:27	B7856BCE6F2D411BD55A4C851B838BEB	609944	------w-	C:\Users\C Wismeyer\Desktop\Autoruns\autorunsc.exe
2015-11-17 10:12:27	A94038A3658B0004A42315E9D83AA877	696984	------w-	C:\Users\C Wismeyer\Desktop\Autoruns\Autoruns.exe
2015-11-17 09:41:48	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\C Wismeyer\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-17 06:38:08	841D6B468653DB02984E089B947E858B	594520	----a-w-	C:\Users\C Wismeyer\AppData\Local\NVIDIA\NvBackend\Packages\000082c9\CoProc update.20175017.exe
2015-11-16 20:57:12	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\C Wismeyer.exe
2015-11-16 20:56:53	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\C Wismeyer\Downloads\RSITx64.exe
2015-11-16 20:32:55	983A24777C80E7A76634CE3661DEBE66	54880	----a-w-	C:\Users\C Wismeyer\Desktop\shexview\shexview.exe
2015-11-16 19:39:25	34BEA163EBE7E55439525FF9F6626CF4	593896	----a-w-	C:\Users\C Wismeyer\AppData\Local\NVIDIA\NvBackend\Packages\000082b3\CoProc update.20170845.exe
2015-11-16 17:37:18	EA16B668016B4AC7DC8A35BD12248904	6851272	----a-w-	C:\Users\C Wismeyer\AppData\Local\NVIDIA\NvBackend\Packages\000082bc\DAO.20171772.exe
2015-11-15 19:23:12	EAC3CFF15F7C04FBECCFCFF666302B35	43334736	----a-w-	C:\Program Files (x86)\Google\Update\Install\{54C121B1-37F7-4156-A2ED-683B87CB8DF8}\46.0.2490.86_chrome_installer.exe
2015-11-15 19:23:12	EAC3CFF15F7C04FBECCFCFF666302B35	43334736	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.86\46.0.2490.86_chrome_installer.exe
2015-11-15 12:27:23	4E2E654403AF6C62FC229ED459D864F2	6968048	----a-w-	C:\Users\C Wismeyer\Downloads\ClassicShellSetup_4_2_5.exe
2015-11-15 12:22:58	F4146736CFD035154A089BC0DD81E1D0	970832	----a-w-	C:\Program Files (x86)\Google\Update\Install\{E4639F4E-3E3E-443C-BBA9-8F5CFECDCA2B}\46.0.2490.86_46.0.2490.80_chrome_updater.exe
2015-11-15 12:22:58	F4146736CFD035154A089BC0DD81E1D0	970832	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.86\46.0.2490.86_46.0.2490.80_chrome_updater.exe
2015-11-15 12:05:30	9B22512845511901DE62BA05A5AC7D71	21545336	----a-w-	C:\Users\C Wismeyer\Downloads\mbam-setup-sem-2.1.6.1022(1).exe
2015-11-15 12:04:26	C4CF03B998D4D758B89CD07F22D7A7F9	645168	----a-w-	C:\Users\C Wismeyer\AppData\Local\Temp\MSS\3.11.163.2\McUICnt.exe
2015-11-15 11:31:42	0D75CBD29B38A8D9361033A6884848AF	25280	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2015-11-15 11:31:41	ADDBAD6945DFB0590B053C3BB4B1C833	8020832	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-11-15 11:31:37	A7C48B051A9C5D5054916DE5BEBBCA2D	579072	----a-w-	C:\Windows\System32\winlogon.exe
2015-11-15 11:31:36	8EAF7D244FCBB1F33DBCD9312E2D97FF	6264688	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2015-11-15 11:31:36	74C965E6A46F070196BDBC1CBD7DB8F8	607408	----a-w-	C:\Windows\System32\fontdrvhost.exe
2015-11-15 11:31:36	4F5230393F48421846F1EEC44F98148B	539728	----a-w-	C:\Windows\SysWOW64\fontdrvhost.exe
2015-11-15 11:26:41	36F4012709319D4D2F8858DAF2C3117E	378880	----a-w-	C:\Windows\System32\aswBoot.exe
2015-11-14 20:04:36	F75854158557F2D6B806BCFF578C7F6A	554496	----a-w-	C:\Program Files\7-Zip\7zG.exe
2015-11-14 20:03:50	36F532921D33421C68E5FA463165E704	836096	----a-w-	C:\Program Files\7-Zip\7zFM.exe
2015-11-14 20:02:06	A0C2F27F8D681D60C048526F87A2C4A7	447488	----a-w-	C:\Program Files\7-Zip\7z.exe
2015-11-12 21:55:42	889E56C58F5AC4242E395E3AD5F7780C	161728	----a-w-	C:\Program Files\Classic Shell\ClassicStartMenu.exe
2015-11-12 21:55:42	66883AC0CEAD964380CCD6CE7841140B	337856	----a-w-	C:\Program Files\Classic Shell\ClassicShellUpdate.exe
2015-11-12 21:55:42	6057589F76750D4C0723F00C1C068649	103360	----a-w-	C:\Program Files\Classic Shell\ClassicIE_64.exe
2015-11-12 21:55:40	D7AD1CE5D9D1112CDC22EDD5F45A8FD8	103872	----a-w-	C:\Program Files\Classic Shell\ClassicIE_32.exe
2015-11-12 21:55:40	80CE196A3849FBE4698140A18CFED615	98240	----a-w-	C:\Program Files\Classic Shell\ClassicExplorerSettings.exe
2015-11-12 16:25:17	70D09276FE2AAA808813399245A2F493	1542696	----a-w-	C:\Windows\Temp\contentDATs.exe
=== C: other files ==
2015-11-17 11:52:39	0EF7725B9C04010B05AC3D0D0A39AC15	14130	----a-w-	C:\Program Files\Java\jre1.8.0_65\lib\deploy\ffjcext.zip
2015-11-17 11:00:59	9F480A5AF201CE28A3FBACD5E14A84AB	118	----a-w-	C:\$Recycle.Bin\S-1-5-21-196085579-85112226-2066342809-1001\$I3UOMTK.zip
2015-11-17 11:00:57	137CC777F57C1F01B99A6CAFD89183B3	110	----a-w-	C:\$Recycle.Bin\S-1-5-21-196085579-85112226-2066342809-1001\$IFI6D46.zip
2015-11-17 11:00:11	79D647316B22DE115EF8D511E7FCBA96	9251	----a-w-	C:\$Recycle.Bin\S-1-5-21-196085579-85112226-2066342809-1001\$R3UOMTK.zip
2015-11-17 10:12:44	7B8C6ADF463781B32E8853979970B7FA	110	----a-w-	C:\$Recycle.Bin\S-1-5-21-196085579-85112226-2066342809-1001\$I00HEOI.zip
2015-11-17 10:11:54	0B8BCEC87115CD64FFF3B115C4BC7868	606643	----a-w-	C:\$Recycle.Bin\S-1-5-21-196085579-85112226-2066342809-1001\$R00HEOI.zip
2015-11-17 09:42:34	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-11-17 09:42:26	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-11-17 09:42:26	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-11-17 09:42:26	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-11-16 20:32:14	3581EA0EF2936A04F1D1452514BD232F	66867	----a-w-	C:\$Recycle.Bin\S-1-5-21-196085579-85112226-2066342809-1001\$RFI6D46.zip
2015-11-16 19:32:55	64450A7A4B1D6D92F01828EDE4043B1A	404	----a-w-	C:\Users\C Wismeyer\Downloads\fix.bat
2015-11-15 13:43:59	A7ADA26D31715DF7B8DC8B70719D0FB6	4506104	----a-r-	C:\Users\C Wismeyer\Desktop\Moderne Texure Pack (Nog nie af).zip
2015-11-15 11:31:45	A3D96563BF46FC8A0E5756B796127D14	577888	----a-w-	C:\Windows\System32\drivers\afd.sys
2015-11-15 11:31:41	D42AC03ACF9CA67693D1D9BB4D2A0BC8	116064	----a-w-	C:\Windows\System32\drivers\tdx.sys
2015-11-15 11:31:41	91756EE69E63D66F77E3B791D33F7078	459104	----a-w-	C:\Windows\System32\drivers\netio.sys
2015-11-15 11:31:38	34E38B59C1AF16BE0531A72326CF144C	3587072	----a-w-	C:\Windows\System32\win32kfull.sys
2015-11-15 11:31:37	378FB144F13D0FB94A5794C3D104AD2C	1383936	----a-w-	C:\Windows\System32\win32kbase.sys
2015-11-12 21:55:42	97A9896F98645F58E577FE583A4394A3	41109	----a-w-	C:\Program Files\Classic Shell\PolicyDefinitions.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-196085579-85112226-2066342809-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-196085579-85112226-2066342809-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"CsrHCRPServer"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe"
"CsrAudioguiCtrl"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe"
"CsrSyncMLServer"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe"
"vksts"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe"
"HarmonyUserStartup"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe"
"CSRHarmonySkypePlugin"="C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe"
"TrayApplication"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-11-2015 21:20]
C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\Windows\explorer.exe [11-08-2015 11:04]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2015 17:17]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2015 17:17]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{53C00D94-6508-4D00-B07C-F1E7A02AC2E6}" [C:\Windows\system32\msfeedssync.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\CWISME~1\AppData\Roaming\Mozilla\Firefox\Profiles\j9p4mt03.default
user_pref("browser.startup.homepage", "https://www.google.nl/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [15-11-2015 12:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\CWISME~1\AppData\Roaming\Mozilla\Firefox\Profiles\j9p4mt03.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\C Wismeyer\AppData\Roaming\Mozilla\Firefox\Profiles\j9p4mt03.default
F114FBA6246530B89DD1E04351E0EAC5	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll -	Shockwave Flash
6C7ED028C8F778036407D41B8FDC3129	- C:\Users\C Wismeyer\AppData\Local\Roblox\Versions\version-a171864306c74d84\NPRobloxProxy.dll -	Roblox Launcher Plugin
282F73F4CB28CFEA047DA9A284833766	- C:\Users\C Wismeyer\AppData\Local\Roblox\Versions\version-a171864306c74d84\NPRobloxProxy64.dll -	Roblox Launcher Plugin


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[17-10-2015 19:50]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17-10-2015 19:50]

Google Slides - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avast SafePrice - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Google Sheets - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Avast Online Security - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Web Store Payments - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKCU\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms}

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CSR Harmony Wireless Software Stack Packages deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== HijackThis Entries ======================

O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\C Wismeyer\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Schakelservice (BtSwitcherService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
O23 - Service: CSR Bluetooth geluidsservice (CSRBtAudioService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
O23 - Service: CSR OBEX Service (CsrBtOBEXService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
O23 - Service: CSR Bluetooth Service (CsrBtService) - Cambridge Silicon Radio Limited - C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\C Wismeyer\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\C Wismeyer\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\C Wismeyer\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\C Wismeyer\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\C Wismeyer\AppData\Local\Mozilla\Firefox\Profiles\j9p4mt03.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\C Wismeyer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=92 folders=54 64761380 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\CWISME~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 18-11-2015 at 22:58:12,72 ======================