
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Geert on do 29/12/2016 at 12:38:40,08.
Microsoft Windows 10 Home 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Geert\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

29/12/2016 12:40:00 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\defaultuser0\AppData\LocalLow deleted successfully
C:\Users\defaultuser0\AppData\Local\VirtualStore deleted successfully
C:\Users\Geert\AppData\Local\NetworkTiles deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\UCBrowser\Application\UCService.exe
C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\UCAgent.exe
C:\Users\Geert\Desktop\zoek.exe
C:\Windows\SysWoW64\cmd.exe
C:\Windows\SysWoW64\cmd.exe
C:\Windows\SysWoW64\cmd.exe

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Geert\AppData\Roaming\Profiles\Ruisezivos.default

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.search.searchengine.uid", "SamsungXSSDX850XEVOX500GB_S2RBNB0HB62022Z");
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ---- 

prefs_20162912_1301_.backup

ProfilePath: C:\Users\Geert\AppData\Roaming\Mozilla\Firefox\Profiles\e5vq14yn.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20162912_1301_.backup

==== Deleting Files \ Folders ======================

C:\windows\SysNative\GroupPolicy\Adm deleted
C:\windows\SysNative\GroupPolicy\User deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8087 MB
CPU Info: Intel(R) Core(TM) i5-2467M CPU @ 1.60GHz
CPU Speed: 1613,4 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | Bluetooth Device (Personal Area Network) | Intel(R) Centrino(R) Advanced-N 6230
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  465,3GB
Hard Disks - Free: C:  291,3GB
Manufacturer *: Phoenix Technologies Ltd.
BIOS Info: AT/AT COMPATIBLE | 01/18/12 | SECCSD - 2
Time Zone: Romance (standaardtijd)
Motherboard *: SAMSUNG ELECTRONICS CO., LTD. 530U3BI/530U4BI/530U4BH
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Default Browser: Firefox	50.1.0
Internet Explorer Version: 11.576.14393.0 
Mozilla Firefox version: 50.1.0 (x86 en-US)
Google Chrome version: 55.0.2883.87
Adobe Reader version: 15.20.20042.205528
Flash Player version: 24.0.0.186

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-12-09 15:55:01	BCDB205132974EC3AB6F5C01DD93489B	130560	----a-w-	C:\Windows\splwow64.exe
2016-12-09 15:53:56	4E10FB1A015B49AC68F76C1A3F4D9C0F	4673304	----a-w-	C:\Windows\explorer.exe
2016-12-09 15:16:13	D7B86849947D23E9BFB2D298F66A3E1E	67584	--s-a-w-	C:\Windows\bootstat.dat
====== C:\Users\Geert\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-12-19 09:22:31	EEB65D6B2BB89A461DBD1EB88015A4AA	590848	----a-w-	C:\Windows\SysWOW64\chtbrkg.dll
2016-12-16 08:55:08	E8FBC76BDC0CC5005110AE38DB6C93F6	3306496	----a-w-	C:\Windows\SysWOW64\MFMediaEngine.dll
2016-12-16 08:55:06	2A7309FDC7AE938B497AF9B986523EBA	4612608	----a-w-	C:\Windows\SysWOW64\Windows.Media.dll
2016-12-16 08:55:04	6D8AF670995DC432C07C5321DE3967B5	1852720	----a-w-	C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-12-16 08:55:03	3E689A2AE38163D67297C87ED7770B9C	2323728	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2016-12-16 08:54:59	D478AD237CC6925BDC08062A195C5AA7	313856	----a-w-	C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-12-16 08:54:58	46E91FB548882ACFE377FFB1282D052D	2138112	----a-w-	C:\Windows\SysWOW64\InputService.dll
2016-12-16 08:54:54	03B273395EA0BF2E9C56222183217E17	206848	----a-w-	C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-16 08:54:53	76F30D5D38F46DF16AF86B3549046CC8	32768	----a-w-	C:\Windows\SysWOW64\WordBreakers.dll
2016-12-16 08:54:53	3BFB09E18CE3158070C7CFE0C3DA6DE2	68096	----a-w-	C:\Windows\SysWOW64\EditBufferTestHook.dll
2016-12-16 08:54:53	2CCBA569613401EA6011EE08E8D36D88	92672	----a-w-	C:\Windows\SysWOW64\InputLocaleManager.dll
2016-12-16 08:54:40	B19A804BC41C276DAF5753BE541A97B4	1503544	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2016-12-16 08:54:33	4BEC594A3D4AEAFAC400D88F7E328C7B	1435896	----a-w-	C:\Windows\SysWOW64\user32.dll
2016-12-16 08:54:31	1A8E7650017F0BC9AD12A6861B5119ED	117240	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2016-12-16 08:54:21	464235F5DB3FAF56C594A7B74D3837E3	12177920	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-12-16 08:54:10	D86AD86B05274E6386976FE42A7BA7C0	3689984	----a-w-	C:\Windows\SysWOW64\msi.dll
2016-12-16 08:54:09	5C9A0EDE876D5D63A6EB34BC24384A17	2998272	----a-w-	C:\Windows\SysWOW64\win32kfull.sys
2016-12-16 08:54:07	56A1F18F27A325A4C17BF7EA963DBD2B	1415752	----a-w-	C:\Windows\SysWOW64\gdi32full.dll
2016-12-16 08:54:01	DF53C40EE6572B64691668277156FA41	147968	----a-w-	C:\Windows\SysWOW64\win32k.sys
2016-12-16 08:53:56	358EB97C59FF33C968FB1333E9876494	6668040	----a-w-	C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-16 08:53:50	30FE605338408D1D459012E4ED9B903D	3198464	----a-w-	C:\Windows\SysWOW64\cdp.dll
2016-12-16 08:53:36	09FB1E45C38939B300140F01D14D0E6A	2166752	----a-w-	C:\Windows\SysWOW64\combase.dll
2016-12-16 08:53:22	9B3298D80A2E4DA567C16BF5F88E5150	861024	----a-w-	C:\Windows\SysWOW64\LicenseManager.dll
2016-12-16 08:53:14	8F857B2705BECC734B4D979A0D2C0D03	886272	----a-w-	C:\Windows\SysWOW64\aadtb.dll
2016-12-16 08:53:13	EBD4C2424DC0C023F82AC7F13970016D	846560	----a-w-	C:\Windows\SysWOW64\WinTypes.dll
2016-12-16 08:53:13	A1CB32732926340BAC6A79F1BBA6538F	566784	----a-w-	C:\Windows\SysWOW64\ShareHost.dll
2016-12-16 08:53:12	C041ED5CE66BEDFA0CEAC973C8E5DAC5	106896	----a-w-	C:\Windows\SysWOW64\bcrypt.dll
2016-12-16 08:53:12	1D090D82282336CD790733FAE33641E9	483840	----a-w-	C:\Windows\SysWOW64\CoreMessaging.dll
2016-12-16 08:53:11	CC32207A4520FD1956AF2D68D7DA7BDD	288768	----a-w-	C:\Windows\SysWOW64\wincorlib.dll
2016-12-16 08:53:07	A61F71788BAE3F65FF2DEA42B35E35C9	165376	----a-w-	C:\Windows\SysWOW64\mdmregistration.dll
2016-12-16 08:52:40	38000DC06180F3C2F68B7175BC6C6B94	19413504	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2016-12-16 08:52:22	C2A2CC42F71927ABB95AA1F851056638	19417088	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-12-16 08:52:04	98F4C3DE98F6C24B74DA6150836BDDC9	6044160	----a-w-	C:\Windows\SysWOW64\Chakra.dll
2016-12-16 08:52:03	92D533895D9D4BFB469083F5221CAE71	3666432	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-12-16 08:52:01	7F14E8300CC72C06417D2980F2FBA0FE	2048496	----a-w-	C:\Windows\SysWOW64\CoreUIComponents.dll
2016-12-16 08:52:00	E74F2C29ECF25124BE3DA75FBD6A0E46	959112	----a-w-	C:\Windows\SysWOW64\ole32.dll
2016-12-16 08:51:59	9E9039ED9DB41DEA49B9B56E38964916	198656	----a-w-	C:\Windows\SysWOW64\indexeddbserver.dll
2016-12-16 08:51:58	DF990FE5B6590BB98145BEBCA2C7E721	822784	----a-w-	C:\Windows\SysWOW64\Chakradiag.dll
2016-12-16 08:51:58	A9AE442890AA112F8B3AA6692DC7CDE6	231936	----a-w-	C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-16 08:51:58	65B9445D4FDB93ABEB5C62761C229BF6	635904	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-12-21 18:15:36	BC8C3896575B06303564265742142775	42096	----a-w-	C:\Windows\Sysnative\DbxSvc.exe
2016-12-19 09:22:32	BAFB36BB874D7AE136CC06CC0EA56BC7	778752	----a-w-	C:\Windows\Sysnative\chtbrkg.dll
2016-12-16 08:55:09	2F3EA67476D78958F91E070C14A8E31B	8168000	----a-w-	C:\Windows\Sysnative\Windows.Media.Protection.PlayReady.dll
2016-12-16 08:55:03	06244AE293E04AB801876B9059DC7615	3059200	----a-w-	C:\Windows\Sysnative\msi.dll
2016-12-16 08:55:02	F1A1EBBFDC04204B89E1B4C4E9EF753E	1589760	----a-w-	C:\Windows\Sysnative\msdtctm.dll
2016-12-16 08:55:01	FCC7B4C5CAD998DC936251247AB22C9A	1274712	----a-w-	C:\Windows\Sysnative\ole32.dll
2016-12-16 08:55:01	1067D34BEEA34E48E4D30F37F6AA93AF	410112	----a-w-	C:\Windows\Sysnative\AppXDeploymentClient.dll
2016-12-16 08:55:00	D5C59218EDAD5E424C33D825DD797C49	989024	----a-w-	C:\Windows\Sysnative\hvax64.exe
2016-12-16 08:55:00	9A077360DC6A6BF2E364FE4A47DC9854	1100128	----a-w-	C:\Windows\Sysnative\hvix64.exe
2016-12-16 08:54:57	7F6BDCFC4EB0E47EBA67F8CEC404C26C	947552	----a-w-	C:\Windows\Sysnative\hvloader.efi
2016-12-16 08:54:57	12736C69D73EB8A0D2889CBE167217E2	811872	----a-w-	C:\Windows\Sysnative\hvloader.exe
2016-12-16 08:54:54	9458B2D945C676A0795823C76B8B506A	324608	----a-w-	C:\Windows\Sysnative\Windows.ApplicationModel.LockScreen.dll
2016-12-16 08:54:48	C6E7C0577523905FF4FF3B0D5A036A3B	7816032	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-12-16 08:54:47	20A7D1848593F5988A2ACE63F22DE8BF	6285312	----a-w-	C:\Windows\Sysnative\Windows.Media.dll
2016-12-16 08:54:46	666090378138806ECC581835FB134C8B	3777536	----a-w-	C:\Windows\Sysnative\MFMediaEngine.dll
2016-12-16 08:54:42	8D7AC60330B3E96C4D00E682437868D0	2681200	----a-w-	C:\Windows\Sysnative\CoreUIComponents.dll
2016-12-16 08:54:42	70D5AF138FDBDF97F8A6415C596C80E4	1988560	----a-w-	C:\Windows\Sysnative\mfmp4srcsnk.dll
2016-12-16 08:54:41	6012019C0E09D6194E0E6144B4859EB2	1293152	----a-w-	C:\Windows\Sysnative\LicenseManager.dll
2016-12-16 08:54:41	2C1CEC25F6D92871F38960E2E84CC3EE	2275840	----a-w-	C:\Windows\Sysnative\AppXDeploymentServer.dll
2016-12-16 08:54:39	7B2301A9FE0A9B1DF7A321F1E044BA41	1121280	----a-w-	C:\Windows\Sysnative\aadtb.dll
2016-12-16 08:54:38	96A380C14A4FFC2883A00FFB250EBD44	1692672	----a-w-	C:\Windows\Sysnative\AppXDeploymentExtensions.onecore.dll
2016-12-16 08:54:36	40C1E763ACB4FCB8744C220D7B1A4800	425984	----a-w-	C:\Windows\Sysnative\aadcloudap.dll
2016-12-16 08:54:33	24B894CCC09F373C8E0883E31A7A1CB0	2820096	----a-w-	C:\Windows\Sysnative\InputService.dll
2016-12-16 08:54:33	0C2545B95A19F573D335608680B0C31D	411136	----a-w-	C:\Windows\Sysnative\facecredentialprovider.dll
2016-12-16 08:54:29	DB023286233396E001A852683590178C	956416	----a-w-	C:\Windows\Sysnative\AppXDeploymentExtensions.desktop.dll
2016-12-16 08:54:29	C30FB61C85D12E1F7DDEFEA141F79DB4	261120	----a-w-	C:\Windows\Sysnative\Windows.UI.Core.TextInput.dll
2016-12-16 08:54:29	C1C8560C3FA7E2F970CB134393B594BC	40448	----a-w-	C:\Windows\Sysnative\WordBreakers.dll
2016-12-16 08:54:29	8F8B9B67E8BAFE7AEE433609D5DE8076	119296	----a-w-	C:\Windows\Sysnative\InputLocaleManager.dll
2016-12-16 08:54:29	3B9487062A0CFF44131EAC1731CA47CE	85504	----a-w-	C:\Windows\Sysnative\EditBufferTestHook.dll
2016-12-16 08:54:22	981159C5094E4C2AD4DADCEDF3E8F532	13084160	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-12-16 08:54:14	C415587AC829504F74ACE07066A0402F	4749312	----a-w-	C:\Windows\Sysnative\SettingsHandlers_nt.dll
2016-12-16 08:54:13	1F5FF8C45418A3D47DC73D612EFBD47E	5114368	----a-w-	C:\Windows\Sysnative\cdp.dll
2016-12-16 08:54:11	A930AD470CBCBEEAA2B684325453D48A	3616768	----a-w-	C:\Windows\Sysnative\win32kfull.sys
2016-12-16 08:54:08	DA446593637409C623A1F308371F0505	716800	----a-w-	C:\Windows\Sysnative\ShareHost.dll
2016-12-16 08:54:08	5DE2049D5F57C1D142F36FA9CE443693	764392	----a-w-	C:\Windows\Sysnative\CoreMessaging.dll
2016-12-16 08:54:07	5BEEB27D8F314D94773FA6568740AE13	1572768	----a-w-	C:\Windows\Sysnative\gdi32full.dll
2016-12-16 08:54:06	C46EA86BF0E7C96235E9064CBAD6ED26	1461200	----a-w-	C:\Windows\Sysnative\user32.dll
2016-12-16 08:54:04	2925A1C60E081F0B51699C148AE1925A	455520	----a-w-	C:\Windows\Sysnative\securekernel.exe
2016-12-16 08:54:02	6343BD5C58F385703454D47416EE0100	206848	----a-w-	C:\Windows\Sysnative\win32k.sys
2016-12-16 08:54:01	976EB2566EF7A48DD80BEEDE63DE1C65	241504	----a-w-	C:\Windows\Sysnative\CloudExperienceHost.dll
2016-12-16 08:54:00	A8594741E7FFBA9579715E9451066533	1051112	----a-w-	C:\Windows\Sysnative\winresume.efi
2016-12-16 08:53:59	183B7A1DCA847669FB16A7392535B095	1354320	----a-w-	C:\Windows\Sysnative\winload.efi
2016-12-16 08:53:59	0DCF6AF8987CD9EEBAB548A593380C3E	894096	----a-w-	C:\Windows\Sysnative\winresume.exe
2016-12-16 08:53:58	74C191A1BF7AD5AD63432E104E1D7A54	1173496	----a-w-	C:\Windows\Sysnative\winload.exe
2016-12-16 08:53:57	32F359D2120A8C670FE650994A9FF419	49152	----a-w-	C:\Windows\Sysnative\Windows.UI.Shell.dll
2016-12-16 08:53:49	DCB77F9C30B269461B59E87810EE2B43	137568	----a-w-	C:\Windows\Sysnative\acmigration.dll
2016-12-16 08:53:48	B50F4C3A4DE252EA5E7656A4438F0792	2913144	----a-w-	C:\Windows\Sysnative\combase.dll
2016-12-16 08:53:48	8F1AF1A559291DE87C91C9FBC15BDB80	1637728	----a-w-	C:\Windows\Sysnative\appraiser.dll
2016-12-16 08:53:35	151AEA80776413C9FCE3185A10EB4B00	1490944	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2016-12-16 08:53:12	AC5344ED480F896C3BCE688F0AAE5144	168424	----a-w-	C:\Windows\Sysnative\bcrypt.dll
2016-12-16 08:53:12	28CF4575C39A0662138E6C6A0B107BCB	172544	----a-w-	C:\Windows\Sysnative\DeviceEnroller.exe
2016-12-16 08:53:12	2892EB16D39C6F6E27BF8A9276B49F20	1004544	----a-w-	C:\Windows\Sysnative\enterprisecsps.dll
2016-12-16 08:53:11	A5D48D65A9D0CB4C0DB8F76C76BA9BCC	380928	----a-w-	C:\Windows\Sysnative\wincorlib.dll
2016-12-16 08:53:11	7B07A0CFEB7F5B6C016433C15DCCA9E7	1267512	----a-w-	C:\Windows\Sysnative\WinTypes.dll
2016-12-16 08:53:07	3717827707AC0C50E670F842666FFA87	187392	----a-w-	C:\Windows\Sysnative\mdmregistration.dll
2016-12-16 08:53:05	25A2DFE2ACE0CA2B7CCEF337EBEA672E	23677952	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-12-16 08:52:47	39D428A31DA525F730D3262ADCA41CCE	22563328	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2016-12-16 08:52:06	997050BEA4A90A3DBF69C7393BD54C08	8129536	----a-w-	C:\Windows\Sysnative\Chakra.dll
2016-12-16 08:52:03	4CCAD745F8CB73E02B2BE685D3094F5D	4746752	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-12-16 08:52:02	0BD00AE0D8AAF0A62FDBAE8856F152D9	2677544	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
2016-12-16 08:52:01	99C236BDF40912E253650B562DB65235	1738560	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2016-12-16 08:52:01	7C98397279D619956D6A7F9294FA5C5F	1512960	----a-w-	C:\Windows\Sysnative\win32kbase.sys
2016-12-16 08:52:01	00C24D6FDEF221DDA1625836702AFC6C	730624	----a-w-	C:\Windows\Sysnative\fveapi.dll
2016-12-16 08:52:00	677E316602D6B09DFDBABA04BFDACEED	216576	----a-w-	C:\Windows\Sysnative\fveapibase.dll
2016-12-16 08:51:59	DCDA84B4419F9A9520D831273B087967	261632	----a-w-	C:\Windows\Sysnative\indexeddbserver.dll
2016-12-16 08:51:59	86DBBA9B08AB9DDA31C2F49E9F8EEFD9	227328	----a-w-	C:\Windows\Sysnative\cdd.dll
2016-12-16 08:51:59	2DF07B2560A3E961C1CA6ABBB4400C68	172528	----a-w-	C:\Windows\Sysnative\sspicli.dll
2016-12-16 08:51:58	7AF01F6539F66128237A3D7E62EE1135	376832	----a-w-	C:\Windows\Sysnative\CryptoWinRT.dll
====== C:\Windows\Sysnative\drivers =====
2016-12-27 12:30:27	8213C5972C91A56BE78CD02A4DE4E3FC	34328	----a-w-	C:\Windows\Sysnative\drivers\PROCEXP152.SYS
2016-12-21 18:15:36	4032C71C9CB3F6FE1B918BD9F72B9588	75888	----a-w-	C:\Windows\Sysnative\drivers\dbx-stable.sys
2016-12-21 18:15:36	4032C71C9CB3F6FE1B918BD9F72B9588	75888	----a-w-	C:\Windows\Sysnative\drivers\dbx-dev.sys
2016-12-21 18:15:36	4032C71C9CB3F6FE1B918BD9F72B9588	75888	----a-w-	C:\Windows\Sysnative\drivers\dbx-canary.sys
2016-12-19 09:35:32	F3960CA85778E5D7611EE0F501972340	102856	----a-w-	C:\Windows\Sysnative\drivers\farflt.sys
2016-12-19 09:35:32	3BEC6134F1E45AEF5E971F69F0D38510	176064	----a-w-	C:\Windows\Sysnative\drivers\MBAMChameleon.sys
2016-12-19 09:35:32	205C2D377E1CA85A4465491DB8064DA9	91584	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2016-12-19 09:35:19	88BD122C3A35DE63D75D382DF75554CE	43968	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2016-12-19 09:35:13	ABB371D9AEF728B0489B0E6872B4A1C0	250816	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2016-12-19 09:34:58	047244823B2EA707E1F6076CA20DEF90	77408	----a-w-	C:\Windows\Sysnative\drivers\mbae64.sys
2016-12-16 08:53:13	B0D9B87B795B7833C9152441CBD55CC4	624048	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2016-12-16 08:53:12	B72D26074E72A757D788FB1BEF8B2F2E	377184	----a-w-	C:\Windows\Sysnative\drivers\clfs.sys
2016-12-16 08:52:02	19F2B54EE8861D90579BD0E3AE5182F9	2189664	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2016-12-16 08:52:00	D24345315139AAF6E3DF106344EE9422	658784	----a-w-	C:\Windows\Sysnative\drivers\dxgmms2.sys
2016-12-16 08:52:00	5634BF53BE184314A82E638EAD67DE73	402272	----a-w-	C:\Windows\Sysnative\drivers\dxgmms1.sys
2016-12-09 15:58:47	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_ETD_01011.Wdf
2016-12-09 15:55:33	D5564FC81350458ED570528C4E3B1CCF	1181536	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
2016-12-09 15:55:33	323AA1953ED9C01E23F740FA891FE064	584032	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2016-12-09 15:55:32	2CF0CB2A0ED68C5455371E84C16F9627	64352	----a-w-	C:\Windows\Sysnative\drivers\MegaSas2i.sys
2016-12-09 15:55:31	DB69C6DA8B3DDFDC547D455CA23A8250	2255712	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
2016-12-09 15:55:30	B66D8C75C9BC59D637177AB3B1C569A6	81760	----a-w-	C:\Windows\Sysnative\drivers\stornvme.sys
2016-12-09 15:55:29	B4F448F2424492F99F83D3676A453553	226816	----a-w-	C:\Windows\Sysnative\drivers\usbvideo.sys
2016-12-09 15:55:29	53EB8CE34B55A1EE63424C8DB7388BFC	130912	----a-w-	C:\Windows\Sysnative\drivers\storahci.sys
2016-12-09 15:55:29	5008FF3BBB078956C60DCA0044CF175B	379744	----a-w-	C:\Windows\Sysnative\drivers\Classpnp.sys
2016-12-09 15:55:28	851ED52AE3E62CD5374BD4BBFF7A9DAB	967168	----a-w-	C:\Windows\Sysnative\drivers\bthport.sys
2016-12-09 15:55:27	FA918EC296EB410FF02867D008D02421	352096	----a-w-	C:\Windows\Sysnative\drivers\fastfat.sys
2016-12-09 15:55:27	CDBD029BAEC8D09F6FBD404632D9AF28	128352	----a-w-	C:\Windows\Sysnative\drivers\partmgr.sys
2016-12-09 15:55:27	964943933D448935595C450AC4E8A5B1	23392	----a-w-	C:\Windows\Sysnative\drivers\cmimcext.sys
2016-12-09 15:55:27	705C0F8BCCEF6E7CB704CCB454192D7E	133472	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2016-12-09 15:55:26	9EA203A07EFA6D74F07F32EF0DAB5CA6	108384	----a-w-	C:\Windows\Sysnative\drivers\pdc.sys
2016-12-09 15:55:25	74FC79C52395B10FFD0B55CF22CF88FC	73568	----a-w-	C:\Windows\Sysnative\drivers\hvservice.sys
2016-12-09 15:55:19	DC5955E589C55E2313D69B64E1A183F3	84992	----a-w-	C:\Windows\Sysnative\drivers\BTHUSB.SYS
2016-12-09 15:55:19	77630A51FAF6A07922FEE835F4DED8F6	114176	----a-w-	C:\Windows\Sysnative\drivers\bthenum.sys
2016-12-09 15:55:14	A10C7C1E69FC90620C7BF2E51302A01F	1100128	----a-w-	C:\Windows\Sysnative\drivers\http.sys
2016-12-09 15:55:06	46ADD0CD4473AAEF1C68266A803F704D	714592	----a-w-	C:\Windows\Sysnative\drivers\vhdmp.sys
2016-12-09 15:55:02	63088A3361D9A308F328F11E9099DD87	43520	----a-w-	C:\Windows\Sysnative\drivers\xinputhid.sys
2016-12-09 15:55:02	60EB6A4CE3E21887D302350631C16F26	118272	----a-w-	C:\Windows\Sysnative\drivers\capimg.sys
2016-12-09 15:55:00	9627BBAA50878F6833A6A7843EE3B1D9	258560	----a-w-	C:\Windows\Sysnative\drivers\xboxgip.sys
2016-12-09 15:54:44	23522E5D581F7722B1B5B86737CAE39C	227328	----a-w-	C:\Windows\Sysnative\drivers\ahcache.sys
2016-12-09 15:54:43	7C3D10BEC8B0DBA00A78C78EB10B3AE2	279904	----a-w-	C:\Windows\Sysnative\drivers\sdbus.sys
2016-12-09 15:54:43	46171262D0E806779DEEDFCAB2F830CC	219488	----a-w-	C:\Windows\Sysnative\drivers\tpm.sys
2016-12-09 15:54:42	FFFBB40B9C7AD811AA6EA74A0A6168B1	187232	----a-w-	C:\Windows\Sysnative\drivers\dumpsd.sys
2016-12-09 15:54:42	5157325B17E455D9DF7AFBB4B608E78A	156672	----a-w-	C:\Windows\Sysnative\drivers\hidclass.sys
2016-12-09 15:54:42	2A9817B5A9260D8F60D52E36BEF10443	118112	----a-w-	C:\Windows\Sysnative\drivers\EhStorTcgDrv.sys
2016-12-09 15:54:42	039B5A8CBD5C75D1C46DF15F7C74D136	63328	----a-w-	C:\Windows\Sysnative\drivers\dam.sys
2016-12-09 15:54:41	E5E5D9E317739CEE510EAF46C88A7C38	128864	----a-w-	C:\Windows\Sysnative\drivers\tm.sys
2016-12-09 15:54:38	224BA1CB1F3C702F0D001D2AFC9793B1	128512	----a-w-	C:\Windows\Sysnative\drivers\bthpan.sys
2016-12-09 15:54:38	0B779E9FC426CA2268D28181FA6C222F	39424	----a-w-	C:\Windows\Sysnative\drivers\kbdhid.sys
2016-12-09 15:54:36	0D50B3F3AB32D416786B58D4553859CE	42496	----a-w-	C:\Windows\Sysnative\drivers\modem.sys
2016-12-09 15:54:35	D8536CB438CC4CCDAE047B768EED22B2	38400	----a-w-	C:\Windows\Sysnative\drivers\hidusb.sys
2016-12-09 15:54:35	B9A33B9298BAFCE11E9823B1056D5BB0	40960	----a-w-	C:\Windows\Sysnative\drivers\hidparse.sys
2016-12-09 15:54:25	C994DF90427103CCB80F893FFD2B1CE8	557408	----a-w-	C:\Windows\Sysnative\drivers\spaceport.sys
2016-12-09 15:54:20	55CA5329D1ADEB8F8034045930147AE4	713216	----a-w-	C:\Windows\Sysnative\drivers\srv2.sys
2016-12-09 15:54:19	E2DD2E5BDCCD225670831B439826065B	335712	----a-w-	C:\Windows\Sysnative\drivers\pci.sys
2016-12-09 15:54:18	E330144B97D493AA886000DCAAA8DAF5	119648	----a-w-	C:\Windows\Sysnative\drivers\wcifs.sys
2016-12-09 15:54:18	DB32758F3A7F6CCE81A5430080A2EA65	48992	----a-w-	C:\Windows\Sysnative\drivers\iorate.sys
2016-12-09 15:54:17	E83830BB74AE8CBECEA0ECD94DE436F9	409088	----a-w-	C:\Windows\Sysnative\drivers\srv.sys
2016-12-09 15:54:17	9CD2A4821DE379305CACB2E99AD8953A	101888	----a-w-	C:\Windows\Sysnative\drivers\bowser.sys
2016-12-09 15:54:16	D4D12BC29DE0F09280868FDCA65B3474	282624	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2016-12-09 15:54:16	92F6E3E6D3F1795263EB34B37F74AEF7	74080	----a-w-	C:\Windows\Sysnative\drivers\vpci.sys
2016-12-09 15:54:15	55AD13E2BAFC5AB53A10F8C271F5D242	168800	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-12-09 15:54:14	88B66D75B0D26B449C83D54C87F30553	51712	----a-w-	C:\Windows\Sysnative\drivers\winhvr.sys
2016-12-09 15:54:11	F13EE0DB1FB1D6946AC3228D7EFCFC8F	248320	----a-w-	C:\Windows\Sysnative\drivers\srvnet.sys
2016-12-09 15:54:01	8833A059270A60CE347FEB9A7951B3F4	681304	----a-w-	C:\Windows\Sysnative\drivers\ClipSp.sys
2016-12-09 15:54:00	4F25E481124059CC593B4C68BC485640	2537824	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
2016-12-09 15:53:56	8EEC4925C03E375C4EC496E45C44139A	649568	----a-w-	C:\Windows\Sysnative\drivers\fvevol.sys
2016-12-09 15:53:53	E671EDAB0726E05ECEF4058B4CD73C4D	450392	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2016-12-09 15:53:53	8CB606A3057355FD5A9DBDD1A0AC94EF	719360	----a-w-	C:\Windows\Sysnative\drivers\WdiWiFi.sys
2016-12-09 15:53:51	AF6963414B820B7C45578ED3300438A7	433504	----a-w-	C:\Windows\Sysnative\drivers\rdbss.sys
2016-12-09 15:53:51	0D1D392ED2597F295956D058D33BD7C3	144896	----a-w-	C:\Windows\Sysnative\drivers\dfsc.sys
2016-12-09 15:53:50	DEA44117F9EE53EAFCE555C0A9B108C6	509280	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
2016-12-09 15:53:50	93A77008A8932FC84A173C4E97E52874	223584	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2016-12-09 15:53:50	3DFBB8B3F8BC0A91297030D0E530BA37	79200	----a-w-	C:\Windows\Sysnative\drivers\crashdmp.sys
2016-12-09 15:53:49	B23596AFC687B5256CCD7DD429E2E6FB	409952	----a-w-	C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2016-12-09 15:53:49	43C8D087B31C592163B33A4BDA540E40	199008	----a-w-	C:\Windows\Sysnative\drivers\wof.sys
2016-12-09 15:53:45	25D32BE04FE0A23FDF57FD5382757672	143872	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2016-12-09 15:26:02	1371D03D479C3CE94F4F36D8901037CB	41024	----a-w-	C:\Windows\Sysnative\drivers\ETDSMBus.sys
2016-12-09 15:25:59	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_ETD_01009.Wdf
====== C:\Windows\Tasks ======
2016-12-29 10:46:49	C927D2067391DFF005D5C2AFAA4B770C	2656	----a-w-	C:\Windows\Sysnative\Tasks\UCBrowserUpdaterCore
2016-12-29 10:46:49	9CCE67B16DDBABF36BDC72CDA24FF89B	324	----a-w-	C:\Windows\Tasks\UCBrowserUpdaterCore.job
2016-12-29 10:22:57	D44C41A3E49E75FC7BD3B7018AA970DB	3574	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2016-12-29 10:22:57	3C5DE99F8C0E717B1FFD0D081D2B9E8D	3450	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2016-12-28 11:59:41	8127E50879C56CF7BB655C5A5DE72605	3476	----a-w-	C:\Windows\Sysnative\Tasks\UCBrowserSecureUpdater
2016-12-19 09:18:44	DA011C70A513E1AF220CE5318A6D16B7	6102	----a-w-	C:\Windows\Sysnative\Tasks\Ploingatupether Monitor
2016-12-17 16:38:19	067AA2BB35F72E653E28FDBA6785C43C	3290	----a-w-	C:\Windows\Sysnative\Tasks\OneDrive Standalone Update Task v2
2016-12-17 09:45:47	B361D9CC7C6E73282EB8866741903D19	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-17 09:45:47	88E4B85A50291183E7929E9CDB4C561C	3916	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2016-12-16 09:04:51	794FF6082B6D7517DDB7D41285561985	3634	----a-w-	C:\Windows\Sysnative\Tasks\AdobeAAMUpdater-1.0-DESKTOP-7B10IMC-Geert
2016-12-09 19:26:29	03218B198F7E6A70D610E3DDABCCDC1D	4562	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
2016-12-09 19:04:59	95912BE23CD8A2395C20B1F223E0034E	1040	----a-w-	C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-12-09 19:04:59	7F825720E59C6BC0EB5B6B3CEDEB6D97	3872	----a-w-	C:\Windows\Sysnative\Tasks\DropboxUpdateTaskMachineCore
2016-12-09 19:04:59	62F3EBA003DA25B4693E34C3ECD85E8A	4104	----a-w-	C:\Windows\Sysnative\Tasks\DropboxUpdateTaskMachineUA
2016-12-09 19:04:59	1B3BBD1F7FB2A9D4D0DD5B349B92BAD7	1044	----a-w-	C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-12-09 15:28:28	EC2DAFC8707F821CC226463831303B9D	3194	----a-w-	C:\Windows\Sysnative\Tasks\RTKCPL
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-12-28 08:50:41	--------	d-----w-	C:\Program Files\trend micro
2016-12-19 09:53:58	--------	d---a-w-	C:\Program Files\SUPERAntiSpyware
2016-12-19 09:21:14	--------	d---a-w-	C:\Program Files\WinRAR
2016-12-16 08:42:40	--------	d-----w-	C:\Program Files\Adobe
2016-12-16 08:39:27	--------	d-----w-	C:\Program Files\Common Files\Adobe
2016-12-09 15:28:14	--------	d-----w-	C:\Program Files\Realtek
2016-12-09 15:25:56	--------	d-----w-	C:\Program Files\Elantech
2016-12-09 15:16:14	--------	d--h--w-	C:\Program Files\Uninstall Information
======= C:\PROGRA~2 =====
2016-12-29 10:22:08	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2016-12-19 09:24:26	--------	d-----w-	C:\PROGRA~2\UCBrowser
2016-12-16 08:41:20	--------	d---a-w-	C:\PROGRA~2\COMMON~1\Adobe AIR
2016-12-16 08:25:33	--------	d---a-w-	C:\PROGRA~2\XnView
2016-12-09 19:25:28	--------	d---a-w-	C:\PROGRA~2\COMMON~1\Adobe
2016-12-09 19:25:28	--------	d---a-w-	C:\PROGRA~2\Adobe
2016-12-09 19:04:57	--------	d-----w-	C:\PROGRA~2\Dropbox
2016-12-09 19:00:34	--------	d-----w-	C:\PROGRA~2\Google
2016-12-09 15:32:17	--------	d-----w-	C:\PROGRA~2\Intel
======= C: =====
2016-12-19 09:20:33	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\TOSTACK
====== C:\Users\Geert\AppData\Roaming ======
2016-12-29 11:43:47	--------	d-----w-	C:\Users\Geert\AppData\Local\NetworkTiles
2016-12-29 10:23:42	--------	d-----w-	C:\Users\Geert\AppData\Local\Mozilla
2016-12-28 18:32:30	--------	d-----w-	C:\Users\Geert\AppData\Local\UCBrowser
2016-12-26 08:29:23	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\UCBrowser
2016-12-25 09:54:57	--------	d-s---w-	C:\Windows\serviceprofiles\Localservice\AppData\LocalLow
2016-12-23 13:20:09	--------	d-----w-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken
2016-12-23 13:20:00	--------	d-----w-	C:\Users\Geert\AppData\Local\Albelli.be Fotoboeken
2016-12-19 09:26:59	--------	d-----w-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC???
2016-12-19 09:21:21	--------	d-----w-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-17 12:55:52	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-12-16 08:25:12	--------	d-----w-	C:\Users\Geert\AppData\Local\Programs
2016-12-09 19:29:41	--------	d-----w-	C:\Users\Geert\AppData\Local\CEF
2016-12-09 19:23:49	--------	d-----w-	C:\Users\Geert\AppData\Local\Adobe
2016-12-09 19:10:33	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Dropbox
2016-12-09 19:04:55	--------	d-----w-	C:\Users\Geert\AppData\Local\Dropbox
2016-12-09 19:00:29	--------	d-----w-	C:\Users\Geert\AppData\Local\Google
2016-12-09 15:48:54	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-12-09 15:38:26	--------	d-s---w-	C:\Windows\serviceprofiles\networkservice\AppData\LocalLow
2016-12-09 15:38:18	--------	d-----w-	C:\Users\Geert\AppData\Local\MicrosoftEdge
2016-12-09 15:37:58	--------	d-----w-	C:\Users\Geert\AppData\Local\Comms
2016-12-09 15:21:35	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\ConnectedDevicesPlatform
2016-12-09 15:21:32	--------	d-----w-	C:\Users\Geert\AppData\Local\Publishers
2016-12-09 15:21:25	--------	d-----w-	C:\Users\Geert\AppData\Local\VirtualStore
2016-12-09 15:21:25	--------	d-----r-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-09 15:21:25	--------	d-----r-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-09 15:21:24	--------	d-----w-	C:\Users\Geert\AppData\Local\TileDataLayer
2016-12-09 15:21:24	--------	d-----w-	C:\Users\Geert\AppData\Local\Packages
2016-12-09 15:21:23	--------	d-----w-	C:\Users\Geert\AppData\Local\ConnectedDevicesPlatform
2016-12-09 15:21:16	--------	d-----w-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-09 15:21:16	--------	d-----w-	C:\Users\Geert\AppData\Roaming
2016-12-09 15:21:16	--------	d-----w-	C:\Users\Geert\AppData\LocalLow
2016-12-09 15:21:16	--------	d-----w-	C:\Users\Geert\AppData\Local\Temp
2016-12-09 15:21:16	--------	d-----w-	C:\Users\Geert\AppData\Local\Microsoft
2016-12-09 15:21:16	--------	d-----w-	C:\Users\Geert\AppData\Local
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-09 15:20:20	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\ConnectedDevicesPlatform
2016-12-09 15:19:50	--------	d-----w-	C:\Users\defaultuser0\AppData\Local\Packages
2016-12-09 15:19:49	--------	d-----w-	C:\Users\defaultuser0\AppData\Local\TileDataLayer
2016-12-09 15:19:48	--------	d-----w-	C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2016-12-09 15:17:42	--------	d-----w-	C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-12-09 15:17:42	--------	d-----w-	C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-09 15:17:42	--------	d-----w-	C:\Users\defaultuser0\AppData\Roaming
2016-12-09 15:17:42	--------	d-----w-	C:\Users\defaultuser0\AppData\Local\Temp
2016-12-09 15:17:42	--------	d-----w-	C:\Users\defaultuser0\AppData\Local\Microsoft
2016-12-09 15:17:42	--------	d-----w-	C:\Users\defaultuser0\AppData\Local
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-12-09 15:17:00	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages
2016-12-09 15:16:05	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Roaming
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local
2016-12-09 15:15:58	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft
====== C:\Users\Geert ======
2016-12-29 10:20:41	7101FF0673F62B340D6C082039CF4487	1622528	----a-w-	C:\Users\Geert\Downloads\ResetBrowser.exe
2016-12-29 08:32:44	CAC841638F65AF3BC116F403D038F73A	2662400	----a-w-	C:\Users\Geert\Desktop\ZHPCleaner.exe
2016-12-28 18:02:55	9DF1469E76C21CFB43017D04847F6782	1663040	----a-w-	C:\Users\Geert\Desktop\JRT.exe
2016-12-28 12:14:30	77388F14CF6F3E9B1739E8F53B34B3CF	3977168	----a-w-	C:\Users\Geert\Downloads\adwcleaner_6.041.exe
2016-12-28 11:59:12	8E1B08222F20E45A3E8DB04C569F9CB7	8	--sha-r-	C:\Users\Geert\ntuser.pol
2016-12-28 10:31:20	407A5C0367B847BEA2A8E9124588755A	2420736	----a-w-	C:\Users\Geert\Downloads\FRST64.exe
2016-12-28 08:50:00	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Geert\Downloads\RSITx64.exe
2016-12-25 09:22:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??????
2016-12-23 13:19:22	252778336F00A936BAE6CF10E43043DC	12655536	----a-w-	C:\Users\Geert\Downloads\albelli_BE.exe
2016-12-22 19:47:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360????
2016-12-22 19:19:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-19 09:54:05	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-12-19 09:53:58	--------	d-----w-	C:\ProgramData\SUPERAntiSpyware.com
2016-12-19 09:29:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???
2016-12-19 09:21:21	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-19 09:20:11	8E1B08222F20E45A3E8DB04C569F9CB7	8	--sha-r-	C:\ProgramData\ntuser.pol
2016-12-16 08:57:35	--------	d-----w-	C:\ProgramData\regid.1986-12.com.adobe
2016-12-16 08:48:41	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2016-12-16 08:41:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2016-12-16 08:25:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2016-12-16 07:49:40	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Documents
2016-12-16 07:49:40	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Desktop
2016-12-09 19:24:46	--------	d-----w-	C:\ProgramData\Adobe
2016-12-09 19:08:00	--------	d-----r-	C:\Users\Geert\Dropbox
2016-12-09 19:04:55	--------	d-----w-	C:\ProgramData\Dropbox
2016-12-09 15:28:26	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\ProgramData\DP45977C.lfl
2016-12-09 15:23:11	--------	d-----r-	C:\Users\Geert\OneDrive
2016-12-09 15:22:53	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2016-12-09 15:21:25	--------	d--h--r-	C:\Users\Public\AccountPictures
2016-12-09 15:21:25	--------	d-----r-	C:\Users\Geert\Searches
2016-12-09 15:21:25	--------	d-----r-	C:\Users\Geert\Contacts
2016-12-09 15:21:16	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Geert\ntuser.ini
2016-12-09 15:21:16	--------	d--h--w-	C:\Users\Geert\AppData
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Videos
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Saved Games
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Pictures
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Music
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Links
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Favorites
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Downloads
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Documents
2016-12-09 15:21:16	--------	d-----r-	C:\Users\Geert\Desktop
2016-12-09 15:17:43	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\defaultuser0\ntuser.ini
2016-12-09 15:17:42	--------	d--h--w-	C:\Users\defaultuser0\AppData
2016-12-09 15:17:42	--------	d-----w-	C:\Users\defaultuser0\Saved Games
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Videos
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Pictures
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Music
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Links
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Favorites
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Downloads
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Documents
2016-12-09 15:17:42	--------	d-----r-	C:\Users\defaultuser0\Desktop
2016-12-09 15:17:06	--------	d-----w-	C:\ProgramData\USOShared
2016-12-09 15:16:05	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\debug
2016-12-09 15:15:59	--------	d--h--w-	C:\Windows\serviceprofiles\networkservice\AppData
2016-12-09 15:15:59	--------	d--h--w-	C:\Windows\serviceprofiles\Localservice\AppData
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\Saved Games
2016-12-09 15:15:59	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\Saved Games
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Videos
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Pictures
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Music
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Links
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Favorites
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Downloads
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Documents
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Desktop
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Videos
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Pictures
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Music
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Links
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Favorites
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Downloads
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Documents
2016-12-09 15:15:59	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Desktop

====== C: exe-files ==
2016-12-29 11:19:29	E2EFE19F2FB3ED36BEE98C07DEF59874	468184	----a-w-	C:\EEK\start commandline scanner.exe
2016-12-29 11:19:29	CB81FE37B3CC37954909756E130FB705	470800	----a-w-	C:\EEK\start emergency kit scanner.exe
2016-12-29 11:19:27	240F29F6C4CD6F244A8659851FE81C4C	9268624	----a-w-	C:\EEK\bin64\a2emergencykit.exe
2016-12-29 11:19:25	C69AA0981E687003F1EBF0954CC718AF	6503848	----a-w-	C:\EEK\bin32\a2emergencykit.exe
2016-12-29 11:19:24	C89EF992009187DF86E27AA0F7B7B5ED	5079240	----a-w-	C:\EEK\bin64\a2cmd.exe
2016-12-29 11:19:23	19D801C6FA60BC90EB53620A06ED5576	3246048	----a-w-	C:\EEK\bin32\a2cmd.exe
2016-12-29 11:07:19	533BD853256A8DF4559AE2EB57A7D2C0	417168	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Doctor\1.0.2.14\UCBrowserMD.exe
2016-12-29 10:54:54	23A7C2B459761507605B48402BBBF936	2147216	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\UCAgent.exe
2016-12-29 10:54:53	65CA92A40BC4C8FF4182957166DF4C57	609168	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\theme_tool.exe
2016-12-29 10:54:53	5302425F1E880777306552468417C705	305040	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\stats_uploader.exe
2016-12-29 10:54:48	0D67EA84E052C49B8A9E86ED018A838E	1141136	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Installer\setup.exe
2016-12-29 10:54:46	0D67EA84E052C49B8A9E86ED018A838E	1141136	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Installer\chrmstp.exe
2016-12-29 10:54:45	79C05FEA7F9E7C00ADB91028E8E21B99	602512	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Drivers\uclauncher-x86.exe
2016-12-29 10:54:44	9A3E1AA5C49755FA15F98F3F17DD8E72	663952	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\delegate_execute.exe
2016-12-29 10:54:44	1DC0B5F9BEC0BF7D3DCAEE14E52541C9	739728	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Drivers\uclauncher-x64.exe
2016-12-29 10:54:07	D0463E767D5019E7B86D182E9E1805EC	1174416	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Backup\UCBrowser.exe
2016-12-29 10:52:35	9925F55FFBDDA06C23381AC866B7D054	877696	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\hrkill.exe
2016-12-29 10:52:07	9F1D3DFAC55080C712C0281FB2EEEB47	268744	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Thunder\1.0.0.0\download\MiniThunderPlatform.exe
2016-12-29 10:52:07	67C767470D0893C4A2E46BE84C9AFCBB	248264	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Thunder\1.0.0.0\download\XLBugReport.exe
2016-12-29 10:27:50	5E7ADCF81096860FED5AB569A8ADE3AB	96920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe
2016-12-29 10:27:50	57769E78CCB9F3DE92B507B72D49AF99	96920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe
2016-12-29 10:27:50	33DF23DDDE222C6270C99885D7A70DE2	96920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateWebPlugin.exe
2016-12-29 10:27:49	FE9E6388A039441098EB09C070EA5049	601752	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateCore.exe
2016-12-29 10:27:49	FE40EC349D80C0ED24A5808DCFE9A0D2	288920	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
2016-12-29 10:27:49	FCAEDFFAA41EA74BA53FDADABBB8B21A	1129376	----a-w-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateSetup.exe
2016-12-29 10:27:49	FACC7DC5EEF8AF0D969BC2481AAA3EFC	174232	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateComRegisterShell64.exe
2016-12-29 10:27:49	B5C7D56B6DB76C66E24B4B735BB66509	366232	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
2016-12-29 10:27:49	2D8BBF6C7241AAD9EDE7708EBB7B43A4	153752	----atw-	C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdate.exe
2016-12-29 10:27:48	FCAEDFFAA41EA74BA53FDADABBB8B21A	1129376	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.32.7\GoogleUpdateSetup.exe
2016-12-29 10:22:59	3A8E8332E05B61DE60EC728309AA16AE	44811640	----atw-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\55.0.2883.87\chrome_installer.exe
2016-12-29 10:22:57	A8FD9222E4D72596BB37DA8BE95C0BA4	153752	----atw-	C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2016-12-29 10:22:09	7D9C8AD6D1B503AF2C63FC5BB99AE010	88670	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2016-12-29 10:22:08	E464A0A92E2E354D07DDA713D3E10DE4	172488	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2016-12-29 10:20:41	7101FF0673F62B340D6C082039CF4487	1622528	----a-w-	C:\Users\Geert\Downloads\ResetBrowser.exe
2016-12-29 08:34:07	CAC841638F65AF3BC116F403D038F73A	2662400	----a-w-	C:\Users\Geert\AppData\Roaming\ZHP\ZHPCleaner.exe
2016-12-29 08:32:44	CAC841638F65AF3BC116F403D038F73A	2662400	----a-w-	C:\Users\Geert\Desktop\ZHPCleaner.exe
2016-12-28 18:32:55	D6D2B64E441FED635993CDEE81DB3123	43008	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\DriverInstallerX86.exe
2016-12-28 18:32:55	79356850FFA4F4146D7C6EA92482E7B9	688640	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\PPAdbServer.exe
2016-12-28 18:32:55	64DA8FE5680C553E26F8BD9364BB7314	88832	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\conx64.exe
2016-12-28 18:32:55	4DB1654048A8745CFDF47B5B54573B31	1656320	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\ucppahelper.exe
2016-12-28 18:32:55	10AB3710B1837E0E1506649B7C3CC3F1	41984	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\DriverInstallerX64.exe
2016-12-28 18:32:55	0D57231EF1A43430DC4A89EC7A8384DD	85248	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\conx86.exe
2016-12-28 18:32:46	5B504B0D0DFB24B4AD0D3004019DA842	446168	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\AegisI5.exe
2016-12-28 18:32:46	260402E5F4C9EE3CA15C7AADE09EF6EA	6635632	----a-w-	C:\Users\Geert\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\UCWiFi.exe
2016-12-28 18:11:48	2F9C7FDA92C346CB5AA32091536AE0CB	43520	----a-w-	C:\Users\Geert\AppData\Local\Temp\jrt\nfo\nircmdc.exe
2016-12-28 18:02:55	9DF1469E76C21CFB43017D04847F6782	1663040	----a-w-	C:\Users\Geert\Desktop\JRT.exe
2016-12-28 12:14:30	77388F14CF6F3E9B1739E8F53B34B3CF	3977168	----a-w-	C:\Users\Geert\Downloads\adwcleaner_6.041.exe
2016-12-28 10:31:20	407A5C0367B847BEA2A8E9124588755A	2420736	----a-w-	C:\Users\Geert\Downloads\FRST64.exe
2016-12-28 08:50:41	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Geert.exe
2016-12-28 08:50:00	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Geert\Downloads\RSITx64.exe
2016-12-28 08:23:18	EF5EED7319AB9ED99D93D1D64EA1D0A8	438272	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Roaming\haeha\UniKeyNT.exe
2016-12-28 08:23:18	194A9B8147E207B14B7095AC05019073	393216	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Roaming\haeha\UvConverter.exe
2016-12-27 10:47:00	3773B414FDC2238330E99A1EA7EE4739	1020928	----a-w-	C:\FRST\Quarantine\C\ProgramData\WinSAPSvc\winsap_update\de_svr.exe
2016-12-25 09:15:32	F6B1D91641CE48CD80C33BD0EA2AD504	335445	----a-w-	C:\Users\Geert\AppData\Roaming\ZHP\Quarantine\Popcorn-Time\Popcorn-Time\Uninstall.exe
2016-12-25 09:03:30	0F1BBDFD833EF9E635C17505B3595652	61757061	----a-w-	C:\Users\Geert\AppData\Roaming\ZHP\Quarantine\Popcorn-Time-0.3.10-Setup.exe
2016-12-23 13:47:41	9836836D0A37705BDE970356B3636800	80272	----a-w-	C:\Program Files (x86)\UCBrowser\Application\new\new_wow_helper.exe
2016-12-23 13:47:40	D340309A6BD936698CFACE09F750C13C	2558864	----a-w-	C:\Program Files (x86)\UCBrowser\Application\new\new_Uninstall.exe
2016-12-23 13:47:40	7DE10A1CB55FFC35D8BD4A6CD73C20E9	485776	----a-w-	C:\Program Files (x86)\UCBrowser\Application\new\new_update_task.exe
2016-12-23 13:47:38	2257E6BB4A6C3528091338167027AE35	1174416	----a-w-	C:\Program Files (x86)\UCBrowser\Application\new\new_UCBrowser.exe
2016-12-23 13:47:37	48C7660A65FF45DCE270DAB2B405A52F	562576	----a-w-	C:\Program Files (x86)\UCBrowser\Application\new\new_molt_tool.exe
2016-12-23 13:47:30	53DCF7E8E5368FF6BD9FD76AE3C8D4A6	2147216	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\UCAgent.exe
2016-12-23 13:47:28	85222FF51474BEDBC3A92B4EFAFC8773	305040	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\stats_uploader.exe
2016-12-23 13:47:28	00159B6B3C75AA8A25EEF6A7BA87C21F	609168	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\theme_tool.exe
2016-12-23 13:47:24	B3CC0B1B387EA3A20F19BD2677547AEF	1141648	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Installer\setup.exe
2016-12-23 13:47:22	B3CC0B1B387EA3A20F19BD2677547AEF	1141648	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Installer\chrmstp.exe
2016-12-23 13:47:22	ADD2DDF28FAB3CD8EF9E2F700311FA8D	588176	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Drivers\uclauncher-x86.exe
2016-12-23 13:47:21	CF59F840C6D9374EEBEC2DF3C41D4E19	729488	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Drivers\uclauncher-x64.exe
2016-12-23 13:47:20	BCEF9E2415353E8CE5C02C79B62F5473	663952	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\delegate_execute.exe
2016-12-23 13:46:54	9A65F3CB7A22BF90AC8840D01D694718	1174416	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Backup\UCBrowser.exe
2016-12-23 13:45:24	9925F55FFBDDA06C23381AC866B7D054	877696	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\hrkill.exe
2016-12-23 13:42:01	533BD853256A8DF4559AE2EB57A7D2C0	417168	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Doctor\1.0.2.14\UCBrowserMD.exe
2016-12-23 13:26:44	9F1D3DFAC55080C712C0281FB2EEEB47	268744	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Thunder\1.0.0.0\download\MiniThunderPlatform.exe
2016-12-23 13:26:44	67C767470D0893C4A2E46BE84C9AFCBB	248264	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Thunder\1.0.0.0\download\XLBugReport.exe
2016-12-23 13:20:37	D6D2B64E441FED635993CDEE81DB3123	43008	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\DriverInstallerX86.exe
2016-12-23 13:20:37	79356850FFA4F4146D7C6EA92482E7B9	688640	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\PPAdbServer.exe
2016-12-23 13:20:37	64DA8FE5680C553E26F8BD9364BB7314	88832	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\conx64.exe
2016-12-23 13:20:37	4DB1654048A8745CFDF47B5B54573B31	1656320	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\ucppahelper.exe
2016-12-23 13:20:37	10AB3710B1837E0E1506649B7C3CC3F1	41984	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\DriverInstallerX64.exe
2016-12-23 13:20:37	0D57231EF1A43430DC4A89EC7A8384DD	85248	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe\3.0.2_0\bin\PPHelper\conx86.exe
2016-12-23 13:20:25	5B504B0D0DFB24B4AD0D3004019DA842	446168	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\AegisI5.exe
2016-12-23 13:20:25	260402E5F4C9EE3CA15C7AADE09EF6EA	6635632	----a-w-	C:\FRST\Quarantine\C\Users\Geert\AppData\Local\UCBrowser\User Data\UCWifi\1.0.0.8\UCWiFi.exe
2016-12-23 13:20:00	77E19D0AEB9139261BBBE1BE5A2680DA	1184469	----a-w-	C:\Users\Geert\AppData\Local\Albelli.be Fotoboeken\unins000.exe
2016-12-23 13:20:00	5600A1213CA033976FE0715C3F2993B6	11218592	----a-w-	C:\Users\Geert\AppData\Local\Albelli.be Fotoboeken\apc.exe
2016-12-23 13:19:22	252778336F00A936BAE6CF10E43043DC	12655536	----a-w-	C:\Users\Geert\Downloads\albelli_BE.exe
2016-12-22 19:19:22	0FA5A502A0E0457C1539D4BC24F58FBE	18392	----a-w-	C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2016-12-22 19:19:08	A0209DE5BCAFDB8CA729D727AE94A75C	174048	----a-w-	C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe
2016-12-22 19:19:07	BC8C3896575B06303564265742142775	42096	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbxsvc.exe
2016-12-22 19:19:07	A27E38F50285FDC68DE4AA3D12135179	25779624	----a-w-	C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2016-12-22 19:19:07	5E99A4FA833190EC87654DE2542C431C	35432	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbxsvc.exe
2016-12-22 19:15:42	8BC9AFA2DECFCEB24DD54476715B769C	74854376	----a-w-	C:\Program Files (x86)\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\16.4.30\DropboxClient_16.4.30.exe
=== C: other files ==
2016-12-29 11:19:44	6ED8563FE894D574B97809CF53769DAD	114968	----a-w-	C:\EEK\bin64\epp.sys
2016-12-29 11:19:44	0013002D699CCF9D7B93F30D44A51739	95664	----a-w-	C:\EEK\bin32\epp.sys
2016-12-29 10:54:44	A4BEA586696BC4B8AAD72954B2A93597	39624	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Drivers\ucdrv-x86.sys
2016-12-29 10:54:44	148DB4A6E3B79A052006540C506764CE	47304	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Drivers\ucdrv-x64.sys
2016-12-29 10:52:25	EB482DBC9786F1A9E3ED5AB6864794FA	81792	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Drivers\ucguard-x64.sys
2016-12-29 10:52:25	BEC272775DC50A7464A8AB2BF61595E0	72064	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.207\Drivers\ucguard.sys
2016-12-28 12:20:45	E4A2ED2669CD24A7D64616766BC6F69A	990	----a-w-	C:\Users\Geert\AppData\Local\Temp\DeleteOnReboot.bat
2016-12-27 12:30:27	8213C5972C91A56BE78CD02A4DE4E3FC	34328	----a-w-	C:\Windows\System32\drivers\PROCEXP152.SYS
2016-12-24 12:13:27	9DE024C3C7586815441785106EF9BB71	231445	----a-w-	C:\Users\Geert\Dropbox\Tiger Inc\Programma's & templates\codecanyon-2399731-privatecontent-update\privatecontent_user_data v2.21\private-content-user-data.zip
2016-12-24 12:13:12	1F08BC230C1152C6D9E8B7B51F7AAFFF	401709	----a-w-	C:\Users\Geert\Dropbox\Tiger Inc\Programma's & templates\codecanyon-2399731-privatecontent-update.zip
2016-12-23 13:45:18	EB482DBC9786F1A9E3ED5AB6864794FA	81792	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Drivers\ucguard-x64.sys
2016-12-23 13:45:18	BEC272775DC50A7464A8AB2BF61595E0	72064	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Drivers\ucguard.sys
2016-12-23 13:45:18	684D7D63351DC005FEA85CDEF097A5F2	34280	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Drivers\ucdrv-x86.sys
2016-12-23 13:45:18	209F5CEAAAFE601851E7B40902FC230D	40424	----a-w-	C:\Program Files (x86)\UCBrowser\Application\6.0.1121.13\Drivers\ucdrv-x64.sys
2016-12-22 19:19:07	BC2A3C653B42F5C7E9D4607C2C1F69C3	63592	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-stable.sys
2016-12-22 19:19:07	BC2A3C653B42F5C7E9D4607C2C1F69C3	63592	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-dev.sys
2016-12-22 19:19:07	BC2A3C653B42F5C7E9D4607C2C1F69C3	63592	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-canary.sys
2016-12-22 19:19:07	4032C71C9CB3F6FE1B918BD9F72B9588	75888	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-stable.sys
2016-12-22 19:19:07	4032C71C9CB3F6FE1B918BD9F72B9588	75888	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-dev.sys
2016-12-22 19:19:07	4032C71C9CB3F6FE1B918BD9F72B9588	75888	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-canary.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-3389979238-2971104495-3866065991-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-3389979238-2971104495-3866065991-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Geert\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-21-3389979238-2971104495-3866065991-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session -- http://cdn.bitmedianetwork.com/network/r.html?u=ue1-2ba375a6621a46bc9cfbb68c0f48f101&next=http://utorrent.com/prodnews&osv=3839000A&iev=11&geo=BE&lang=nl&ver=3%2e4%2e9%2e1%2e43085"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Geert\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session -- http://cdn.bitmedianetwork.com/network/r.html?u=ue1-2ba375a6621a46bc9cfbb68c0f48f101&next=http://utorrent.com/prodnews&osv=3839000A&iev=11&geo=BE&lang=nl&ver=3%2e4%2e9%2e1%2e43085"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe""
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ucdrv_repair"="C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe --repair"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/12/2016 10:45]
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [09/12/2016 20:04]
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [09/12/2016 20:04]
C:\Windows\tasks\UCBrowserUpdaterCore.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-DESKTOP-7B10IMC-Geert" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe]
"C:\Windows\SysNative\tasks\Ploingatupether Monitor" ["C:\Program Files (x86)\Wiverphrupay\cupuied.exe"]
"C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"]
"C:\Windows\SysNative\tasks\UCBrowserSecureUpdater" ["C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe"]
"C:\Windows\SysNative\tasks\UCBrowserUpdaterCore" [C:\Program Files (x86)\UCBrowser\Application\update_task.exe]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2016-07-16 11:47:48	--------	d-----w-	C:\PROGRA~3\regid.1991-06.com.microsoft
2016-07-16 11:47:48	--------	d-----w-	C:\PROGRA~3\USOPrivate
2016-07-16 11:47:48	--------	d-s---w-	C:\PROGRA~3\Microsoft
2016-12-09 15:17:06	--------	d-----w-	C:\PROGRA~3\USOShared
2016-12-09 15:17:39	--------	d-sh--we	C:\PROGRA~3\Application Data
2016-12-09 15:17:39	--------	d-sh--we	C:\PROGRA~3\Bureaublad
2016-12-09 15:17:39	--------	d-sh--we	C:\PROGRA~3\Documenten
2016-12-09 15:17:39	--------	d-sh--we	C:\PROGRA~3\Menu Start
2016-12-09 15:17:39	--------	d-sh--we	C:\PROGRA~3\Sjablonen
2016-12-09 15:22:53	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2016-12-09 19:04:55	--------	d-----w-	C:\PROGRA~3\Dropbox
2016-12-09 19:24:46	--------	d-----w-	C:\PROGRA~3\Adobe
2016-12-16 08:57:35	--------	d-----w-	C:\PROGRA~3\regid.1986-12.com.adobe
2016-12-19 09:34:39	--------	d-----w-	C:\PROGRA~3\Malwarebytes
2016-12-19 09:53:58	--------	d-----w-	C:\PROGRA~3\SUPERAntiSpyware.com

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [16/12/2016 10:11]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Geert\AppData\Roaming\Mozilla\Firefox\Profiles\e5vq14yn.default
E8D38E8FB6EC88E7B0E0B4D9AC9B0725	- C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll -	Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Geert\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================


UCæµè§ˆå™¨æ´»åŠ¨ - Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\acbckhilidhkcoenjgmejpgnnmcbhjhi
UC Image Previewer - Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\hdgdpmpallofembldhflnlkcfappghhc
UC Resource Hunter - Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\hkmogefbfdmboplojeicpibfpcndjjbm
Generate QR code of this webpage - Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pbnmnlipmkfkadfcdocgblonoccmolpe
UC Nexus - Geert\AppData\Local\UCBrowser\User Data\Default\Extensions\pogijhnlcfmcppgimcaccdkmbedjkmhi

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com/"
"Default_Search_URL"="http://www.google.com/"
"Search Page"="http://www.google.com/?q={searchTerms}"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com/"
"Default_Search_URL"="http://www.google.com/"
"Search Page"="http://www.google.com/?q={searchTerms}"
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{96BBC430-9900-4299-9F5D-7951AB36EFDF}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{96BBC430-9900-4299-9F5D-7951AB36EFDF} - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

==== HijackThis Entries ======================

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Geert\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session -- http://cdn.bitmedianetwork.com/network/r.html?u=ue1-2ba375a6621a46bc9cfbb68c0f48f101&next=http://utorrent.com/prodnews&osv=3839000A&iev=11&geo=BE&lang=nl&ver=3%2e4%2e9%2e1%2e43085
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3389979238-2971104495-3866065991-1000\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'defaultuser0')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: UC??????? (UCBrowserSvc) - Unknown owner - C:\Program Files (x86)\UCBrowser\Application\UCService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Geert\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Geert\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Geert\AppData\Local\Mozilla\Firefox\Profiles\e5vq14yn.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Geert\AppData\Local\UCBrowser\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3 folders=2 24062 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Geert\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 29/12/2016 at 13:12:52,02 ======================