Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Cilia -- on zo 20-03-2016 at 14:00:00,59. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 20-3-2016 14:03:49 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Comms deleted successfully C:\Users\PC\AppData\Local\ActiveSync deleted successfully C:\Users\PC\AppData\Local\CloneMe deleted successfully C:\Users\PC\AppData\Local\CrashDumps deleted successfully C:\Users\PC\AppData\Local\EmieSiteList deleted successfully C:\Users\PC\AppData\Local\EmieUserList deleted successfully C:\Users\PC\AppData\Local\PackageAware deleted successfully C:\Users\PC\AppData\Local\Skype deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 55mm v6 for Adobe Photoshop & Compatible Applications Adobe Acrobat Reader DC - Nederlands Adobe Acrobat X Pro - Italiano, Espa¤ol, Nederlands, Portuguˆs Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Digital Editions 4.0 Adobe Help Manager Adobe Refresh Manager Adobe Widget Browser Alien Skin Exposure Alien Skin Eye Candy 5 Impact Alien Skin Eye Candy 5 Nature Alien Skin Eye Candy 5 Textures Alien Skin Snap Art Alien Skin Xenofex 2.0 AnyMP4 DVD Toolkit 6.0.38 AOMEI Partition Assistant Standard Edition 5.5 Apple Application Support Apple Software Update Artistic Effects by Lokas Software AVI to DVD Converter bl Boris Graffiti CCleaner CloneDVD 4.1.0.23 CloneMe Color Efex Pro 3.0 Complete Contents Corel PaintShop Photo Pro X3 Corel PaintShop Pro X5 CyberLink PowerDVD 15 D3DX10 Definition Update for Microsoft Office 2010 (KB3114887) 64-Bit Edition DeviceIO Digimax Master Dropbox Dropbox Update Helper EPSON Attach To Email EPSON Copy Utility 3 Epson Event Manager EPSON File Manager Epson Gebruikershandleiding XP-600 Series Epson Netwerkhandleiding XP-600 Series EPSON Scan EPSON Scan Assistant EPSON XP-600 Series Printer Uninstall EpsonNet Print Eye Candy 4000 FileZilla Client 3.14.1 FM Patcher 1.01 GetSmile v1.901 Google Chrome Google Update Helper Handleiding Epson Connect Hauppauge WinTV 7 HTML-Kit ICA ImgBurn ImTOO DVD to AVI Converter Incomedia WebSite X5 v10 - Evolution IPM_PSP_COM IPM_PSP_Pro Jasc Animation Shop 3 Junk Mail filter update KPN Back-up Online KPN Internet Veiligheidspakket KQEMU virtualisation module for QEMU Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Outlook 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MLE MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec namesuppressed Softener Nero 7 Essentials Notepad++ NVIDIA-configuratiescherm 341.92 NVIDIA 3D Vision stuurprogramma 341.92 NVIDIA Grafisch stuurprogramma 341.92 NVIDIA Install Application NVIDIA Stereoscopic 3D Driver NVIDIA Update 10.4.0 NVIDIA Update Core Paint Shop Pro 7 Try And Buy PDF Settings CS6 PerfV10_V100 Gebr. handl. ph Photo Common Pinnacle Instant DVD Recorder Pinnacle Studio 12 Pinnacle Studio 12 Ultimate Plugins Pinnacle videodriver PowerDVD proDAD Vitascene 1.0 PSP Thumbnail Handler PSPH10Pro PSPPContent PSPPHelp PSPPRO_DCRAW PSPPro64 PureHD QuickTime Realtek High Definition Audio Driver Redfield Plugins Samsung Kies3 SAMSUNG Mobile Composite Device Software SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Drive Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung USB Driver Samsung USB Driver for Mobile Phones Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition Security Update for Microsoft Excel 2010 (KB3114759) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085612) 64-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3114396) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition Security Update for Microsoft Word 2010 (KB3114878) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition SES Driver Setup Share Share64 Skype Click to Call SkypeT 7.18 Smart Switch Spotify Sqirlz Water Reflections Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 11 Total Commander (Remove or Repair) Ulead GIF Animator 5 Ulead Particle.Plugin 1.0 Unchecky v0.4.3 Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition Update for Microsoft Office 2010 (KB3054977) 64-Bit Edition Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition Update for Microsoft Office 2010 (KB3085512) 64-Bit Edition Update for Microsoft Office 2010 (KB3114555) 64-Bit Edition Update for Microsoft Office 2010 (KB3114750) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition Update for Microsoft Project 2010 (KB3114891) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition USB Mass Storage Reader VIO Vizros Plug-ins 4.1 VLC media player 2.0.5 WD Quick View WD SmartWare WD SmartWare Installer Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series WinRAR 5.10 beta 2 (64-bit) Xenofex 1.0 ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\WINDOWS\SysWOW64\MeDM.exe C:\Program Files (x86)\Wintv\TVServer\HauppaugeTVServer.exe C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSMA32.EXE C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\fsgk32st.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\PROGRA~2\Wintv\TVServer\CAPTUR~3.EXE C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\fssm32.exe C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\GetSmile\getsmile.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSLAUNCH.EXE C:\Users\PC\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Funny Bear Studio deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\55mm v6 for Adobe Photoshop & Compatible Applications deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3 deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\Wininit.ini deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted "C:\Users\PC\AppData\Local\{2553C1FB-0FD1-4B4C-85EE-93CB7FA86CD4}" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 4095 MB CPU Info: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz CPU Speed: 2802,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce 9500 GT | NVIDIA GeForce 9500 GT Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (Z: | ) Z: Optiarc DVD RW AD-5260S Ports: COM1 LPT1 Mouse: 4 Button Wheel Mouse Present Hard Disks: C: 318,8GB | D: 146,5GB | E: 97,7GB | F: 100,7GB | G: 135,2GB | H: 97,7GB | M: 931,5GB | R: 99,7GB Hard Disks - Free: C: 197,0GB | D: 114,9GB | E: 74,7GB | F: 100,1GB | G: 28,3GB | H: 87,8GB | M: 820,5GB | R: 88,5GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 09/16/08 | GBT - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. EP31-DS3L Country: Nederland Language: NLD ==== System Specs (Software) ====================== Internet Explorer Version: 11.162.10586.0 Google Chrome version: 49.0.2623.87 Adobe Reader version: 15.10.20056.167417 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\PC\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-03-09 19:53:13 D641F5B6C115C334FD990827979028F3 18677760 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-03-09 19:53:11 00CE414BA74B576960B559C8C2674106 19339776 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-09 19:53:01 780795062541AF34415CCCE4072FBBB8 12586496 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll 2016-03-09 19:52:59 05B81C404A34101E1DC17C0D9A67EA32 5321728 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 19:52:58 C97B5BEADC79FFC5DAF1C9011CAE796B 5242496 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2016-03-09 19:52:58 AA20E6BCDC5A617F4333EE5EEE3CC79E 5661696 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-03-09 19:52:54 2BECAD7E55AB723F361254477270ED2F 1707520 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-03-09 19:52:52 2D0C2AB110A51895D9D1E875201013DE 1557768 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-03-09 19:52:49 A34EDEA5F401143A0190642EABA28518 709688 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll 2016-03-09 19:52:49 4B9DE8EAA2E16C34E018749F325BAEFF 949248 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll 2016-03-09 19:52:48 C012CE3AB0120D01C75EDBB869AC463E 523752 ----a-w- C:\WINDOWS\SysWOW64\dxgi.dll 2016-03-09 19:52:47 EB5DBA11B7C79B28A759AF12F03A17BB 769536 ----a-w- C:\WINDOWS\SysWOW64\ContactApis.dll 2016-03-09 19:52:47 DB6C9645A16676FDE0D730CB05D8F6E1 1443328 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-03-09 19:52:47 A8EF9AEDACF24908E12E910BF3977DC9 703840 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-03-09 19:52:46 AD1B282BDE4A19D7CE2D405409DBB8D0 1497088 ----a-w- C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-03-09 19:52:45 B073C14F8B76DF8652415488C22F10A1 670928 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll 2016-03-09 19:52:44 952D6065F133D9525B399E6274CFE027 793600 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-03-09 19:52:44 620737C11CD32E03299E0B60BC896230 552960 ----a-w- C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-03-09 19:52:43 CA57FE09C1255009C9AC1462B7D7264D 957608 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-03-09 19:52:42 EC21FC40C74206DAB19F1A8F9132EFAB 890368 ----a-w- C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-03-09 19:52:42 9B60985A87BA2FED9F57DA30F191098E 315904 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-09 19:52:41 38EE252AD45EB7D6834F718B9487D3F9 538736 ----a-w- C:\WINDOWS\SysWOW64\wer.dll 2016-03-09 19:52:40 C406A5FDC8A1ECF2A9632F302B7D0EC3 294752 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-03-09 19:52:40 856AD15FD2D187EA8435564A135C85C0 228352 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-03-09 19:52:39 65D0043F608A12AF75ED37A65AFB906B 342528 ----a-w- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-03-09 19:52:38 D1817C1F148C21EC4403186D731DF042 540752 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-03-09 19:52:37 AC42505CBCEE5825BB2695C34E43B1D0 184832 ----a-w- C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-03-09 19:52:36 4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB 220064 ----a-w- C:\WINDOWS\SysWOW64\sqmapi.dll 2016-03-09 19:52:35 395F9E50709FAE503C339047207E46CF 540160 ----a-w- C:\WINDOWS\SysWOW64\ChatApis.dll 2016-03-09 19:52:34 4591BC3EC5FD8336642F8B94EABD4D4F 187744 ----a-w- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-03-09 19:52:33 160CC95D34D62B6A72F9E4E3EE52EBCC 369664 ----a-w- C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-03-09 19:52:32 DD73501C379ABF585DC7CC1765BE8E2E 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-09 19:52:32 5A212173FC0622865F409B16ED77C9DF 98304 ----a-w- C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-03-09 19:52:27 2C84609F09FD003FA955567D395EEA8A 575488 ----a-w- C:\WINDOWS\SysWOW64\EmailApis.dll 2016-03-09 19:52:25 56315A6A6598E701BB0A5F506DA6143E 200704 ----a-w- C:\WINDOWS\SysWOW64\cemapi.dll 2016-03-09 19:52:23 B315EB17077EF082A79922D4EA47DBF4 163328 ----a-w- C:\WINDOWS\SysWOW64\fwbase.dll 2016-03-09 19:52:23 3547D79A60007624BFEBAFCAE158E992 169984 ----a-w- C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-03-09 19:52:19 8CE4D365EF60DA0A098757371DD43752 88576 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-09 19:52:18 05B15BD9C92BE52F35A2295B22C5D892 168448 ----a-w- C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-03-09 19:52:17 7A2A3BAAA05C8124D95B2915E904F900 141664 ----a-w- C:\WINDOWS\SysWOW64\wermgr.exe 2016-03-09 19:52:17 43AE8C9F7D031AB3DBEADA4C17D8C682 150528 ----a-w- C:\WINDOWS\SysWOW64\VCardParser.dll 2016-03-09 19:52:16 97E96ABEBCB6CF556406781C47C5282A 78848 ----a-w- C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-09 19:52:14 3B1F2F6F89F3F4ED75C5FADDB2E7CFE1 56320 ----a-w- C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-03-09 19:52:14 259517866C369BCC5990292BCB57E709 223744 ----a-w- C:\WINDOWS\SysWOW64\ExSMime.dll 2016-03-09 19:52:14 15E75D27F0C67A7A21D5A514601F0E5A 135168 ----a-w- C:\WINDOWS\SysWOW64\AppxSip.dll 2016-03-09 19:52:11 242708810A22D373904539EDF39FFAD1 196608 ----a-w- C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-03-09 19:52:09 E34395496B11CF5C8C5B6D2E438BFA43 18944 ----a-w- C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-03-09 19:52:07 93B7ED5F44D9C3FB0A74C059E1B9E68B 89088 ----a-w- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-03-09 19:52:07 75B5C1588D3703F44004D3EB2BD358AD 129024 ----a-w- C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-03-09 19:52:06 CA2EA5401563387162E61444AE15AF59 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll 2016-03-09 19:52:06 1AEBF2230422716D8CE1BEBCBAE961D3 48128 ----a-w- C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-09 19:52:05 39E7BAB659A6AB4419A908E578BE7029 56320 ----a-w- C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-09 19:52:02 392434472351B2DA0499AEC962E988CE 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-03-09 19:52:01 31657EDEEA6039E71C708BDA61AB62D5 37888 ----a-w- C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-09 19:51:58 7734BD0E9C8ED7DC48F559A67D0A79F4 20480 ----a-w- C:\WINDOWS\SysWOW64\wfapigp.dll 2016-03-09 19:51:57 9DEB4C56FAAB147839BF68B6C28A38FC 164864 ----a-w- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-03-09 19:51:56 EBD26D676238C0B3938AFF925043576F 394752 ----a-w- C:\WINDOWS\SysWOW64\werui.dll 2016-03-09 19:51:54 978D6640C869D7FA4FCDD877E4A5C2C7 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-03-09 19:51:54 6FA3485DB4DE58EE9E73597CAC493AB4 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-03-09 19:53:20 3ED081A1F371E63BC6DA0327E1E51D22 22376960 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-03-09 19:53:18 83012CF88DF6EC835B2308941B47CA8A 7474528 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-03-09 19:53:17 722FA682ED9EA8B85FA843A5C8F39E61 2273792 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-03-09 19:53:17 32509061F29DA432B62336A4462ADEBF 3593216 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-03-09 19:53:15 408E62A03168C0016B986C80ECFD088C 24600576 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-03-09 19:53:06 6E04BBE242E2889B37300C4DF5CE1126 3449168 ----a-w- C:\WINDOWS\Sysnative\WSService.dll 2016-03-09 19:53:06 3E80E2B0C0010154CC504DC51BE21968 14252544 ----a-w- C:\WINDOWS\Sysnative\wmp.dll 2016-03-09 19:53:05 797497201A406D6CFDB72FE0545F990C 6972416 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-03-09 19:53:02 EB850DDF36D7462F1ADC1B6A329CE266 7835648 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-03-09 19:53:00 597AA6F5B21B1B15C87982FAFD1555EE 6607080 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2016-03-09 19:52:55 E4AFFF129D51A779B75164CB6D077FC1 1831936 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-03-09 19:52:54 6F9775D843AA4595A3F60A60829B11A9 1098752 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll 2016-03-09 19:52:54 6855984AA46D2452A7C518787E1F2643 1996288 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-03-09 19:52:51 92F74BF86088520654BD5636A69E37F1 848168 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll 2016-03-09 19:52:51 7C6B51E0233814D401905289AFD27BC5 1390592 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-03-09 19:52:50 39D5E08E69BFC5CBFA94EE09656D6427 1713664 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-03-09 19:52:50 15D174719872A30F2FDD6B5B1B8BA5D9 1613664 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll 2016-03-09 19:52:50 0088614FE67298E6996AD19B05AE90C7 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-03-09 19:52:48 D169A4C1EDA2F63545628420014F2FE3 808800 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-03-09 19:52:48 96BAB1499995B85B91C312BA5114CA03 1322248 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-03-09 19:52:48 21098276051C6BEBBA7C8EB79AAF4E22 938496 ----a-w- C:\WINDOWS\Sysnative\ContactApis.dll 2016-03-09 19:52:47 CB902A15DD21B363FECA5DCCF34F5C57 1224704 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll 2016-03-09 19:52:46 BAEFEFB04D7F9A554C029FBA52A02BB8 652392 ----a-w- C:\WINDOWS\Sysnative\dxgi.dll 2016-03-09 19:52:45 45FDB4ACF680DF92D6510F77E7FF3E7F 713568 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-03-09 19:52:45 3932940E0DB7A31B00A415F6B3D3E242 700416 ----a-w- C:\WINDOWS\Sysnative\AppointmentApis.dll 2016-03-09 19:52:43 F7526C133AC265F283012E9CD751F873 625000 ----a-w- C:\WINDOWS\Sysnative\ClipSVC.dll 2016-03-09 19:52:43 751F5B6AF16546162E06211AF1FC2979 794888 ----a-w- C:\WINDOWS\Sysnative\mfds.dll 2016-03-09 19:52:43 4098813724BDAC23A74DD6E75CA360CC 450560 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll 2016-03-09 19:52:42 96B060E7FDDD6E2902282C12C3BFD6AE 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-03-09 19:52:42 6D31FB3E4263749BD994B3895322D799 982016 ----a-w- C:\WINDOWS\Sysnative\AppxPackaging.dll 2016-03-09 19:52:42 56027D21265759F4EADD0555E7915D9A 957952 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-03-09 19:52:41 8465AF051B7C887C0D163AB939FDF570 358752 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-03-09 19:52:40 9CB84B6398F10BCF0CE357F2C7B6056D 286720 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll 2016-03-09 19:52:39 3CE8EBC0B1A74A7AC639C5FAFC549CCA 436736 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentClient.dll 2016-03-09 19:52:39 333F190DFAE2E1EE500234B78ADDA297 640472 ----a-w- C:\WINDOWS\Sysnative\wer.dll 2016-03-09 19:52:38 46D84D62993CEB88542EFA438F4D6E82 167936 ----a-w- C:\WINDOWS\Sysnative\dafBth.dll 2016-03-09 19:52:37 3DF25A56F18D2AB4CF58C1300C8CD323 2158592 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-03-09 19:52:36 F01ADB9BD13B60B6AB9538447F901921 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-03-09 19:52:36 C78D43083400B8FAE408FEB1E99F9DA8 1847808 ----a-w- C:\WINDOWS\Sysnative\WMPDMC.exe 2016-03-09 19:52:35 CD8C4364BC6040C0226638EF37E13CBB 161280 ----a-w- C:\WINDOWS\Sysnative\CallHistoryClient.dll 2016-03-09 19:52:35 553F19DC6F3F73545CB17FCD7A8AE37B 870912 ----a-w- C:\WINDOWS\Sysnative\MPSSVC.dll 2016-03-09 19:52:35 2BCCAEB08EAF8C5D6BD024B3F020D0EA 790528 ----a-w- C:\WINDOWS\Sysnative\EmailApis.dll 2016-03-09 19:52:34 61C99C1A4BB5EE14563ED321A859ACB6 726528 ----a-w- C:\WINDOWS\Sysnative\ChatApis.dll 2016-03-09 19:52:33 215C9C65601378F56BEECDECBD1EF4AE 216416 ----a-w- C:\WINDOWS\Sysnative\AppxAllUserStore.dll 2016-03-09 19:52:32 497EB340D13433E8FE53625103E0C2D0 146432 ----a-w- C:\WINDOWS\Sysnative\AuthBroker.dll 2016-03-09 19:52:28 1D00BBEEE33FA7F64A8CBFF471968CB0 195072 ----a-w- C:\WINDOWS\Sysnative\VCardParser.dll 2016-03-09 19:52:27 68B34C3558BEE0F6B822FA603E9AE441 258280 ----a-w- C:\WINDOWS\Sysnative\sqmapi.dll 2016-03-09 19:52:27 47323DE2A684895004CE63EC66FB4AB4 401408 ----a-w- C:\WINDOWS\Sysnative\sharemediacpl.dll 2016-03-09 19:52:26 B8CBDF64077D764D26E6E0255270B7BF 224256 ----a-w- C:\WINDOWS\Sysnative\PackageStateRoaming.dll 2016-03-09 19:52:25 5D88798FC34BB61C74256CDD66BDD205 318976 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll 2016-03-09 19:52:24 907B65AD953EA159B573A0BCC82F6DB0 243712 ----a-w- C:\WINDOWS\Sysnative\cemapi.dll 2016-03-09 19:52:23 DD57E9F1482E1A9BD2514F6D017DF58A 258560 ----a-w- C:\WINDOWS\Sysnative\UserDataAccountApis.dll 2016-03-09 19:52:20 5B50521452D87A439A87B1EAEBC138C7 208896 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll 2016-03-09 19:52:20 04F7878E7017105AB782353231561749 252928 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenance.dll 2016-03-09 19:52:19 F66EEB5365413D4B968C5B51D25F88B8 141560 ----a-w- C:\WINDOWS\Sysnative\AuthHost.exe 2016-03-09 19:52:19 4C3A93515CA70A7017CBA3A6A95CF080 121856 ----a-w- C:\WINDOWS\Sysnative\AppointmentActivation.dll 2016-03-09 19:52:16 E432FCF8572682126C3362AA856DC4AE 221184 ----a-w- C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll 2016-03-09 19:52:16 95D2BD6AC94FB337AF69F8AFE056BEBE 147808 ----a-w- C:\WINDOWS\Sysnative\wermgr.exe 2016-03-09 19:52:16 7185B16516478DF0061C2561C1B072CE 228352 ----a-w- C:\WINDOWS\Sysnative\wsqmcons.exe 2016-03-09 19:52:15 98112F9B965646D338896FD7B13BB32E 1173344 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-03-09 19:52:15 77B2F9C522467B1FC8770028D09534DB 91648 ----a-w- C:\WINDOWS\Sysnative\asycfilt.dll 2016-03-09 19:52:14 E78793375E53690605E4441078CCBF84 87552 ----a-w- C:\WINDOWS\Sysnative\AppxSysprep.dll 2016-03-09 19:52:14 A249C98D869623F1AF0DB4BCFFF6D2A8 68096 ----a-w- C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll 2016-03-09 19:52:11 EEA1E99FBC7D91A1A271012F2B4567BB 60416 ----a-w- C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll 2016-03-09 19:52:11 AFAF7063071A1124985A63382B2BC34C 161792 ----a-w- C:\WINDOWS\Sysnative\AppxSip.dll 2016-03-09 19:52:11 5548D83C60E37CBB1B451A1108D4142C 513888 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-03-09 19:52:10 DEFF4C7B937F60923980D4BB7D1724B8 274944 ----a-w- C:\WINDOWS\Sysnative\ExSMime.dll 2016-03-09 19:52:09 FBC8C56814642A7CA88ACBCA8DD1121F 145408 ----a-w- C:\WINDOWS\Sysnative\dssvc.dll 2016-03-09 19:52:09 6A5290128257BC733107E7819648CA76 526336 ----a-w- C:\WINDOWS\Sysnative\FirewallAPI.dll 2016-03-09 19:52:08 EBD07BD20B5E0E92A398566EF8720F79 31232 ----a-w- C:\WINDOWS\Sysnative\seclogon.dll 2016-03-09 19:52:08 E9B10E704AD5B1BA5E531809C89A085B 93184 ----a-w- C:\WINDOWS\Sysnative\wpninprc.dll 2016-03-09 19:52:08 9AE80C03EA83537F17B286ECBBA13D43 184320 ----a-w- C:\WINDOWS\Sysnative\fwbase.dll 2016-03-09 19:52:07 E1D8055043DF089DB8ADB67C21DF2CC4 70656 ----a-w- C:\WINDOWS\Sysnative\POSyncServices.dll 2016-03-09 19:52:07 AA97AC06BFA15DA23C7C9C145A226C2D 25600 ----a-w- C:\WINDOWS\Sysnative\wfapigp.dll 2016-03-09 19:52:07 3F8466CC13D1F614C8FAC24B1C030D59 214528 ----a-w- C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll 2016-03-09 19:52:06 DD877B48C28AB34197AD88902971B81D 45056 ----a-w- C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll 2016-03-09 19:52:06 B6877446C93D3110E56C90CF13CBEC89 45568 ----a-w- C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll 2016-03-09 19:52:06 70BA4CAAC5D621DCE88082DA0B1FF014 23552 ----a-w- C:\WINDOWS\Sysnative\ExtrasXmlParser.dll 2016-03-09 19:52:06 020AD2DA67F206DC160053F88454A0D4 111616 ----a-w- C:\WINDOWS\Sysnative\UserDataTimeUtil.dll 2016-03-09 19:52:00 F6B9E6CB351D86A0C318B37E14B97656 196608 ----a-w- C:\WINDOWS\Sysnative\fwpolicyiomgr.dll 2016-03-09 19:52:00 0FEE16BB03B1A97A70121165E7414903 67584 ----a-w- C:\WINDOWS\Sysnative\profext.dll 2016-03-09 19:51:58 BF0B4D43097A7FEFE3F7F9EEC13C31FB 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-03-09 19:51:58 BE8C62B0B7BBA8F1152A6A7FCF248404 915456 ----a-w- C:\WINDOWS\Sysnative\configurationclient.dll 2016-03-09 19:51:58 2771EBB565F5C121E66060B173991D4D 1490432 ----a-w- C:\WINDOWS\Sysnative\UserDataService.dll 2016-03-09 19:51:57 A74CEC306AB99D74559F7075EDB60A9B 451584 ----a-w- C:\WINDOWS\Sysnative\werui.dll 2016-03-09 19:51:57 703430E9FFF072334B247B5E88428331 288768 ----a-w- C:\WINDOWS\Sysnative\vaultcli.dll 2016-03-09 19:51:56 B37F21B4C25BF10605A196791F93E324 360448 ----a-w- C:\WINDOWS\Sysnative\vaultsvc.dll 2016-03-09 19:51:55 2C8130AFF9C3F0E99DE4B52A0A187CB3 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-03-09 19:51:55 023338E1DA5B6E5C2EFC7E5ADA7929C5 685568 ----a-w- C:\WINDOWS\Sysnative\scapi.dll 2016-03-09 19:51:54 52623F9ED4D00357F3874DD31BB232FD 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-03-12 13:18:09 5919430EC0FD1CBBB869961BDACB008C 27320 ----a-w- C:\WINDOWS\Sysnative\drivers\ChangeTracker.sys 2016-03-09 19:52:55 F45665E77D11F3C1552EDBEAD1559DC8 1997152 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-03-09 19:52:47 33190E86460C4FF7382848187463DC28 576864 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-03-09 19:52:31 64D4F5DE44B64B8284BADE5819B5195A 394080 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-03-09 19:52:17 8949F77132A4F8F3BA17C6727099F002 127840 ----a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2016-03-03 19:26:52 58BFFEF692A47FCE3FAAEDBC8F3DCBBB 2152288 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-03-03 19:25:55 70165A0A2653FB8AFDE3D85000727F29 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-03-03 19:25:53 A4411C522D41707D5BCA817A5BB9E30B 114688 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2016-03-03 19:25:50 F871CE85AF64D81A9CB6C361CF797144 185184 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-03-03 19:25:49 DBACD4E4FE191D0CE7C624ACA389535E 29696 ----a-w- C:\WINDOWS\Sysnative\drivers\xinputhid.sys 2016-03-03 19:25:48 0B3B0C1D86050355676640488FA897D3 430944 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2016-03-03 19:25:46 F279536122B83FD0D8E158AA753E1B7C 238592 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys 2016-03-03 19:25:46 469441BAE3FF8A16826FC62C51EF5E18 563552 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2016-03-03 19:25:45 EDDB0D726DBECDFC1DBCC6DB464E5A13 146272 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2016-03-03 19:25:41 B7E1CAA9429E4C3E7E01CB35B97E1536 534368 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2016-03-03 19:25:38 1A490555FD330CA2764D89191177C867 285696 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys 2016-03-03 19:25:37 E3C82823B22463BC38AA4F8ADA852624 104960 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys 2016-02-28 11:37:01 2F215CB2FCA090B0910A23D15131D099 75448 ----a-w- C:\WINDOWS\Sysnative\drivers\fsbts.sys 2016-02-28 11:36:32 F2923B3593B746FF00574DBCE58DAF80 46120 ----a-w- C:\WINDOWS\Sysnative\drivers\fses.sys 2016-02-28 11:36:30 7DA7328156CD933F0F86697344CB3459 87080 ----a-w- C:\WINDOWS\Sysnative\drivers\fsdfw.sys 2016-02-23 20:43:55 F23DD6FC2134ABC74B9701FA35261D2F 55232 ----a-w- C:\WINDOWS\Sysnative\drivers\fsbts.sys.Ix5qBxRu.old ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== 2016-02-28 11:37:07 157E39521E47AD1C923A94EDD69AD59C 655360 ----a-w- C:\alertlog.dat ====== C:\Users\PC\AppData\Roaming ====== 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-03-20 08:18:48 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2016-02-20 12:14:25 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Dropbox ====== C:\Users\PC ====== 2016-03-19 14:06:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-03-19 11:57:39 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\PC\Downloads\RSITx64.exe 2016-03-15 19:43:01 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-03-12 13:17:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KPN 2016-03-12 13:05:38 4BAEAC45232EE00B2C8E198BFE0C293D 191049488 ----a-w- C:\Users\PC\Downloads\kpn-backup-online-15.9.1.16054-windows-x86_x64.exe 2016-02-28 11:37:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KPN Internet Veiligheidspakket 2016-02-20 12:14:23 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Documents 2016-02-20 12:14:23 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Desktop ====== C: exe-files == 2016-03-19 14:05:41 E43AA745F344781FB6327217A403CE11 173032 ----a-w- C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe 2016-03-19 14:05:41 96929028E3465F942244D65E5CC5E4F2 25577864 ----a-w- C:\Program Files (x86)\Dropbox\Client\Dropbox.exe 2016-03-19 14:05:41 4FBC7F8467B13B972AA551A7B8C898C8 29992 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbxsvc.exe 2016-03-19 14:05:41 11C0FD048F0B27643EAB1EB95C4FB236 29480 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_x86\dbxsvc.exe 2016-03-19 11:58:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Cilia --.exe === C: other files == 2016-03-19 14:05:41 99EE4E194F003E3F8A4821ED753DFF42 58992 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-stable.sys 2016-03-19 14:05:41 99EE4E194F003E3F8A4821ED753DFF42 58992 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-dev.sys 2016-03-19 14:05:41 99EE4E194F003E3F8A4821ED753DFF42 58992 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-canary.sys 2016-03-19 14:05:41 53D529D2E3555EB95745D32ABCB76775 49264 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-stable.sys 2016-03-19 14:05:41 53D529D2E3555EB95745D32ABCB76775 49264 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-dev.sys 2016-03-19 14:05:41 53D529D2E3555EB95745D32ABCB76775 49264 ----a-w- C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-canary.sys 2016-03-19 13:01:55 31CB87D8521E135ACF0007B0A1B90F46 914 ----a-w- C:\ProgramData\f-secure\FSOFTUPD\deploy\package-deploy.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3094540836-2284055214-2461212460-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "OneDrive"="C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE /EPT EPLTarget\P0000000000000000 /M XP-600 Series" "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "WD Quick View"="C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" "RemoteControl"="C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" "LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "PowerDVD15Agent"="C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe" "Standby"="c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe -START" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" "F-Secure Manager"="C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files (x86)\KPN\Internetveiligheidspakket\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "OneDrive"="C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE /EPT EPLTarget\P0000000000000000 /M XP-600 Series" "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 8.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Acrobat Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Acrobat Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrobat_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LanguageShortcut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\PDVDServ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\PC\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\PC\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:@C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [] C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [21-09-2015 18:24] C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [21-09-2015 18:24] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-05-2015 16:26] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-05-2015 16:26] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{DC1E70DC-8195-41AD-BE6A-FB260E1C57D8}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{005B0C4A-27FC-475C-A754-B2E39A73BB75}" [E:\Filters\Eyecandy 3.1\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{148072ED-6D2A-4AFB-9F02-CF357D1A3A63}" [E:\Filters\Ulead-particle\PZ_UPP10.EXE] "C:\WINDOWS\SysNative\tasks\{3B1FB4A4-C1B7-4D79-A6DB-122074A8C12A}" [E:\Filters\Ulead-particle\PZ_UPP10.EXE] "C:\WINDOWS\SysNative\tasks\{3CD44FBB-5070-41A8-8B58-3A5A8DAA52F8}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{4B07D754-258C-4C8C-89BA-C68E3636E826}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\WINDOWS\SysNative\tasks\{50C0ABDB-7966-47B8-A4C1-CB822B526DE4}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{52FA563E-C529-4244-84D3-17BDC5F36070}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\WINDOWS\SysNative\tasks\{6B441D7D-81F3-44D8-B8B7-1EEDFFA58D90}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\WINDOWS\SysNative\tasks\{6C3A7380-6549-4341-812B-87545B6F090C}" [E:\Filters\attack\filterattacks.exe] "C:\WINDOWS\SysNative\tasks\{6FD16348-D423-49C5-B7CB-55ABC504011F}" [E:\Filters\Ulead Particle 1.0\PP10F.EXE] "C:\WINDOWS\SysNative\tasks\{71916FA2-3FD7-4D04-9902-9D4463B1A84D}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\WINDOWS\SysNative\tasks\{730D5ABE-96A3-4C37-B744-C2BE9513E722}" [D:\zip filters\u filter\Ulead Particle 1.0\Crack Particle.PlugIn 1.0\PZ_UPP10.EXE] "C:\WINDOWS\SysNative\tasks\{73B2713D-97F6-47DE-B0DE-4735B598F45F}" [C:\Users\PC\Downloads\SETUPfilter attack.EXE] "C:\WINDOWS\SysNative\tasks\{7AEFB087-A434-458F-A7D4-267E8E13B91D}" [D:\zip filters\e filters\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{7E0664E6-219E-4340-A477-C1B6C17E879C}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\WINDOWS\SysNative\tasks\{8070ACD9-F73B-4DB5-9F08-F564867DE40D}" [E:\Filters\attack\filterattacks.exe] "C:\WINDOWS\SysNative\tasks\{8622EF81-467D-46F7-A158-BE9EB30EAD0C}" [C:\Users\PC\Desktop\filterattacks.exe] "C:\WINDOWS\SysNative\tasks\{872BCD0D-5CCE-4B0E-B558-8EB02D251E18}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\WINDOWS\SysNative\tasks\{8A807A79-E986-4A90-B6D9-BBFBA6C55250}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\WINDOWS\SysNative\tasks\{8BCB3D88-730D-4181-8751-13B5A2923AEF}" [C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe] "C:\WINDOWS\SysNative\tasks\{8D03F80F-03D8-47C0-A08E-B13E87503424}" [E:\Filters\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{8DD62AD8-1916-4BFD-B1D9-1C8EAFC9357D}" [E:\Filters\Eyecandy 3.1\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{902338F5-0C94-4E39-A166-A025F413F2F8}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\WINDOWS\SysNative\tasks\{93DAD3B1-AE94-42A2-B541-3B0BE77280F4}" [C:\Users\PC\Desktop\fo-ugfx2.exe] "C:\WINDOWS\SysNative\tasks\{A1873DF5-0B90-44D3-B790-D1E298DD2B5E}" [D:\zip filters\u filter\Ulead Particle 1.0\Crack Particle.PlugIn 1.0\PZ_UPP10.EXE] "C:\WINDOWS\SysNative\tasks\{A50D69D5-4E63-4BB9-89E9-63A4ACC2874A}" [C:\Windows\twain_32\escndv\escndv.exe] "C:\WINDOWS\SysNative\tasks\{A6714799-6816-49BC-9CCF-BC134729386A}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\WINDOWS\SysNative\tasks\{A81806E5-BB0E-43BE-82E2-0EE761278281}" [E:\Filters\Andromeda\Andromeda_Cutline\Install Cutline.exe] "C:\WINDOWS\SysNative\tasks\{ACEE937E-81DD-497A-A0EC-F8808BA5A347}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\WINDOWS\SysNative\tasks\{ADE84AE8-26A4-4CEA-835B-69933F02BD75}" [D:\zip filters\e filters\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{B4CD1BB3-A428-4730-84EC-714CA29DA5B2}" [E:\Filters\Andromeda_perspective_filter11\fo-apf11.exe] "C:\WINDOWS\SysNative\tasks\{B5DF8E16-D05E-41B7-B5FE-5AD3D0F19B33}" [E:\Filters\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{B8B247F6-9CF4-40EF-83AF-2D7E1F7B645D}" [E:\Filters\Andromeda_perspective_filter11\fo-apf11.exe] "C:\WINDOWS\SysNative\tasks\{BBCEA556-62D9-414B-970E-EC7E6A605483}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{CFEF041E-2083-4E06-93C2-2BACCD1CED3D}" [E:\Filters\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{D01A96EE-9416-4F55-BD3C-FED7B53125AA}" [R:\Clone dvd\CLONE CD & CLONE DVD 4\CLONE CD 4.exe] "C:\WINDOWS\SysNative\tasks\{D118B977-FD47-47A7-8D06-02CE8B3604BB}" [E:\Filters\Name supressed Softener 1.21\Name supressed Softener 1.21\App\nssoftener.exe] "C:\WINDOWS\SysNative\tasks\{D2CE7F96-4DBF-4617-B9F5-1FF0DE14A27E}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\WINDOWS\SysNative\tasks\{D5D09FF4-0F82-4E4D-84E3-166C602BDB9F}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\WINDOWS\SysNative\tasks\{DC79EFEE-9AF5-42FB-95C9-745AE27B9964}" [E:\Filters\Ulead Particle 1.0\PP10F.EXE] "C:\WINDOWS\SysNative\tasks\{E00D7D32-52B5-4633-B604-221AD55F8E5D}" [E:\Filters\Andromeda\Andromeda_Cutline\Install Cutline.exe] "C:\WINDOWS\SysNative\tasks\{E1E52733-6BB8-4B05-A364-F3022F54E683}" [M:\Mijn programma's\coverXP\coverxp.exe] "C:\WINDOWS\SysNative\tasks\{E1F0F608-E1EF-4D9F-A7BA-DEB29EFF1C62}" [D:\zip filters\u filter\Ulead Particle 1.0\Crack Particle.PlugIn 1.0\PZ_UPP10.EXE] "C:\WINDOWS\SysNative\tasks\{E9591206-F9ED-443D-8AD1-6C5B60CD358B}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\WINDOWS\SysNative\tasks\{E986A3C6-EF01-4F25-AEC4-797648FB820A}" [Z:\Pinnacle Ultimate 12 NL\Pinnacle 12\Welcome.exe] "C:\WINDOWS\SysNative\tasks\{EABABF6C-C7BE-40CD-B0B4-3D02664CB244}" [C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe] "C:\WINDOWS\SysNative\tasks\{EB6D32EE-CD30-438C-AD4C-15E76E7150CC}" [E:\Filters\attack\filterattacks.exe] "C:\WINDOWS\SysNative\tasks\{EBC421BE-2534-4A1C-8B12-80DAA4AFCA95}" [C:\Users\PC\Desktop\filterattacks.exe] "C:\WINDOWS\SysNative\tasks\{EF2515AD-9A0A-4AA8-8CF7-1B0B4359B81F}" [R:\Andromeda_perspective_filter11\fo-apf11.exe] "C:\WINDOWS\SysNative\tasks\{F5F54576-BC2F-4BF2-A268-4549C037D3E2}" [C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe] "C:\WINDOWS\SysNative\tasks\F-Secure\Software Updater\F-Secure Software Updater Automatic Installation" [C:\Program Files (x86)\KPN\Internetveiligheidspakket\FSOFTUPD\fssua.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [13-10-2015 18:35] ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01-05-2015 10:17] Google Drive - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Web of Trust - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp YouTube - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal.protect was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data.protect was reset successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [PowerDVD15Agent] "C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe" O4 - HKLM\..\Run: [Standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\KPN\Internetveiligheidspakket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-600 Series" O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized (User 'Default user') O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O4 - Global Startup: WinTV Recording Status..lnk = C:\Program Files (x86)\Wintv\WinTV7\WinTVTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O21 - SSODL: EldosMountNotificator-cbfs4 - {4E0C162F-8CA6-449A-A33B-54B88930729F} - C:\Windows\SysWOW64\cbfsMntNtf4.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {4E0C162F-8CA6-449A-A33B-54B88930729F} - C:\Windows\SysWOW64\cbfsMntNtf4.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\ORSP Client\fsorsp.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hauppauge WinTV Extender - Hauppauge Computer Works, Inc - C:\Program Files (x86)\Wintv\Extend\WinTVExtender.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\Program Files (x86)\Wintv\TVServer\HauppaugeTVServer.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe O23 - Service: MeDM - Unknown owner - C:\WINDOWS\SysWOW64\MeDM.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=25 folders=18 41095121 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\PC\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 20-03-2016 at 14:42:01,40 ======================