Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Robbescheuten on zo 26-06-2016 at 21:43:37,05.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Robbescheuten\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

26-6-2016 21:44:26 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Citrix deleted successfully
C:\PROGRA~2\COMMON~1\Windows Live deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\Protexis deleted successfully
C:\Users\Robbescheuten\AppData\Roaming\PPT2DVD deleted successfully
C:\Users\Robbescheuten\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Robbescheuten\AppData\Local\EmieSiteList deleted successfully
C:\Users\Robbescheuten\AppData\Local\EmieUserList deleted successfully
C:\Users\Robbescheuten\AppData\Local\LogMeIn Rescue Applet deleted successfully
C:\Users\Robbescheuten\AppData\Local\Windows Live deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
C:\Windows\SysWOW64\ASGT.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Robbescheuten\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url]

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [asComSvc] - ASUS Com Service - c:\program files (x86)\asus\axsp\1.02.00\atkexcomsvc.exe
R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe
R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe
R2 - [ClickToRunSvc] - Microsoft Office ClickToRun Service - c:\program files\microsoft office 15\clientx64\officeclicktorun.exe
R2 - [Fabs] - FABS - Helping agent for MAGIX media database - c:\program files (x86)\common files\magix services\database\bin\fabs.exe
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe
R2 - [hmpalertsvc] - HitmanPro.Alert service - c:\program files (x86)\hitmanpro.alert\hmpalert.exe
R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [PSI_SVC_2] - Protexis Licensing V2 - c:\program files (x86)\common files\protexis\license service\psiservice_2.exe
R2 - [PSI_SVC_2_x64] - Corel License Validation Service V2 x64, Powered by arvato - c:\program files\common files\protexis\license service\psiservice_2.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FirebirdServerMAGIXInstance] - Firebird Server - MAGIX Instance - c:\program files (x86)\common files\magix services\database\bin\fbserver.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe
S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\VIDEO DVR not found
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Citrix not found
C:\Users\Robbescheuten\AppData\Local\Citrix deleted
C:\UNWISE.EXE deleted
C:\Users\Robbescheuten\AppData\Roaming\ParetoLogic deleted
C:\Users\Robbescheuten\AppData\Roaming\DriverCure deleted
C:\PROGRA~3\ParetoLogic deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\wininit.ini deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8135 MB
CPU Info: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
CPU Speed: 3650,9 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
HP 2710-4 (NVIDIA High Definiti | 
Realtek Digital Output (Realtek | 
Display Adapters: NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SH-224DB
Ports: COM1 LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  232,9GB | D:  3725,9GB
Hard Disks - Free: C:  121,1GB | D:  2650,2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 07/11/14 | ALASKA - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. H97-PLUS
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

AV: ESET Smart Security 9.0.381.1 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ESET Smart Security 9.0.381.1 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Persoonlijke firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
Default Browser: Internet Explorer	11.00.9600.16384 (winblue_rtm.130821-1623)
Internet Explorer Version: 11.0.9600.18350 
Adobe Reader version: 15.16.20045.188096
Sun Java version: 1.8.0_91 (32-bit) 
Sun Java version: 1.8.0_91 (64-bit) 
Shockwave Player version: 12.1.6r156

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\ROBBES~1\AppData\Local\Temp ====
2016-06-24 22:24:09	A2207F22CA51DC837590EC6CE46ECB8C	11438608	----a-w-	C:\Users\Robbescheuten\AppData\Local\Temp\HitmanPro_x64.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-06-23 11:33:49	BFF7119B5E232F36EEFCFF1CC53C0160	19788688	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-06-23 11:33:49	5EBDD13C33E76ECA570A6763BF6C45B0	324096	----a-w-	C:\WINDOWS\SysWOW64\certcli.dll
2016-06-23 11:33:49	026B0CB0683E48164F43AADBE50E5506	340880	----a-w-	C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-23 11:33:48	E4B7BA1919B8A9C701DC4CC12FEAF499	1060352	----a-w-	C:\WINDOWS\SysWOW64\certutil.exe
2016-06-23 11:33:48	D365B46072B17B6DD3B1E54BF8E1A57F	86016	----a-w-	C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-23 11:33:48	D0DE3C0181F7500068F69AD566D26DB3	29696	----a-w-	C:\WINDOWS\SysWOW64\wuapp.exe
2016-06-23 11:33:48	C195D52B97F1F2909794E566B04C7C82	1212256	----a-w-	C:\WINDOWS\SysWOW64\ole32.dll
2016-06-23 11:33:48	B06DD7654204874D3C807CD1E2EA4051	81920	----a-w-	C:\WINDOWS\SysWOW64\wudriver.dll
2016-06-23 11:33:48	AA5E14276A0AF0BB3D3E6305A24AC02A	30984	----a-w-	C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-06-23 11:33:48	96A0358CFD867E7DE4D01F2ACFC2DD4D	91416	----a-w-	C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-23 11:33:48	8DF6158250D75654F0A95E9486FFD74E	3607040	----a-w-	C:\WINDOWS\SysWOW64\msi.dll
2016-06-23 11:33:48	8C5DD41EBAC8116DBD935427C5FE4255	727040	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2016-06-23 11:33:48	4A9D63560E7753F666E5EEADAD1F6025	862720	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-23 11:33:48	45B32760EE7F74AE0D8657286C2B274C	2317824	----a-w-	C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-06-23 11:33:48	42F28B3DF34071375AC0BBD953965FB1	2464768	----a-w-	C:\WINDOWS\SysWOW64\authui.dll
2016-06-23 11:33:48	1AC127FB0FAE1AD2C209981EC68CB384	44032	----a-w-	C:\WINDOWS\SysWOW64\certenc.dll
2016-06-23 11:33:48	06968346AA40C9778AFD8BA45D153A4E	124928	----a-w-	C:\WINDOWS\SysWOW64\wuwebv.dll
2016-06-23 11:33:48	0257B25DAE13FF41CF60261EDC6DF516	59904	----a-w-	C:\WINDOWS\SysWOW64\msiexec.exe
2016-06-15 22:07:29	F098034055C3B1AE2DEC3600E47618E6	115704	----a-w-	C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 22:07:29	DDD98338F1D4B71AAB293CCF98F398DD	503808	----a-w-	C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 22:07:29	BD5051CAE3AE0CBC402085A6E57B3CA9	291328	----a-w-	C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 22:07:29	789AD6DFEF198B32EBD12646D99CD2A1	50176	----a-w-	C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 22:07:14	850E959E341D6B707EA663BE7271DAB9	5270016	----a-w-	C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 22:07:13	70C0968AB49382522DDBE31B2733F367	35840	----a-w-	C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 22:07:13	5542F554514612D38958F25B4F2848ED	315224	----a-w-	C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 22:07:13	2DF8DA1C51430CDA9B7CA16DF1D79B49	5265920	----a-w-	C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 22:07:11	FE55BDCEB1F9E12FEB0DE7B302C6331B	20341248	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 22:07:10	FDD35A049C278F21F475C488FDA918AB	2121216	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 22:07:10	D7A447FCDAAB634414A70A7FB43550D3	4610048	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 22:07:10	BF95219E932B347B9A96191E7596AA78	13815808	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 22:07:10	B6B994FDE6F10910D3DD217FC9148892	2287104	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 22:07:10	B060248F84C8DB2039BF4FACCC25F971	497664	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 22:07:10	0D3E6ED5056221DBEE27ADD0FBB12AAE	1310208	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 22:07:09	E75E3B84A96A632DC50DA9B4A72BADC2	693248	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 22:07:09	CED67573CD8200D6C1A4EA9DA8212CAC	230400	----a-w-	C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 22:07:09	CC69A28D14007B2AC7EC80739DA42C01	710144	----a-w-	C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 22:07:09	B0F308E17518440F05493E7E633997F0	128000	----a-w-	C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 22:07:09	95EC9FA095A5DED5E926125D605CACB5	880128	----a-w-	C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 22:07:09	5CA7DB66D6A2A8091C423C2E43463C86	663552	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 22:07:09	5B89A8DE3B6E1B2BD460005829152F9E	2055680	----a-w-	C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 22:07:09	5562C4FD66AEE54979BDC1D0E022621A	64000	----a-w-	C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 22:07:09	49408A35D8CA83980F834D9DA6302258	279040	----a-w-	C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 22:07:06	F1EEBAFC8DB948A7089CD1B8152548DC	320720	----a-w-	C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 22:07:06	5A540777BD31438E397ED863AED1A5B9	286208	----a-w-	C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 22:07:06	4B5838786CA1FE753E840E05FB3CEAB7	631808	----a-w-	C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 22:07:05	9EC46A87625EC33C94EB3E2990680F7D	1097216	----a-w-	C:\WINDOWS\SysWOW64\gdi32.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-06-23 11:33:49	F8BFE5788C36737A2DAC8AFCA2D4BEC3	2635264	----a-w-	C:\WINDOWS\Sysnative\CertEnroll.dll
2016-06-23 11:33:49	F3F60C88A6BBC8D0C68FE5B1C91181AF	3667968	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-06-23 11:33:49	EFCCB19AFEEE2109EFB02C7BF53C82D7	1134768	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2016-06-23 11:33:49	BD5F83AE5106A131E7C6E7A4CB15B6BE	1080320	----a-w-	C:\WINDOWS\Sysnative\IKEEXT.DLL
2016-06-23 11:33:49	6E3782BE7D6BAF9105BAE32D0BF376F1	22361344	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-06-23 11:33:49	480AA477D0FE00F3966BDF8870E1E53E	397232	----a-w-	C:\WINDOWS\Sysnative\bcryptprimitives.dll
2016-06-23 11:33:49	449B4AB8BE642D5FF149D775B6CE82FF	445440	----a-w-	C:\WINDOWS\Sysnative\certcli.dll
2016-06-23 11:33:48	EF12AB4D0F764B2393673B86AA73EC29	2230784	----a-w-	C:\WINDOWS\Sysnative\wucltux.dll
2016-06-23 11:33:48	D82430B432E6C02F33A6CA01ED3C641D	1661072	----a-w-	C:\WINDOWS\Sysnative\ole32.dll
2016-06-23 11:33:48	D628F8470F5D8008736270F5B02B5311	136904	----a-w-	C:\WINDOWS\Sysnative\wuauclt.exe
2016-06-23 11:33:48	CC052D7666EBCD73E06471157AE32AF0	409088	----a-w-	C:\WINDOWS\Sysnative\WUSettingsProvider.dll
2016-06-23 11:33:48	A784ADB74CE02D7BF236FBDC2CD5EA92	35840	----a-w-	C:\WINDOWS\Sysnative\wuapp.exe
2016-06-23 11:33:48	9E51190D36AFD8443F11D1CAF51F3B83	897024	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2016-06-23 11:33:48	88D8A63BBB3F6DB76D315D2E730CD0C4	3320832	----a-w-	C:\WINDOWS\Sysnative\msi.dll
2016-06-23 11:33:48	811497FEDC9E8FEAEA7B0E7868E3F9C9	7446360	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-06-23 11:33:48	7E7ABD8687D4BEC20A95E5F15C954D4D	140288	----a-w-	C:\WINDOWS\Sysnative\wuwebv.dll
2016-06-23 11:33:48	7696A58F8CECF246FD6C6D4AEEE9DD93	1291776	----a-w-	C:\WINDOWS\Sysnative\certutil.exe
2016-06-23 11:33:48	666154E6F1C38B5CE7E5624127A0817E	34600	----a-w-	C:\WINDOWS\Sysnative\UserAccountBroker.exe
2016-06-23 11:33:48	26C47F054F740413C965F69FB3A04689	65024	----a-w-	C:\WINDOWS\Sysnative\msiexec.exe
2016-06-23 11:33:48	1B52CBE104E10DD392A78F7932A1ACEE	95744	----a-w-	C:\WINDOWS\Sysnative\wudriver.dll
2016-06-23 11:33:48	0AB5E2073DC87AEBD35F783BC5A6B150	53248	----a-w-	C:\WINDOWS\Sysnative\certenc.dll
2016-06-23 11:33:48	08EBC23D6118A3364407BBFC17D441BE	2778624	----a-w-	C:\WINDOWS\Sysnative\authui.dll
2016-06-23 11:33:48	0446C895F2EDD1DF9C26AC962CE7530D	107984	----a-w-	C:\WINDOWS\Sysnative\ncryptsslp.dll
2016-06-15 22:07:30	E9C0AC5E3625B1E7473D40AF8945F917	1413120	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-06-15 22:07:30	A7ED244E74B4FC8EA842E08702FCC4E5	265216	----a-w-	C:\WINDOWS\Sysnative\centel.dll
2016-06-15 22:07:30	939258F1561BF6238EFE51DC5AE3CEE9	76800	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2016-06-15 22:07:30	73096B911326367BB12B0AF6A3EFC2A9	50352	----a-w-	C:\WINDOWS\Sysnative\CompatTelRunner.exe
2016-06-15 22:07:30	69EA596DB7E47BFF956FC06BF89973B9	276480	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2016-06-15 22:07:30	695BC8DB86A4AEBA05EBFF4C6D2226C6	569856	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2016-06-15 22:07:30	1DD4ACCD6405DDCF8E30C9BF1B169B76	1204224	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2016-06-15 22:07:30	0F0AD193BF34F532852DAA53F0557F3A	544256	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2016-06-15 22:07:30	0A2DF1055FEEA30DFF73DAC0DA45FDE4	472576	----a-w-	C:\WINDOWS\Sysnative\pcasvc.dll
2016-06-15 22:07:29	B4BB66E7418C9A406D7DF34ADB1829D6	748544	----a-w-	C:\WINDOWS\Sysnative\StructuredQuery.dll
2016-06-15 22:07:29	A4435F095929480018210E80EA9EFE4F	135336	----a-w-	C:\WINDOWS\Sysnative\gpapi.dll
2016-06-15 22:07:29	9678FD4747A4F2E2318245EE6099482E	1360896	----a-w-	C:\WINDOWS\Sysnative\gpsvc.dll
2016-06-15 22:07:29	36A8E751D0AE732D6387A9E5E2491D70	92160	----a-w-	C:\WINDOWS\Sysnative\FwRemoteSvr.dll
2016-06-15 22:07:29	244CF999D9D04E83388BCFE1242C18CE	331776	----a-w-	C:\WINDOWS\Sysnative\polstore.dll
2016-06-15 22:07:29	0FF8507A8B901B904E98EB36B9E347EE	398848	----a-w-	C:\WINDOWS\Sysnative\IPSECSVC.DLL
2016-06-15 22:07:29	07B1BDA9ACB4BDFC9ABD0FB87FEC2745	4169216	----a-w-	C:\WINDOWS\Sysnative\win32k.sys
2016-06-15 22:07:14	E483D103B7752B08A29E25F0589B6393	7075328	----a-w-	C:\WINDOWS\Sysnative\glcndFilter.dll
2016-06-15 22:07:14	50D16F982079331D6E91AD933CAE3C4E	7793152	----a-w-	C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-06-15 22:07:13	D2FEB42A4D02D8DCC483E42EEFFAA582	44032	----a-w-	C:\WINDOWS\Sysnative\atmlib.dll
2016-06-15 22:07:13	1C0B0B5635A462AA5088C238BD0A9010	372568	----a-w-	C:\WINDOWS\Sysnative\atmfd.dll
2016-06-15 22:07:12	5D0EA73A910A2004A5A6598BDB26857B	25802752	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-06-15 22:07:10	EA1B9D3C7D11CA407AA89CBB266139CF	2597888	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2016-06-15 22:07:10	D87AB3135DD1024D0700C4DB9619E2B2	572416	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2016-06-15 22:07:10	97105AEB06F9E3D28CC8D77015DF5EFC	1544192	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-06-15 22:07:10	660BE1FBC5BEF8BEA1D38E3A532A5749	2895360	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-06-15 22:07:10	62EE27CE91167F082DF73E48C9ACE1CA	6051328	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-06-15 22:07:10	3AF1BBD3EFDD53823A8687A3AD24E137	15420928	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-06-15 22:07:09	D4A12AC117664A2A3F958F9A8986DC8C	2131968	----a-w-	C:\WINDOWS\Sysnative\inetcpl.cpl
2016-06-15 22:07:09	C0F2AD0D8287BF12AD1634088A85EC0C	315392	----a-w-	C:\WINDOWS\Sysnative\dxtrans.dll
2016-06-15 22:07:09	8F10460B9E74F93D58536FBD09FAEF3A	800768	----a-w-	C:\WINDOWS\Sysnative\ieapfltr.dll
2016-06-15 22:07:09	8194F4EA4F0922EFB838659FD777618A	817664	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2016-06-15 22:07:09	68FCB2DE9B065939BC783C64210BACDB	806400	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2016-06-15 22:07:09	542AE8E0449B5914A2012A5337D15F81	145408	----a-w-	C:\WINDOWS\Sysnative\iepeers.dll
2016-06-15 22:07:09	42F653F5E45F1A26243FEE0D08FB3302	262144	----a-w-	C:\WINDOWS\Sysnative\webcheck.dll
2016-06-15 22:07:09	425658930CD7FA25EB25B21D1AE365EA	92160	----a-w-	C:\WINDOWS\Sysnative\mshtmled.dll
2016-06-15 22:07:09	24451A901B0DDF54000D0E742FF17799	1032704	----a-w-	C:\WINDOWS\Sysnative\inetcomm.dll
2016-06-15 22:07:09	12F17778DBD4454E1D2EDF90C19121E8	379392	----a-w-	C:\WINDOWS\Sysnative\iedkcs32.dll
2016-06-15 22:07:06	D3901AE5309630F4981D093AE2EF8A83	339456	----a-w-	C:\WINDOWS\Sysnative\mswsock.dll
2016-06-15 22:07:06	B9274FE20F2DA0A92A4B0B3E3CBE1C4C	363104	----a-w-	C:\WINDOWS\Sysnative\ws2_32.dll
2016-06-15 22:07:06	310388D06C11C507226CD7C2D21D5ACE	802816	----a-w-	C:\WINDOWS\Sysnative\winhttp.dll
2016-06-15 22:07:05	9CA977C6DF8750CDA61892E268F01AC0	1379040	----a-w-	C:\WINDOWS\Sysnative\gdi32.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-06-23 11:33:49	5CBF8B3E27D824D2AA2A34AFB406F1D0	563024	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-06-23 11:33:49	3D4AE520CD6F6FFE549DD195C1F515BE	178016	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2016-06-23 11:33:48	F9ED4FFE6EBAC59F564323848974C3B4	331608	----a-w-	C:\WINDOWS\Sysnative\drivers\Classpnp.sys
2016-06-23 11:33:48	5408A71E47FF21E357192FD4126B3002	138240	----a-w-	C:\WINDOWS\Sysnative\drivers\dfsc.sys
2016-06-23 11:33:48	49676FEC898AB2A11B157F848269A56E	32768	----a-w-	C:\WINDOWS\Sysnative\drivers\hidusb.sys
2016-06-23 11:33:48	3C9C11DFF7C8C4384D22972ED75398D6	87552	----a-w-	C:\WINDOWS\Sysnative\drivers\netvsc63.sys
2016-06-23 11:33:48	24E6C1F418BACEE4E7D18266F48FF2EA	32512	----a-w-	C:\WINDOWS\Sysnative\drivers\hidparse.sys
2016-06-23 11:33:48	177D76B32D417537FAADFF90237A508B	111616	----a-w-	C:\WINDOWS\Sysnative\drivers\hidclass.sys
2016-06-15 22:07:13	CED8576CD925E83ABEB14F65EA205C29	675328	----a-w-	C:\WINDOWS\Sysnative\drivers\srv2.sys
2016-06-15 22:07:13	69DC128CF54009A686E0F0C57E2BA0DC	416768	----a-w-	C:\WINDOWS\Sysnative\drivers\srv.sys
2016-06-15 22:07:13	4396587119D8F4B72561ED24666E7567	243712	----a-w-	C:\WINDOWS\Sysnative\drivers\srvnet.sys
2016-06-15 22:07:06	9DC17B7D9D84C37C102D379FCC7D4942	281088	----a-w-	C:\WINDOWS\Sysnative\drivers\netbt.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-05-30 12:05:52	--------	d--h--w-	C:\Program Files\CanonBJ
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Robbescheuten\AppData\Roaming ======
2016-06-24 20:19:15	--------	d-----w-	C:\Users\Robbescheuten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
====== C:\Users\Robbescheuten ======
2016-06-26 15:50:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Robbescheuten\Desktop\RSITx64.exe
2016-06-23 20:21:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-06-23 20:21:11	--------	d-----w-	C:\ProgramData\ESET
2016-06-05 16:32:57	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2016-05-30 12:06:01	--------	d--h--w-	C:\ProgramData\CanonBJ
2016-05-30 12:05:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6200 series

====== C: exe-files ==
2016-06-26 15:50:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Robbescheuten\Desktop\RSITx64.exe
2016-06-24 22:24:09	A2207F22CA51DC837590EC6CE46ECB8C	11438608	----a-w-	C:\Users\Robbescheuten\AppData\Local\Temp\HitmanPro_x64.exe
2016-06-24 22:24:09	A2207F22CA51DC837590EC6CE46ECB8C	11438608	----a-w-	C:\Users\Robbescheuten\AppData\Local\Microsoft\Windows\INetCache\IE\6YCT6CX7\hitmanpro_x64[1].exe
2016-06-24 21:23:13	D8CAAB27BBE00B9E3FC888FF5CDDB8DB	8165848	----a-w-	C:\Users\Robbescheuten\AppData\Local\NVIDIA\NvBackend\Packages\00008e4d\DAO.20881938.exe
2016-06-24 20:19:14	BB242E830280CD96ED8177C5103FE739	25200	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_x86\dbxsvc.exe
2016-06-24 20:19:14	839DE4A51FC7B9B3C0DF4891296B2F7B	173288	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
2016-06-24 20:19:14	67F3885B1545B5558C431B0E0E2A97BB	24105936	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\Dropbox.exe
2016-06-24 20:19:14	3F05A4777AD9C8994BD1BD972408A803	25712	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_amd64\dbxsvc.exe
2016-06-24 20:19:00	5968F9CA0C51FF2C673A59083E2CBB98	69215400	----a-w-	C:\Users\Robbescheuten\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\5.4.24\DropboxClient_5.4.24.exe
2016-06-24 09:57:50	FF244BC0CF3A3851272E939213C64075	346552	----a-w-	C:\Users\Robbescheuten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2016-06-24 09:57:16	BF052A819DA72457FBD219BF8EF9AF96	403896	----a-w-	C:\Users\Robbescheuten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2016-06-23 21:22:34	820AF269860FCC9A6B687EF0BCF4C842	701256	----a-w-	C:\Users\Robbescheuten\AppData\Local\NVIDIA\NvBackend\Packages\00008e2f\CoProc update.20874372.exe
2016-06-23 11:33:48	E4B7BA1919B8A9C701DC4CC12FEAF499	1060352	----a-w-	C:\Windows\SysWOW64\certutil.exe
2016-06-23 11:33:48	D628F8470F5D8008736270F5B02B5311	136904	----a-w-	C:\Windows\System32\wuauclt.exe
2016-06-23 11:33:48	D0DE3C0181F7500068F69AD566D26DB3	29696	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2016-06-23 11:33:48	AA5E14276A0AF0BB3D3E6305A24AC02A	30984	----a-w-	C:\Windows\SysWOW64\UserAccountBroker.exe
2016-06-23 11:33:48	A784ADB74CE02D7BF236FBDC2CD5EA92	35840	----a-w-	C:\Windows\System32\wuapp.exe
2016-06-23 11:33:48	811497FEDC9E8FEAEA7B0E7868E3F9C9	7446360	----a-w-	C:\Windows\System32\ntoskrnl.exe
2016-06-23 11:33:48	7696A58F8CECF246FD6C6D4AEEE9DD93	1291776	----a-w-	C:\Windows\System32\certutil.exe
2016-06-23 11:33:48	666154E6F1C38B5CE7E5624127A0817E	34600	----a-w-	C:\Windows\System32\UserAccountBroker.exe
2016-06-23 11:33:48	26C47F054F740413C965F69FB3A04689	65024	----a-w-	C:\Windows\System32\msiexec.exe
2016-06-23 11:33:48	0257B25DAE13FF41CF60261EDC6DF516	59904	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2016-06-21 19:29:18	6F4660AC6BFE14A3F50A1B6A1C7C2C7C	1934520	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\winword.exe
2016-06-21 19:29:17	EFE828367F5156524ECDEA304E8F161F	27323080	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
2016-06-21 19:29:16	8D05A9E7BAF03C4C4C5B5A33E563D2B0	7988520	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe
2016-06-21 19:29:15	250B64523957837E97884078146FB985	42696	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\appsharinghookcontroller.exe
2016-06-21 19:29:14	92BF903577B991CF7F17AD6E499DBDA0	5840680	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe
2016-06-21 19:29:11	491D2AF1A7B8E7B265377B1C8F2A020A	1069264	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2016-06-21 19:29:09	EF5F138D0C250AF1FD9F58479A2FFD07	2247880	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
2016-06-21 19:29:09	562A3D75BF54A087326ACB1682292BE0	1052864	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe
2016-06-21 19:29:09	2C1BFCEE1005FC7CF956967E2A34B782	29506752	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2016-06-21 19:29:08	9AB292F639DDA2E9C10D4FE8DAEC5C1F	33043648	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excel.exe
2016-06-21 19:29:07	482E3F47AB73CBCEDD805D11F05C993C	237248	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\cnfnot32.exe
2016-06-21 19:29:03	5CE6712BAB9737543F84D829D1A703C1	705384	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
=== C: other files ==
2016-06-24 20:19:14	D54A14EF632698CEB089654B5394F929	63600	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-dev.sys
2016-06-24 20:19:14	602534C6AF65E07ACD260AFA55D89D0F	52848	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_x86\dbx-stable.sys
2016-06-24 20:19:14	602534C6AF65E07ACD260AFA55D89D0F	52848	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_x86\dbx-canary.sys
2016-06-24 20:19:14	5A83DA46A3C55A0756230C8A02CA8696	63088	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-stable.sys
2016-06-24 20:19:14	5A83DA46A3C55A0756230C8A02CA8696	63088	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_amd64\dbx-canary.sys
2016-06-24 20:19:14	006F32093B0FF58A3839FF84288A2DE1	53360	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Dropbox\bin\driver_x86\dbx-dev.sys
2016-06-23 11:33:49	5CBF8B3E27D824D2AA2A34AFB406F1D0	563024	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-06-23 11:33:49	3D4AE520CD6F6FFE549DD195C1F515BE	178016	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-06-23 11:33:48	F9ED4FFE6EBAC59F564323848974C3B4	331608	----a-w-	C:\Windows\System32\drivers\Classpnp.sys
2016-06-23 11:33:48	5408A71E47FF21E357192FD4126B3002	138240	----a-w-	C:\Windows\System32\drivers\dfsc.sys
2016-06-23 11:33:48	49676FEC898AB2A11B157F848269A56E	32768	----a-w-	C:\Windows\System32\drivers\hidusb.sys
2016-06-23 11:33:48	3C9C11DFF7C8C4384D22972ED75398D6	87552	----a-w-	C:\Windows\System32\drivers\netvsc63.sys
2016-06-23 11:33:48	24E6C1F418BACEE4E7D18266F48FF2EA	32512	----a-w-	C:\Windows\System32\drivers\hidparse.sys
2016-06-23 11:33:48	177D76B32D417537FAADFF90237A508B	111616	----a-w-	C:\Windows\System32\drivers\hidclass.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1037555006-1929405826-4030660218-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Boxifier"="C:\Users\Robbescheuten\AppData\Roaming\Boxifier\boxifier.exe /minimized"
"Dropbox Update"="C:\Users\Robbescheuten\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"Boxifier"="C:\Users\Robbescheuten\AppData\Roaming\Boxifier\boxifier.exe /minimized"
"Dropbox Update"="C:\Users\Robbescheuten\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"Corel Update Helper"="c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe /t"

==== Startup Folders ======================

2015-03-02 16:13:39	1209	----a-w-	C:\Users\Robbescheuten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1037555006-1929405826-4030660218-1001Core.job --a-------- C:\Users\Robbescheuten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17-06-2015 20:45]
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1037555006-1929405826-4030660218-1001UA.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-1037555006-1929405826-4030660218-1001Core" [C:\Users\Robbescheuten\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-1037555006-1929405826-4030660218-1001UA" [C:\Users\Robbescheuten\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\START SKYDRIVE" [C:\WINDOWS\System32\SkyDrive.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5F2E07E3-A89B-4F8F-ADA6-FF7F73323BFA}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\ASUS\ASUS Product Register Service" [C:\Program Files (x86)\ASUS\APRP\aprp.exe]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2016-03-16 22:03:27	--------	d-----w-	C:\PROGRA~3\flipBook
2016-03-16 22:03:47	--------	d-----w-	C:\PROGRA~3\A-PDF
2016-03-28 13:23:30	--------	d-----w-	C:\PROGRA~3\HitmanPro.Alert
2016-05-30 12:06:01	--------	d--h--w-	C:\PROGRA~3\CanonBJ
2016-06-23 20:21:11	--------	d-----w-	C:\PROGRA~3\ESET

==== Chromium Look ======================

Google Slides - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Facebook for Chrome - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp
Solitaire - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep
Google Wallet - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.nl/",
"startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1410635248&from=cor&uid=ST1000DM003-1CH162_Z1D2YKB5XXXXZ1D2YKB5", "http://nieuwtabblad/" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EBD0EE76-2CFC-4EE5-AFE6-7EEAA3B14332} deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Boxifier] "C:\Users\Robbescheuten\AppData\Roaming\Boxifier\boxifier.exe" /minimized
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Robbescheuten\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - Startup: Dropbox.lnk = Robbescheuten\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - https://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: HitmanPro.Alert service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Robbescheuten\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Robbescheuten\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Robbescheuten\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Robbescheuten\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Robbescheuten\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=41 folders=43 35998618 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Robbescheuten\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\ROBBES~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on zo 26-06-2016 at 22:02:18,12 ======================