Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by PC-bureau on ma 22/08/2016 at 9:44:05,26. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\PC-bureau\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 22/08/2016 9:46:51 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Opera deleted successfully C:\Program Files\log deleted successfully C:\Users\PC-bureau\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\PC-bureau\AppData\Local\EmieSiteList deleted successfully C:\Users\PC-bureau\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2957127233-3609595312-830154782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_USERS\S-1-5-21-2957127233-3609595312-830154782-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 22 PPAPI Adobe Reader X (10.1.0) - Nederlands Advertising Center Amazon 1Button App Amazon Assistant Avast Free Antivirus AVG 2013 Belgium e-ID middleware 4.0.6 (build 7416) Definition Update for Microsoft Office 2010 (KB3115321) 32-Bit Edition DeskUpdate 4.11 Facebook Video Calling 3.1.0.521 Google Chrome Google Toolbar for Internet Explorer Google Update Helper ImagXpress Java Auto Updater KBC-beveiligingscomponenten Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Choice Guard Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Mozilla Firefox 43.0.1 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 9 Essentials Nero BurnRights Nero BurnRights Help Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero DiscSpeed Nero DiscSpeed Help Nero DriveSpeed Nero DriveSpeed Help Nero InfoTool Nero InfoTool Help Nero Installer Nero StartSmart Nero StartSmart Help Nero StartSmart OEM neroxml PL-2303 USB-to-Serial Rbm84 Realtek High Definition Audio Driver SafeZone Stable 1.48.2066.101 Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft .NET Framework 4.5.2 (KB3097996) Security Update for Microsoft .NET Framework 4.5.2 (KB3098781) Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996v2) Security Update for Microsoft .NET Framework 4.5.2 (KB3142033) Security Update for Microsoft .NET Framework 4.5.2 (KB3163251) Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3115322) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3114400) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3114869) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB3114885) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3115474) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3115118) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114872) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2999465) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3115471) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Stuurprogrammapakket voor Windows - Fedict SmartCard (09/23/2013 4.0.6.0) Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2881030) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Windows Live aanmeldhulp ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\PC-bureau\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Amazon 1Button App Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Amazon 1Button App Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSAgent deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVGIDSAgent deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgwd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\avgwd deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Opera not found C:\Program Files (x86)\Amazon deleted C:\Users\PC-bureau\AppData\Roaming\Mozilla\Firefox\Profiles\nge165vz.default-1454417243647\searchplugins\amazon.xml deleted C:\Windows\syswow64\appdata deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\default-search.xml deleted C:\PROGRA~2\ver6BlockAndSurf deleted C:\Users\PC-bureau\AppData\Roaming\FirefoxToolbar deleted C:\Users\PC-bureau\AppData\Roaming\VOPackage deleted C:\PROGRA~3\Registry Helper deleted C:\PROGRA~3\Partner deleted C:\Users\PC-bureau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted C:\Users\PC-bureau\Downloads\avg_free_stb_all_2011_1191_cnet.exe deleted C:\Users\PC-bureau\AppData\LocalLow\DataMngr deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted C:\windows\SysNative\tasks\DistromaticSearchProtect-hourly deleted C:\windows\SysNative\tasks\DistromaticSearchProtect-logon deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\RegistryHelperLM.ocx deleted "C:\windows\SysNative\DRIVERS\avgidsha.sys" deleted "C:\windows\SysNative\DRIVERS\avgloga.sys" deleted "C:\windows\SysNative\DRIVERS\avgmfx64.sys" deleted "C:\windows\SysNative\DRIVERS\avgrkx64.sys" deleted "C:\windows\SysNative\DRIVERS\avgidsdrivera.sys" deleted "C:\windows\SysNative\DRIVERS\avgtdia.sys" deleted "C:\windows\SysNative\DRIVERS\avgldx64.sys" deleted "C:\Program Files (x86)\AVG\AVG2013\avgsea.dll" deleted "C:\Program Files (x86)\AVG\AVG2013\avgsysa.dll" deleted "C:\Program Files (x86)\AVG" not deleted "C:\Program Files (x86)\AVG\AVG2013" not deleted ==== Registry Search Results for "{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner] "CLSID"="{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\linkscanner] "CLSID"="{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3968 MB CPU Info: Pentium(R) Dual-Core CPU E5700 @ 3.00GHz CPU Speed: 2996.9 MHz Sound Card: Not detected Display Adapters: Intel(R) G41 Express Chipset | Intel(R) G41 Express Chipset | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (F: | ) F: TSSTcorpCDDVDW TS-H653G Ports: COM1 | COM5 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 296.1GB Hard Disks - Free: C: 211.7GB Manufacturer *: FUJITSU // Phoenix Technologies Ltd. BIOS Info: AT/AT COMPATIBLE | 11/09/10 | FSC - 60000 Time Zone: West-Europa (standaardtijd) Motherboard *: FUJITSU D3041-A1 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} Default Browser: Google Chrome 52.0.2743.116 Internet Explorer Version: 11.0.9600.18426 Mozilla Firefox version: 43.0.1 (x86 nl) Google Chrome version: 52.0.2743.116 Adobe Reader version: 10.1.0.534 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\PC-BUR~1\AppData\Local\Temp ==== 2016-08-19 06:27:21 B22336CCA7FE73F68AB507DE506FF4BE 207000 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\psmachine.dll 2016-08-19 06:27:21 851A204FAF9CAEF588E5973F2EBBA4E1 207000 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\psuser.dll 2016-08-19 06:27:21 62C8848106B5DB20264214683645B9E8 248984 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\psuser_64.dll 2016-08-19 06:27:21 3EE8AE0ECFE5D79DE1737A855AD1E84C 628888 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\npGoogleUpdate3.dll 2016-08-19 06:27:21 0195B57FA9048A7E8467E39A659F3854 248984 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\psmachine_64.dll 2016-08-19 06:27:20 C75B240057A7169179DB2EC9E059D4C5 96920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateBroker.exe 2016-08-19 06:27:20 C19479674473E795A3D80423448A76F7 1740440 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\goopdate.dll 2016-08-19 06:27:20 BF76E03E95FD83C31B32639472A8EDCC 174232 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateComRegisterShell64.exe 2016-08-19 06:27:20 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdate.exe 2016-08-19 06:27:20 A2AFEE318C51D8A2BF85A4E46E715565 96920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateOnDemand.exe 2016-08-19 06:27:20 9370A2EB35422E0ABDAB228DF94DBBD0 40960 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateHelper.msi 2016-08-19 06:27:20 8ECEE61C9EFE194B6ACA6030DFE3990E 96920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateWebPlugin.exe 2016-08-19 06:27:20 812D664B0084DF946C8E9BC01B3FC19E 1065376 ----a-w- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateSetup.exe 2016-08-19 06:27:20 788321A2C0C45F16820E00A8BA8FD3DA 366232 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleCrashHandler64.exe 2016-08-19 06:27:20 58332C83C4A329A744B0B98F934934BB 288920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleCrashHandler.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-08-19 09:55:43 825F376B6B93AA0B73B6C6581BAF74AC 796352 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-08-19 09:55:43 19919B006F3B8536A87F2C3357FD0085 142528 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-08-19 06:34:11 9DE2ECE436DCD0A3237565AC1F66B7B3 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2016-08-17 11:29:26 8241C71BECB78FE347E26F1444FF0408 251392 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-08-17 11:29:25 FF80DB2A3E58752C0D3DF84A8C122F92 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2016-08-17 11:29:25 F5C14A878BF2E5910E10659B17301A0A 141312 ----a-w- C:\Windows\SysWOW64\rpchttp.dll 2016-08-17 11:29:25 B0357E6AD7A705F10B975638F984D003 260608 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-08-17 11:29:25 A5E65D7561D393E8C8653E242AEA5CC2 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2016-08-17 11:29:25 8371D7D799B02E9856F87C4A5836C4E7 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2016-08-17 11:29:25 7B5FD967AE05EF838F478684281FC6C1 36352 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2016-08-17 11:29:25 6D6BDDB5C612877C7A2968F2811B738D 553472 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-08-17 11:29:25 61FA0F6C5D5AA1EF14B0A78DEDA31577 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2016-08-17 11:29:25 5FF4AD435A1EFF524409B220ACCD78B4 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2016-08-17 11:29:25 54111CE7EFC1EF72FAFB927C316FB2EE 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2016-08-17 11:29:25 4CD27D535C6A15CCA00EDEBF8176C9E9 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-08-17 11:29:25 41241C3AE0B3229362AB5DE477BD7BC8 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-08-17 11:29:25 39AB21759ADB139F8E8F8206F051491D 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2016-08-17 11:29:25 2CB48AD27A4A7CEB91874DB5FE313966 666112 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-08-17 11:29:25 1C77420F4551C8D71ECEA95E16117077 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-08-17 11:29:25 0F6EA0C965294B39E1B2029CF8FCEB28 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2016-08-17 11:26:44 F3EA89E72E6ADD295790092B57800DF8 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll 2016-08-17 11:26:44 CF8D63650B723AD146882DE7238A21A4 346312 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-08-17 11:26:44 CAAFB21C8A0F20E3C422E284B077B28B 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2016-08-17 11:26:44 64CEAFB38C22478231B1DA2A0BC6CDF7 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2016-08-17 11:26:44 586B9F1848F16DC8DD5E706ED1A3F27F 1316352 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-08-17 11:26:44 2E8B78648D278FCB07F5467F0431E3EF 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2016-08-17 11:26:44 2B46512370A9EC8A8833C42998B4AC20 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2016-08-17 11:26:44 227AABB662FFB3FA84D548CE0096D45E 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2016-08-17 11:26:43 F549CF4F85F6744F9BD836EFD0F2BB02 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2016-08-17 11:26:43 B234B83E0EFCA74F50E9EB6F6F899928 20343808 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-08-17 11:26:43 917A2834DD5B0715967C2B570B0F6307 497664 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-08-17 11:26:43 8CD353AE6565B8BA274DF7637F05F99A 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-08-17 11:26:43 0EC9E3CA8AFD25FD2DF1C1051C07C754 692736 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-08-17 11:26:42 EB0157E1E081D4B24E39819054187803 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-08-17 11:26:42 8560664EC9AFDB4DB83F32A326509259 2055680 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-08-17 11:26:42 8394C481B63B959C1650AE5F73FF8E39 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2016-08-17 11:26:42 10D8F6B20CDC95F058446A0A6468BB34 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-08-17 11:26:41 F2905A16B566C8C7D32CF1F0BBEC3880 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2016-08-17 11:26:41 A63EB09E14B5502C489262D4DE9C1FF3 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-08-17 11:26:41 3398621BF58F9A352B01E56FB52C5EEE 2286592 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-08-17 11:26:41 29AA0A28C71C3DF34B651C43FCCACC6A 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-08-17 11:26:40 F8868261CE69123E9271AD9E12AB9693 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2016-08-17 11:26:40 C8DD4301F421E2B5633F86A94F7E2F56 13808128 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-08-17 11:26:40 BCF01E6EFF578F68407CC0B36C38EF17 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2016-08-17 11:26:38 B269D6CE33447A716668291DBD9E5C22 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2016-08-17 11:26:38 74F975346D32CAB73552A9331CDA8C42 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2016-08-17 11:26:38 64829F4ED34D8339EC39D32204718ADD 2393088 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-08-17 11:26:38 616FE9AB9C7A398500CA7D0921F0FF85 4608000 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-08-17 11:26:38 2B9F2BBB8FE8A95A81D2388B60C3E042 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-08-17 11:26:37 56610536AAA4C3D96FEAEF7595034007 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2016-08-17 11:26:37 56276DD3F64D583675B2F183B1BEFF03 341504 ----a-w- C:\Windows\SysWOW64\html.iec ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-08-19 06:34:11 77F7A37A1AF97A0050448F2A40072A4E 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2016-08-17 11:29:26 B6000CC0F681D94F2AFC15BE6193F241 343552 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-08-17 11:29:26 A648773888E64002EFBB7B5CE35DA7D7 1464320 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-08-17 11:29:25 F83C586FD2443B5138F74E10B9F46F95 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-08-17 11:29:25 EEF212F3B6A6645D93CD0B2D424CF48A 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2016-08-17 11:29:25 D0CEF11E5B55B717AD6E8066CA9F2AC2 463872 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-08-17 11:29:25 BA3BF48B745D3D5C90B360477A39AD52 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll 2016-08-17 11:29:25 B287DB3318E465176A97953BD464C034 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2016-08-17 11:29:25 A05D21704365D26EB2ED4F45A354CD50 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2016-08-17 11:29:25 9B09C31B1F32D0D408E531135C4915F8 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2016-08-17 11:29:25 93ABBD493174AE383BA5234826CFB51E 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2016-08-17 11:29:25 85AE555C473DA14AF08A0515BA8E2D27 190464 ----a-w- C:\Windows\Sysnative\rpchttp.dll 2016-08-17 11:29:25 816606DFF52714CB2F80EB11388C720A 730624 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-08-17 11:29:25 814D408924CF9B4109216BBC458517A9 43520 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2016-08-17 11:29:25 7770EE0B98AEC80A737652DC557C7F7E 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2016-08-17 11:29:25 47819B3FCC240EA34A696E5AC57DA4E8 316416 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-08-17 11:29:25 246A1663CA201B55796E9DDC027EB8ED 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2016-08-17 11:29:25 18459FCD4B657CF6452D992D984740DB 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2016-08-17 11:29:25 13FE29C1C8E782829C7FAA3B14F4A666 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2016-08-17 11:29:25 0FD231D3BB3867BD2CF35D76E35E4157 210432 ----a-w- C:\Windows\Sysnative\wdigest.dll 2016-08-17 11:29:25 0CB631D7FAAAD66FECCFE64AF7502961 1212928 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-08-17 11:26:44 FB5E30FD58CFCB42C4C58AC4F6B193B4 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2016-08-17 11:26:44 F34FCCD107EEE8F32E973B88B1B6879F 724992 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-08-17 11:26:44 30AA13DD3AB392D31EE1F8280F02419F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-08-17 11:26:44 231B7E1CF644F83DEE1D14C96D1CE64A 107520 ----a-w- C:\Windows\Sysnative\inseng.dll 2016-08-17 11:26:44 1DCC47231EF77587C6058D0DB1C619BE 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-08-17 11:26:44 0795C990F18769F138B9C6DF757A1262 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2016-08-17 11:26:43 C6CBF1C307BD7FBC15DF4245C4466B13 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2016-08-17 11:26:42 F20E4D8EB4B99BCC109AE599193243FD 394440 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-08-17 11:26:42 F13C89FB78ACFF5540F198EBF36FCA9F 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2016-08-17 11:26:41 BE5436294A01E3C7DD4DD231C724F5C4 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2016-08-17 11:26:41 3E154893570038A59F73A8F7418DCF75 1550848 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-08-17 11:26:40 D30B023DC798FAC4ABA25D0B637C568A 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2016-08-17 11:26:40 C588FEF8EE8AD70A1A739B23EF4B987A 969216 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2016-08-17 11:26:40 7EE91314F7FFC8A566ADDCD13DD51242 806400 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-08-17 11:26:39 F09B558573C9BBBC949FA6B3D3200456 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-08-17 11:26:39 50828D61E8A3205B337DC49A7C3FFF38 2131456 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-08-17 11:26:39 22336934420C6862F0847DED6C437B76 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-08-17 11:26:38 F685AC29447B34F623D85C973E028287 572416 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-08-17 11:26:38 EFB4DC94975BAFFE5FB0465E64A1E54B 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-08-17 11:26:38 C7C7C333FDBECF16C29A39635B84A1EA 2894336 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-08-17 11:26:37 8F9762BB257CAC7B119CB643212AAD75 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2016-08-17 11:26:37 679442D0595FBF5A6D91705D364784A3 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2016-08-17 11:26:36 CA73619BE9ADCEB3934551C223F6ADD0 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-08-17 11:26:36 C29752ECB73D5C92003568123975EA7C 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2016-08-17 11:26:36 311416EBB1CFB6F39D0AE6176E79D2C2 15412224 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-08-17 11:26:35 8BE7C72DB66A760B2DC57DE1D99EDCA1 6047744 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-08-17 11:26:35 76A937F27F14BE9AB31901319335CED6 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-08-17 11:26:35 710634B4F8003066FB7329D776D0C5BE 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2016-08-17 11:26:35 429E72773966866CE5F6BBA9E07B750D 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-08-17 11:26:35 2FC7C339A0310E9E7A55384B2B798F06 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2016-08-17 11:26:34 33821B684222F236711F7F8C78AA9247 2868224 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-08-17 11:26:34 2BCC67A19D5C041AE694DBCA3BA0A290 417792 ----a-w- C:\Windows\Sysnative\html.iec 2016-08-17 11:26:33 E3E3B1226692DB497226CCD7F43AD7DF 25808384 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-08-17 11:26:33 51BD4D3D74CDF4EFB6C8023C86914C6D 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2016-08-17 11:26:33 133BDD30B98E9158649E73B38434F673 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2016-08-17 11:21:40 F599F9438186D88E6A9D0F38806C1217 3218944 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2016-08-17 11:29:26 CFBA6BCBBDC7E33813D92FFB3460FA07 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-08-17 11:29:25 CE66825289EE8326CB52C4E9E785ACB0 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-08-17 11:29:25 B7FADA5E1E55BB63F90EB9F8F016113B 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-08-17 11:29:25 34AFF1849B3EC042C40C5EEC9D78562A 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-08-17 11:29:25 058CE7A55E140EB0C72FBA6FD2FA72DE 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys ====== C:\Windows\Tasks ====== 2016-08-19 09:55:47 2BCE5FA1C7FF57AF5CF9B39C5DAAF6DE 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-08-19 09:55:47 17753BA0DA334F73526CBC6BCE5C6816 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2016-08-19 09:55:44 DA7B63387DEEB90F6CE04C73D41FCD47 4012 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier 2016-08-19 09:55:44 4632EB87C307EDD822E2285BFD7625E7 1002 ----a-w- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-08-19 10:54:57 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\PC-bureau\AppData\Roaming ====== ====== C:\Users\PC-bureau ====== 2016-08-19 10:53:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\PC-bureau\Desktop\RSITx64.exe 2016-08-19 10:15:00 C0F448A2C9DE04D3F5AAE9962B425CC4 987728 ----a-w- C:\Users\PC-bureau\Downloads\ChromeSetup.exe 2016-08-19 09:53:04 DCE39616768A0586F280A1283BB23BAA 1196240 ----a-w- C:\Users\PC-bureau\Downloads\flashplayer22pp_xa_install.exe ====== C: exe-files == 2016-08-19 10:54:57 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\PC-bureau.exe 2016-08-19 10:53:03 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\PC-bureau\Desktop\RSITx64.exe 2016-08-19 10:15:00 C0F448A2C9DE04D3F5AAE9962B425CC4 987728 ----a-w- C:\Users\PC-bureau\Downloads\ChromeSetup.exe 2016-08-19 09:55:43 825F376B6B93AA0B73B6C6581BAF74AC 796352 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-08-19 09:53:04 DCE39616768A0586F280A1283BB23BAA 1196240 ----a-w- C:\Users\PC-bureau\Downloads\flashplayer22pp_xa_install.exe 2016-08-19 06:34:11 4D77048C36BACBAC5295AA21F7261D28 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2016-08-19 06:27:20 C75B240057A7169179DB2EC9E059D4C5 96920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateBroker.exe 2016-08-19 06:27:20 BF76E03E95FD83C31B32639472A8EDCC 174232 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateComRegisterShell64.exe 2016-08-19 06:27:20 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdate.exe 2016-08-19 06:27:20 A2AFEE318C51D8A2BF85A4E46E715565 96920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateOnDemand.exe 2016-08-19 06:27:20 8ECEE61C9EFE194B6ACA6030DFE3990E 96920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateWebPlugin.exe 2016-08-19 06:27:20 812D664B0084DF946C8E9BC01B3FC19E 1065376 ----a-w- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleUpdateSetup.exe 2016-08-19 06:27:20 788321A2C0C45F16820E00A8BA8FD3DA 366232 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleCrashHandler64.exe 2016-08-19 06:27:20 58332C83C4A329A744B0B98F934934BB 288920 ----atw- C:\Users\PC-bureau\AppData\Local\Temp\{0AC83D7F-C738-42FF-A45E-511076B96262}\GoogleCrashHandler.exe 2016-08-17 11:29:25 B287DB3318E465176A97953BD464C034 64000 ----a-w- C:\Windows\System32\auditpol.exe 2016-08-17 11:29:25 4CD27D535C6A15CCA00EDEBF8176C9E9 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-08-17 11:29:25 13FE29C1C8E782829C7FAA3B14F4A666 30720 ----a-w- C:\Windows\System32\lsass.exe 2016-08-17 11:26:44 F34FCCD107EEE8F32E973B88B1B6879F 724992 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-08-17 11:26:44 83F98F75E0F3ED7C02B35B17853F6CAB 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2016-08-17 11:26:44 0795C990F18769F138B9C6DF757A1262 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2016-08-17 11:26:42 F782AA6A534AE1536E2EB33A85E23A7B 474112 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2016-08-17 11:26:42 BEEA90201596E8E30E9543A0E05837A6 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-08-17 11:26:41 C5481C540C36793450318BCA4AD219DC 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-08-17 11:26:40 C588FEF8EE8AD70A1A739B23EF4B987A 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2016-08-17 11:26:39 6DC6F88B59CAE7DDEB356BF6075B90D6 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-08-17 11:26:38 C734F16AB9C08927D6C118E73DFE70FC 814280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2016-08-17 11:26:38 2B9F2BBB8FE8A95A81D2388B60C3E042 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-08-17 11:26:35 710634B4F8003066FB7329D776D0C5BE 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-08-16 08:29:25 76D51C09CAF3F08577BB6297D57BE9D7 51040856 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\52.0.2743.116\52.0.2743.116_chrome_installer.exe === C: other files == 2016-08-17 11:29:26 CFBA6BCBBDC7E33813D92FFB3460FA07 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-08-17 11:29:25 CE66825289EE8326CB52C4E9E785ACB0 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-08-17 11:29:25 B7FADA5E1E55BB63F90EB9F8F016113B 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-08-17 11:29:25 34AFF1849B3EC042C40C5EEC9D78562A 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-08-17 11:29:25 058CE7A55E140EB0C72FBA6FD2FA72DE 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-08-17 11:21:40 F599F9438186D88E6A9D0F38806C1217 3218944 ----a-w- C:\Windows\System32\win32k.sys ==== Orphaned Tasks deleted from Registry ====================== avast Emergency Update deleted DistromaticSearchProtect-hourly deleted DistromaticSearchProtect-logon deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2957127233-3609595312-830154782-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Facebook Update"="C:\Users\PC-bureau\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DeskUpdateNotifier"="c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "IsaKbcCertUpdate"="C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "Registry Helper"="C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "Facebook Update"="C:\Users\PC-bureau\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Startup Folders ====================== 2010-12-28 18:14:33 976 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk 2010-12-28 18:14:33 976 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk 2010-12-28 10:33:59 976 ----a-w- C:\Users\PC-bureau\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [19/08/2016 11:55] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19/08/2016 11:55] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2957127233-3609595312-830154782-1000Core.job --a------ C:\Users\PC-bureau\AppData\Local\Facebook\Update\FacebookUpdate.exe [24/10/2013 18:17] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2957127233-3609595312-830154782-1000UA.job --a------ C:\Users\PC-bureau\AppData\Local\Facebook\Update\FacebookUpdate.exe [24/10/2013 18:17] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 13:54] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/08/2015 13:54] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DistromaticUpdater-logon" [C:\Program Files (x86)\Amazon Browser Settings\updater.exe] "C:\Windows\SysNative\tasks\DistromaticUpdater-periodic" [C:\Program Files (x86)\Amazon Browser Settings\updater.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2957127233-3609595312-830154782-1000Core" [C:\Users\PC-bureau\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2957127233-3609595312-830154782-1000UA" [C:\Users\PC-bureau\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SafeZone scheduled Autoupdate 1466010055" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{3DD791A5-BD41-496E-8B4F-AFD41D5527FF}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{72A3193E-9534-451A-9550-0E0CC2EA9C44}" [Z:\aDMIN\BASIS\REPORT.EXE] "C:\Windows\SysNative\tasks\{D3871E74-0794-4960-9B84-D95A47BEC024}" [Z:\aDMIN\BASIS\REPORT.EXE] "C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe] "C:\Windows\SysNative\tasks\Fujitsu\DeskUpdate" [c:\Fujitsu\Programs\DeskUpdate\ducmd.exe] "C:\Windows\SysNative\tasks\Fujitsu\DeskUpdateRetry" [c:\Fujitsu\Programs\DeskUpdate\ducmd.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\PC-BUR~1\AppData\Roaming\Mozilla\Firefox\Profiles\nge165vz.default-1454417243647 user_pref("browser.startup.homepage", "www.google.be"); user_pref("browser.newtab.url", "https://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ff_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_307c5ed1_1201_1403_20160603_BE_ff_nt_"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [15/06/2016 07:44] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [15/06/2016 07:44] ==== Firefox Extensions ====================== ProfilePath: C:\Users\PC-BUR~1\AppData\Roaming\Mozilla\Firefox\Profiles\nge165vz.default-1454417243647 - Amazon Assistant for Firefox - %ProfilePath%\extensions\abb@amazon.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fgbcffenncokfocljomejddmgcpppjom - No path found[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[15/06/2016 07:43] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ooebgdicanjhnamfmdlmlbcnkgehkkmf - No path found[] pbjikboenpfhbbejgkoklgkhjpfogcam - No path found[] Google Docs Offline - PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avast Online Security - PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Chrome Web Store Payments - PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Amazon.com Search Settings - PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebgdicanjhnamfmdlmlbcnkgehkkmf Amazon Assistant for Chrome - PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam Gmail - PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/ig/redirectdomain?brand=FTSF&bmod=FTSF" "Default_Page_URL"="http://ts.fujitsu.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com/ig/redirectdomain?brand=FTSF&bmod=FTSF" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{BE3466C4-6563-4B8D-A929-25D89D62C489}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} - http://www.default-search.net/search?sid=492&aid=328&itype=n&ver=14733&tm=548&src=ds&p={searchTerms} HKLM\SearchScopes\{BE3466C4-6563-4B8D-A929-25D89D62C489} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0942EC95-102C-41E5-AC6A-12FEFAC311D1}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes\{0942EC95-102C-41E5-AC6A-12FEFAC311D1} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSF HKLM\Wow6432Node\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} - http://www.default-search.net/search?sid=492&aid=328&itype=n&ver=14733&tm=548&src=ds&p={searchTerms} HKCU\SearchScopes "DefaultScope"="{BE3466C4-6563-4B8D-A929-25D89D62C489}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKCU\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} - No_Url_Value HKCU\SearchScopes\{BE3466C4-6563-4B8D-A929-25D89D62C489} - https://www.google.com/search?q={searchTerms} ==== Reset Google Chrome ====================== C:\Users\PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [DeskUpdateNotifier] "c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [IsaKbcCertUpdate] C:\Program Files (x86)\Common Files\Isabel\isa_kbc_certupdate.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [Registry Helper] "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Facebook Update] "C:\Users\PC-bureau\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - .DEFAULT User Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (User 'Default user') O4 - Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://cbc-pdf.cbc.be O15 - Trusted Zone: http://static.cbc.be O15 - Trusted Zone: http://www.cbccorporate.be O15 - Trusted Zone: http://www.csob.cz O15 - Trusted Zone: http://www.csob.sk O15 - Trusted Zone: http://col.isabel.be O15 - Trusted Zone: http://www.isabel.be O15 - Trusted Zone: http://www.beta.isabel.be O15 - Trusted Zone: http://col.isabel.eu O15 - Trusted Zone: http://www.isabel.eu O15 - Trusted Zone: http://www.beta.isabel.eu O15 - Trusted Zone: http://kbc-pdf.kbc.be O15 - Trusted Zone: http://static.kbc.be O15 - Trusted Zone: http://www.kbcam.be O15 - Trusted Zone: http://www.kbcam.com O15 - Trusted Zone: http://www.kbcbankingforbusiness.com O15 - Trusted Zone: http://www.kbccorporates.com O15 - Trusted Zone: http://www.kbcfi.com O15 - Trusted Zone: http://www.kbcmerchantbanking.com O15 - Trusted Zone: http://www.kh.hu O15 - Trusted Zone: http://cbc-pdf.cbc.be (HKLM) O15 - Trusted Zone: http://static.cbc.be (HKLM) O15 - Trusted Zone: http://www.cbccorporate.be (HKLM) O15 - Trusted Zone: http://www.csob.cz (HKLM) O15 - Trusted Zone: http://www.csob.sk (HKLM) O15 - Trusted Zone: http://col.isabel.be (HKLM) O15 - Trusted Zone: http://www.isabel.be (HKLM) O15 - Trusted Zone: http://www.beta.isabel.be (HKLM) O15 - Trusted Zone: http://col.isabel.eu (HKLM) O15 - Trusted Zone: http://www.isabel.eu (HKLM) O15 - Trusted Zone: http://www.beta.isabel.eu (HKLM) O15 - Trusted Zone: http://kbc-pdf.kbc.be (HKLM) O15 - Trusted Zone: http://static.kbc.be (HKLM) O15 - Trusted Zone: http://www.kbcam.be (HKLM) O15 - Trusted Zone: http://www.kbcam.com (HKLM) O15 - Trusted Zone: http://www.kbcbankingforbusiness.com (HKLM) O15 - Trusted Zone: http://www.kbccorporates.com (HKLM) O15 - Trusted Zone: http://www.kbcfi.com (HKLM) O15 - Trusted Zone: http://www.kbcmerchantbanking.com (HKLM) O15 - Trusted Zone: http://www.kh.hu (HKLM) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://javadl-esd.sun.com/update/1.4.2/jinstall-1_4-windows-i586.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E46873B9-9EA5-4F0F-AB97-69471DA30D5B}: NameServer = 195.238.2.21,195.238.2.22 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC-bureau\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC-bureau\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\PC-bureau\Documents\oude pc\Documents and Settings\IVO\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC-bureau\Documents\oude pc\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC-bureau\Documents\oude pc\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC-bureau\Documents\oude pc\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC-bureau\Documents\oude pc\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC-bureau\Documents\oude pc\WINDOWS\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\PC-bureau\AppData\Local\Mozilla\Firefox\Profiles\nge165vz.default-1454417243647\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\PC-bureau\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=612 folders=86 156574256 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\PC-bureau\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\PC-BUR~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\AVG" not found ==== EOF on ma 22/08/2016 at 10:21:12,27 ======================