Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by P‹erre on wo 25/01/2017 at 11:14:27,04. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\PERRE~1\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 25/01/2017 11:15:25 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\McAfee deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\PERRE~1\AppData\Local\ActiveSync deleted successfully C:\Users\PERRE~1\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\PERRE~1\AppData\Local\EmieSiteList deleted successfully C:\Users\PERRE~1\AppData\Local\EmieUserList deleted successfully C:\Users\PERRE~1\AppData\Local\NetworkTiles deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Online Games Manager\ogmservice.exe C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\VIA_XHCI\usb3Monitor.exe C:\Users\Pïerre\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Users\Pïerre\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\McAfee not found C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\Trymedia deleted C:\Users\PERRE~1\AppData\Local\Wondershare deleted C:\Users\PERRE~1\AppData\Local\cache deleted "C:\ProgramData\Mail" deleted "C:\ProgramData\Metadata Importer" deleted "C:\ProgramData\Multipressor" deleted "C:\ProgramData\Nature" deleted "C:\ProgramData\Overdrive" deleted "C:\ProgramData\People" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16328 MB CPU Info: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz CPU Speed: 3233,7 MHz Sound Card: Luidsprekers (Realtek High Defi | S24D590-4 (NVIDIA High Definiti | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224DB Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 231,9GB | J: 465,8GB | X: 1862,9GB Hard Disks - Free: C: 172,6GB | J: 286,2GB | X: 1859,9GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: MSI Z87-GD65 GAMING (MS-7845) Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Default Browser: Google Chrome 55.0.2883.87 Internet Explorer Version: 11.576.14393.0 Mozilla Firefox version: 47.0.2 (x86 nl) Google Chrome version: 55.0.2883.87 Adobe Reader version: 15.23.20056.213124 Sun Java version: 1.8.0_121 (32-bit) Sun Java version: 1.8.0_121 (64-bit) Flash Player version: 23.0.0.207 Shockwave Player version: 12.2.5r195 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\PERRE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2017-01-11 12:42:12 E9A61066D8433692073FB7A71B76BF4F 223232 ----a-w- C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2017-01-11 12:42:12 79079788BFF24158D1F1E945D1AC092D 557568 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2017-01-11 12:42:12 2A046635F3515975AEFBB855CB4E9559 180224 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2017-01-11 12:42:11 6C79DD2C43E95A38FBB567D83DACDC52 263472 ----a-w- C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2017-01-11 12:42:10 BC95B9B72F50130CE7D87093E9F04110 253952 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2017-01-11 12:42:10 AF1CD431B9B08CBFB62F3B97C614951F 213504 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll 2017-01-11 12:42:10 593B33D87F2EB6BA09D583D782EC5922 285184 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2017-01-11 12:42:10 1220BEFEC4639175792FC0462DD52F3A 866816 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2017-01-11 12:42:09 E88811CA8FD0847E359D14C96C5DAE8C 218976 ----a-w- C:\WINDOWS\SysWOW64\offlinesam.dll 2017-01-11 12:42:09 677A1A604EA11CEEE78CD62AC0A79972 2206496 ----a-w- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2017-01-11 12:42:08 FB8657C99B33C9E3AD5197D4AD6B229F 5398016 ----a-w- C:\WINDOWS\SysWOW64\aclui.dll 2017-01-11 12:42:07 DEF44B761300AF3C2CF2955273325093 20969928 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2017-01-11 12:42:06 E8866BF59BEBEE221459E82453642290 755712 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2017-01-11 12:42:06 D6BC9443751A6307D6DED2C94438BF9E 1155072 ----a-w- C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2017-01-11 12:42:06 C03354B15AB4B40A3D626EEA4BD6AFBB 74752 ----a-w- C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-01-11 12:42:06 1DD77E7ED258C57103D1FF1B0571D3FD 553984 ----a-w- C:\WINDOWS\SysWOW64\cryptui.dll 2017-01-11 12:42:06 16BD10FB0F72B9C844234C07C3130E04 167424 ----a-w- C:\WINDOWS\SysWOW64\WinSCard.dll 2017-01-11 12:42:05 E507716406282DED993ED67B192E4B93 382784 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2017-01-11 12:42:05 DC195E020B6173087BC61E5694199E7C 198656 ----a-w- C:\WINDOWS\SysWOW64\indexeddbserver.dll 2017-01-11 12:42:05 4F3F93808E5D84E014A417DD7F5ADD90 1631232 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-01-11 12:42:05 1375FA26B9483F8C2D607E1741F3A440 822784 ----a-w- C:\WINDOWS\SysWOW64\Chakradiag.dll 2017-01-11 12:42:05 0C3C22395BBA6B4F6AF5075A0FFADA86 484584 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2017-01-11 12:42:04 037C1DD70B4A895EA4B80B3E25D095C8 19417600 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2017-01-11 12:42:03 66E893992BE9048429451B026F85E6C6 6044160 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2017-01-11 12:42:03 65F4FD7E19758FF07BB5203D65A1C8AA 13869056 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-01-11 12:42:02 D32B01BB5724B3600528CFFFB2BAE948 1255936 ----a-w- C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2017-01-11 12:42:02 2C61DF542F945F12A4FE28FD9C83AC9A 19413504 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2017-01-11 12:42:01 B78C83C57A50A6F32B3A73023F0BCC14 6474752 ----a-w- C:\WINDOWS\SysWOW64\mspaint.exe 2017-01-11 12:42:00 4ABEA64DBFF541F8EFF80CE488D1E2A6 7626752 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2017-01-11 12:41:59 5521425D404C71B95CFDCBB06455FB97 1557808 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll 2017-01-11 12:41:54 0484DE6C56F366D01C9C57616E74AF9C 231936 ----a-w- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2017-01-11 12:41:53 94A7B28F9433289C2447B7F701D8AB4A 76984 ----a-w- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2017-01-11 12:41:53 899A18BA61C0D1242A0E6A92752B7329 34304 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2017-01-11 12:41:53 4C10A7F62FD74CC8D7CA096F77997E0A 2748416 ----a-w- C:\WINDOWS\SysWOW64\rdpcore.dll 2017-01-11 12:41:52 E0D6916E8A0B269D22231BA00E8630FC 318976 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll 2017-01-11 12:41:52 A522BCEB7132DD667AB8EC9E076BF53E 231424 ----a-w- C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2017-01-11 12:41:52 827F77A3D43A0B349919C2F66BBCFC4A 7469056 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll 2017-01-11 12:41:52 1B6A591492D31591458C7A732830D739 1300480 ----a-w- C:\WINDOWS\SysWOW64\MSVPXENC.dll 2017-01-11 12:41:52 01E2B9E7C8443F43B0222890A1173E78 237056 ----a-w- C:\WINDOWS\SysWOW64\SyncSettings.dll 2017-01-11 12:41:51 78B393E8F4C1990F7A3E2ECD40A48DF3 3892864 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2017-01-11 12:41:51 509C9E1A9DA6CAA6E405DEA9345AC7B3 497152 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll 2017-01-11 12:41:51 3032268EA235CE27FD2E9E946E3BCFAB 4612608 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2017-01-11 12:41:50 50E24324A257CBD80B8E57A96FCAA9B6 1852720 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2017-01-11 12:41:49 7FBDC2558247BBDC8935FEF194D0C1E8 1360464 ----a-w- C:\WINDOWS\SysWOW64\mfnetsrc.dll 2017-01-11 12:41:48 FA5384E6FBF90FC1BB7009279F6BDB5F 980832 ----a-w- C:\WINDOWS\SysWOW64\mfnetcore.dll 2017-01-11 12:41:48 E9CA8EAECA4785A9798056A321C4AD21 1201872 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2017-01-11 12:41:48 DCBAA27489EE9D25E3ED7D727260F876 1277344 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2017-01-11 12:41:48 6F8A2A1B1411B91B836034457CD797B3 712192 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2017-01-11 12:41:47 26401C08D6407D11FEE6514FD6786B90 640000 ----a-w- C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2017-01-11 12:41:41 D1A551B0B7AB57490179E5ED5C4B24DA 2998272 ----a-w- C:\WINDOWS\SysWOW64\win32kfull.sys 2017-01-11 12:41:40 D9CCC54D17C28BC96DEA313DACA9CE96 509792 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-01-11 12:41:40 D9A7E46105EF2A77055B6A8E62094DA9 886272 ----a-w- C:\WINDOWS\SysWOW64\aadtb.dll 2017-01-11 12:41:40 975BAA926F998BD296FACF0102D1B4F5 860672 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2017-01-11 12:41:40 86F3DD8105EA18131BAD4A145F31B668 5061120 ----a-w- C:\WINDOWS\SysWOW64\d2d1.dll 2017-01-11 12:41:38 19F7122EC19F1EDA724D13BF54ABB180 147968 ----a-w- C:\WINDOWS\SysWOW64\win32k.sys 2017-01-11 12:41:37 BBFB3487BC2BA17DD45311D3B764C771 341344 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2017-01-11 12:41:37 7CCEAACEF7840EA15EEF6EC2A098DB72 3733504 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2017-01-11 12:41:36 B827440852CDBF8724A38E698FA0AA2D 806400 ----a-w- C:\WINDOWS\SysWOW64\D3D12.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2017-01-11 12:42:14 9EF92B1669413DF478D4A8DCDE201F4C 17188864 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2017-01-11 12:42:14 74FCE9C9854C94C264AF7639A5F46FF6 1631232 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll 2017-01-11 12:42:12 6586E0291CD53DA7794CD988366AED58 6285312 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2017-01-11 12:42:12 181C169AE98C74A1CC4B9AA0B4A22EA4 4130440 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2017-01-11 12:42:12 0EC298CD8F21F9AC04FEC57505B9150D 1988560 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2017-01-11 12:42:11 F139D4F13DBBB417B33A193258660611 1454504 ----a-w- C:\WINDOWS\Sysnative\mfnetsrc.dll 2017-01-11 12:42:11 E56AF91E9346979B4AA060D42D8F0A94 1702392 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll 2017-01-11 12:42:11 980FB14885AE2404726EE45F8AABB586 4474368 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_47.dll 2017-01-11 12:42:11 848A3CF59AAE081532C22F7C9A8DAAEC 3134976 ----a-w- C:\WINDOWS\Sysnative\rdpcore.dll 2017-01-11 12:42:11 783B7FCD68D9C42EC4779140ED55E542 1235296 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2017-01-11 12:42:11 3E3F64B5A629BDF6DC8C4CFAE77C8E4E 1300600 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2017-01-11 12:42:11 0969BCCDE7E838227140F64382EF64AE 5611008 ----a-w- C:\WINDOWS\Sysnative\d2d1.dll 2017-01-11 12:42:10 E35794C871B70206F8DA6C48ABA003DC 360448 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll 2017-01-11 12:42:10 A71B83E91B8850F7DC1A691E227BF1F6 1071736 ----a-w- C:\WINDOWS\Sysnative\mfnetcore.dll 2017-01-11 12:42:10 917F081E2AB667C44F7D96DE1D16DFAE 673792 ----a-w- C:\WINDOWS\Sysnative\winlogon.exe 2017-01-11 12:42:10 8B3D8DF2574E9EAA7FC5A93066AA9260 1005568 ----a-w- C:\WINDOWS\Sysnative\D3D12.dll 2017-01-11 12:42:10 82A72D1FE11ADE12D7213228F27C2351 391168 ----a-w- C:\WINDOWS\Sysnative\wuuhext.dll 2017-01-11 12:42:10 7DDF10FC2C70EA83BAC2BB934DF03CAD 936960 ----a-w- C:\WINDOWS\Sysnative\MCRecvSrc.dll 2017-01-11 12:42:10 4DE2027EC9EB53F11BE46DE27D1B1A72 8075776 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll 2017-01-11 12:42:09 DDB7E452A99E0E5244105C6D2CF4BC9E 2317824 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2017-01-11 12:42:09 B7EF5FF80CC9C0723ADA31B4355B9C13 883712 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll 2017-01-11 12:42:09 92156481488CDD143B4FC5AAEF94F85C 1490432 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2017-01-11 12:42:09 916B789655832BDF681FCE3070AFABB8 1600632 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll 2017-01-11 12:42:09 13D5AFBE138BADC93960102A4F187DE1 245600 ----a-w- C:\WINDOWS\Sysnative\offlinesam.dll 2017-01-11 12:42:08 CF03DB835BD053C5DF1020B08149334F 22224480 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2017-01-11 12:42:07 E61548BAF8C7B573C40175C28132D51A 869888 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2017-01-11 12:42:06 CE793530EC8C3669D9521B01E5EBBD46 136032 ----a-w- C:\WINDOWS\Sysnative\ImplatSetup.dll 2017-01-11 12:42:06 C4D85EB020B7A610354F94CFAAFAE448 319288 ----a-w- C:\WINDOWS\Sysnative\wow64.dll 2017-01-11 12:42:06 C1B5EE58E759C53F9939581709DC70BB 193536 ----a-w- C:\WINDOWS\Sysnative\certprop.dll 2017-01-11 12:42:06 B7B0337702015FE3D8F1B1ABD07C1301 932864 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2017-01-11 12:42:06 70888F2C61E34DA8C7BC476119375955 90112 ----a-w- C:\WINDOWS\Sysnative\updatepolicy.dll 2017-01-11 12:42:06 5E8ECCE130A72107B6DFDBE26185A7FB 201728 ----a-w- C:\WINDOWS\Sysnative\ScDeviceEnum.dll 2017-01-11 12:42:06 2F7824EC4540A5FED80D605BC0AD6B39 404832 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2017-01-11 12:42:06 2F0111384FB522FE6B62EF1ECC60373A 236544 ----a-w- C:\WINDOWS\Sysnative\WinSCard.dll 2017-01-11 12:42:06 0A9D8B84C895E51D61F85F7AE4E639ED 600576 ----a-w- C:\WINDOWS\Sysnative\cryptui.dll 2017-01-11 12:42:03 BD19B0A85E7F7D70543A77C61CE21054 324608 ----a-w- C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll 2017-01-11 12:42:02 A8D1EF5E96E2F4FB513D83040B22FF31 1908224 ----a-w- C:\WINDOWS\Sysnative\AzureSettingSyncProvider.dll 2017-01-11 12:42:01 123D03C4DCE989FAEAB11B69EBE021AF 8129536 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2017-01-11 12:42:00 BB22F3FE6B6FA52E6A1A0270530C0607 1513472 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2017-01-11 12:41:59 BBCA1BF191B6F20FF549E51FB80A2868 6664192 ----a-w- C:\WINDOWS\Sysnative\mspaint.exe 2017-01-11 12:41:59 939B177EDD2B38D3E8BD994FF05EE27C 261632 ----a-w- C:\WINDOWS\Sysnative\indexeddbserver.dll 2017-01-11 12:41:59 3EFA8AE16B279E0C7C84CD8739ADEAC4 2482280 ----a-w- C:\WINDOWS\Sysnative\msmpeg2vdec.dll 2017-01-11 12:41:59 08D9755DADCA7A0FA9C093EC09C84AE0 4749312 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2017-01-11 12:41:58 F4886590FE0DF86EB9426A298B81C6B6 23678464 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2017-01-11 12:41:58 C9B67DBC82FBBB5688CF8E8293495937 9131008 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2017-01-11 12:41:58 0F08A4AA40A0F3663149B182954BA7CA 1694712 ----a-w- C:\WINDOWS\Sysnative\winmde.dll 2017-01-11 12:41:57 23C699902D38FB40220B9DCC6A5961E7 328008 ----a-w- C:\WINDOWS\Sysnative\Windows.Storage.ApplicationData.dll 2017-01-11 12:41:57 1B135C7D7C2930F967C40FEF9D0A6BE2 22563840 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2017-01-11 12:41:57 164B90D40F4D459A32008762504CD6DC 425984 ----a-w- C:\WINDOWS\Sysnative\aadcloudap.dll 2017-01-11 12:41:56 E481F29B8CCA13ED638BCC626D8BC613 1121280 ----a-w- C:\WINDOWS\Sysnative\aadtb.dll 2017-01-11 12:41:54 EBF9E40845362DBE2AD0DB3077269488 539648 ----a-w- C:\WINDOWS\Sysnative\usocore.dll 2017-01-11 12:41:54 21A12249A5D06DBD8C40CF186E9DF6C7 4149248 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2017-01-11 12:41:53 FA26C660CD221A53EFF56D7E0533A129 947712 ----a-w- C:\WINDOWS\Sysnative\MSVP9DEC.dll 2017-01-11 12:41:53 CAD92D19FF3674F36C778D0E79C40772 290816 ----a-w- C:\WINDOWS\Sysnative\updatehandlers.dll 2017-01-11 12:41:53 13F38871E8AF34DCCB041D1B5BCEE465 43008 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe 2017-01-11 12:41:52 CB69C94BC348A8435541453D1C1D7F0D 206848 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2017-01-11 12:41:52 8795108A09CCDE6E6D25B1427FD7B593 289792 ----a-w- C:\WINDOWS\Sysnative\DeveloperOptionsSettingsHandlers.dll 2017-01-11 12:41:52 87067444E515E123F712F564E5668DAB 368640 ----a-w- C:\WINDOWS\Sysnative\OneBackupHandler.dll 2017-01-11 12:41:52 74159E9FFFE9325BC7729A4E3719875D 49152 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Shell.dll 2017-01-11 12:41:52 62B1292F90D98574FDA94C15455DBE54 92512 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll 2017-01-11 12:41:51 3C31E12CEA4F72AAC79ECB89512D7089 3616768 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2017-01-11 12:41:51 26569D6A2BCBC0058340145C4C79488A 1002496 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2017-01-11 12:41:51 0C968E9C3B514AAA634339ADFDBE5C04 2009600 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2017-01-11 12:41:50 C1AD9597ADC4770E221A25B8BEB7271C 418952 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2017-01-11 12:41:50 47A61ECCDD1EC29E66EEAB90416B2064 5511680 ----a-w- C:\WINDOWS\Sysnative\aclui.dll 2017-01-11 12:41:50 466F6475D5161FD26F144967C84FA30F 324096 ----a-w- C:\WINDOWS\Sysnative\domgmt.dll 2017-01-11 12:41:50 1EB7C2F34EFD0B1AAE841F0272531106 1231872 ----a-w- C:\WINDOWS\Sysnative\dosvc.dll 2017-01-11 12:41:49 FB04124C2D2F68BBF3B9D31950B78222 211968 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2017-01-11 12:41:49 ED63AA851858968B968BD5C144361075 748544 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2017-01-11 12:41:49 D4BEF92AFE4C1BBF3216D159E2B9B0F7 1356864 ----a-w- C:\WINDOWS\Sysnative\ClipUp.exe 2017-01-11 12:41:49 C9F62A3544BCEBACAF17E3EA22B0F5A2 590960 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2017-01-11 12:41:49 AD09DD001BFF1562665F5670F1E76259 1062912 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2017-01-11 12:41:49 9F69F9CF2D6D337D41824E2F2B3921DB 260608 ----a-w- C:\WINDOWS\Sysnative\InstallAgentUserBroker.exe 2017-01-11 12:41:49 82F99FCA5931BB62B465F5B6B1D420DD 534096 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2017-01-11 12:41:49 7B993290E7691C446C16A56A431669BA 942080 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2017-01-11 12:41:49 38B1A32D777CAEBE248FB608023701D2 584544 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2017-01-11 12:41:49 2DC3D53FFA0D10EB8C911AE2DB7BF4CF 337920 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2017-01-11 12:41:48 FBF28125556F3A32518DA015497353F4 223744 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2017-01-11 12:41:48 F77CC6A4AD680477252538615B4F6863 257024 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.CredDialogController.dll 2017-01-11 12:41:48 C608AF956CE1F99F5B00B9D2AB6C8F4C 352768 ----a-w- C:\WINDOWS\Sysnative\cloudAP.dll 2017-01-11 12:41:48 A707CE085972BBDBA1F6780B444F6D3C 89416 ----a-w- C:\WINDOWS\Sysnative\remoteaudioendpoint.dll 2017-01-11 12:41:48 8C521D161445C3E1F38A494E7649E70D 837632 ----a-w- C:\WINDOWS\Sysnative\wbiosrvc.dll 2017-01-11 12:41:47 70703DDFF5F20685B09ED4392139B03D 418304 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.BlockedShutdown.dll 2017-01-11 12:41:47 6DFED1399CF52D877E6C91D470A29916 440320 ----a-w- C:\WINDOWS\Sysnative\fhcfg.dll 2017-01-11 12:41:47 6B4BFAC812452A7DFB04B79266068333 7816032 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2017-01-11 12:41:47 4CA3CFEA3483EDEFFD27A3A3EC92391C 363520 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.BioFeedback.dll 2017-01-11 12:41:47 4C08BF958476A137C78B62B22B5F90A4 147456 ----a-w- C:\WINDOWS\Sysnative\winsrv.dll 2017-01-11 12:41:47 4BF211AAECBBE524D1F141135241C5CE 310784 ----a-w- C:\WINDOWS\Sysnative\SyncSettings.dll 2017-01-11 12:41:47 4B1302F2DDF5B7F19520B20B380FBE39 455520 ----a-w- C:\WINDOWS\Sysnative\securekernel.exe 2017-01-11 12:41:47 42AFA15DE8FE204B74B3C8D2E2E12B0D 295424 ----a-w- C:\WINDOWS\Sysnative\CloudBackupSettings.dll 2017-01-11 12:41:47 0D9A63B965E6871809EE83B56697E0B3 462336 ----a-w- C:\WINDOWS\Sysnative\fhsettingsprovider.dll 2017-01-11 12:41:41 D70B1453ADA82A92E76EAE72D936A0F6 2275840 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2017-01-11 12:41:40 6A767EA4AB61E6CD23E21299FF2EB045 707584 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll 2017-01-11 12:41:39 BFBCD0C204BFFFB1CC17FE8A8B734A8B 266752 ----a-w- C:\WINDOWS\Sysnative\ConsoleLogon.dll 2017-01-11 12:41:39 391C0A1E168E6E66D9136DDA4FA2743E 241504 ----a-w- C:\WINDOWS\Sysnative\CloudExperienceHost.dll 2017-01-11 12:41:38 A1D181D6D7D14F4EB36675D0D62CE817 1692672 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.onecore.dll 2017-01-11 12:41:38 7730E5E104B739368AECE9C00E7C1531 1292288 ----a-w- C:\WINDOWS\Sysnative\MSVPXENC.dll 2017-01-11 12:41:37 639EB29D9311C212A3C35D44A56B1766 349184 ----a-w- C:\WINDOWS\Sysnative\provengine.dll 2017-01-11 12:41:36 EFA5FFD923DB1FF8C0A8E0BE95DF34DA 234496 ----a-w- C:\WINDOWS\Sysnative\KnobsCore.dll 2017-01-11 12:41:36 1188528BD42005037F57A1F7EB9FFEA2 83968 ----a-w- C:\WINDOWS\Sysnative\ProvPluginEng.dll 2017-01-11 12:41:36 0BF189620AE82619BA12C2D0659E719A 119808 ----a-w- C:\WINDOWS\Sysnative\KnobsCsp.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2017-01-11 12:42:07 90C07EB909C42316982E753BDAA7860D 624048 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2017-01-11 12:41:48 3BB8D153A9A514EC9FFCB586251A1925 715104 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2017-01-11 12:41:47 29AF16726F4DD84376ECA85AB6AFF2C6 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys ====== C:\WINDOWS\Tasks ====== 2017-01-23 19:31:49 77C01A91D0647E9550C1C2B6095A1EA4 1002 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2017-01-23 19:31:49 52FE32F2F6D9C571BB209E3A2857A25B 4064 ----a-w- C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2017-01-21 08:59:44 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\PERRE~1\AppData ====== ====== C:\Users\PERRE~1 ====== 2017-01-24 14:43:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\PERRE~1\Downloads\RSITx64.exe 2017-01-19 08:15:03 68A8065415FA3996A15B7727F0A7B83D 26243360 ----a-w- C:\Users\PERRE~1\Downloads\Belgium-eID-QuickInstaller-4.1.20-signed.exe ====== C: exe-files == 2017-01-24 14:43:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Pïerre\Downloads\RSITx64.exe 2017-01-23 22:49:29 E80BD51BB5D95F5044BA51BEFBDBB3CE 750544 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\Packages\00009bdf\CoProc update.21602187.exe 2017-01-23 22:49:29 273909052B8B5805B3B46901E2489896 10129336 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\Packages\00009bed\DAO.21604059.exe 2017-01-23 14:55:08 05B9FC580DBBD6294C7AB952722DA757 346512 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2017-01-23 14:55:06 7AE735B783FBF832F78FEB995C3DFD6C 436624 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2017-01-21 08:59:49 7F0467C3AA5BDAF44BBC824AC81359D0 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2017-01-21 08:59:49 177B6CC9FEBFFC816A71D11132CEED5E 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2017-01-21 08:59:49 135592B076CE53BC24AA251E1B89A9F1 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2017-01-21 08:59:34 F8AB79517B4EB4508375EC0406C3EDEC 69696 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\ssvagent.exe 2017-01-21 08:59:34 F6E4712218FBA1764F851C3448C17FE2 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\pack200.exe 2017-01-21 08:59:34 EE400CB85481BAB9980FB40CB9BD7EBD 15936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\jjs.exe 2017-01-21 08:59:34 DE7C36AE916376D1E628ACE68808CB7F 111680 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\jp2launcher.exe 2017-01-21 08:59:34 DA7093EA1B09B11250B1AC485B69EAD6 197184 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\unpack200.exe 2017-01-21 08:59:34 D1ADB720D6173F8CE7BAB37FFFA3C90D 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\kinit.exe 2017-01-21 08:59:34 B4FB76D02378BE2F8F7EC9BCE8C423BE 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\tnameserv.exe 2017-01-21 08:59:34 B38235C49CEB1B2DB4836BEEF95BF261 34368 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\jabswitch.exe 2017-01-21 08:59:34 ABF2E38B995E8F2997713393073A7E22 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\rmiregistry.exe 2017-01-21 08:59:34 9959983B48E5A2796C76ED1DE02D02CD 79936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\javacpl.exe 2017-01-21 08:59:34 97B50FC1A368706C6D0DBFA3060A5721 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\ktab.exe 2017-01-21 08:59:34 957285B9662D1E3BAA9501B7D1B29E0E 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\orbd.exe 2017-01-21 08:59:34 909B3A1DEC24CE9687A71C7B2E4DBE35 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\klist.exe 2017-01-21 08:59:34 870F4F8548DED2A88519D83C69856AA0 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\keytool.exe 2017-01-21 08:59:34 7F646A16329B9DE19B3231B9F1619F77 15936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\rmid.exe 2017-01-21 08:59:34 7F0467C3AA5BDAF44BBC824AC81359D0 206912 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\javaw.exe 2017-01-21 08:59:34 7DA769B18CB16D0192E6D3C307085F07 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\servertool.exe 2017-01-21 08:59:34 58F6CC7AA09D6CC6D566D888CC37B5DD 16448 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\policytool.exe 2017-01-21 08:59:34 514859480D5D3A7E87BE8741CF4FEA1E 15936 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\java-rmi.exe 2017-01-21 08:59:34 177B6CC9FEBFFC816A71D11132CEED5E 206912 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\java.exe 2017-01-21 08:59:34 135592B076CE53BC24AA251E1B89A9F1 318528 ----a-w- C:\Program Files\Java\jre1.8.0_121\bin\javaws.exe 2017-01-21 08:59:18 C985AF01EA996411BC9D7A13137EE457 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\rmiregistry.exe 2017-01-21 08:59:18 AB263A4210AE7104C31E0179AAF09721 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\servertool.exe 2017-01-21 08:59:18 A07322088F339B3CD49230B4BB99618C 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\rmid.exe 2017-01-21 08:59:18 6791321A5CFEB19A85CC4265D368A0A0 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\policytool.exe 2017-01-21 08:59:18 62128FBE88671C6CBAC00B82E16F0071 159296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\unpack200.exe 2017-01-21 08:59:18 5D883A670304684DAC4CE788DC866DC2 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\tnameserv.exe 2017-01-21 08:59:18 1C3EF5399F815FDC3C47D41CC529BCE8 52800 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssvagent.exe 2017-01-21 08:59:17 E9383995672CF0B911AD652A2D5469CF 70208 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\javacpl.exe 2017-01-21 08:59:17 D644B1241088C3A6DFB233EDB3E8B4F9 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jjs.exe 2017-01-21 08:59:17 BF6BCC0BC35AE1E1CC220DD13D0C14DB 83008 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2launcher.exe 2017-01-21 08:59:17 9F8C5EAF561629D9323720ED6A80E9F8 191552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\javaw.exe 2017-01-21 08:59:17 9F5FA433B4892218EEAE24C79126EEB3 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\java-rmi.exe 2017-01-21 08:59:17 8D07726A3CC4AE3835FFC6DBE9584468 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\kinit.exe 2017-01-21 08:59:17 6EDF068A2741192CB8C297FC4004AA6B 16448 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\orbd.exe 2017-01-21 08:59:17 68417B588D482A945EA48C9F90AF26C2 30784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\jabswitch.exe 2017-01-21 08:59:17 5CF6A00237CF6318819FE63644210693 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\klist.exe 2017-01-21 08:59:17 5CE9A44FAAEC31DECA6CE7A368F6BE7F 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\keytool.exe 2017-01-21 08:59:17 347EF202FD465A219020FC2BFB1DEFAA 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\ktab.exe 2017-01-21 08:59:17 28048A3ED6A2E3DE080FAAD19A432356 15936 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\pack200.exe 2017-01-21 08:59:17 068F32452896883AC346F82C0F3C4652 191040 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\java.exe 2017-01-21 08:59:17 03FBBFC587F2D6D06B6F085F2E745EC8 268864 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\bin\javaws.exe 2017-01-21 08:58:46 4FBA24CF96F80DE963F5DF60A5F84DAE 739904 ----a-w- C:\Users\Pïerre\AppData\Local\Temp\jre-8u121-windows-au.exe 2017-01-19 08:15:03 68A8065415FA3996A15B7727F0A7B83D 26243360 ----a-w- C:\Users\Pïerre\Downloads\Belgium-eID-QuickInstaller-4.1.20-signed.exe === C: other files == 2017-01-24 23:01:46 261AE4DACE820321E85ECCAF6D319586 3442 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\P2INQ2Q2\manifest[1].zip 2017-01-23 23:09:01 26258CA8071980EDDD316DBA953B435B 813579 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\VungleSDK\56df15cf4646377d640000cb_56b068720546fea60600009a_datasci--primary--success\postBundle.zip 2017-01-23 20:23:54 F1DE8E87231DD4789C1421A0782C7F94 3399 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\P24RNM6P\manifest[1].zip 2017-01-22 23:05:20 26258CA8071980EDDD316DBA953B435B 813579 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\VungleSDK\56df15cf4646377d640000cb_56d93cb5918736336c00003c_datasci--primary--success\postBundle.zip 2017-01-22 23:05:20 26258CA8071980EDDD316DBA953B435B 813579 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\PCUDYLEW\5859d9d19e4d8bed120000f6-CUSTOM-1[1].zip 2017-01-21 08:59:34 8795B77F5012AF9FAD42B84271FC650B 14156 ----a-w- C:\Program Files\Java\jre1.8.0_121\lib\deploy\ffjcext.zip 2017-01-21 08:59:18 821A76771E3F87FD065108A943FE9D70 14156 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_121\lib\deploy\ffjcext.zip 2017-01-21 06:21:25 8E0CC1A870DF405BEC3D24077FEAF1F8 17747 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\P24RNM6P\KlondikeCumulativeVegasDraw1[1].zip 2017-01-21 06:21:24 C77BD0B4B4F92064DFA2FF99F6D3BBEA 3400 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\LBMA3CSX\manifest[1].zip 2017-01-20 23:06:32 11166D3C4299438258A6C862B4E9CAC3 1122614 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\VungleSDK\57485fcc6187e60a3f000050_56d9f3ab3fd97ee22900005d_datasci--primary--success\postBundle.zip 2017-01-20 23:06:32 11166D3C4299438258A6C862B4E9CAC3 1122614 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\INetCache\PCUDYLEW\587558ae9efc728c2c00048f-CUSTOM-1[1].zip 2017-01-19 23:10:26 BC7E8E459C6E0E0EB9A6CA9017AD1C68 451000 ----a-w- C:\Users\Pïerre\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\LocalState\VungleSDK\58463c37daca55bf7500007e_58463568bc8e0bba64000190_datasci--primary--success\postBundle.zip 2017-01-19 08:14:32 D12C71C42272D1C3ED1992B630FC7E65 838245 ----a-w- C:\Users\Pïerre\AppData\Roaming\Mozilla\Firefox\Profiles\5cvgfgd1.default\features\{3e67b663-1751-49a1-80c8-d0ba2ffd15a9}\firefox@getpocket.com.xpi 2017-01-19 08:14:32 4623ECF38DAFD44EC72EFBB40B0BC1CA 5745 ----a-w- C:\Users\Pïerre\AppData\Roaming\Mozilla\Firefox\Profiles\5cvgfgd1.default\features\{3e67b663-1751-49a1-80c8-d0ba2ffd15a9}\websensehelper@mozilla.org.xpi 2017-01-19 08:14:32 3A45F22BF0215C5C7273AF5AFF64D6B8 6253 ----a-w- C:\Users\Pïerre\AppData\Roaming\Mozilla\Firefox\Profiles\5cvgfgd1.default\features\{3e67b663-1751-49a1-80c8-d0ba2ffd15a9}\e10srollout@mozilla.org.xpi 2017-01-19 08:14:32 32F9E6D9F7D3A167A516DA371F14C20C 5391 ----a-w- C:\Users\Pïerre\AppData\Roaming\Mozilla\Firefox\Profiles\5cvgfgd1.default\features\{3e67b663-1751-49a1-80c8-d0ba2ffd15a9}\loop@mozilla.org.xpi 2017-01-19 08:08:34 5CB627FF1FCE69E4480F6542CF21BF12 82480 ----a-w- C:\Windows\LastGood.Tmp\system32\DRIVERS\a38ccid.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2606789639-3167826691-1876802399-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\P‹erre\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\P‹erre\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-2606789639-3167826691-1876802399-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\P‹erre\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\P‹erre\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdReg"="C:\WINDOWS\UpdReg.EXE" "Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\P‹erre\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\P‹erre\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\P‹erre\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\P‹erre\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "VIAxHCUtl"="C:\VIA_XHCI\usb3Monitor.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Corel Update Helper"="c:\Program Files\Corel\Corel PaintShop Pro X7 (64-bit)\pua.exe /t" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "MBCfg64"="C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [23/01/2017 20:31] C:\WINDOWS\tasks\HPCeeScheduleForPïerre.job [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Deskjet 1050 J410 series" ["C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"] "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1464129521" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\WINDOWS\SysNative\tasks\USER_ESRV_SVC_WILLAMETTE" ["C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{2EEDFA7A-D017-49FC-A3E2-82F46472EA99}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03/01/2017 15:14] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [19/01/2017 09:15] ==== Firefox Extensions ====================== ProfilePath: C:\Users\PERRE~1\AppData\Roaming\Mozilla\Firefox\Profiles\5cvgfgd1.default - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi - Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - No path found[] eofcbnmajmjmplflapaojjnihcjkigck - No path found[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[] YouTube - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia eID Chrome Extension - PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc Adobe Acrobat - PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj Avast SafePrice - PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck Avast Online Security - PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Pinterest Save Button - PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic Chrome Web Store Payments - PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chrome Media Router - PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.savefrom.net_0.localstorage deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.savefrom.net_0.localstorage-journal deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Pïerre\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Pïerre\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Pïerre\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pïerre\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\amd64" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 1050 J410 series.lnk = ? O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE O4 - Global Startup: Killer Network Manager.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{fcd3441e-2b16-434a-a8f7-0afba9c595e5}: NameServer = 77.234.40.79 O18 - Protocol: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\BricsCAD V13\BrxProtIE.dll O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PERRE~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\PERRE~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\PERRE~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\PERRE~1\AppData\Local\Microsoft\Windows\INetCache\IE\BB9WDV4W will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\PERRE~1\AppData\Local\Mozilla\Firefox\Profiles\5cvgfgd1.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\PERRE~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=176 folders=83 24301262 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\PERRE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\PERRE~1\AppData\Local\Microsoft\Windows\INetCache\IE\BB9WDV4W" not found ==== EOF on wo 25/01/2017 at 11:31:16,30 ======================