Zoek.exe v5.0.0.1 Updated 27-December-2015 Tool run by Qtera69 on do 31-12-2015 at 10:59:55,81. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Qtera69\Downloads\zoek (1).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-03-22-005758.log 58199 bytes C:\zoek-results2015-12-27-200858.log 55048 bytes ==== Empty Folders Check ====================== C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Qtera69\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Qtera69\Downloads\zoek (1).exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-3587330891-1572245818-3806218168-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=- "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"=- "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"=- "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=- "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"=- "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"=- "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=- ==== Deleting Files \ Folders ====================== C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64 not found C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64 not found C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64 not found C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64 not found ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3955 MB CPU Info: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz CPU Speed: 2587,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: AMD Mobility Radeon HD 5000 Series | AMD Mobility Radeon HD 5000 Series Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Hosted Network Virtual Adapter | Realtek PCIe FE Family Controller | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC CD / DVD Drives: 1x (E: | ) E: HL-DT-STBD-RE BT10F Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 297,3GB | D: 297,7GB Hard Disks - Free: C: 73,5GB | D: 30,4GB Manufacturer *: TOSHIBA BIOS Info: AT/AT COMPATIBLE | 01/20/11 | Phoenix SecureCore Version 2.10 Time Zone: West-Europa (standaardtijd) Motherboard *: TOSHIBA NALAA Country: Nederland Language: NLD ==== System Specs (Software) ====================== Internet Explorer Version: 11.0.10240.16603 Google Chrome version: 47.0.2526.106 Adobe Reader version: 15.9.20077.160923 Sun Java version: 1.8.0_66 (32-bit) Sun Java version: 1.8.0_66 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-12-25 20:36:37 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\WINDOWS\explorer.exe 2015-12-25 15:31:53 748D1F5A0495A1AA9D44FB51B4C13271 43112 ----a-w- C:\WINDOWS\avastSS.scr ====== C:\Users\Qtera69\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-12-26 19:31:28 4B15FFE298E746FC8FE1718461C8527D 96752 ----a-w- C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-12-26 19:31:27 DAE24406C99B03DE3070FCA7B8823C68 122352 ----a-w- C:\WINDOWS\SysWOW64\mantle32.dll 2015-12-26 19:31:27 B1414C449CDF025115DDA1DD58A77381 111088 ----a-w- C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-12-26 19:31:27 9A90866790368A9739F940C3AB854BE5 12784 ----a-w- C:\WINDOWS\SysWOW64\detoured.dll 2015-12-26 19:30:52 EEBEC694FFBAEF4812DE8D10E924E597 8009360 ----a-w- C:\WINDOWS\SysWOW64\atiumdva.dll 2015-12-26 19:30:51 A6D47DE75D4DA8B345193FD2456A4386 3471376 ----a-w- C:\WINDOWS\SysWOW64\atiumdva.cap 2015-12-26 19:30:49 D7D303BC870752D4E6CE9D9453B16FE6 7482560 ----a-w- C:\WINDOWS\SysWOW64\atiumdag.dll 2015-12-26 19:30:44 CBA05A6A2400D9EFB00E8D8CF2BDD1E5 112360 ----a-w- C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-12-26 19:30:40 0A4ECF95D837EB9C7990FDAE92077765 25320432 ----a-w- C:\WINDOWS\SysWOW64\atioglxx.dll 2015-12-26 19:30:35 212E4467D3558D6CF999942FBF24249A 81160 ----a-w- C:\WINDOWS\SysWOW64\atimpc32.dll 2015-12-26 19:30:30 FAA5C0AE370B2B4727A4D3BAD2E9FA90 150512 ----a-w- C:\WINDOWS\SysWOW64\atigktxx.dll 2015-12-26 19:30:30 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-12-26 19:30:30 07722BE5C09F174DE3C857A384EB7A19 152560 ----a-w- C:\WINDOWS\SysWOW64\atieah32.exe 2015-12-26 19:30:24 91EE47E5F262066C4FE15FCC2AFA76D0 60912 ----a-w- C:\WINDOWS\SysWOW64\aticalrt.dll 2015-12-26 19:30:20 760A16CB68AA94B46C13E778E2C40C42 935408 ----a-w- C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-12-26 19:30:20 760A16CB68AA94B46C13E778E2C40C42 935408 ----a-w- C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-12-26 19:30:20 6C1E0FA435FF2BE03DAE57482D70229C 57840 ----a-w- C:\WINDOWS\SysWOW64\aticalcl.dll 2015-12-26 19:30:20 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-12-26 19:30:20 0D5F02309668BB18B09CC3018870A21D 14310896 ----a-w- C:\WINDOWS\SysWOW64\aticaldd.dll 2015-12-26 19:30:19 A7DC8E9EEAE4F4957DE450AC0C8FFCD0 68080 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.dll 2015-12-26 19:30:17 A400CFF0E7618D3C96E6D3FB5C657E6B 7683096 ----a-w- C:\WINDOWS\SysWOW64\amdxc32.dll 2015-12-26 19:30:16 7D5DED378BFDB41955AC460C4F396F1B 81160 ----a-w- C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-12-26 19:30:15 EBC93A124038127EAD6CD8F16558C26B 807424 ----a-w- C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-12-26 19:30:14 ECC282372DEB746231685280F96442DF 1004032 ----a-w- C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-12-26 19:29:52 9DEF1F5B37479CB6AD2DE70AC5606759 22327280 ----a-w- C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-12-26 19:29:48 E1B9410B2167B9B438B4C14639AA9FBC 39720944 ----a-w- C:\WINDOWS\SysWOW64\amdocl.dll 2015-12-26 19:29:48 4C2E47A3ED607193656C44974AEA4162 48112 ----a-w- C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-12-26 19:29:47 DB00A1EDAF063A00E715BC0D844A6C6B 5216240 ----a-w- C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-12-26 19:29:47 A373223DA7D8955471215CE5B1BDCD0B 198640 ----a-w- C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-12-26 19:29:47 870A3E3F7F49E0F0EDA057DE539BAA5C 524272 ----a-w- C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-12-26 19:29:47 4DC0A8630E9C94AC559BDA738D228C2E 132080 ----a-w- C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-12-25 20:37:11 19928365CF64B0883317A260E2E6377B 19323392 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-25 20:37:06 F9AB0E57957218B31E2959628C3C0997 18801664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-25 20:37:02 16271541E6C89AC46316DC276DF33C76 2639872 ----a-w- C:\WINDOWS\SysWOW64\esent.dll 2015-12-25 20:36:57 EE04BA6667EC970382AEB544F1D89283 1918976 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-25 20:36:55 55863B7FF7119A11BD802DE7A82485A2 11263488 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-25 20:36:54 2986B2B617DD50857FC614B64E9BE1F9 2647040 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-12-25 20:36:53 8AFE3CEAF287F9204FC1363A8F2A9B95 1328128 ----a-w- C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-25 20:36:53 5C74B92851352C5DCDD66C59BBE392F6 1442816 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-25 20:36:53 356C54031E21C4790E6C81CDA26F9E0A 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-25 20:36:52 9C9A14B66C06930A4FA8B654D5A1B2AE 1233920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-25 20:36:52 74C8E141400F3B4CE12EE0E657FD91C9 1310880 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2015-12-25 20:36:51 BBF8ACF14694C6E2DA08CA22E7C544A4 961376 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-25 20:36:49 FD47D5526827398C371D100284664078 2049536 ----a-w- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-12-25 20:36:48 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\WINDOWS\SysWOW64\Magnify.exe 2015-12-25 20:36:48 20311DEFD7B8A7D2AB5D5DDAFF505754 774656 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2015-12-25 20:36:47 6A8F5939B9C3170BEB4FF010F5054ED0 2879024 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-25 20:36:47 4900597B180D4A2755B9A6AD5D42A4C7 5455360 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2015-12-25 20:36:39 B9573AE51518377CC31D9F3C92839298 441344 ----a-w- C:\WINDOWS\SysWOW64\dlnashext.dll 2015-12-25 20:36:39 B4308481535382A5B61340A2214E91AD 474624 ----a-w- C:\WINDOWS\SysWOW64\ieui.dll 2015-12-25 20:36:39 7E4A5580F1A7EEB3F235429D857100DD 296960 ----a-w- C:\WINDOWS\SysWOW64\ninput.dll 2015-12-25 20:36:39 5DAAAF8A272B9C8975C444298B5D41EF 480768 ----a-w- C:\WINDOWS\SysWOW64\duser.dll 2015-12-25 20:36:38 9E604C522EC89CA6D7DD22BE94985359 415744 ----a-w- C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-25 20:36:38 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2015-12-25 20:36:34 DF3F02FA4AEB7064FAC76D2E31BE4DC4 311296 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-12-25 20:36:34 3504A001D694E685EB2579164C514FB4 2153984 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2015-12-25 20:36:34 0607E8B28F78AD418D6C0D74203FFA79 749568 ----a-w- C:\WINDOWS\SysWOW64\comdlg32.dll 2015-12-25 20:36:33 6C74B225F2EC7A49DD6F78B7072A5C42 1532984 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-25 20:36:32 BB14EE9FF8DCB98AAA9B1861A3F4DA5A 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-25 20:36:31 C15E2900919126DCE4C2A927D3D45158 464896 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-12-25 20:36:31 29975419D8EE4827301777ECE10AF30F 1380864 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-25 20:36:31 10BD43B952C7A59D31EA976566B624E6 767488 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2015-12-25 20:36:30 99F56FA8CC016E026C38D4CC338B0A15 762888 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-12-25 20:36:30 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\SysWOW64\locale.nls 2015-12-25 20:36:27 BDD296468C14755DB20DB5C22C8880B6 650240 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-12-25 20:36:26 C09CA709007AB00D97A764422E9DB981 92992 ----a-w- C:\WINDOWS\SysWOW64\userenv.dll 2015-12-25 20:36:26 4F5230393F48421846F1EEC44F98148B 539728 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-12-25 20:36:22 E77F8B3D5750F4527A07E45AB6D44588 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-25 20:36:22 6BC30FC482A74A92CDDD59E882F18E63 7168 ----a-w- C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-25 20:36:22 06A41A2D550BBF58552D3C02D0D20825 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-25 20:36:19 45D3CA83474A46D74632700FACF17C90 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-25 20:36:17 4F74D237260EF8F19DB5AAAB2C3D19D2 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll 2015-12-25 20:36:12 4832BCF076EC1B88B0F3D47DEDB5C20F 3580416 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-12-31 09:55:33 04093714DAAEE4ACD408ACF4765462D9 16148 ----a-w- C:\WINDOWS\Sysnative\QTERA69-TOSH_Qtera69_HistoryPrediction.bin 2015-12-26 19:31:28 CE5A4E28D6423278DD8440404B6B5851 103408 ----a-w- C:\WINDOWS\Sysnative\mantleaxl64.dll 2015-12-26 19:31:28 9E881E4739C6BCAA98F2152CAFC3E059 136176 ----a-w- C:\WINDOWS\Sysnative\mantle64.dll 2015-12-26 19:31:27 DF432871A485FD77E6C90197BE0B637D 111600 ----a-w- C:\WINDOWS\Sysnative\hsa-thunk64.dll 2015-12-26 19:31:27 43A7C796566C3A83222567DE189F8D18 12784 ----a-w- C:\WINDOWS\Sysnative\detoured.dll 2015-12-26 19:31:26 7BDE885D471C6478B13E0C32418EEE20 243696 ----a-w- C:\WINDOWS\Sysnative\clinfo.exe 2015-12-26 19:30:48 839B5E291DAFB7C489306844AB2C9989 8982432 ----a-w- C:\WINDOWS\Sysnative\atiumd6a.dll 2015-12-26 19:30:46 E40A33F1DD46469DCFFA4BD5117C61B1 3437632 ----a-w- C:\WINDOWS\Sysnative\atiumd6a.cap 2015-12-26 19:30:44 EAD4B31FE72D70F2BACFC915454E5BE2 8864920 ----a-w- C:\WINDOWS\Sysnative\atiumd64.dll 2015-12-26 19:30:44 DF30135A414649B0A8E8FAD0D61C13C1 130064 ----a-w- C:\WINDOWS\Sysnative\atiu9p64.dll 2015-12-26 19:30:44 A273FBD6DCBB91434E33C1EC2404DFCC 199664 ----a-w- C:\WINDOWS\Sysnative\atitmm64.dll 2015-12-26 19:30:40 D9D76760A606AA2946757BA583538BA2 341488 ----a-w- C:\WINDOWS\Sysnative\ATIODE.exe 2015-12-26 19:30:40 1F5F96AE1C39FC46275D120CB1C0CC7F 59888 ----a-w- C:\WINDOWS\Sysnative\ATIODCLI.exe 2015-12-26 19:30:35 DDFF3EC23045E0B96D9B2212B0B00E31 88000 ----a-w- C:\WINDOWS\Sysnative\atimpc64.dll 2015-12-26 19:30:35 9A407EF63E33D60BD607CA6DC917676F 38384 ----a-w- C:\WINDOWS\Sysnative\atimuixx.dll 2015-12-26 19:30:35 3FC67270212EDDA9B0C3D1276930F830 30775792 ----a-w- C:\WINDOWS\Sysnative\atio6axx.dll 2015-12-26 19:30:30 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\Sysnative\atiglpxx.dll 2015-12-26 19:30:30 B238026AACDDF5D78920DD46F4B8B9CC 168944 ----a-w- C:\WINDOWS\Sysnative\atieah64.exe 2015-12-26 19:30:30 A400AAEA1E6FD94A3874066BA26AE257 83952 ----a-w- C:\WINDOWS\Sysnative\atig6pxx.dll 2015-12-26 19:30:30 3C4EAA6E0C68E6B097F93D08034499FE 165360 ----a-w- C:\WINDOWS\Sysnative\atig6txx.dll 2015-12-26 19:30:25 0924FBECA5B233CCD3F89306D6EBBB50 451056 ----a-w- C:\WINDOWS\Sysnative\atidemgy.dll 2015-12-26 19:30:24 2568D12AF17245F8D8413AC9A8B4EDA5 71152 ----a-w- C:\WINDOWS\Sysnative\aticalrt64.dll 2015-12-26 19:30:22 CDDD4CB320EDAAA9AACEFA117CB0F3FA 15725552 ----a-w- C:\WINDOWS\Sysnative\aticaldd64.dll 2015-12-26 19:30:20 80C04025EB23316D1E9CFCC3E8D52AC5 1256432 ----a-w- C:\WINDOWS\Sysnative\atiadlxx.dll 2015-12-26 19:30:20 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.blb 2015-12-26 19:30:20 3845FDD141F1658CF28A3A199C40ADAF 64496 ----a-w- C:\WINDOWS\Sysnative\aticalcl64.dll 2015-12-26 19:30:20 0789EC00F29DCC4A1441F876B81F15A7 375792 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.exe 2015-12-26 19:30:19 D2075893570DA1B6766977D858FB9508 73712 ----a-w- C:\WINDOWS\Sysnative\OpenCL.dll 2015-12-26 19:30:18 0EF0E1F7B96736DA036A8FA3EC1A389A 9355016 ----a-w- C:\WINDOWS\Sysnative\amdxc64.dll 2015-12-26 19:30:16 42B9C6DE9E3E4F0925AD58DAD8A86B7B 88000 ----a-w- C:\WINDOWS\Sysnative\amdpcom64.dll 2015-12-26 19:30:16 10E49359190C5F9EC0287991260805D4 1070592 ----a-w- C:\WINDOWS\Sysnative\amdocl_ld64.exe 2015-12-26 19:30:14 2C121EDECF6F26ADA8E6B2D5316966A7 1196032 ----a-w- C:\WINDOWS\Sysnative\amdocl_as64.exe 2015-12-26 19:30:02 64C031B2785EFA20232E64CE9A4ED8C8 47794160 ----a-w- C:\WINDOWS\Sysnative\amdocl64.dll 2015-12-26 19:29:55 575504216F2DA99FFAC2DDA8470B2BC7 27544560 ----a-w- C:\WINDOWS\Sysnative\amdocl12cl64.dll 2015-12-26 19:29:48 D2112F5468176F075FAB0B08A142DB6A 471320 ----a-w- C:\WINDOWS\Sysnative\amdmiracast.dll 2015-12-26 19:29:48 A40AD832C19625AAE912E2C8F26686A7 59376 ----a-w- C:\WINDOWS\Sysnative\amdmmcl6.dll 2015-12-26 19:29:47 C8EDC7EFDAE950D1939B9A7E863642C9 213488 ----a-w- C:\WINDOWS\Sysnative\amdgfxinfo64.dll 2015-12-26 19:29:47 5D4ABEC64507FDAF954B867AF85ADA87 6686192 ----a-w- C:\WINDOWS\Sysnative\amdmantle64.dll 2015-12-26 19:29:47 4A8EEFA45D4DE092F9FB557B196BFE0F 143344 ----a-w- C:\WINDOWS\Sysnative\amdhdl64.dll 2015-12-26 19:29:47 038A004CF76AFDC15FA70863D3DC345A 631792 ----a-w- C:\WINDOWS\Sysnative\amdlvr64.dll 2015-12-25 20:37:14 DD032686353CBEA293EBA1710C676533 21872640 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2015-12-25 20:37:12 C075D7FB5304C60CE7296882F299A90D 24592384 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-12-25 20:37:01 5D1F633C10EC9E00211E6C3D429AC1FB 2987520 ----a-w- C:\WINDOWS\Sysnative\esent.dll 2015-12-25 20:36:59 EBBD7066B59D8D0C22E6F59DD22AB486 76800 ----a-w- C:\WINDOWS\Sysnative\browserbroker.dll 2015-12-25 20:36:59 CA7800F03BF0281D4D38E1006618E82E 627712 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2015-12-25 20:36:59 736BB47B4D0F66039E0AB9A7B885D0F0 3248128 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2015-12-25 20:36:58 90F26A12A7F188B48021A4CA8A615026 12504576 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-12-25 20:36:57 544F4E3C4EEBAC2541C6D1D865FA2963 1717248 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2015-12-25 20:36:57 19C4F8570B675E940CFFA9DB25CBDA05 2418688 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2015-12-25 20:36:56 C158F23E5D8581CB50B33D83AC721E93 1795584 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2015-12-25 20:36:55 D6D96E20079D902243690DCBB007F997 2180608 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2015-12-25 20:36:54 162AD130D6F3C5C877F0AD121C1F485E 3622272 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-12-25 20:36:53 C6BA8ADCD2F2A626E01B20D740C5A9AF 1602560 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-12-25 20:36:53 8675E8DC436CFD340C2BEACD29315226 1710592 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2015-12-25 20:36:53 6C291578AD85D4527E83B5E9465BDB6C 1649152 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll 2015-12-25 20:36:52 F04659446D46718E38B3586371720218 1569280 ----a-w- C:\WINDOWS\Sysnative\Windows.Globalization.dll 2015-12-25 20:36:52 B1622CB61E1C2166C0DEADBCDA611378 541024 ----a-w- C:\WINDOWS\Sysnative\mcupdate_GenuineIntel.dll 2015-12-25 20:36:52 7F380DC90B8A045A3F4835D196C35EEB 1366680 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2015-12-25 20:36:52 6300722E8527EC54D426FD00EE5196B2 1068032 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2015-12-25 20:36:51 63CCD4D03566A23A26E00A85452B7816 1392480 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2015-12-25 20:36:49 78760751FBCB900F6F68CA1700DAE2DC 2675200 ----a-w- C:\WINDOWS\Sysnative\Windows.StateRepository.dll 2015-12-25 20:36:48 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\WINDOWS\Sysnative\Magnify.exe 2015-12-25 20:36:48 5E6F27976D0A53CE834D94F55378B9EE 929792 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2015-12-25 20:36:48 4452B7B47A0BA77457B5173D6E46776F 1083072 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2015-12-25 20:36:48 0D75CBD29B38A8D9361033A6884848AF 25280 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2015-12-25 20:36:45 ADDBAD6945DFB0590B053C3BB4B1C833 8020832 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-12-25 20:36:44 08F67B81DA4F6B5D247183915253872C 7523840 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2015-12-25 20:36:42 8F52D8477ED3EF446EC72D087FF6B1F5 355328 ----a-w- C:\WINDOWS\Sysnative\ninput.dll 2015-12-25 20:36:42 4D9B59BCD7FA373D52E5CD9A285C332C 587776 ----a-w- C:\WINDOWS\Sysnative\ieui.dll 2015-12-25 20:36:42 0367B8FA0C41969DD92F489DA5FE664F 603648 ----a-w- C:\WINDOWS\Sysnative\duser.dll 2015-12-25 20:36:41 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2015-12-25 20:36:40 A7C48B051A9C5D5054916DE5BEBBCA2D 579072 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe 2015-12-25 20:36:40 429E7B01BBEB38EA55464918811D3373 515072 ----a-w- C:\WINDOWS\Sysnative\internetmail.dll 2015-12-25 20:36:39 8F643B386A381879A90946ACB6E7F30D 502272 ----a-w- C:\WINDOWS\Sysnative\dlnashext.dll 2015-12-25 20:36:39 19DB66E644058AA880AE20144FA40839 713216 ----a-w- C:\WINDOWS\Sysnative\usermgr.dll 2015-12-25 20:36:38 72C37168B3A428F33D566130382D3D85 523776 ----a-w- C:\WINDOWS\Sysnative\catsrvut.dll 2015-12-25 20:36:37 D4D08AB39F842C640B7F8B1296BDC38C 121344 ----a-w- C:\WINDOWS\Sysnative\DAMM.dll 2015-12-25 20:36:37 7E90F66669509E7BD2B250BC271D94E2 171008 ----a-w- C:\WINDOWS\Sysnative\dot3mm.dll 2015-12-25 20:36:36 E650DD63BF9C8F4369C547B72DC81888 333312 ----a-w- C:\WINDOWS\Sysnative\MusUpdateHandlers.dll 2015-12-25 20:36:36 DF84555A734BA2BDA55BCCCC47095ADD 1015808 ----a-w- C:\WINDOWS\Sysnative\RDXService.dll 2015-12-25 20:36:36 8A216BBE091DA0585F6A5E8B65980961 324096 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2015-12-25 20:36:36 35D3A05A1FE037E866E17E84CEE9CF48 2350592 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2015-12-25 20:36:35 D33C8E7B495A668F4F9740CC93AF6496 453120 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Usb.dll 2015-12-25 20:36:35 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2015-12-25 20:36:33 B3E7A635C248EBF3A9C630917BDD5FA0 1822280 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-12-25 20:36:33 7A4CC6F1945E13BE51FCEE9A2C6C7ABE 572928 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-12-25 20:36:32 E866643717FF953DAC104E9E806F3E27 498688 ----a-w- C:\WINDOWS\Sysnative\WlanMediaManager.dll 2015-12-25 20:36:32 D920A8B070A9BA5C9DEFC3BA7C3883B5 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll 2015-12-25 20:36:32 68AA410BBF3DA69B9F3834EED1BF52EA 270336 ----a-w- C:\WINDOWS\Sysnative\RasMediaManager.dll 2015-12-25 20:36:32 6210B227A7834FFFCA08FBB42F6FF476 126464 ----a-w- C:\WINDOWS\Sysnative\DAMediaManager.dll 2015-12-25 20:36:32 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\WINDOWS\Sysnative\NetworkUXBroker.exe 2015-12-25 20:36:31 C18ED3B56B91A835F019634180349E8A 849408 ----a-w- C:\WINDOWS\Sysnative\comdlg32.dll 2015-12-25 20:36:31 3CCF1EDBF6EC23174F4700E6DB3FFBDF 966416 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll 2015-12-25 20:36:30 ED4208A2A5BE50383153463F7ED08ED4 146944 ----a-w- C:\WINDOWS\Sysnative\EthernetMediaManager.dll 2015-12-25 20:36:30 E68D380E86FBBF7F4466A0DD6CEA0B5B 467456 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2015-12-25 20:36:30 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\Sysnative\locale.nls 2015-12-25 20:36:29 2417466C4F7DE615EFD9717CB569322F 826880 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-12-25 20:36:27 C56E82DA13F1433C7E8AC8E31529E41E 949760 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2015-12-25 20:36:27 74C965E6A46F070196BDBC1CBD7DB8F8 607408 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2015-12-25 20:36:26 98EAC529E0F9A1566E9E19D4667854EC 181760 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll 2015-12-25 20:36:26 01074D7E7370E7A7CAFF0DC442C89794 113184 ----a-w- C:\WINDOWS\Sysnative\userenv.dll 2015-12-25 20:36:25 20E8B4BD322195D30C781BED86FA81C8 185344 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2015-12-25 20:36:23 AE15D9860C287112D57062E24FCD6EB9 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZE.DLL 2015-12-25 20:36:23 69B49DECE9996743DB231D06F49701B2 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZEL.DLL 2015-12-25 20:36:23 50B2D1C6E83407093678C0B0791F4B74 7168 ----a-w- C:\WINDOWS\Sysnative\kbdgeoqw.dll 2015-12-25 20:36:22 E6B7193FF6E1FBFD644E0D5545A6E779 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZST.DLL 2015-12-25 20:36:17 38C714192315DD02561D30FCFE693736 771072 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2015-12-25 20:36:17 141ABE24124CB1E25954E9D52FF1B999 67072 ----a-w- C:\WINDOWS\Sysnative\profext.dll 2015-12-25 20:36:13 9E5E7D977A316EE3BBD4F44903EC954B 4792320 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-12-25 15:32:08 C514A8F4AC22AFAFE54B7CA515BBEAE2 386096 ----a-w- C:\WINDOWS\Sysnative\aswBoot.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2015-12-26 19:30:19 4FF0FE695EDB2326F268377EBD546957 52208 ----a-w- C:\WINDOWS\Sysnative\drivers\ati2erec.dll 2015-12-25 20:36:46 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2015-12-25 20:36:42 A3D96563BF46FC8A0E5756B796127D14 577888 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2015-12-25 20:36:40 91756EE69E63D66F77E3B791D33F7078 459104 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys 2015-12-25 20:36:37 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2015-12-25 20:36:34 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2015-12-25 20:36:32 D42AC03ACF9CA67693D1D9BB4D2A0BC8 116064 ----a-w- C:\WINDOWS\Sysnative\drivers\tdx.sys 2015-12-25 20:36:26 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\usb8023.sys 2015-12-25 20:36:25 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-12-25 20:36:23 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\WINDOWS\Sysnative\drivers\gpuenergydrv.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-12-26 19:41:58 -------- d-----w- C:\Program Files\ATI Technologies ======= C:\PROGRA~2 ===== 2015-12-27 19:21:19 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-12-25 15:09:55 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-12-25 15:09:54 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\Qtera69\AppData\Roaming ====== 2015-12-29 13:06:57 5A545FE3F93936F595DAA9647167790B 7604 ----a-w- C:\Users\Qtera69\AppData\Local\Resmon.ResmonCfg 2015-12-27 20:02:26 -------- d-----w- C:\Users\Qtera69\AppData\Local\Temp ====== C:\Users\Qtera69 ====== 2015-12-28 10:15:18 76F7569DB01B4D65431B0E6BBBDD261D 1743360 ----a-w- C:\Users\Qtera69\Downloads\adwcleaner_5.026 (1).exe 2015-12-28 09:59:25 76F7569DB01B4D65431B0E6BBBDD261D 1743360 ----a-w- C:\Users\Qtera69\Downloads\adwcleaner_5.026.exe 2015-12-27 20:09:47 -------- d-----w- C:\ProgramData\ATI 2015-12-27 20:08:18 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\.oracle_jre_usage 2015-12-27 19:21:05 -------- d-----w- C:\Users\Qtera69\.oracle_jre_usage 2015-12-27 19:19:48 54760F6D9991A94FE0B6CD83AE8377B4 584288 ----a-w- C:\Users\Qtera69\Downloads\JavaSetup8u66.exe 2015-12-26 19:42:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-12-26 19:13:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Qtera69\Downloads\RSITx64 (2).exe 2015-12-26 19:11:50 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Qtera69\Downloads\RSITx64 (1).exe 2015-12-25 15:26:32 8141DC2382882BD14BE556D7CA8650C3 4779896 ----a-w- C:\Users\Qtera69\Downloads\spsetup124.exe 2015-12-25 14:46:47 BD4122D5B2830C8DB3992CB9D2920F0E 6677440 ----a-w- C:\Users\Qtera69\Downloads\ccsetup510.exe ====== C: exe-files == 2015-12-27 19:20:43 FDF059C05249FAEA0221ED65CD59A9C8 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe 2015-12-27 19:20:43 F003BBCB09CACF8A9F4CE0C67A2D6E63 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe 2015-12-27 19:20:43 EFC80BC662BCC20B0B09700636FDC732 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe 2015-12-27 19:20:43 D8EEED21B06866E85DA30485F5059FF6 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe 2015-12-27 19:20:43 CA51FB3FE5012E21D9A14AC071527866 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe 2015-12-27 19:20:43 ADAF1151B29D2D1691FA027B6C55B3D7 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe 2015-12-27 19:20:43 A9E84AD3536425BC68263B723C2442E4 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe 2015-12-27 19:20:43 8977B87AB10AB1DA8769CA0053B401B0 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe 2015-12-27 19:20:43 7BE9BE6E15653824A28F5CED6B273588 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe 2015-12-27 19:20:43 7BDD7F1BC2A20971DEE17B6920D61BBC 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe 2015-12-27 19:20:43 73368169BFD965EC6257E77C23CED879 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe 2015-12-27 19:20:43 525027DF51378DDA25F0F52C20BCB132 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe 2015-12-27 19:20:43 46AB480B01CD30801B3AE89B5AAE75A8 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe 2015-12-27 19:20:43 3B306D41F07396975ECE34A860BD9036 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe 2015-12-27 19:20:43 36A44033C6B970F95E2A1448F4481CEA 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe 2015-12-27 19:20:43 28FB06FC63D5817153B5502A49DF3F00 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe 2015-12-27 19:20:43 17A8DD2484DC26E38DFE3209C8B36980 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe 2015-12-27 19:20:43 0B82777B13B81417E5520DF7B1E8C319 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe 2015-12-27 19:20:43 0A3936FE18FC04350159A1E647201501 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe 2015-12-27 19:20:43 092F4D3C25F3086D4C7FDEC79DD71302 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe 2015-12-27 19:20:43 04D67FF5044A605F1E7D923A1D6F1751 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe 2015-12-26 19:30:55 B16CBF710BAC6FE3EA52C88C886870B2 96779808 ----a-w- C:\Program Files\AMD\CCC2\Install\ccc2_install.exe 2015-12-25 20:36:26 7A271F804E4A779646E972BEF9A16CFE 384280 ----a-w- C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe 2015-12-25 20:36:25 B048B365333B4DA075512D67A88AE393 815808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-12-25 20:36:25 96520EEF483B102EFD98B6B246B0EE1D 818880 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2015-12-25 20:36:23 116A528112CDE77F28D4C8C9CE210C52 21216 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe === C: other files == 2015-12-27 19:20:43 4DB4B1F67E583B41F841F48254BE38E3 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3587330891-1572245818-3806218168-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "Spotify Web Helper"="C:\Users\Qtera69\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify"="C:\Users\Qtera69\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_USERS\S-1-5-21-3587330891-1572245818-3806218168-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "IJNetworkScanUtility"="C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "Spotify Web Helper"="C:\Users\Qtera69\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify"="C:\Users\Qtera69\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" "Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\00TCrdMain] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="00TCrdMain" "hkey"="HKLM" "command"="%ProgramFiles%\\TOSHIBA\\FlashCards\\TCrdMain.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HSON] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HSON" "hkey"="HKLM" "command"="%ProgramFiles%\\TOSHIBA\\TBS\\HSON.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KeNotify] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KeNotify" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\TOSHIBA\\Utilities\\KeNotify.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBAgent" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Nero\\Nero BackItUp & Burn\\Nero BackItUp\\NBAgent.exe\" /WinStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartFaceVWatcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SmartFaceVWatcher" "hkey"="HKLM" "command"="%ProgramFiles%\\Toshiba\\SmartFaceV\\SmartFaceVWatcher.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Teco] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Teco" "hkey"="HKLM" "command"="\"%ProgramFiles%\\TOSHIBA\\TECO\\Teco.exe\" /r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosSENotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosSENotify" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\TOSHIBA HDD SSD Alert\\TosWaitSrv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosVolRegulator] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosVolRegulator" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\TosVolRegulator\\TosVolRegulator.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosWaitSrv] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosWaitSrv" "hkey"="HKLM" "command"="%ProgramFiles%\\TOSHIBA\\TPHM\\TosWaitSrv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TPwrMain] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TPwrMain" "hkey"="HKLM" "command"="%ProgramFiles%\\TOSHIBA\\Power Saver\\TPwrMain.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Qtera69\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ALG] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BDESVC] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-12-2015 15:44] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-02-2015 14:37] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-02-2015 14:37] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"] "C:\WINDOWS\SysNative\tasks\Trojan Killer" ["C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe"] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [25-12-2015 16:32] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25-12-2015 16:31] selector is not a valid CSS selector - Qtera69\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Chrome Web Store Payments - Qtera69\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{3123D9EE-2B7A-4090-A2E6-7B888249D2F5} - http://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2 HKCU\SearchScopes\{CE735D6A-5794-4B4A-A9FB-B3C967E53F3C} - http://rover.ebay.com/rover/1/1346-71494-26233-7/4?satitle={searchTerms} ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [uTorrent] "C:\Users\Qtera69\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Qtera69\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Spotify] "C:\Users\Qtera69\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Qtera69\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Qtera69\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Qtera69\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Qtera69\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Qtera69\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Qtera69\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=170 folders=56 36100891 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Qtera69\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 31-12-2015 at 11:47:39,43 ======================