
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Patric on za 16/04/2016 at 10:22:13,44.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HKCPB9Z\zoek (1).exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2016-04-15-083416.log	67655 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HKCPB9Z\zoek (1).exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner] 
"CLSID"=- 

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\linkscanner] 
"CLSID"=- 

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3886 MB
CPU Info: Intel(R) Core(TM) i5 CPU       M 430  @ 2.27GHz
CPU Speed: 2224,9 MHz
Sound Card: Speakers (Realtek High Definiti | 
Realtek Digital Output (Realtek | 
Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | NVIDIA GeForce GT 325M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) | Atheros AR9285 Wireless Network Adapter
CD / DVD Drives: 2x (E: | F: | ) E: HL-DT-STDVDRAM GT30N     | F:
Ports: COM6 | COM7 | COM10 | COM11 | COM12 | COM13 | COM14 | COM20 | COM21 | COM22 | COM40 LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  116,4GB | D:  334,7GB
Hard Disks - Free: C:  22,3GB | D:  290,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 06/15/09 | _ASUS_ - 6222004
Time Zone: Romance (standaardtijd)
Motherboard *: ASUSTeK Computer INC. N61Jv
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
Default Browser: Opera Internet Browser	35.0.2066.92
Internet Explorer Version: 11.0.9600.18282 
Mozilla Firefox version: 32.0.3 (x86 en-US)
Opera Browser version: 35.0.2066.92
Google Chrome version: 49.0.2623.112
Adobe Reader version: 15.10.20056.167417
Sun Java version: 1.8.0_77 (32-bit) 
Sun Java version: 1.8.0_77 (64-bit) 
Flash Player version: 11.8.800.94

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Patric\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-04-13 17:06:24	C86AFCDD4584CFDF7B57335FEC7546E4	111616	----a-w-	C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 17:06:24	936AF75B1A7A663C24F999029A84142C	176128	----a-w-	C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 17:06:09	E1DEB2313E5527B721514570756A33C8	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 17:06:09	E08CCC70F5520717E764A966A7BA22EF	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 17:06:09	B49EBDC69A49D67A3F20C583DDC7BF5D	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 17:06:09	55E69CE386E20BE89CB62FD5A205D5A1	91136	----a-w-	C:\Windows\SysWOW64\inseng.dll
2016-04-13 17:06:09	4949ACC87CA50A42863676CEA35147EA	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2016-04-13 17:06:08	E90EF76CB74E7AECB0355AF44B6B1B78	346320	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 17:06:08	DDD0F1861689EC17F8CA0CD8E46B8D5A	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 17:06:08	8C99981E6B4209ABC8BCF887BDEBCE53	20352512	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-04-13 17:06:08	7A24C77D85DE57C80D300A2F241F1721	496640	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2016-04-13 17:06:08	79E4D96CCB1E68A3CE18B6E8E3F3B705	1311744	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2016-04-13 17:06:08	340F204F636FB15D8C52DC1FFBD88F51	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2016-04-13 17:06:08	28009063B84E8F9C8479D34AD32BF7D2	693248	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 17:06:08	145A62FF0E34A8DC81DC45954EBD7EE9	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 17:06:07	65BC52D21BBCED6B6538378E11439850	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 17:06:06	E34AB80B40980408CE370070512AB6AB	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2016-04-13 17:06:06	C0C84BA8E2C98159BC0847BE36B05D47	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 17:06:06	B68217807ABBCA26B08D33E7315F4566	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 17:06:06	96537B3B2E17273D4B4DB5A061B5D07B	2056192	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 17:06:06	49E51E0E5A6BF6B893017578CEB42B2D	2285056	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2016-04-13 17:06:06	2CBA7EBF49FF867C7F116BF66C0049BF	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 17:06:06	2AEBB3308B4AACDC0BB548EF5560AACF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2016-04-13 17:06:05	A0701B16086577DD3D592AE7D28EFAB6	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 17:06:05	795F250FBBC41FC616557767E4FD63EF	13811712	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-04-13 17:06:05	720DCF5A80B0D37865CBB58333961335	476160	----a-w-	C:\Windows\SysWOW64\ieui.dll
2016-04-13 17:06:03	CBDA03CEE7784F2A3D3C3E197B5C3784	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2016-04-13 17:06:03	9A94A96401F9E8D777145C4A10E2F068	4611072	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-04-13 17:06:03	3E816997AA0924BE8C1F957BB0B6A2AD	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 17:06:03	39E2397EE90CBC724567B9E6906E1AFC	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 17:06:02	EE3825FFE3F31B7FCB7B4A284197361B	2121216	----a-w-	C:\Windows\SysWOW64\wininet.dll
2016-04-13 17:06:02	7C06F83E73201DE87B471917E8C9BCBD	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2016-04-13 17:06:02	26597D00E5A4A022D5D4C4459967BF30	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2016-04-13 17:05:26	D25FCA441C69C3E6E78DE1BBCBF97BBC	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 17:05:26	8007E4C5C9B40FB30F816F6E74284DF1	1240576	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2016-04-13 17:05:21	F1CA4530A435A6741346A1ECF3FE10E9	3943144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 17:05:21	E518B37F8C82A4320732352E4DA9BF41	1414144	----a-w-	C:\Windows\SysWOW64\ole32.dll
2016-04-13 17:05:21	5C47821CC760ED48EA66A28465BD35E4	3998952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 17:05:19	F7DF39F60CCB70AD4551BAC41C18ACA1	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2016-04-13 17:05:19	E8618EF4CB8D38462D4D8A4ED7DA9850	171520	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2016-04-13 17:05:19	C8AE40931A2AC87E30E05C75E4A61796	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2016-04-13 17:05:19	B782F44A047D0D9459F0078A98AA8542	36352	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 17:05:19	B52C499A81A73E8F74938ACA42734331	275456	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 17:05:19	AAF65CD3A15EF6ECB0F4EF32F0D461B8	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 17:05:19	A3ECF0CFA0BFE509A77F0514885EA608	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2016-04-13 17:05:19	9F55E7A647A793A4D8C89A32B9543799	644096	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2016-04-13 17:05:19	972332B4F1AC8EF3A42AE45BF65D3B60	141312	----a-w-	C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 17:05:19	8DCFB284FC896E2F6F02134298A8F1E1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2016-04-13 17:05:19	88B9000A87883C908F927AF5036B8309	223232	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 17:05:19	6B69810EDAEBBC68B205F5BBFD625E84	553984	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2016-04-13 17:05:19	6B0E139FEF3B7C0061983C1502AE0CA3	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2016-04-13 17:05:19	47B6BE9CDF6888B7F9FDC5B2DB41B107	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 17:05:19	40A0F37C85DFA5D6E963FFD496439661	1314112	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2016-04-13 17:05:19	405B50ED43C2D73B32056168494DEA24	666112	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 17:05:19	361F32EEFC326C7D34CD2CCF05C469FC	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2016-04-13 17:05:19	28B998D3ACC5AF930B78A982B4698CB8	260608	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 17:05:19	2610C8EF506344326F7250691093A3B9	251392	----a-w-	C:\Windows\SysWOW64\schannel.dll
2016-04-13 17:05:19	2347F9D5227F8751527C0AA0CDBA7375	342528	----a-w-	C:\Windows\SysWOW64\certcli.dll
2016-04-13 17:05:19	19E838D8DD2CB5576707259C8281EA78	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2016-04-13 17:05:19	002E17D37479281C5D241A189F973C5F	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2016-04-13 17:05:18	F5042159B95FD2748F55D89E08A89B48	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2016-04-13 17:05:18	BCF50CD5076E765200740A97FCB4D74F	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2016-04-13 17:05:18	866254892512D27510475080EEC15748	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2016-04-13 17:05:18	6DB3EFE1174B79571A28355A732B3337	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2016-04-13 17:05:18	4DD90351DB68847F9048133E45004B2F	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2016-04-13 17:05:18	38958A47AEE19E4CD89A0850640217C3	690688	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2016-04-13 17:05:18	1FCAFC14E7B1BA3569DD1E483E486998	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 17:05:04	C2E392F3CE66FE21ADB7CA1158790BAA	15360	----a-w-	C:\Windows\SysWOW64\tbs.dll
2016-04-13 17:04:55	795F356F6027FCA3FD4AD5F3CCD904B7	60416	----a-w-	C:\Windows\SysWOW64\samlib.dll
2016-04-13 17:04:51	386E748E484BA802FCCBF00FC90729C4	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-04-13 17:06:25	A575C471CCFC7CBF32F446FA305E7341	156672	----a-w-	C:\Windows\Sysnative\mtxoci.dll
2016-04-13 17:06:09	F734019D02F9BA24764F5D98E31B100D	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2016-04-13 17:06:09	9AB123A730E48BBEB355FDFF8A940605	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2016-04-13 17:06:09	5A5C52E1349D8DFFB24C23715C2235DC	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2016-04-13 17:06:08	6A80D021EBD77CFEF88836E796C3EF05	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2016-04-13 17:06:08	5E3FC3737471E4F9C4836EBC7F8DFFFC	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2016-04-13 17:06:08	1FD2417B253AAF8D3E73A5B3F5660253	107520	----a-w-	C:\Windows\Sysnative\inseng.dll
2016-04-13 17:06:08	04AA1E7E50F9769EC7839EB76E7BA9F5	725504	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2016-04-13 17:06:06	D664D27231EC3E73A2D36811508539D3	394952	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2016-04-13 17:06:06	6526575EEFF97F225F64D80633B555A3	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2016-04-13 17:06:06	5938B49B3D83028409AC08F5979D793D	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2016-04-13 17:06:06	43DD53A9F55C8FA28E78E7FEE177EE09	1547264	----a-w-	C:\Windows\Sysnative\urlmon.dll
2016-04-13 17:06:05	DC3C6F43A83BC90A1AC77E7369A24971	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2016-04-13 17:06:05	876DCA7F8F58E6F5F9CA0BD2C09AF134	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2016-04-13 17:06:05	2B1E9C2199882E0C3BB598DBA0FC421C	806400	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2016-04-13 17:06:04	CD397ADCD899BF08450D9EDDAC873232	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2016-04-13 17:06:04	873DFCA620963C330BC8E3E37B972A96	2131968	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2016-04-13 17:06:04	855B804B5CC55D371DD34614B0A1831A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2016-04-13 17:06:03	4E58493C10022CC28C99D7E4ABAD74EC	571904	----a-w-	C:\Windows\Sysnative\vbscript.dll
2016-04-13 17:06:03	3E0CD58E1F313D3BBF58CCE38D4955DA	2892800	----a-w-	C:\Windows\Sysnative\iertutil.dll
2016-04-13 17:06:02	903C5D4331CF4B0BEB3A778B0EF7C7D4	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2016-04-13 17:06:01	A633F1A4D75A8435C62A77ED741D2329	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2016-04-13 17:06:01	6597570F5E74FB9B1474741678AF0003	15415808	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-04-13 17:06:01	10BDB7F57DEE499D54F94F1ED261E5FF	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2016-04-13 17:06:00	EEE42684C753083B01D3F72FA252B88C	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2016-04-13 17:06:00	8FC9C6E4F1CE587C735A06F0CFFEE619	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2016-04-13 17:06:00	8975E4521C293E751031B6EFCAA6E17A	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2016-04-13 17:06:00	7D8316FE73C06E03A308BA0BFACC189F	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2016-04-13 17:06:00	726A9338C34B1598422609822FE4E58A	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2016-04-13 17:06:00	40FA30AE9CAEC38F3E753A934BE66AFD	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2016-04-13 17:05:59	D2E3B1DEDF6F6177D8C32B2516703A93	2596864	----a-w-	C:\Windows\Sysnative\wininet.dll
2016-04-13 17:05:59	97BC9545A72A88E6B952301AF5D22316	6052352	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-04-13 17:05:59	0DB95DBB77C611BEE1A476977A3B3DE3	417792	----a-w-	C:\Windows\Sysnative\html.iec
2016-04-13 17:05:58	E5390387D51FDA7CF4FB5F1C3C8E1049	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2016-04-13 17:05:58	472E445AB61201546ABCFF7220DCA4C5	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2016-04-13 17:05:58	31C8C489E5C51A72B52CC0F0B292FB3B	25817600	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-04-13 17:05:28	622C96AFB07BB82C8650B47172137AC4	511488	----a-w-	C:\Windows\Sysnative\rpcss.dll
2016-04-13 17:05:26	F8A05F48B79CB5C087F089BA6C0659FB	1885696	----a-w-	C:\Windows\Sysnative\msxml3.dll
2016-04-13 17:05:26	D303AC584429678DB27DEBD4282CA1DF	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2016-04-13 17:05:21	ADFFC3B4418247A562E8727C66DE4428	5551336	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-04-13 17:05:21	7BE74B8A4BA6D27137E5557229EB83E3	631176	----a-w-	C:\Windows\Sysnative\winresume.efi
2016-04-13 17:05:21	6FCB62DDF2575ADFFD577A6648B25377	1464320	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2016-04-13 17:05:21	10F466EF4048CA32CAF98FE4A3A16982	2084864	----a-w-	C:\Windows\Sysnative\ole32.dll
2016-04-13 17:05:20	7AE8440A7C8B7E7078EE2654DDB8D21F	1732864	----a-w-	C:\Windows\Sysnative\ntdll.dll
2016-04-13 17:05:19	EF34A098DD383766689A2F21BA2A990E	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2016-04-13 17:05:19	CB7E479501BC4C55328D242D41C1D074	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2016-04-13 17:05:19	C9F6BB175A7392A851FD86F2A3359088	463872	----a-w-	C:\Windows\Sysnative\certcli.dll
2016-04-13 17:05:19	C47B6624AF9AEE4146743DCB133A159D	34816	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2016-04-13 17:05:19	BEEC56A8B8B5707B0E7139C6D9D57217	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2016-04-13 17:05:19	BEAD4B03B375B8F02C8C205E25A7CF0A	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2016-04-13 17:05:19	B46D03BABD31B23E6FCB226CB22D4D6B	1163264	----a-w-	C:\Windows\Sysnative\kernel32.dll
2016-04-13 17:05:19	B3A62D12B93A49189EA8CE51D186FC61	880640	----a-w-	C:\Windows\Sysnative\advapi32.dll
2016-04-13 17:05:19	AE9981D722DA386FBDDC78BEE6E41E56	419840	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2016-04-13 17:05:19	9D8F5EBE48750AF80C5EB5542BEC448B	59904	----a-w-	C:\Windows\Sysnative\appidapi.dll
2016-04-13 17:05:19	9C73710485E2E1540D869BDB8A8A68CA	43520	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2016-04-13 17:05:19	97C1D81250E9E73F7FC8568EF622017A	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2016-04-13 17:05:19	841BF993597DCD498247684B5D3AE845	215552	----a-w-	C:\Windows\Sysnative\winsrv.dll
2016-04-13 17:05:19	81AA2961530A4F036046CC627B4A90BC	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2016-04-13 17:05:19	811D9D4242A3E53D6DA86A400CCD63D0	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2016-04-13 17:05:19	7F9ADD80DE0B27B5EF2ACA7B19EAA3E5	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2016-04-13 17:05:19	7BBBB5DE05EFEEF2E45A48F9A943B6B0	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2016-04-13 17:05:19	77372D87A1A5E170C366E436990C6CB5	312320	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2016-04-13 17:05:19	7407A5C092DAD554A3FC768B9859A847	210432	----a-w-	C:\Windows\Sysnative\wdigest.dll
2016-04-13 17:05:19	682586CACD78EF53EF7301B4180EB595	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2016-04-13 17:05:19	626BE7CD27F44185AA4DCD3603830312	30720	----a-w-	C:\Windows\Sysnative\lsass.exe
2016-04-13 17:05:19	6199722CB619A0887BE81F16A4474538	190464	----a-w-	C:\Windows\Sysnative\rpchttp.dll
2016-04-13 17:05:19	59738954027D75A282D82680C8AFBC54	148480	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2016-04-13 17:05:19	593BC0F0D33A1905B5DC37FA756EB2BA	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2016-04-13 17:05:19	5817A07A72436A5658E48BF98A91137D	706280	----a-w-	C:\Windows\Sysnative\winload.efi
2016-04-13 17:05:19	54D7B147EB4E7691AA5A2FA110A38363	1212928	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2016-04-13 17:05:19	4F374ED543FC9F3BB17EC6A7C8DF39A1	344064	----a-w-	C:\Windows\Sysnative\schannel.dll
2016-04-13 17:05:19	487D19B284DAFCBAE811AE785CC8B603	731136	----a-w-	C:\Windows\Sysnative\kerberos.dll
2016-04-13 17:05:19	3D6AE177FAF7E3296251DDB05773618E	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2016-04-13 17:05:19	3B44D778B4719B1D5650FC6B1D90AA19	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2016-04-13 17:05:19	3B38C2EDA0D4854ED0E72BA3CBE8D72E	316416	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2016-04-13 17:05:19	3A2DF0CC19D68C60F434DA02E1ED01B3	28672	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2016-04-13 17:05:19	2D99A0ECE8475367798F1313197C933D	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2016-04-13 17:05:19	1F8F134C7350EF16C79E1C42005BCDE9	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2016-04-13 17:05:19	0E4019A26AE3DB40461B5AA0C3AD6A68	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2016-04-13 17:05:19	0CBD4E2DBBADABB79BFB8289E6E6227F	135680	----a-w-	C:\Windows\Sysnative\sspicli.dll
2016-04-13 17:05:18	DB651F0E6AC20C42348A9F0E8E7C42D5	690688	----a-w-	C:\Windows\Sysnative\adtschema.dll
2016-04-13 17:05:18	800AA696A0A773C039D1568F5828EFDE	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2016-04-13 17:05:18	6A019F8581D13BC1637DF9F2C92849DB	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2016-04-13 17:05:18	3D347AF86D2FDDEC5F30844537C355D1	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2016-04-13 17:05:08	1D0A5FF3C7C7EA7480429D16D38B60EA	3216896	----a-w-	C:\Windows\Sysnative\win32k.sys
2016-04-13 17:05:04	D99F8968C0C5CAD46A6B93A1FA6738B2	109568	----a-w-	C:\Windows\Sysnative\fveapibase.dll
2016-04-13 17:05:04	D1035B8EFC83165612F7AAB1816A81B4	451080	----a-w-	C:\Windows\Sysnative\fveapi.dll
2016-04-13 17:05:04	8F39E301AD8B219DADF83BD7DBE9842E	20480	----a-w-	C:\Windows\Sysnative\tbs.dll
2016-04-13 17:04:57	9AD833027AF42AEFCA1FE6CD64F31B22	38120	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2016-04-13 17:04:57	9282C7B69C15B072A9D9F9EDE0AA9C40	1169408	----a-w-	C:\Windows\Sysnative\aeinv.dll
2016-04-13 17:04:57	6E613496CC7CFAD37FA3D1EA86229A26	76800	----a-w-	C:\Windows\Sysnative\acmigration.dll
2016-04-13 17:04:57	4AAF4B88EDABA4CA3ACA82C1A248A3F4	279040	----a-w-	C:\Windows\Sysnative\invagent.dll
2016-04-13 17:04:57	453EEF8F903DE266D9CB16313B5FA796	215040	----a-w-	C:\Windows\Sysnative\aepic.dll
2016-04-13 17:04:57	2A0822070B416170A690D5E061194907	698368	----a-w-	C:\Windows\Sysnative\generaltel.dll
2016-04-13 17:04:57	2816C405CD465CB1D3559D017284FD31	1386496	----a-w-	C:\Windows\Sysnative\appraiser.dll
2016-04-13 17:04:57	24AAC7624C0114C5DAC7DA794D38E18A	499200	----a-w-	C:\Windows\Sysnative\devinv.dll
2016-04-13 17:04:55	C91E969FDEB819E63E7D6BECF5A8B8D0	106496	----a-w-	C:\Windows\Sysnative\samlib.dll
2016-04-13 17:04:55	48AF282E07C70E053D4E3EE2C732AD0D	760320	----a-w-	C:\Windows\Sysnative\samsrv.dll
2016-04-13 17:04:51	83250E0CE090E705B826C17F3345C758	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
====== C:\Windows\Sysnative\drivers =====
2016-04-13 17:05:19	FB4397DDCC732DB6A7B33B747C7EB708	154344	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-04-13 17:05:19	B6C2FA7F5E5BC1A488A57C6344D29D64	95464	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2016-04-13 17:05:19	ACEC16415275E1AD6F7983EF472810E3	159744	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2016-04-13 17:05:19	A9FB80B0BBA6F765F4E691B7AD4963A7	62464	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2016-04-13 17:05:19	1D4B7972375052F5B7877A6FD9BE33A0	129536	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2016-04-13 17:05:19	0F276F2F2018296FABC7BD2BCCAAB40B	291328	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2016-04-13 17:05:09	616387BBD83372220B09DE95F4E67BBC	73664	----a-w-	C:\Windows\Sysnative\drivers\disk.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2016-04-10 04:46:49	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2016-03-25 17:07:45	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Patric\AppData\Roaming ======
2016-04-15 08:28:44	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2016-04-15 08:28:44	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Temp
2016-04-15 08:28:44	--------	d-----w-	C:\Users\Patric\AppData\Local\Temp
2016-04-15 08:28:44	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2016-04-15 08:28:44	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
====== C:\Users\Patric ======
2016-03-19 11:30:54	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Downloads

====== C: exe-files ==
2016-04-13 17:06:09	5A5C52E1349D8DFFB24C23715C2235DC	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2016-04-13 17:06:08	4220C16D79E0386F9C684EEF5586699B	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2016-04-13 17:06:08	04AA1E7E50F9769EC7839EB76E7BA9F5	725504	----a-w-	C:\Windows\System32\ie4uinit.exe
2016-04-13 17:06:06	A00F16DFE1661B5BC5A2AFF02ED7BB78	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2016-04-13 17:06:06	3A3666314CA3CAB290DCD6C0445DDB12	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2016-04-13 17:06:06	0D509AB88C513DE28EF46B434AD3B1AA	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2016-04-13 17:06:05	876DCA7F8F58E6F5F9CA0BD2C09AF134	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2016-04-13 17:06:04	239E4651A281DBAA5B5CA3658D94AB78	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-04-13 17:06:03	B719287E7679AC28F5847197949D325B	814280	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-04-13 17:06:03	3E816997AA0924BE8C1F957BB0B6A2AD	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 17:06:00	8975E4521C293E751031B6EFCAA6E17A	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2016-04-13 17:05:21	F1CA4530A435A6741346A1ECF3FE10E9	3943144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 17:05:21	ADFFC3B4418247A562E8727C66DE4428	5551336	----a-w-	C:\Windows\System32\ntoskrnl.exe
2016-04-13 17:05:21	5C47821CC760ED48EA66A28465BD35E4	3998952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 17:05:19	BEEC56A8B8B5707B0E7139C6D9D57217	296960	----a-w-	C:\Windows\System32\rstrui.exe
2016-04-13 17:05:19	8DCFB284FC896E2F6F02134298A8F1E1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2016-04-13 17:05:19	682586CACD78EF53EF7301B4180EB595	112640	----a-w-	C:\Windows\System32\smss.exe
2016-04-13 17:05:19	626BE7CD27F44185AA4DCD3603830312	30720	----a-w-	C:\Windows\System32\lsass.exe
2016-04-13 17:05:19	59738954027D75A282D82680C8AFBC54	148480	----a-w-	C:\Windows\System32\appidpolicyconverter.exe
2016-04-13 17:05:19	3D6AE177FAF7E3296251DDB05773618E	338432	----a-w-	C:\Windows\System32\conhost.exe
2016-04-13 17:05:19	1F8F134C7350EF16C79E1C42005BCDE9	64000	----a-w-	C:\Windows\System32\auditpol.exe
2016-04-13 17:05:19	0E4019A26AE3DB40461B5AA0C3AD6A68	17920	----a-w-	C:\Windows\System32\appidcertstorecheck.exe
2016-04-13 17:05:18	BCF50CD5076E765200740A97FCB4D74F	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2016-04-13 17:05:18	866254892512D27510475080EEC15748	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2016-04-13 17:05:18	6DB3EFE1174B79571A28355A732B3337	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2016-04-13 17:04:57	9AD833027AF42AEFCA1FE6CD64F31B22	38120	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2016-04-13 17:04:51	2D98A2C9EC46ADE57B04DE54672DB205	49664	----a-w-	C:\Windows\servicing\GC64\tzupd.exe
2016-04-13 15:34:50	F71E0250F483B6BDBE886D0C7BAD7A3C	78608	----a-w-	C:\ProgramData\Avg\Setup\av\avguirux.exe
2016-04-13 15:34:50	107C9276E9553D5E54F01B32AE53EB0A	6069152	----a-w-	C:\ProgramData\Avg\Setup\av\avgmfapx.exe
2016-04-12 04:43:55	55BEEABD97E0D556E08A463A58FC17FF	2547800	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.112\49.0.2623.112_49.0.2623.110_chrome_updater.exe
=== C: other files ==
2016-04-13 17:05:19	FB4397DDCC732DB6A7B33B747C7EB708	154344	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-04-13 17:05:19	B6C2FA7F5E5BC1A488A57C6344D29D64	95464	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2016-04-13 17:05:19	ACEC16415275E1AD6F7983EF472810E3	159744	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2016-04-13 17:05:19	A9FB80B0BBA6F765F4E691B7AD4963A7	62464	----a-w-	C:\Windows\System32\drivers\appid.sys
2016-04-13 17:05:19	1D4B7972375052F5B7877A6FD9BE33A0	129536	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2016-04-13 17:05:19	0F276F2F2018296FABC7BD2BCCAAB40B	291328	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2016-04-13 17:05:09	616387BBD83372220B09DE95F4E67BBC	73664	----a-w-	C:\Windows\System32\drivers\disk.sys
2016-04-13 17:05:08	1D0A5FF3C7C7EA7480429D16D38B60EA	3216896	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-523000165-1516823666-2951625117-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw"
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE -startup"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"AutoStartNPSAgent"="C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe"
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS WebStorage]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUS WebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\SERVICE\\AsusWSService.exe MySyncFolder"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSWebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.143.296\\AsusWSPanel.exe /S"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaSuite.exe"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OneDrive]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OneDrive"
"hkey"="HKCU"
"command"="\"C:\\Users\\Patric\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PC Suite Tray"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Shareaza]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Shareaza"
"hkey"="HKCU"
"command"="\"C:\\Nieuwe map\\Shareaza.exe\" -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartupDelayer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartupDelayer"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\r2 Studios\\Startup Delayer\\Startup Launcher.exe\" /LaunchType=Auto /LaunchApps=Common"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1\amd64]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
"item"="Uninstall C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\16.4.6006.0718_1\\amd64"
"hkey"="HKCU"
"command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\16.4.6006.0718_1\\amd64\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
"item"="Uninstall C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\17.0.2010.0530_1\\amd64"
"hkey"="HKCU"
"command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\17.0.2010.0530_1\\amd64\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Windows Mobile Device Center"
"hkey"="HKLM"
"command"="%windir%\\WindowsMobile\\wmdc.exe"


==== Startup Folders ======================

2015-07-20 17:12:54	956	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
2015-07-20 17:12:54	2617	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
2015-07-20 17:12:54	2101	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
2015-07-20 17:12:54	2855	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25/03/2016 19:29]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001Core.job --a------ C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2014 20:37]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001UA.job --a------ C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2014 20:37]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 06:18]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 06:18]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Patric-PC-Patric" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\ASPG" [C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\ESTsoft RunAsStdUser 5855965Task" [C:\Program Files (x86)\ESTsoft\ALPlayer\ALPlayer.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001Core" [C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001UA" [C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1442163301" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe]
"C:\Windows\SysNative\tasks\{148E43DD-4B9E-4D11-B8C6-E86E90029A85}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{39E9723E-5FCC-471B-A350-3ECE90161BA6}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{3AA1AC30-AAA6-46EA-95E1-6BFF4DD771C0}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{5C090A88-8B66-4895-98DE-61A73F7654EF}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1638]
"C:\Windows\SysNative\tasks\{5EE79F61-D6C2-48CC-93A0-28390A9D0942}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\{67DD4874-EE61-45DC-A840-F34403547F2A}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{743BE903-654D-4736-A3AB-50FBEA61037A}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1638]
"C:\Windows\SysNative\tasks\{8CA99AF4-368B-4CBE-8B28-21C8C686B9FD}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{A2F73286-AB33-4A4D-97CB-632F7CC82B31}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1603]
"C:\Windows\SysNative\tasks\{A4BE2926-9911-4576-9176-25D6608FC2D9}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.4.0.102.259/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\{A6B02370-77DC-4CE1-A2A9-7D19AC7AEE27}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1638]
"C:\Windows\SysNative\tasks\{ADCE2085-5AA2-48A4-9529-C1F789790A7B}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{C0972821-6DB9-498E-B596-C16BA9058662}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.5.0.102.259/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\{C7E51459-BAAD-4E43-8884-8956DF076AC9}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{DFA19178-1CA5-44F9-8C8D-223B8C4D27D7}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{E02FB80E-062D-4276-8925-205ABBA9AE68}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{FE0C7E35-DF88-44F4-9E98-F422195A3441}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.5.0.102.259/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Patric\AppData\Roaming\Mozilla\Firefox\Profiles\pmtf5ntd.default
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "SearchAlgo");
user_pref("browser.search.selectedEngine", "SearchAlgo");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [19/03/2016 13:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Patric\AppData\Roaming\Mozilla\Firefox\Profiles\pmtf5ntd.default
- Firefox Synchronisation Extension - %ProfilePath%\extensions\synchronize@nokia.suite

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Patric\AppData\Roaming\Mozilla\Firefox\Profiles\pmtf5ntd.default
2BF85B6162528E0635DD8D632EB975C8	- C:\Users\Patric\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll -	Facebook Desktop


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08/01/2016 11:47]

Google Wallet - Patric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Download with &Shareaza - res://C:\Nieuwe map\RazaWebHook32.dll/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Patric\AppData\Local\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HKCPB9Z will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXIG7V4Z will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y7M6KQQU will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5M04SA0 will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\0HKCPB9Z will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\RXIG7V4Z will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\Y7M6KQQU will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\Z5M04SA0 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Patric\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Patric\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=29 folders=15 140327442 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Patric\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Patric\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HKCPB9Z" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RXIG7V4Z" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y7M6KQQU" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z5M04SA0" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\0HKCPB9Z" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\RXIG7V4Z" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\Y7M6KQQU" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\Z5M04SA0" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on za 16/04/2016 at 11:24:33,10 ======================