
Zoek.exe v5.0.0.1 Updated 14-December-2015
Tool run by Evy on wo 16/12/2015 at 22:03:04,19.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gwendoline\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

16/12/2015 22:07:09 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Cisco deleted successfully
C:\Program Files\log deleted successfully
C:\Program Files\Common Files\Intel deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\Users\Gwendoline\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Gwendoline\AppData\Local\EmieSiteList deleted successfully
C:\Users\Gwendoline\AppData\Local\EmieUserList deleted successfully
C:\Users\Gwendoline\AppData\Local\NetworkTiles deleted successfully
C:\Users\Gwendoline\AppData\Local\PackageStaging deleted successfully
C:\Users\Gwendoline\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-381519953-3646868603-1584391525-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\oldsearch deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\oldsearch deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Adobe Acrobat Reader DC - Nederlands  
Adobe Flash Player 20 NPAPI  
Adobe Refresh Manager  
Apple Application Support (32-bit)  
Apple Application Support (64-bit)  
Apple Mobile Device Support  
Apple Software Update  
Ashampoo AppLauncher (Medion) v.1.0.0  
AVG PC TuneUp 2015 (nl-NL)  
Avira Antivirus  
Avira Launcher  
Belgium e-ID middleware 4.0.7 (build 7453)  
Bonjour  
CCleaner  
CyberLink Home Cinema 10  
CyberLink MediaEspresso 6.5  
CyberLink PhotoDirector 4  
CyberLink PowerDirector 11  
CyberLink PowerDVD 10  
CyberLink PowerRecover  
CyberLink YouCam 5  
D3DX10  
Dolby Digital Plus Advanced Audio  
ELAN Touchpad 15.19.4.2_X64_WHQL  
Fotogalerie  
Fotogalerija  
Galerie de photos  
Google Chrome  
Google Update Helper  
iCloud  
Intel(R) PRO/Wireless Driver  
Intel(R) Processor Graphics  
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1414.3)  
Intel(R) Sideband Fabric Device Driver  
Intel(R) Trusted Execution Engine  
Intel(R) Trusted Execution Engine Driver  
Intel© PROSet/Wireless Software  
Intel© PROSet/Wireless WiFi Software  
iTunes  
Java 8 Update 66  
Java Auto Updater  
Malwarebytes Anti-Malware versie 2.2.0.1024  
Microsoft Application Error Reporting  
Microsoft Office 2013 voor Thuisgebruik en Studenten - nl-nl  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Movie Maker  
Mozilla Firefox 42.0 (x86 nl)  
Mozilla Maintenance Service  
MSVCRT  
MSVCRT110  
MSVCRT110_amd64  
Office 15 Click-to-Run Extensibility Component  
Office 15 Click-to-Run Licensing Component  
Office 15 Click-to-Run Localization Component  
Photo Common  
Photo Gallery  
Raccolta foto  
Realtek Card Reader  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
Skype Click to Call  
SkypeT 7.13  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (03/25/2014 4.0.7.4)  
Unity Web Player  
Windows Live  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Installer  
Windows Live Photo Common  
Windows Live PIMT Platform  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  

==== Running Processes ======================

C:\Program Files (x86)\Avira\Antivirus\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Users\Gwendoline\Downloads\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Cisco not found
C:\ProgramData\McAfee deleted
C:\Program Files (x86)\McAfee deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Gwendoline\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Gwendoline\AppData\LocalLow\Unity deleted
C:\Users\GWENDO~1\AppData\Roaming\Mozilla\Firefox\Profiles\FEeBdtRb.default\extensions\abs@avira.com deleted
"C:\WINDOWS\Installer\3a870a76.msi" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 3988 MB
CPU Info: Intel(R) Celeron(R) CPU  N2807  @ 1.58GHz
CPU Speed: 1598,6 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1280 X 800 - 32 bit
Network: Network Present
Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe GBE Family Controller | Bluetooth Device (Personal Area Network) | Intel(R) Dual Band Wireless-AC 3160
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  403,6GB | D:  60,0GB
Hard Disks - Free: C:  353,0GB | D:  44,6GB
Manufacturer *: INSYDE Corp.
BIOS Info: AT/AT COMPATIBLE |  | INSYDE - 3
Time Zone: Romance (standaardtijd)
Motherboard *: MEDION E1232T
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Default Browser: Firefox	42.0
Internet Explorer Version: 11.0.10240.16603 
Mozilla Firefox version: 42.0 (x86 nl)
Google Chrome version: 47.0.2526.80
Adobe Reader version: 15.9.20077.160923
Sun Java version: 1.8.0_66 (32-bit) 
Sun Java version: 1.8.0_66 (64-bit) 
Flash Player version: 20.0.0.235

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-12-12 22:05:18	D2EAEC106F183572317AF7D68E381063	4532304	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\GWENDO~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-12-12 22:05:55	19928365CF64B0883317A260E2E6377B	19323392	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-12 22:05:51	F9AB0E57957218B31E2959628C3C0997	18801664	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-12 22:05:50	55863B7FF7119A11BD802DE7A82485A2	11263488	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-12 22:05:39	356C54031E21C4790E6C81CDA26F9E0A	1467392	----a-w-	C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-12 22:05:38	9C9A14B66C06930A4FA8B654D5A1B2AE	1233920	----a-w-	C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-12 22:05:38	8AFE3CEAF287F9204FC1363A8F2A9B95	1328128	----a-w-	C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-12 22:05:38	5C74B92851352C5DCDD66C59BBE392F6	1442816	----a-w-	C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-12 22:05:33	74C8E141400F3B4CE12EE0E657FD91C9	1310880	----a-w-	C:\WINDOWS\SysWOW64\user32.dll
2015-12-12 22:05:30	9738D0610EAAD6CE104DFB81AFEDAFDE	786432	----a-w-	C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-12 22:05:30	20311DEFD7B8A7D2AB5D5DDAFF505754	774656	----a-w-	C:\WINDOWS\SysWOW64\SRH.dll
2015-12-12 22:05:29	6A8F5939B9C3170BEB4FF010F5054ED0	2879024	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-12 22:05:29	4900597B180D4A2755B9A6AD5D42A4C7	5455360	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-12 22:05:21	B4308481535382A5B61340A2214E91AD	474624	----a-w-	C:\WINDOWS\SysWOW64\ieui.dll
2015-12-12 22:05:21	7E4A5580F1A7EEB3F235429D857100DD	296960	----a-w-	C:\WINDOWS\SysWOW64\ninput.dll
2015-12-12 22:05:21	5DAAAF8A272B9C8975C444298B5D41EF	480768	----a-w-	C:\WINDOWS\SysWOW64\duser.dll
2015-12-12 22:05:20	9E604C522EC89CA6D7DD22BE94985359	415744	----a-w-	C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-12 22:05:20	4EEB94F7E1ABAB5503EEFEA7F2394370	4047288	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2015-12-12 22:05:16	3504A001D694E685EB2579164C514FB4	2153984	----a-w-	C:\WINDOWS\SysWOW64\authui.dll
2015-12-12 22:05:15	6C74B225F2EC7A49DD6F78B7072A5C42	1532984	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-12 22:05:15	0607E8B28F78AD418D6C0D74203FFA79	749568	----a-w-	C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-12 22:05:07	BB14EE9FF8DCB98AAA9B1861A3F4DA5A	503296	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-12 22:05:02	917C7C09612AD81BCF0C49007740DB4E	775312	----a-w-	C:\WINDOWS\SysWOW64\locale.nls
2015-12-12 22:04:54	C09CA709007AB00D97A764422E9DB981	92992	----a-w-	C:\WINDOWS\SysWOW64\userenv.dll
2015-12-12 22:04:48	E77F8B3D5750F4527A07E45AB6D44588	7168	----a-w-	C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-12 22:04:48	6BC30FC482A74A92CDDD59E882F18E63	7168	----a-w-	C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-12 22:04:48	06A41A2D550BBF58552D3C02D0D20825	7168	----a-w-	C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-12 22:04:47	45D3CA83474A46D74632700FACF17C90	7168	----a-w-	C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-12 22:03:54	4F74D237260EF8F19DB5AAAB2C3D19D2	53248	----a-w-	C:\WINDOWS\SysWOW64\profext.dll
2015-12-12 22:03:28	4832BCF076EC1B88B0F3D47DEDB5C20F	3580416	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-12-16 20:47:37	995D92BF489F6EB1D35A1AD221F6BEB4	16148	----a-w-	C:\WINDOWS\Sysnative\HUISKAMER_Evy_HistoryPrediction.bin
2015-12-12 22:05:58	DD032686353CBEA293EBA1710C676533	21872640	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2015-12-12 22:05:57	C075D7FB5304C60CE7296882F299A90D	24592384	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2015-12-12 22:05:48	90F26A12A7F188B48021A4CA8A615026	12504576	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2015-12-12 22:05:47	321A2022926841273CD8D6B9BFE68D05	1383424	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2015-12-12 22:05:46	4D3F2E7C2F83DFAF19F8060E1FD6C5A8	3588096	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2015-12-12 22:05:41	544F4E3C4EEBAC2541C6D1D865FA2963	1717248	----a-w-	C:\WINDOWS\Sysnative\GdiPlus.dll
2015-12-12 22:05:40	C158F23E5D8581CB50B33D83AC721E93	1795584	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2015-12-12 22:05:39	D6D96E20079D902243690DCBB007F997	2180608	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2015-12-12 22:05:38	8675E8DC436CFD340C2BEACD29315226	1710592	----a-w-	C:\WINDOWS\Sysnative\SRHInproc.dll
2015-12-12 22:05:38	6C291578AD85D4527E83B5E9465BDB6C	1649152	----a-w-	C:\WINDOWS\Sysnative\comsvcs.dll
2015-12-12 22:05:37	F04659446D46718E38B3586371720218	1569280	----a-w-	C:\WINDOWS\Sysnative\Windows.Globalization.dll
2015-12-12 22:05:32	7F380DC90B8A045A3F4835D196C35EEB	1366680	----a-w-	C:\WINDOWS\Sysnative\user32.dll
2015-12-12 22:05:30	65BCE1DC85A1023021D363E0CE4AB14C	845824	----a-w-	C:\WINDOWS\Sysnative\Magnify.exe
2015-12-12 22:05:30	5E6F27976D0A53CE834D94F55378B9EE	929792	----a-w-	C:\WINDOWS\Sysnative\SRH.dll
2015-12-12 22:05:28	162AD130D6F3C5C877F0AD121C1F485E	3622272	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2015-12-12 22:05:27	08F67B81DA4F6B5D247183915253872C	7523840	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2015-12-12 22:05:26	8F52D8477ED3EF446EC72D087FF6B1F5	355328	----a-w-	C:\WINDOWS\Sysnative\ninput.dll
2015-12-12 22:05:26	4D9B59BCD7FA373D52E5CD9A285C332C	587776	----a-w-	C:\WINDOWS\Sysnative\ieui.dll
2015-12-12 22:05:26	0367B8FA0C41969DD92F489DA5FE664F	603648	----a-w-	C:\WINDOWS\Sysnative\duser.dll
2015-12-12 22:05:20	72C37168B3A428F33D566130382D3D85	523776	----a-w-	C:\WINDOWS\Sysnative\catsrvut.dll
2015-12-12 22:05:18	D4D08AB39F842C640B7F8B1296BDC38C	121344	----a-w-	C:\WINDOWS\Sysnative\DAMM.dll
2015-12-12 22:05:18	7E90F66669509E7BD2B250BC271D94E2	171008	----a-w-	C:\WINDOWS\Sysnative\dot3mm.dll
2015-12-12 22:05:17	8A216BBE091DA0585F6A5E8B65980961	324096	----a-w-	C:\WINDOWS\Sysnative\profsvc.dll
2015-12-12 22:05:17	35D3A05A1FE037E866E17E84CEE9CF48	2350592	----a-w-	C:\WINDOWS\Sysnative\authui.dll
2015-12-12 22:05:15	B3E7A635C248EBF3A9C630917BDD5FA0	1822280	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2015-12-12 22:05:13	7A4CC6F1945E13BE51FCEE9A2C6C7ABE	572928	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2015-12-12 22:05:11	68AA410BBF3DA69B9F3834EED1BF52EA	270336	----a-w-	C:\WINDOWS\Sysnative\RasMediaManager.dll
2015-12-12 22:05:11	6210B227A7834FFFCA08FBB42F6FF476	126464	----a-w-	C:\WINDOWS\Sysnative\DAMediaManager.dll
2015-12-12 22:05:10	E866643717FF953DAC104E9E806F3E27	498688	----a-w-	C:\WINDOWS\Sysnative\WlanMediaManager.dll
2015-12-12 22:05:10	1A8D80F2EA3133AD8DAF64DA25B4B17B	168288	----a-w-	C:\WINDOWS\Sysnative\NetworkUXBroker.exe
2015-12-12 22:05:04	C18ED3B56B91A835F019634180349E8A	849408	----a-w-	C:\WINDOWS\Sysnative\comdlg32.dll
2015-12-12 22:05:03	ED4208A2A5BE50383153463F7ED08ED4	146944	----a-w-	C:\WINDOWS\Sysnative\EthernetMediaManager.dll
2015-12-12 22:05:02	E68D380E86FBBF7F4466A0DD6CEA0B5B	467456	----a-w-	C:\WINDOWS\Sysnative\MBMediaManager.dll
2015-12-12 22:05:02	917C7C09612AD81BCF0C49007740DB4E	775312	----a-w-	C:\WINDOWS\Sysnative\locale.nls
2015-12-12 22:04:55	01074D7E7370E7A7CAFF0DC442C89794	113184	----a-w-	C:\WINDOWS\Sysnative\userenv.dll
2015-12-12 22:04:54	98EAC529E0F9A1566E9E19D4667854EC	181760	----a-w-	C:\WINDOWS\Sysnative\shutdownux.dll
2015-12-12 22:04:53	20E8B4BD322195D30C781BED86FA81C8	185344	----a-w-	C:\WINDOWS\Sysnative\psmsrv.dll
2015-12-12 22:04:49	E6B7193FF6E1FBFD644E0D5545A6E779	7168	----a-w-	C:\WINDOWS\Sysnative\KBDAZST.DLL
2015-12-12 22:04:49	AE15D9860C287112D57062E24FCD6EB9	7168	----a-w-	C:\WINDOWS\Sysnative\KBDAZE.DLL
2015-12-12 22:04:49	69B49DECE9996743DB231D06F49701B2	7168	----a-w-	C:\WINDOWS\Sysnative\KBDAZEL.DLL
2015-12-12 22:04:49	50B2D1C6E83407093678C0B0791F4B74	7168	----a-w-	C:\WINDOWS\Sysnative\kbdgeoqw.dll
2015-12-12 22:03:45	141ABE24124CB1E25954E9D52FF1B999	67072	----a-w-	C:\WINDOWS\Sysnative\profext.dll
2015-12-12 22:03:44	38C714192315DD02561D30FCFE693736	771072	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2015-12-12 22:03:28	9E5E7D977A316EE3BBD4F44903EC954B	4792320	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-12-12 22:05:19	BA8DC96D1DD7785EB0589CB1777208B7	2115936	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2015-12-12 22:05:16	7C3DDCB6F927AFC5569A8CC584F5B5F3	147968	----a-w-	C:\WINDOWS\Sysnative\drivers\rmcast.sys
2015-12-12 22:05:01	27E248CD861AFED4DF0C48F4C853E7F0	80896	----a-w-	C:\WINDOWS\Sysnative\drivers\hdaudbus.sys
2015-12-12 22:04:55	CFCCF9F67EECBA6BFE4E880D9BE70CBB	22528	----a-w-	C:\WINDOWS\Sysnative\drivers\usb8023.sys
2015-12-12 22:04:54	1BDA1FD02783566F0B20EB0E2517F85C	516448	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2015-12-12 22:04:50	7BF844D362EB746BC7A6DC3F57FA3E32	8192	----a-w-	C:\WINDOWS\Sysnative\drivers\gpuenergydrv.sys
2015-12-12 21:13:13	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2015-12-12 21:12:46	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2015-12-12 21:12:46	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2015-12-12 21:12:46	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2015-12-12 20:14:41	AC82CC4F2A41E098EB34C0A9F8125DDC	137800	----a-w-	C:\WINDOWS\Sysnative\drivers\avgntflt.sys
2015-12-12 20:14:41	74179E7C103F3A44B33D7D982E21E35D	74440	----a-w-	C:\WINDOWS\Sysnative\drivers\avnetflt.sys
2015-12-12 20:14:41	45061BD6F11B80BF1C07A9253A659BF1	148632	----a-w-	C:\WINDOWS\Sysnative\drivers\avipbb.sys
2015-12-12 20:14:41	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\WINDOWS\Sysnative\drivers\avkmgr.sys
====== C:\WINDOWS\Tasks ======
2015-12-14 17:39:47	5FE90F4EF2400923E9506F70900720B9	3926	----a-w-	C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater
2015-12-14 17:39:47	1F613803E2428159A1BC896C83676883	940	----a-w-	C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-12-14 12:42:54	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-12-16 20:59:20	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-12-12 23:33:24	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2015-12-12 19:26:46	--------	d-----w-	C:\PROGRA~2\Avira
======= C: =====
====== C:\Users\Gwendoline\AppData\Roaming ======
2015-12-13 20:54:21	--------	d-----w-	C:\Users\Gwendoline\AppData\Local\Mozilla
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:16	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-12 22:20:00	--------	d-----w-	C:\Users\Gwendoline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
====== C:\Users\Gwendoline ======
2015-12-16 20:58:58	--------	d-----w-	C:\Users\Gwendoline\.oracle_jre_usage
2015-12-16 20:52:55	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\Gwendoline\Downloads\JavaSetup8u66.exe
2015-12-14 13:05:35	--------	d-----w-	C:\Users\Gwendoline\Tracing
2015-12-14 12:42:30	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gwendoline\Downloads\RSITx64.exe
2015-12-13 20:57:14	BD4122D5B2830C8DB3992CB9D2920F0E	6677440	----a-w-	C:\Users\Gwendoline\Downloads\ccsetup510.exe
2015-12-13 09:23:48	948FB3EAB3760B273975F1940F8B3C22	1599336	----a-w-	C:\Users\Gwendoline\Downloads\JRT.exe
2015-12-13 08:24:01	5F9F1E107FCB71AA200C16CE17FF8730	1738240	----a-w-	C:\Users\Gwendoline\Downloads\adwcleaner_5.024 (1).exe
2015-12-12 23:33:49	5F9F1E107FCB71AA200C16CE17FF8730	1738240	----a-w-	C:\Users\Gwendoline\Downloads\adwcleaner_5.024.exe
2015-12-12 23:30:59	E9827B6C4219262ED3A0EF35DE033FF5	243720	----a-w-	C:\Users\Gwendoline\Downloads\Firefox Setup Stub 42.0 (2).exe
2015-12-12 23:30:54	E9827B6C4219262ED3A0EF35DE033FF5	243720	----a-w-	C:\Users\Gwendoline\Downloads\Firefox Setup Stub 42.0 (1).exe
2015-12-12 22:52:20	8C3C209A3429238A9321B7012389AEB5	243992	----a-w-	C:\Users\Gwendoline\Downloads\Firefox Setup Stub 42.0.exe
2015-12-12 21:10:09	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\Gwendoline\Downloads\mbam-setup-2.0.4.1028.exe
2015-12-12 19:26:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-12 19:26:44	--------	d-----w-	C:\ProgramData\Avira

====== C: exe-files ==
2015-12-16 21:02:28	4A4D54DA22FF297E6505BE0F2DC4533F	528584	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe
2015-12-16 21:02:25	23B55B14E347EC29A33C78EF6BD54C25	84208	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
2015-12-16 21:02:24	CC684E12F90DD0302C1B69A6191B921F	50392	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\setlang.exe
2015-12-16 21:02:23	BA2FAD5257B5845A63C411C9D6534CF3	7944408	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe
2015-12-16 21:02:22	BA8565D4C1CB6AE02073B4A43FC7B08F	39592	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe
2015-12-16 21:02:21	058E8C8B0E10CE7B3C81A50EB9BE2D9F	700064	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msqry32.exe
2015-12-16 21:02:20	DA3D492D9E6DD55D97A7339543080153	4522176	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\graph.exe
2015-12-16 21:02:16	6BC912C6276C0BF0419FDEF171DE9A27	990376	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe
2015-12-16 21:02:16	5A4F9F969459DC238451DF8B5405C6C7	5805784	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe
2015-12-16 21:02:15	9B949B8AE650248E9714E9EBFFFE6F75	229056	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\clview.exe
2015-12-16 21:02:11	1539116B4330EB3C8F947473BEB7671D	873648	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2015-12-16 21:01:15	BF612A79BD6346A080B54FD59FE18E71	1149656	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
2015-12-16 21:00:30	780912DF91F1CB7D90BF9D350A138FB6	498880	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE
2015-12-16 21:00:30	77D11FC456B8F93F69D0E81A668CAD6D	21940384	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2015-12-16 21:00:30	4509A8FCF7658914399CB80BAD875834	449216	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
2015-12-16 21:00:28	C84C08AEF214CF251274DED7D5B975CC	569592	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
2015-12-16 21:00:28	C500A4808D8BC458A044CD06E3BCC1E4	517360	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe
2015-12-16 20:58:34	FDF059C05249FAEA0221ED65CD59A9C8	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe
2015-12-16 20:58:34	F003BBCB09CACF8A9F4CE0C67A2D6E63	278624	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe
2015-12-16 20:58:34	EFC80BC662BCC20B0B09700636FDC732	30816	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe
2015-12-16 20:58:34	D8EEED21B06866E85DA30485F5059FF6	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe
2015-12-16 20:58:34	CA51FB3FE5012E21D9A14AC071527866	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe
2015-12-16 20:58:34	ADAF1151B29D2D1691FA027B6C55B3D7	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe
2015-12-16 20:58:34	A9E84AD3536425BC68263B723C2442E4	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe
2015-12-16 20:58:34	8977B87AB10AB1DA8769CA0053B401B0	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe
2015-12-16 20:58:34	7BE9BE6E15653824A28F5CED6B273588	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe
2015-12-16 20:58:34	7BDD7F1BC2A20971DEE17B6920D61BBC	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe
2015-12-16 20:58:34	73368169BFD965EC6257E77C23CED879	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe
2015-12-16 20:58:34	525027DF51378DDA25F0F52C20BCB132	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe
2015-12-16 20:58:34	46AB480B01CD30801B3AE89B5AAE75A8	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe
2015-12-16 20:58:34	3B306D41F07396975ECE34A860BD9036	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe
2015-12-16 20:58:34	36A44033C6B970F95E2A1448F4481CEA	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe
2015-12-16 20:58:34	28FB06FC63D5817153B5502A49DF3F00	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe
2015-12-16 20:58:34	17A8DD2484DC26E38DFE3209C8B36980	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe
2015-12-16 20:58:34	0B82777B13B81417E5520DF7B1E8C319	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe
2015-12-16 20:58:34	0A3936FE18FC04350159A1E647201501	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe
2015-12-16 20:58:34	092F4D3C25F3086D4C7FDEC79DD71302	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe
2015-12-16 20:58:34	04D67FF5044A605F1E7D923A1D6F1751	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe
2015-12-16 20:53:46	252D24110315ECCEC19924D4D55FF343	1923232	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
2015-12-16 20:53:21	43875D29D79C2BD71F48F583EDF7664C	25725088	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
2015-12-14 16:37:58	E15AEE90C6CD89A71EB108EF8FD035DA	279232	----a-w-	C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\mighost.exe
2015-12-14 16:37:58	9E8AD47012931BAE13D4B30CD5A2258F	173760	----a-w-	C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\setupplatform.exe
2015-12-14 16:24:05	4E9EEA3128AC67D99F0D3E5FE3DF25C4	1932800	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\044c82cb-0d90-403d-b73f-1d116bd36fc3\V3\i386\hpinkins7112.exe
2015-12-14 16:24:04	7E63E266732FACB3B24CC5F6ED9847AB	2589184	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\044c82cb-0d90-403d-b73f-1d116bd36fc3\V3\amd64\hpinkins7112.exe
2015-12-14 16:24:02	D1F59C81E2F6030459424F20030B3647	2829512	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\Setup.exe
2015-12-14 16:24:01	FBB698C69C0A8EF6499D9353A97CC232	2451144	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDUn_inst.exe
2015-12-14 16:24:01	BD5B801F8035A5066C6A4F4ABA67C4D5	93384	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDMag.exe
2015-12-14 16:24:01	8916EACF1256E1C5A3AF81FD39C747E7	144072	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDService.exe
2015-12-14 16:24:00	2B484C30F4B5C2AE38FC26F6FC57764B	2855112	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDHValueMonitor.exe
2015-12-14 16:24:00	2025712CFB93C2161C6EC0612EEC5B40	2265800	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDFingerPositioner.exe
2015-12-14 16:23:59	D37064498DE2B69EB94E2DA83C62E4A4	2580168	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDCtrlHelper.exe
2015-12-14 16:23:59	97B7D81A8461126BB9CC4085712675E5	3242696	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDCtrl.exe
2015-12-14 16:23:59	7DBEFB1CD4BB8FEF7AEE87D07F695BFC	2790088	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDDeviceInformation.exe
2015-12-14 16:23:58	BB11B4124F1DCA432705C2DB64B60580	8405192	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDAniConf.exe
2015-12-14 16:23:58	3FC075F33F8462EB7897A44E760D2377	1056968	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\dpinst.exe
2015-12-14 16:23:45	A71F6F8AC6EBC602B28437AC6BA8C6AA	443296	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\IntelWiDiUMS64.exe
2015-12-14 16:23:45	25575697C55F084FDFB6177BB4843394	2508272	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\IntelWiDiVAD64.exe
2015-12-14 16:23:43	0781DE74790BDBB9A7B9EF6CAA62B4E0	290208	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\IntelCpHeciSvc.exe
2015-12-14 16:23:43	03C165523D01394978CBFE961A6809F2	1011616	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\igxpun.exe
2015-12-14 16:23:42	D6298429D647B5ECFB3D1A407E2C364C	256928	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\igfxHK.exe
2015-12-14 16:23:42	BFE27E59D71DA8D4C5433AECE14C4CBF	540064	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\igfxEM.exe
2015-12-14 16:23:42	97BB6425C86F46C2B21E0861421B6AE5	393632	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\igfxTray.exe
2015-12-14 16:23:42	2D5218EB4C0687B43722C4D199708268	204192	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\igfxext.exe
2015-12-14 16:23:42	1DBE918F1EDE43C8D49B6D9A7DEA25F3	328608	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\igfxCUIService.exe
2015-12-14 16:23:38	AC933098B524F7AC2A645841AE3ED2BB	554912	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\DPTopologyAppv2_0.exe
2015-12-14 16:23:38	576B1D3FE2836FA5296381C4FAA410C2	4371872	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\Gfxv4_0.exe
2015-12-14 16:23:38	44582DF65BEB2A621A58A10768906A20	4368288	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\Gfxv2_0.exe
2015-12-14 16:23:38	31382CA994E1426EBD02B1659D1058CB	409504	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\CustomModeApp.exe
2015-12-14 16:23:38	2AFCECBE6AFA228037169738C833E05C	408992	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\CustomModeAppv2_0.exe
2015-12-14 16:23:38	2AEAC06D1D6FA2D77E7FA529C527F2BB	164256	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\difx64.exe
2015-12-14 16:23:38	23D7450C9E87D02741422A167FA0474A	969120	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\GfxUIEx.exe
2015-12-14 16:23:38	08F40BD4B74E703ED29BBD0DCAC61B39	555424	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\DPTopologyApp.exe
2015-12-14 12:42:54	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Evy.exe
2015-12-14 12:33:53	AD60A39A820804E89BC2EAD599ED94E1	8067784	----a-w-	C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2015-12-14 12:33:53	AD60A39A820804E89BC2EAD599ED94E1	8067784	----a-w-	C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\OneDriveSetup.exe
2015-12-14 12:33:17	EB0965F7AE1394C0A3165A5E9A32C44D	164040	----a-w-	C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncConfig.exe
2015-12-14 12:33:15	2DB7D5B28812523AAF17F71A8EB4832E	171712	----a-w-	C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe
2015-12-12 23:33:26	BBF209C6C30C9DDDB9D2ECADE25FE9D8	107202	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2015-12-12 23:33:25	0DE2474F316C515482ABAD3B697F8714	147624	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2015-12-12 22:04:54	7A271F804E4A779646E972BEF9A16CFE	384280	----a-w-	C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
2015-12-12 22:04:53	96520EEF483B102EFD98B6B246B0EE1D	818880	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-12-12 22:04:52	B048B365333B4DA075512D67A88AE393	815808	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-12-12 22:04:50	116A528112CDE77F28D4C8C9CE210C52	21216	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
2015-12-12 20:15:06	5E32C3032EB61789DC786A8340F5A225	482296	----a-w-	C:\Program Files (x86)\Avira\Antivirus\wsctool.exe
2015-12-12 20:14:51	49E60DF3D99C87147FBD776AE4A4655E	399896	----a-w-	C:\Program Files (x86)\Avira\Antivirus\updrgui.exe
2015-12-12 20:14:50	2EB4261DC605C5FD860E856BDD0E3A40	1146720	----a-w-	C:\Program Files (x86)\Avira\Antivirus\update.exe
2015-12-12 20:14:49	9DA4CD5050CDE283996980BB09C1556B	71888	----a-w-	C:\Program Files (x86)\Avira\Antivirus\toastnotifier.exe
2015-12-12 20:14:48	8F0DBC4313B3DE6636AB1A70357EEC09	457040	----a-w-	C:\Program Files (x86)\Avira\Antivirus\setuppending.exe
2015-12-12 20:14:48	71D0D5F709224397BAB7E2306EF1A29D	2179712	----a-w-	C:\Program Files (x86)\Avira\Antivirus\setup.exe
2015-12-12 20:14:48	353D6498C58EC36B686B729A26ED8B45	467840	----a-w-	C:\Program Files (x86)\Avira\Antivirus\rscdwld.exe
2015-12-12 20:14:48	18B0643B3B504E0FDCFCE0C8743B29C7	461672	----a-w-	C:\Program Files (x86)\Avira\Antivirus\sched.exe
2015-12-12 20:14:46	BDDCED792D6FE1211ABDF987805DDE79	629592	----a-w-	C:\Program Files (x86)\Avira\Antivirus\licmgr.exe
2015-12-12 20:14:45	F92F46155F481EF2CC0CDE9F04484C2A	474568	----a-w-	C:\Program Files (x86)\Avira\Antivirus\ipmgui.exe
2015-12-12 20:14:45	E66EF1114246B5B5DF8CFE2934250E22	947832	----a-w-	C:\Program Files (x86)\Avira\Antivirus\fact.exe
2015-12-12 20:14:45	4A17931B48A4B02C039D862FE720AB21	407112	----a-w-	C:\Program Files (x86)\Avira\Antivirus\checkt.exe
2015-12-12 20:14:45	115E95CAE6AEE0232EFAB0B9B9E1F623	747000	----a-w-	C:\Program Files (x86)\Avira\Antivirus\guardgui.exe
2015-12-12 20:14:45	113D607EF14F8CCFB041CD783A931520	494656	----a-w-	C:\Program Files (x86)\Avira\Antivirus\inssda64.exe
2015-12-12 20:14:44	CD7A562C7EF642751AEAAD8E13C17F8C	503408	----a-w-	C:\Program Files (x86)\Avira\Antivirus\ccuac.exe
2015-12-12 20:14:43	C86A9F1A97EF8E34EDC9B5A900C79DBA	814560	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avwsc.exe
2015-12-12 20:14:43	27322069CB874160CFA8B7A8673FE3F1	4771216	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avira_fr____fm.exe
2015-12-12 20:14:42	D84E576299C73B0B1DC477D2B99958C4	1147720	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
2015-12-12 20:14:42	AB44ED39F574DCFE11452A0A01B740E7	573424	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avrestart.exe
2015-12-12 20:14:42	790C49CF3B8981A72CA1E5C6BDEA8FB5	415352	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avupgsvc.exe
2015-12-12 20:14:42	383BCE6E505C8D4B6F447812FE4C1E5C	632152	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
2015-12-12 20:14:42	3751F363A61E1BE56518F0786BE57A3C	1183208	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avscan.exe
2015-12-12 20:14:42	1FD63AC2513A66E4F42F73BD5F68FCF7	733616	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avnotify.exe
2015-12-12 20:14:41	D118E8756768879F2B6921F8B0716600	555944	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avmcdlg.exe
2015-12-12 20:14:41	C1A86A6D6847DEFF009EAE85BA0C1F20	782520	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
2015-12-12 20:14:41	6B31C215750CD41567E962D22839EE44	932912	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
2015-12-12 20:14:41	18B0643B3B504E0FDCFCE0C8743B29C7	461672	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avguard.exe
2015-12-12 20:14:40	B9067634D9A3CA68D83B2D5D88D0164D	426664	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avadmin.exe
2015-12-12 20:14:40	73B8176DF78B9678F04FC97135F9DCD0	895320	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avconfig.exe
2015-12-12 20:14:40	21C003CD2F62776D059670643B0F7031	786128	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
2015-12-12 06:40:11	B4656E85333FED69FD85761FDCE8B5D8	1484104	----a-w-	C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\SwReporter\5.39.1\software_reporter_tool.exe
2015-12-10 16:38:21	5236ECC094EBEEEB8CB3A4B0BB456057	2996304	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.80\47.0.2526.80_47.0.2526.73_chrome_updater.exe
=== C: other files ==
2015-12-16 20:58:34	4DB4B1F67E583B41F841F48254BE38E3	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip
2015-12-14 18:59:37	A81CBB5EDD3784B4A0D9937AEE397ED5	59277308	----a-w-	C:\Users\Gwendoline\Downloads\paper-towns-dkeduurrgkjn.zip
2015-12-14 16:23:58	6BD85B39B7B23F03B24CF641ED29147B	525512	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETD.sys
2015-12-14 16:23:56	470A04D92087136F147A2C6F31399906	263952	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\15503b57-cb70-40a0-b155-3e59918ff4f2\ibtusb.sys
2015-12-14 16:23:40	3F8B046C0839FDB879FE179C07A1A6A4	3797960	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\9b6f3e6a-c559-431f-9983-ea18958be492\igdkmd64.sys
2015-12-14 16:23:36	8D97229A6FB5BFA1C9D161CA02E29B6C	3433952	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\b8b9e2fe-ad74-4c0f-b803-0705003a20bb\Netwbw02.sys
2015-12-14 16:23:35	3940780911A7BD1793B7CEEC9E4429C2	402960	----a-w-	C:\$WINDOWS.~BT\Drivers\DU\863b567e-a90c-45b1-8fab-2a124ab98640\RtsUer.sys
2015-12-14 12:33:15	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\CollectOneDriveLogs.bat
2015-12-12 22:05:47	321A2022926841273CD8D6B9BFE68D05	1383424	----a-w-	C:\Windows\System32\win32kbase.sys
2015-12-12 22:05:46	4D3F2E7C2F83DFAF19F8060E1FD6C5A8	3588096	----a-w-	C:\Windows\System32\win32kfull.sys
2015-12-12 22:05:19	BA8DC96D1DD7785EB0589CB1777208B7	2115936	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2015-12-12 22:05:16	7C3DDCB6F927AFC5569A8CC584F5B5F3	147968	----a-w-	C:\Windows\System32\drivers\rmcast.sys
2015-12-12 22:05:01	27E248CD861AFED4DF0C48F4C853E7F0	80896	----a-w-	C:\Windows\System32\drivers\hdaudbus.sys
2015-12-12 22:04:55	CFCCF9F67EECBA6BFE4E880D9BE70CBB	22528	----a-w-	C:\Windows\System32\drivers\usb8023.sys
2015-12-12 22:04:54	1BDA1FD02783566F0B20EB0E2517F85C	516448	----a-w-	C:\Windows\System32\drivers\USBHUB3.SYS
2015-12-12 22:04:50	7BF844D362EB746BC7A6DC3F57FA3E32	8192	----a-w-	C:\Windows\System32\drivers\gpuenergydrv.sys
2015-12-12 21:13:13	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-12-12 21:12:46	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-12-12 21:12:46	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-12-12 21:12:46	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-12-12 20:14:49	9D80416300EE6B7949DF3B97DF9598F8	7792	----a-w-	C:\Program Files (x86)\Avira\Antivirus\sweb.zip
2015-12-12 20:14:41	AC82CC4F2A41E098EB34C0A9F8125DDC	137800	----a-w-	C:\Windows\System32\drivers\avgntflt.sys
2015-12-12 20:14:41	AC82CC4F2A41E098EB34C0A9F8125DDC	137800	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avgntflt.sys
2015-12-12 20:14:41	74179E7C103F3A44B33D7D982E21E35D	74440	----a-w-	C:\Windows\System32\drivers\avnetflt.sys
2015-12-12 20:14:41	74179E7C103F3A44B33D7D982E21E35D	74440	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avnetflt.sys
2015-12-12 20:14:41	45061BD6F11B80BF1C07A9253A659BF1	148632	----a-w-	C:\Windows\System32\drivers\avipbb.sys
2015-12-12 20:14:41	45061BD6F11B80BF1C07A9253A659BF1	148632	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avipbb.sys
2015-12-12 20:14:41	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\System32\drivers\avkmgr.sys
2015-12-12 20:14:41	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Program Files (x86)\Avira\Antivirus\avkmgr.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-381519953-3646868603-1584391525-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"OneDrive"="C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-381519953-3646868603-1584391525-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"
"Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
"Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"Avira SystrayStartTrigger"="C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
"avgnt"="C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"OneDrive"="C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"
"Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
"Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:@C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 10:22]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 10:22]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\DolbySelectorTask" [%ProgramFiles%\Dolby Digital Plus\ddp.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{E6FDB572-36AF-4BBB-98D3-1CD6390481AE}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\GWENDO~1\AppData\Roaming\Mozilla\Firefox\Profiles\FEeBdtRb.default
user_pref("browser.startup.homepage", "www.google.be");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gwendoline\AppData\Roaming\Mozilla\Firefox\Profiles\FEeBdtRb.default
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
5DF56521E8985BFD8F21A3D97A4D4574	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll -	Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12/10/2015 09:31]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dhdgffkkebhmkfjojejmpbldmpobfkfo - No path found[]

Google Docs - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Poper Blocker - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche
Google Search - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avira Browser Safety - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Google Docs Offline - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
With one button to jump try and beat what is quite possibly. - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikhhopipdaoekkmeofhnocfibjogfbci
Chrome Web Store Payments - Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dragonbranch-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dragonbranch-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage deleted successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopper.deals-way.com_0.localstorage deleted successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopper.deals-way.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="http://www.google.com"
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
"Start Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
"Start Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC05200 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC05200 deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gwendoline\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Protection e-mail (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Protection Web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gwendoline\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gwendoline\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gwendoline\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Gwendoline\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gwendoline\AppData\Local\Mozilla\Firefox\Profiles\FEeBdtRb.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Gwendoline\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=919 folders=303 803576911 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\GWENDO~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 16/12/2015 at 23:10:56,62 ======================