Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Kris on zo 17/04/2016 at 9:47:54,37. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\Kris\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-04-14-121303.log 47277 bytes C:\zoek-results2016-04-15-124005.log 49449 bytes C:\zoek-results2016-04-15-232457.log 49054 bytes ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat Reader DC - Nederlands Adobe Flash Player 21 ActiveX Adobe Flash Player 21 NPAPI Adobe Photoshop Lightroom 5.4 64-bit Adobe Refresh Manager Albelli.be Fotoboeken Autodesk Inventor Content Center Libraries 2012 (Desktop Content) Autodesk Inventor Fusion 2012 Autodesk Inventor Fusion 2012 Language Pack Autodesk Inventor Fusion for Inventor 2012 Add-in Autodesk Inventor Fusion for Inventor 2012 Add-in Language Pack Autodesk Inventor Professional 2012 Autodesk Inventor Professional 2012 English Autodesk Inventor Professional 2012 English Language Pack Autodesk Inventor Professional 2012 SP1 Autodesk Inventor Professional 2012 SP2 Autodesk Material Library 2012 Autodesk Material Library Base Resolution Image Library 2012 Autodesk Material Library Low Resolution Image Library 2012 BisonCam BitComet 1.36 64-bit calibre 64bit Canon Auto Update Service Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool CANON iMAGE GATEWAY MyCamera Download Plugin CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG3100 series MP Drivers Canon MG3100 series On-screen Manual Canon MOV Decoder Canon MOV Encoder Canon MovieEdit Task for ZoomBrowser EX Canon MP Navigator EX 5.0 Canon My Printer Canon Solution Menu EX Canon Utilities CameraWindow DC 8 Canon Utilities CameraWindow Launcher Canon Utilities MyCamera Canon Utilities PhotoStitch Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility CCleaner ChiconyCam CPUID CPU-Z 1.68 CutePDF Writer 3.0 D3DX10 Definition Update for Microsoft Office 2010 (KB3114999) 32-Bit Edition Eco Materials Adviser (x64) Ezvid Freemake Video Converter versie 4.1.5 Gebruikersregistratie voor Canon MG3100 series Google Chrome Google Toolbar for Internet Explorer Google Update Helper High-Definition Video Playback 10 Hotkey 7.0028 Intel(R) Chipset Device Software Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© PROSet/Wireless Software Intel© Trusted Connect Service Client Java 8 Update 77 Java Auto Updater Junk Mail filter update Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft WSE 3.0 Runtime Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 Mihov Image Resizer (remove only) Movie Maker Mozilla Firefox 45.0.2 (x86 nl) Mozilla Maintenance Service MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) NirSoft BlueScreenView Nokia Connectivity Cable Driver Nokia Ovi Player Nokia Suite Nokia_Multimedia_Common_Components_2_5 NVIDIA-configuratiescherm 358.91 NVIDIA GeForce Experience 2.5.15.54 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 358.91 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 2.5.15.54 NVIDIA PhysX Systeem Software 9.15.0428 NVIDIA ShadowPlay 2.5.15.54 NVIDIA Update 2.5.15.54 NVIDIA Update Core NVIDIA Virtual Audio 1.2.31 Oracle VM VirtualBox 4.3.20 PC Connectivity Solution Photo Common Photo Gallery Platform Popcorn Time Quick Uninstall Tool for Autodesk Inventor 2012 Realtek Ethernet Controller Driver Realtek PCIE Card Reader Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3114888) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3114993) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SHIELD Streaming SHIELD Wireless Controller Driver SkypeT 7.6 Software voor Intel© Chipset-apparaten Sound Blaster Cinema Speccy Sublight SubSync Synaptics Pointing Device Driver System Requirements Lab for Intel Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB3114867) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition VBA (2627.01) VIA Platform apparaatbeheer VLC media player WebCam Installer Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR archiver ==== Running Processes ====================== C:\Users\Kris\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8112 MB CPU Info: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz CPU Speed: 2448,6 MHz Sound Card: Not detected Display Adapters: | RDP Encoder Mirror Driver Monitors: 1x; Screen Resolution: 800 X 600 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #3 | Intel(R) Dual Band Wireless-AC 7260 #2 | Realtek PCIe GBE Family Controller #2 CD / DVD Drives: 1x (D: | ) D: SlimtypeDVD A DS8A4S Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 232,8GB | E: 931,5GB Hard Disks - Free: C: 124,1GB | E: 350,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 01/16/14 | HPQOEM - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Notebook W35xSTQ_370ST Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Firefox 45.0.2 Internet Explorer Version: 11.0.9600.18282 Mozilla Firefox version: 45.0.2 (x86 nl) Google Chrome version: 50.0.2661.75 Adobe Reader version: 15.10.20056.167417 Sun Java version: 1.8.0_77 (32-bit) Sun Java version: 1.8.0_77 (64-bit) Flash Player version: 21.0.0.213 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Kris\AppData\Local\Temp ==== 2016-04-14 11:52:25 C72712B780C203BFF11B658D0F89BEB5 1581056 ----a-w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-49c5546c.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-04-13 08:38:07 C86AFCDD4584CFDF7B57335FEC7546E4 111616 ----a-w- C:\Windows\SysWOW64\mtxoci.dll 2016-04-13 08:38:07 936AF75B1A7A663C24F999029A84142C 176128 ----a-w- C:\Windows\SysWOW64\msorcl32.dll 2016-04-13 08:37:37 D25FCA441C69C3E6E78DE1BBCBF97BBC 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2016-04-13 08:37:37 8007E4C5C9B40FB30F816F6E74284DF1 1240576 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2016-04-13 08:37:33 F1CA4530A435A6741346A1ECF3FE10E9 3943144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2016-04-13 08:37:33 E518B37F8C82A4320732352E4DA9BF41 1414144 ----a-w- C:\Windows\SysWOW64\ole32.dll 2016-04-13 08:37:33 5C47821CC760ED48EA66A28465BD35E4 3998952 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2016-04-13 08:37:33 40A0F37C85DFA5D6E963FFD496439661 1314112 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2016-04-13 08:37:32 9F55E7A647A793A4D8C89A32B9543799 644096 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2016-04-13 08:37:32 6B69810EDAEBBC68B205F5BBFD625E84 553984 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-04-13 08:37:32 405B50ED43C2D73B32056168494DEA24 666112 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-04-13 08:37:32 2347F9D5227F8751527C0AA0CDBA7375 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-04-13 08:37:32 19E838D8DD2CB5576707259C8281EA78 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2016-04-13 08:37:31 F7DF39F60CCB70AD4551BAC41C18ACA1 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2016-04-13 08:37:31 E8618EF4CB8D38462D4D8A4ED7DA9850 171520 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2016-04-13 08:37:31 C8AE40931A2AC87E30E05C75E4A61796 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2016-04-13 08:37:31 B782F44A047D0D9459F0078A98AA8542 36352 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2016-04-13 08:37:31 B52C499A81A73E8F74938ACA42734331 275456 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2016-04-13 08:37:31 AAF65CD3A15EF6ECB0F4EF32F0D461B8 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2016-04-13 08:37:31 A3ECF0CFA0BFE509A77F0514885EA608 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2016-04-13 08:37:31 972332B4F1AC8EF3A42AE45BF65D3B60 141312 ----a-w- C:\Windows\SysWOW64\rpchttp.dll 2016-04-13 08:37:31 88B9000A87883C908F927AF5036B8309 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-04-13 08:37:31 6B0E139FEF3B7C0061983C1502AE0CA3 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2016-04-13 08:37:31 47B6BE9CDF6888B7F9FDC5B2DB41B107 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2016-04-13 08:37:31 361F32EEFC326C7D34CD2CCF05C469FC 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2016-04-13 08:37:31 28B998D3ACC5AF930B78A982B4698CB8 260608 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-04-13 08:37:31 2610C8EF506344326F7250691093A3B9 251392 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-04-13 08:37:31 002E17D37479281C5D241A189F973C5F 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2016-04-13 08:37:30 BCF50CD5076E765200740A97FCB4D74F 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2016-04-13 08:37:30 8DCFB284FC896E2F6F02134298A8F1E1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-04-13 08:37:30 6DB3EFE1174B79571A28355A732B3337 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2016-04-13 08:37:29 F5042159B95FD2748F55D89E08A89B48 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2016-04-13 08:37:29 866254892512D27510475080EEC15748 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2016-04-13 08:37:29 4DD90351DB68847F9048133E45004B2F 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2016-04-13 08:37:29 38958A47AEE19E4CD89A0850640217C3 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2016-04-13 08:37:29 1FCAFC14E7B1BA3569DD1E483E486998 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2016-04-13 08:37:10 C2E392F3CE66FE21ADB7CA1158790BAA 15360 ----a-w- C:\Windows\SysWOW64\tbs.dll 2016-04-13 08:37:03 795F356F6027FCA3FD4AD5F3CCD904B7 60416 ----a-w- C:\Windows\SysWOW64\samlib.dll 2016-04-13 08:36:58 386E748E484BA802FCCBF00FC90729C4 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2016-04-13 08:36:54 E08CCC70F5520717E764A966A7BA22EF 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2016-04-13 08:36:54 B49EBDC69A49D67A3F20C583DDC7BF5D 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2016-04-13 08:36:54 55E69CE386E20BE89CB62FD5A205D5A1 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll 2016-04-13 08:36:54 4949ACC87CA50A42863676CEA35147EA 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2016-04-13 08:36:53 E90EF76CB74E7AECB0355AF44B6B1B78 346320 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-04-13 08:36:53 E1DEB2313E5527B721514570756A33C8 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2016-04-13 08:36:53 DDD0F1861689EC17F8CA0CD8E46B8D5A 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-04-13 08:36:53 7A24C77D85DE57C80D300A2F241F1721 496640 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-04-13 08:36:53 79E4D96CCB1E68A3CE18B6E8E3F3B705 1311744 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-04-13 08:36:53 340F204F636FB15D8C52DC1FFBD88F51 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2016-04-13 08:36:52 8C99981E6B4209ABC8BCF887BDEBCE53 20352512 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-04-13 08:36:52 28009063B84E8F9C8479D34AD32BF7D2 693248 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-04-13 08:36:52 145A62FF0E34A8DC81DC45954EBD7EE9 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2016-04-13 08:36:51 B68217807ABBCA26B08D33E7315F4566 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-04-13 08:36:51 65BC52D21BBCED6B6538378E11439850 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-04-13 08:36:51 2AEBB3308B4AACDC0BB548EF5560AACF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2016-04-13 08:36:50 E34AB80B40980408CE370070512AB6AB 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-04-13 08:36:50 C0C84BA8E2C98159BC0847BE36B05D47 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-04-13 08:36:50 96537B3B2E17273D4B4DB5A061B5D07B 2056192 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-04-13 08:36:50 49E51E0E5A6BF6B893017578CEB42B2D 2285056 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-04-13 08:36:50 2CBA7EBF49FF867C7F116BF66C0049BF 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2016-04-13 08:36:49 A0701B16086577DD3D592AE7D28EFAB6 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2016-04-13 08:36:49 795F250FBBC41FC616557767E4FD63EF 13811712 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-04-13 08:36:49 720DCF5A80B0D37865CBB58333961335 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2016-04-13 08:36:47 39E2397EE90CBC724567B9E6906E1AFC 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2016-04-13 08:36:46 EE3825FFE3F31B7FCB7B4A284197361B 2121216 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-04-13 08:36:46 CBDA03CEE7784F2A3D3C3E197B5C3784 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2016-04-13 08:36:46 9A94A96401F9E8D777145C4A10E2F068 4611072 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-04-13 08:36:46 7C06F83E73201DE87B471917E8C9BCBD 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2016-04-13 08:36:46 3E816997AA0924BE8C1F957BB0B6A2AD 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-04-13 08:36:46 26597D00E5A4A022D5D4C4459967BF30 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-04-13 08:38:08 A575C471CCFC7CBF32F446FA305E7341 156672 ----a-w- C:\Windows\Sysnative\mtxoci.dll 2016-04-13 08:37:41 622C96AFB07BB82C8650B47172137AC4 511488 ----a-w- C:\Windows\Sysnative\rpcss.dll 2016-04-13 08:37:37 F8A05F48B79CB5C087F089BA6C0659FB 1885696 ----a-w- C:\Windows\Sysnative\msxml3.dll 2016-04-13 08:37:37 D303AC584429678DB27DEBD4282CA1DF 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2016-04-13 08:37:33 ADFFC3B4418247A562E8727C66DE4428 5551336 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2016-04-13 08:37:33 7BE74B8A4BA6D27137E5557229EB83E3 631176 ----a-w- C:\Windows\Sysnative\winresume.efi 2016-04-13 08:37:33 7AE8440A7C8B7E7078EE2654DDB8D21F 1732864 ----a-w- C:\Windows\Sysnative\ntdll.dll 2016-04-13 08:37:33 6FCB62DDF2575ADFFD577A6648B25377 1464320 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-04-13 08:37:33 10F466EF4048CA32CAF98FE4A3A16982 2084864 ----a-w- C:\Windows\Sysnative\ole32.dll 2016-04-13 08:37:32 C9F6BB175A7392A851FD86F2A3359088 463872 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-04-13 08:37:32 B46D03BABD31B23E6FCB226CB22D4D6B 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2016-04-13 08:37:32 B3A62D12B93A49189EA8CE51D186FC61 880640 ----a-w- C:\Windows\Sysnative\advapi32.dll 2016-04-13 08:37:32 AE9981D722DA386FBDDC78BEE6E41E56 419840 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2016-04-13 08:37:32 841BF993597DCD498247684B5D3AE845 215552 ----a-w- C:\Windows\Sysnative\winsrv.dll 2016-04-13 08:37:32 77372D87A1A5E170C366E436990C6CB5 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-04-13 08:37:32 682586CACD78EF53EF7301B4180EB595 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2016-04-13 08:37:32 5817A07A72436A5658E48BF98A91137D 706280 ----a-w- C:\Windows\Sysnative\winload.efi 2016-04-13 08:37:32 54D7B147EB4E7691AA5A2FA110A38363 1212928 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-04-13 08:37:32 4F374ED543FC9F3BB17EC6A7C8DF39A1 344064 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-04-13 08:37:32 487D19B284DAFCBAE811AE785CC8B603 731136 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-04-13 08:37:32 3B38C2EDA0D4854ED0E72BA3CBE8D72E 316416 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-04-13 08:37:32 2D99A0ECE8475367798F1313197C933D 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2016-04-13 08:37:31 EF34A098DD383766689A2F21BA2A990E 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2016-04-13 08:37:31 CB7E479501BC4C55328D242D41C1D074 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2016-04-13 08:37:31 C47B6624AF9AEE4146743DCB133A159D 34816 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2016-04-13 08:37:31 BEEC56A8B8B5707B0E7139C6D9D57217 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2016-04-13 08:37:31 BEAD4B03B375B8F02C8C205E25A7CF0A 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2016-04-13 08:37:31 9D8F5EBE48750AF80C5EB5542BEC448B 59904 ----a-w- C:\Windows\Sysnative\appidapi.dll 2016-04-13 08:37:31 9C73710485E2E1540D869BDB8A8A68CA 43520 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2016-04-13 08:37:31 97C1D81250E9E73F7FC8568EF622017A 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2016-04-13 08:37:31 81AA2961530A4F036046CC627B4A90BC 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2016-04-13 08:37:31 811D9D4242A3E53D6DA86A400CCD63D0 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2016-04-13 08:37:31 7F9ADD80DE0B27B5EF2ACA7B19EAA3E5 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2016-04-13 08:37:31 7BBBB5DE05EFEEF2E45A48F9A943B6B0 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2016-04-13 08:37:31 7407A5C092DAD554A3FC768B9859A847 210432 ----a-w- C:\Windows\Sysnative\wdigest.dll 2016-04-13 08:37:31 626BE7CD27F44185AA4DCD3603830312 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2016-04-13 08:37:31 6199722CB619A0887BE81F16A4474538 190464 ----a-w- C:\Windows\Sysnative\rpchttp.dll 2016-04-13 08:37:31 59738954027D75A282D82680C8AFBC54 148480 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2016-04-13 08:37:31 593BC0F0D33A1905B5DC37FA756EB2BA 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2016-04-13 08:37:31 3D6AE177FAF7E3296251DDB05773618E 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2016-04-13 08:37:31 3B44D778B4719B1D5650FC6B1D90AA19 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2016-04-13 08:37:31 3A2DF0CC19D68C60F434DA02E1ED01B3 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2016-04-13 08:37:31 1F8F134C7350EF16C79E1C42005BCDE9 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2016-04-13 08:37:31 0E4019A26AE3DB40461B5AA0C3AD6A68 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2016-04-13 08:37:31 0CBD4E2DBBADABB79BFB8289E6E6227F 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2016-04-13 08:37:29 DB651F0E6AC20C42348A9F0E8E7C42D5 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll 2016-04-13 08:37:29 800AA696A0A773C039D1568F5828EFDE 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2016-04-13 08:37:29 6A019F8581D13BC1637DF9F2C92849DB 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2016-04-13 08:37:29 3D347AF86D2FDDEC5F30844537C355D1 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2016-04-13 08:37:15 1D0A5FF3C7C7EA7480429D16D38B60EA 3216896 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-04-13 08:37:10 D99F8968C0C5CAD46A6B93A1FA6738B2 109568 ----a-w- C:\Windows\Sysnative\fveapibase.dll 2016-04-13 08:37:10 D1035B8EFC83165612F7AAB1816A81B4 451080 ----a-w- C:\Windows\Sysnative\fveapi.dll 2016-04-13 08:37:10 8F39E301AD8B219DADF83BD7DBE9842E 20480 ----a-w- C:\Windows\Sysnative\tbs.dll 2016-04-13 08:37:05 9AD833027AF42AEFCA1FE6CD64F31B22 38120 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe 2016-04-13 08:37:05 2A0822070B416170A690D5E061194907 698368 ----a-w- C:\Windows\Sysnative\generaltel.dll 2016-04-13 08:37:05 2816C405CD465CB1D3559D017284FD31 1386496 ----a-w- C:\Windows\Sysnative\appraiser.dll 2016-04-13 08:37:05 24AAC7624C0114C5DAC7DA794D38E18A 499200 ----a-w- C:\Windows\Sysnative\devinv.dll 2016-04-13 08:37:04 9282C7B69C15B072A9D9F9EDE0AA9C40 1169408 ----a-w- C:\Windows\Sysnative\aeinv.dll 2016-04-13 08:37:04 6E613496CC7CFAD37FA3D1EA86229A26 76800 ----a-w- C:\Windows\Sysnative\acmigration.dll 2016-04-13 08:37:04 4AAF4B88EDABA4CA3ACA82C1A248A3F4 279040 ----a-w- C:\Windows\Sysnative\invagent.dll 2016-04-13 08:37:04 453EEF8F903DE266D9CB16313B5FA796 215040 ----a-w- C:\Windows\Sysnative\aepic.dll 2016-04-13 08:37:03 C91E969FDEB819E63E7D6BECF5A8B8D0 106496 ----a-w- C:\Windows\Sysnative\samlib.dll 2016-04-13 08:37:03 48AF282E07C70E053D4E3EE2C732AD0D 760320 ----a-w- C:\Windows\Sysnative\samsrv.dll 2016-04-13 08:36:58 83250E0CE090E705B826C17F3345C758 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2016-04-13 08:36:54 F734019D02F9BA24764F5D98E31B100D 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2016-04-13 08:36:54 9AB123A730E48BBEB355FDFF8A940605 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-04-13 08:36:54 5A5C52E1349D8DFFB24C23715C2235DC 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2016-04-13 08:36:53 6A80D021EBD77CFEF88836E796C3EF05 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-04-13 08:36:53 1FD2417B253AAF8D3E73A5B3F5660253 107520 ----a-w- C:\Windows\Sysnative\inseng.dll 2016-04-13 08:36:53 04AA1E7E50F9769EC7839EB76E7BA9F5 725504 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-04-13 08:36:52 5E3FC3737471E4F9C4836EBC7F8DFFFC 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2016-04-13 08:36:51 5938B49B3D83028409AC08F5979D793D 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2016-04-13 08:36:50 D664D27231EC3E73A2D36811508539D3 394952 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-04-13 08:36:50 6526575EEFF97F225F64D80633B555A3 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2016-04-13 08:36:50 43DD53A9F55C8FA28E78E7FEE177EE09 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-04-13 08:36:49 DC3C6F43A83BC90A1AC77E7369A24971 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2016-04-13 08:36:49 876DCA7F8F58E6F5F9CA0BD2C09AF134 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2016-04-13 08:36:49 2B1E9C2199882E0C3BB598DBA0FC421C 806400 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-04-13 08:36:48 CD397ADCD899BF08450D9EDDAC873232 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-04-13 08:36:48 855B804B5CC55D371DD34614B0A1831A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-04-13 08:36:47 873DFCA620963C330BC8E3E37B972A96 2131968 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-04-13 08:36:47 3E0CD58E1F313D3BBF58CCE38D4955DA 2892800 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-04-13 08:36:46 903C5D4331CF4B0BEB3A778B0EF7C7D4 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-04-13 08:36:46 4E58493C10022CC28C99D7E4ABAD74EC 571904 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-04-13 08:36:45 A633F1A4D75A8435C62A77ED741D2329 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2016-04-13 08:36:45 10BDB7F57DEE499D54F94F1ED261E5FF 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2016-04-13 08:36:44 6597570F5E74FB9B1474741678AF0003 15415808 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-04-13 08:36:44 40FA30AE9CAEC38F3E753A934BE66AFD 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-04-13 08:36:43 EEE42684C753083B01D3F72FA252B88C 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-04-13 08:36:43 8FC9C6E4F1CE587C735A06F0CFFEE619 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2016-04-13 08:36:43 8975E4521C293E751031B6EFCAA6E17A 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2016-04-13 08:36:43 7D8316FE73C06E03A308BA0BFACC189F 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2016-04-13 08:36:43 726A9338C34B1598422609822FE4E58A 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-04-13 08:36:42 D2E3B1DEDF6F6177D8C32B2516703A93 2596864 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-04-13 08:36:42 97BC9545A72A88E6B952301AF5D22316 6052352 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-04-13 08:36:41 E5390387D51FDA7CF4FB5F1C3C8E1049 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2016-04-13 08:36:41 472E445AB61201546ABCFF7220DCA4C5 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2016-04-13 08:36:41 0DB95DBB77C611BEE1A476977A3B3DE3 417792 ----a-w- C:\Windows\Sysnative\html.iec 2016-04-13 08:36:40 31C8C489E5C51A72B52CC0F0B292FB3B 25817600 ----a-w- C:\Windows\Sysnative\mshtml.dll ====== C:\Windows\Sysnative\drivers ===== 2016-04-13 08:37:32 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-04-13 08:37:32 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-04-13 08:37:32 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-04-13 08:37:32 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-04-13 08:37:31 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-04-13 08:37:31 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-04-13 08:37:25 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\Sysnative\drivers\disk.sys ====== C:\Windows\Tasks ====== 2016-04-14 11:48:41 F370AFC23F335BBB4F52F56BDA78699C 3114 ----a-w- C:\Windows\Sysnative\Tasks\{3778C1C8-D03E-4601-ACCF-E9A77116C69D} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-04-14 11:49:34 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Kris\AppData\Roaming ====== 2016-04-14 11:49:27 -------- d-----w- C:\Users\Kris\AppData\Roaming\Sun 2016-04-14 11:47:26 -------- d-----w- C:\Users\Kris\AppData\Locallow\Oracle ====== C:\Users\Kris ====== 2016-04-14 11:49:27 -------- d-----w- C:\Users\Kris\.oracle_jre_usage ====== C: exe-files == 2016-04-16 17:03:59 7B983DB7CD5238A4C1D3A07AAA3115EA 7720656 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\Packages\0000896b\DAO.20650245.exe 2016-04-15 16:26:40 C769A60785C62EA5B810737EE260D0FD 686520 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2016-04-15 16:26:36 F6B79602122F6C6E4AF0BF47E0A2CBE4 254904 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2016-04-14 17:02:29 CEEDD1B037A4F0672FC5F18557A5D453 621656 ----a-w- C:\Users\Kris\AppData\Local\NVIDIA\NvBackend\Packages\00008963\CoProc update.20645323.exe 2016-04-14 11:52:25 C72712B780C203BFF11B658D0F89BEB5 1581056 ----a-w- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-49c5546c.exe 2016-04-14 11:49:19 F85C40988E94C2F463508FBEE94025BF 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\kinit.exe 2016-04-14 11:49:19 F4E94CBB9DEF622171D8943F2160B214 51776 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssvagent.exe 2016-04-14 11:49:19 E2AF676759086BAE2F16D6B5033E7F46 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\policytool.exe 2016-04-14 11:49:19 D709404CB67D09946628987244B98A60 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\servertool.exe 2016-04-14 11:49:19 D62B10425DC16A177CB64D6B0356F915 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jjs.exe 2016-04-14 11:49:19 C558C87F624CF96F812028165190EEDE 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\pack200.exe 2016-04-14 11:49:19 C1F46A7656D1DED6326D8E28B1CF1862 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmiregistry.exe 2016-04-14 11:49:19 AC4F3A4F853070419C9E8479B3868103 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\tnameserv.exe 2016-04-14 11:49:19 A756D5633F6596B0E4711E60D3F61BCA 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\orbd.exe 2016-04-14 11:49:19 A48BDE309534612FBA41D58E754A38BE 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\unpack200.exe 2016-04-14 11:49:19 8DF0EA1993F98096557A4AFA6235DE4E 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\rmid.exe 2016-04-14 11:49:19 724998551979EB4E0DF53CA3994AF035 77888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2launcher.exe 2016-04-14 11:49:19 5192C3656176D1D21D21372E1061D1A4 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\ktab.exe 2016-04-14 11:49:19 4CC7AA4DCC143BB06999A62B8763EA6C 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\keytool.exe 2016-04-14 11:49:19 26E779D9D96192E312E5DC042E993DED 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\klist.exe 2016-04-14 11:49:18 D763E321831C859D9195ADF15A951E95 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java-rmi.exe 2016-04-14 11:49:18 C31F1BDBB1902458FA15515BD0D8340B 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\java.exe 2016-04-14 11:49:18 AAADCD8DA5BCE8986D6FEC09FAB7B70D 68672 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javacpl.exe 2016-04-14 11:49:18 A5AECC1529B64CB123B1880D3AD0F1AE 268352 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaws.exe 2016-04-14 11:49:18 6101EC702C56D5F688AA578AC457A440 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\jabswitch.exe 2016-04-14 11:49:18 2AD9EFBB015490AA315707BAC2BFD816 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\bin\javaw.exe 2016-04-14 11:40:52 6750A35F6D78550EBAC359B1BBA724DB 1190040 ----a-w- C:\Windows\Temp\CR_028B9.tmp\setup.exe 2016-04-14 11:40:51 C3D666FA45A00145C09E4BA478267054 8538200 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.75\50.0.2661.75_49.0.2623.112_chrome_updater.exe 2016-04-13 08:37:33 F1CA4530A435A6741346A1ECF3FE10E9 3943144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2016-04-13 08:37:33 ADFFC3B4418247A562E8727C66DE4428 5551336 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-04-13 08:37:33 5C47821CC760ED48EA66A28465BD35E4 3998952 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2016-04-13 08:37:32 682586CACD78EF53EF7301B4180EB595 112640 ----a-w- C:\Windows\System32\smss.exe 2016-04-13 08:37:31 BEEC56A8B8B5707B0E7139C6D9D57217 296960 ----a-w- C:\Windows\System32\rstrui.exe 2016-04-13 08:37:31 626BE7CD27F44185AA4DCD3603830312 30720 ----a-w- C:\Windows\System32\lsass.exe 2016-04-13 08:37:31 59738954027D75A282D82680C8AFBC54 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2016-04-13 08:37:31 3D6AE177FAF7E3296251DDB05773618E 338432 ----a-w- C:\Windows\System32\conhost.exe 2016-04-13 08:37:31 1F8F134C7350EF16C79E1C42005BCDE9 64000 ----a-w- C:\Windows\System32\auditpol.exe 2016-04-13 08:37:31 0E4019A26AE3DB40461B5AA0C3AD6A68 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2016-04-13 08:37:30 BCF50CD5076E765200740A97FCB4D74F 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2016-04-13 08:37:30 8DCFB284FC896E2F6F02134298A8F1E1 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-04-13 08:37:30 6DB3EFE1174B79571A28355A732B3337 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2016-04-13 08:37:29 866254892512D27510475080EEC15748 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2016-04-13 08:37:05 9AD833027AF42AEFCA1FE6CD64F31B22 38120 ----a-w- C:\Windows\System32\CompatTelRunner.exe 2016-04-13 08:36:58 2D98A2C9EC46ADE57B04DE54672DB205 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2016-04-13 08:36:54 5A5C52E1349D8DFFB24C23715C2235DC 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2016-04-13 08:36:53 4220C16D79E0386F9C684EEF5586699B 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2016-04-13 08:36:53 04AA1E7E50F9769EC7839EB76E7BA9F5 725504 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-04-13 08:36:51 A00F16DFE1661B5BC5A2AFF02ED7BB78 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-04-13 08:36:51 0D509AB88C513DE28EF46B434AD3B1AA 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2016-04-13 08:36:50 3A3666314CA3CAB290DCD6C0445DDB12 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-04-13 08:36:49 876DCA7F8F58E6F5F9CA0BD2C09AF134 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2016-04-13 08:36:48 239E4651A281DBAA5B5CA3658D94AB78 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-04-13 08:36:47 B719287E7679AC28F5847197949D325B 814280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-04-13 08:36:46 3E816997AA0924BE8C1F957BB0B6A2AD 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-04-13 08:36:43 8975E4521C293E751031B6EFCAA6E17A 144384 ----a-w- C:\Windows\System32\ieUnatt.exe === C: other files == 2016-04-15 23:25:38 C04379738E3FF06EA16A458584926CF6 4869 ----a-w- C:\Users\Kris\AppData\Local\Temp\xpi\tmp.zip 2016-04-14 11:49:19 4EDC09D3151E434741F50E8F7210D162 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_77\lib\deploy\ffjcext.zip 2016-04-13 08:37:32 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-04-13 08:37:32 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-04-13 08:37:32 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-04-13 08:37:32 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-04-13 08:37:31 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\System32\drivers\appid.sys 2016-04-13 08:37:31 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-04-13 08:37:25 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\System32\drivers\disk.sys 2016-04-13 08:37:15 1D0A5FF3C7C7EA7480429D16D38B60EA 3216896 ----a-w- C:\Windows\System32\win32k.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1725989601-2335644033-3128775016-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdReg"="C:\Windows\UpdReg.EXE" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "NokiaMusic FastStart"="C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe /command:faststart" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "CECAPLF"="C:\Program Files (x86)\ChiconyCam\CECAPLF.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64" "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2014-03-19 22:19:36 865 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/04/2016 11:23] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 00:14] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 00:14] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== No folders found aged 0-6 months ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\ksnpqyyu.default 57C7E359ED8D049132EED23EFA444C63 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 Google Cast - Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Lyoness Cashback Bar - Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibocncflemnoggjhchgnakpnhdiajnjl Chrome Web Store Payments - Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?ocid=U221DHP&pc=U221" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?ocid=U221DHP&pc=U221" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files (x86)\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{CD80C3C3-187E-4EED-8D09-3A03FE842C06}: NameServer = 8.8.8.8,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{EFB22FA6-469D-4A84-9B51-B39978EC1A39}: NameServer = 8.8.8.8,8.8.4.4 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager (mitsijm2012) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PornTime Updater - PornTime - C:\Users\Kris\AppData\Roaming\PT\updater.exe O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Kris\AppData\Local\Mozilla\Firefox\Profiles\ksnpqyyu.default\cache2 emptied successfully C:\Users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\ksnpqyyu.default\storage\default\https+++www.pinterest.com\cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=14 folders=4 1148079 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Kris\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Kris\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 17/04/2016 at 11:14:39,82 ======================