Zoek.exe v5.0.0.1 Updated 27-09-2015 Tool run by melle on za 18-02-2017 at 16:04:27,57. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\melle\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 18-2-2017 16:05:37 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Adobe deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\Program Files\McAfee deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\melle\AppData\Local\ActiveSync deleted successfully C:\Users\melle\AppData\Local\NetworkTiles deleted successfully C:\Users\melle\AppData\Local\PackageStaging deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-595942859-672628744-3623613245-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_USERS\S-1-5-21-595942859-672628744-3623613245-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully HKEY_CLASSES_ROOT\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 16.02 (x64) ACARS MSFS 1.1 ACARSng Active Camera 2004 2.1 for FS 2004 (updated to 9.1) Active Sky Evolution Aerosoft's - Aerosoft Launcher aerosoft's - Approaching Innsbruck 2004 aerosoft's - Heraklion aerosoft's - Mega Airport Amsterdam aerosoft's - Mega Airport Barcelona aerosoft's - Mega Airport Frankfurt 2.0 - FS2004 - FS2004 aerosoft's - Mega Airport London Heathrow Xtended - FS9 aerosoft's - Nice Cote dAzur aerosoft's - Spanish Airports 2 - FS2004 Airline Pack E-170 FS9/FSX (version 1.1) Airline Pack E-190 FS9/FSX (version 1.1) Ansel Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Bonjour CCleaner Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module Coach 6 Full (Nederlands) CyberLink Home Cinema 10 CyberLink LabelPrint 2.5 CyberLink Power2Go 8 CyberLink PowerDVD 12 CyberLink PowerDVD Copy 1.5 CyberLink PowerRecover Definition Update for Microsoft Office 2010 (KB3115475) 32-Bit Edition E-Jets Series (FS2004) Euro Truck Simulator 2 Euro Truck Simulator 2 Demo EuroScope v3.2 Flight1 Downloader FlyTampa's - Mega Airport Vienna X - FS2004 GAP LGTS 2014 FS9 EDITION Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper HP Customer Experience Enhancements HP Officejet Pro 8610 Basissoftware van het apparaat HP Officejet Pro 8610 Help HP Support Assistant HP Support Solutions Framework HP Update HPDiagnosticCoreDll I.R.I.S. OCR iFly Jets - The 737NG for FS2004 iFly Jets - The 737NG for FS2004 DVD Updater Intel Extreme Tuning Utility Intel(R) Chipset Device Software Intel(R) Driver Update Utility 2.6 Intel(R) Management Engine Components Intel(R) ME UninstallLegacy Intel(R) Product Improvement Program Intel(R) Rapid Storage Technology Intel© Driver Update Utility Intel© Security Assist Intel© Trusted Connect Service Client Java 8 Update 111 Java Auto Updater Just Flight - 757 Professional McAfee WebAdvisor Microsoft ASP.NET MVC 4 Runtime Microsoft Flight Simulator 2004 A Century of Flight Microsoft Office 365 - nl-nl Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23918 Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23918 Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23918 Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23918 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Milano Malpensa Minecraft Navigraph FMS Data Manager 1.6.0.1122 NVIDIA-configuratiescherm 376.54 NVIDIA 3D Vision controllerstuurprogramma 369.04 NVIDIA 3D Vision stuurprogramma 376.54 NVIDIA Backend NVIDIA Container NVIDIA Display Container NVIDIA Display Container LS NVIDIA G-SYNC Pendulum Demo NVIDIA GeForce Experience 3.3.0.95 NVIDIA Grafisch stuurprogramma 376.54 NVIDIA HD Audio-stuurprogramma 1.3.34.17 NVIDIA Install Application NVIDIA LocalSystem Container NVIDIA Message Bus for NvContainer NVIDIA NetworkService Container NVIDIA PhysX Systeem Software 9.16.0318 NVIDIA Session Container NVIDIA ShadowPlay 3.3.0.95 Nvidia Share NVIDIA Stereoscopic 3D Driver NVIDIA Telemetry Container NVIDIA Update 23.23.0.0 NVIDIA Update Core NVIDIA User Container NVIDIA Virtual Audio 3.51.2 NVIDIA Watchdog Plugin for NvContainer NVIDIA Wireless Controller Service NvNodejs NvTelemetry NvvHci Office 16 Click-to-Run Extensibility Component Office 16 Click-to-Run Extensibility Component 64-bit Registration Office 16 Click-to-Run Licensing Component Office 16 Click-to-Run Localization Component PMDG747_400 Queen of the Skies Productverbeteringsonderzoek voor HP Officejet Pro 8610 Real Environment Xtreme for FS2004 REALTEK Bluetooth Driver Realtek Ethernet Controller Driver Realtek High Definition Audio Driver REALTEK Wireless LAN Driver RemoteFlight Server Saitek SD6 Programming Software 6.0.7.0 Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition Security Update for Microsoft Excel 2010 (KB3128037) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553432) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2889841) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3114400) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3115120) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3118380) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB3114885) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3118313) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3118378) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB3114395) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB3114872) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2999465) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3128034) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SHIELD Streaming SHIELD Wireless Controller Driver Smart View smartCARS - Travel Service Virtual (en-US) smartCARS - Virtual Ryanair (en-US) Speccy SquawkBox Steam Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD transavia virtual dispatch manager v1.5.2 Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2881030) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085605) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Vulkan Run Time Libraries 1.0.11.1 Vulkan Run Time Libraries 1.0.26.0 ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe C:\Windows\runSW.exe C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe C:\Users\melle\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Users\melle\Desktop\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfee SiteAdvisor Service deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Adobe not found C:\Users\melle\AppData\Roaming\ProtectDISC deleted C:\Program Files (x86)\McAfee deleted C:\ProgramData\Avg deleted C:\install.exe deleted C:\PROGRA~3\Package Cache deleted C:\Users\Default\AppData\Local\BTServer.log deleted C:\Users\melle\AppData\Local\BTServer.log deleted C:\WINDOWS\Syswow64\SET1096.tmp deleted C:\Users\melle\Desktop\Flight1 Downloader Tool.lnk deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8145 MB CPU Info: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz CPU Speed: 2750,0 MHz Sound Card: Speakers (Realtek High Definiti | LG IPS FULLHD-4 (NVIDIA High De | Display Adapters: NVIDIA GeForce GTX 750 | NVIDIA GeForce GTX 750 | NVIDIA GeForce GTX 750 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller | Bluetooth PAN HelpText | Realtek RTL8723B Wireless LAN 802.11n USB 2.0 Network Adapter | Microsoft Wi-Fi Direct Virtual Adapter | Microsoft Wi-Fi Direct Virtual Adapter #2 CD / DVD Drives: 1x (F: | ) F: TSSTcorpCDDVDW SH-216FB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 869,8GB | D: 60,0GB Hard Disks - Free: C: 755,8GB | D: 41,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDION H110H4-CM2 Country: Netherlands Language: NLD ==== System Specs (Software) ====================== Internet Explorer Version: 11.576.14393.0 Google Chrome version: 56.0.2924.87 Sun Java version: 1.8.0_111 (32-bit) Sun Java version: 1.8.0_111 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2017-02-15 16:18:23 0C632BEE86C0AE2D43EFDCDC1196C9B9 67584 --s-a-w- C:\WINDOWS\bootstat.dat 2017-02-10 15:16:40 D9F4DF8228F99E0DD4F01054ED5E046E 3287737 ----a-w- C:\WINDOWS\1a66260731e6b671746a90b96a80e8f0.exe ====== C:\Users\melle\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2017-02-10 20:28:13 D665E379AAC0D6D73AF60986DAEE2F26 133056 ----a-w- C:\WINDOWS\SysWOW64\nvStreaming.exe 2017-02-10 20:28:12 6448CF3F64B96B8C72A9D5905F7C07B0 110880 ----a-w- C:\WINDOWS\SysWOW64\vulkaninfo.exe 2017-02-10 20:28:12 2F28B023406F83D17ACE4294E2510F44 269600 ----a-w- C:\WINDOWS\SysWOW64\vulkan-1.dll 2017-02-05 20:02:48 9EA3CD2CB18622637DD032743D7750C9 669 ----a-w- C:\WINDOWS\SysWOW64\nv-vk32.json ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2017-02-10 20:28:12 8140DA331F52518CC5FF25E69093BC5C 261920 ----a-w- C:\WINDOWS\Sysnative\vulkan-1.dll 2017-02-10 20:28:12 61DA784EB8C8E133EB3BB4AFBDD66758 125216 ----a-w- C:\WINDOWS\Sysnative\vulkaninfo.exe 2017-02-05 20:02:48 B71AD74A91E472CC8B283B8A7D2C9677 669 ----a-w- C:\WINDOWS\Sysnative\nv-vk64.json ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== 2017-02-15 15:33:37 E2FCB3B53CB8CF6DA822F2E99D02ACC1 214 ----a-w- C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2017-01-24 16:20:31 0CD5506CE92F0C97B20C8013C0136C7B 3650 ----a-w- C:\WINDOWS\Sysnative\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-melledvroome@gmail.com ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2017-02-17 14:32:27 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2017-02-17 16:44:16 -------- d-----w- C:\PROGRA~2\Hoppie 2017-02-09 10:39:22 -------- d-----w- C:\PROGRA~2\CMA 2017-01-24 16:07:17 -------- d---a-w- C:\PROGRA~2\COMMON~1\Adobe ======= C: ===== 2017-02-17 16:51:56 7181EA2BA6B8653CC09C77393A84AD17 138 ----a-w- C:\TO.PS1 2017-02-15 12:04:07 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\melle\AppData\Roaming ====== 2017-02-14 07:41:16 -------- d-----w- C:\Users\melle\AppData\Local\Bafuwardckerguge 2017-02-10 14:57:50 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps 2017-02-09 10:38:40 -------- d-----w- C:\Users\melle\AppData\Local\CMA 2017-01-24 16:45:44 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsignba81bcfa79ebb38d 2017-01-24 16:45:35 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsignce9df6110af7a692 2017-01-24 16:43:22 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsign9ccfcc7815373a29 2017-01-24 16:39:49 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsign30c3444f6eef627b 2017-01-24 16:34:14 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsigne2ed1a841c7a9160 2017-01-24 16:28:30 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsignf0203d266316d18d 2017-01-24 16:21:12 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsign2350dd09d885598d 2017-01-24 16:21:04 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsign6cffc9ba8ac25f86 2017-01-24 16:20:52 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsign97b58a676ea9f878 2017-01-24 16:20:52 -------- d-----w- C:\Users\melle\AppData\Local\Tempzxpsign1b4e19064e0beb46 2017-01-24 16:02:48 -------- d-----w- C:\Users\melle\AppData\Local\Adobe ====== C:\Users\melle ====== 2017-02-17 16:44:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hoppie 2017-02-17 16:43:19 8908D22E252501744D89E56938CDC61B 5662208 ----a-w- C:\Users\melle\Downloads\acars-msfs-1.1-install.exe 2017-02-17 14:31:49 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\melle\Desktop\RSITx64.exe 2017-02-16 18:07:45 5B23FA755B8281CDD346DD31A09F1238 55566792 ----a-w- C:\Users\melle\Downloads\mb3-setup-consumer-3.0.6.1469.exe 2017-02-16 18:03:54 F794CDF8E5979DDDA760A4F82DE4AAC5 4015056 ----a-w- C:\Users\melle\Downloads\adwcleaner_6.043 (2).exe 2017-02-16 17:54:09 F794CDF8E5979DDDA760A4F82DE4AAC5 4015056 ----a-w- C:\Users\melle\Downloads\adwcleaner_6.043 (1).exe 2017-02-16 16:41:12 527811C63BC0ED0E3199890179BC7679 9261616 ----a-w- C:\Users\melle\Downloads\ccsetup527.exe 2017-02-16 16:28:50 AB9BD512A244653081EE0C581AF7FE9B 36915544 ----a-w- C:\Users\melle\Downloads\BOIE9_NLNL_VIS64.exe 2017-02-15 15:43:12 F794CDF8E5979DDDA760A4F82DE4AAC5 4015056 ----a-w- C:\Users\melle\Downloads\adwcleaner_6.043.exe 2017-02-14 14:35:03 -------- d-----w- C:\Users\melle\Start Menu 2017-02-14 10:42:40 5B23FA755B8281CDD346DD31A09F1238 55566792 ----a-w- C:\Users\melle\Desktop\mb3-setup-consumer-3.0.6.1469.exe 2017-02-12 10:59:35 3B850E841275D497F6C814571E2C8C6A 8813488 ----a-w- C:\Users\melle\Downloads\ccsetup526 (1).exe 2017-02-09 10:39:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CMA Coach 6 2017-02-09 10:39:22 -------- d-----w- C:\ProgramData\CMA 2017-02-08 11:56:19 3851DD14F26DF2AF30FC3E58AC37E8EC 1083904 ----a-w- C:\Users\melle\Downloads\MPEG_Streamclip.exe 2017-02-06 08:25:59 9C04248BBB160BF0916EC025C5FAE8FE 516096 ----a-w- C:\Users\melle\Documents\kopie fs9.exe 2017-02-05 19:55:10 D0E0FE37591D687A2F1D326436AF0CB9 393367376 ----a-w- C:\Users\melle\Downloads\376.33-desktop-win10-64bit-international-whql.exe 2017-02-05 12:50:04 E2684A489DB22C67313480A1B26718FE 245472 ----a-w- C:\Users\melle\Downloads\Firefox Setup Stub 51.0.1.exe 2017-02-03 19:39:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2017-01-24 16:23:16 -------- d-----w- C:\ProgramData\boost_interprocess 2017-01-24 16:23:16 -------- d-----r- C:\Users\melle\Creative Cloud Files 2017-01-24 16:07:59 -------- d-----w- C:\ProgramData\Adobe ====== C: exe-files == 2017-02-18 14:56:53 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\melle\AppData\Local\Temp\B8B27003-5BD1-4FDB-A03D-5DB000E438A3\DismHost.exe 2017-02-18 14:47:27 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\melle\AppData\Local\Temp\F955695A-5DF6-40B4-BC60-3C30CD1C89B6\DismHost.exe 2017-02-18 14:38:55 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\melle\AppData\Local\Temp\FCA37F31-2BC3-441F-8F75-F76DA1AA43F0\DismHost.exe 2017-02-17 16:44:19 D851B15E9FA99C03FD1AD3508C87A4AB 69632 ----a-w- C:\Program Files (x86)\Hoppie\ACARS-MSFS\prg\wfacars\WFAcars.exe 2017-02-17 16:44:19 A91D6E7E3343C3A093C88AD9C5C0D950 2948622 ----a-w- C:\Program Files (x86)\Hoppie\ACARS-MSFS\prg\mcdu\mcdu.exe 2017-02-17 16:44:17 DD82635425C7532ABCB6B447FA32DE95 2443587 ----a-w- C:\Program Files (x86)\Hoppie\ACARS-MSFS\prg\broker\bin\broker.exe 2017-02-17 16:44:16 E989A48FA7D50BF1E73E9BBAC6E6BD77 695578 ----a-w- C:\Program Files (x86)\Hoppie\ACARS-MSFS\unins000.exe 2017-02-17 16:44:16 B52F647CA8F130C47054F61FF7E494B9 2508777 ----a-w- C:\Program Files (x86)\Hoppie\ACARS-MSFS\prg\acarsair\bin\acarsair.exe 2017-02-17 16:43:19 8908D22E252501744D89E56938CDC61B 5662208 ----a-w- C:\Users\melle\Downloads\acars-msfs-1.1-install.exe 2017-02-17 14:50:05 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\melle\AppData\Local\Temp\8CEEA7D5-D26D-4138-BE31-AF53F216F659\DismHost.exe 2017-02-17 14:44:29 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\melle\AppData\Local\Temp\39B9D521-44FA-4ECE-AFC6-7E15F1D44F52\DismHost.exe 2017-02-17 14:39:20 418299F70B35752CB048ED773C59002E 145088 ----a-w- C:\Users\melle\AppData\Local\Temp\20C633DB-17FD-4F45-8F7B-EB04B8142E72\DismHost.exe 2017-02-17 14:32:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\melle.exe 2017-02-17 14:31:49 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\melle\Desktop\RSITx64.exe 2017-02-16 18:07:45 5B23FA755B8281CDD346DD31A09F1238 55566792 ----a-w- C:\Users\melle\Downloads\mb3-setup-consumer-3.0.6.1469.exe 2017-02-16 18:05:05 E5D5D423916265EB8D1DE61741E7389B 859816 ----a-w- C:\AdwCleaner\quarantine\files\tkxrhmmcmaeddmqkmtbntxipefhsmosz\SpyHunter\SH4Service.exe 2017-02-16 18:05:05 77703E5928A62BCF65CA12088575F57F 29864 ----a-w- C:\AdwCleaner\quarantine\files\tkxrhmmcmaeddmqkmtbntxipefhsmosz\SpyHunter\native.exe 2017-02-16 18:05:05 5B1184D34A3EE940D16F3B5E742B8624 9766056 ----a-w- C:\AdwCleaner\quarantine\files\tkxrhmmcmaeddmqkmtbntxipefhsmosz\SpyHunter\SpyHunter4.exe 2017-02-16 18:03:54 F794CDF8E5979DDDA760A4F82DE4AAC5 4015056 ----a-w- C:\Users\melle\Downloads\adwcleaner_6.043 (2).exe 2017-02-16 17:56:47 8911606A092D617390EF738D10FA6C4E 4615856 ----a-w- C:\AdwCleaner\quarantine\files\maiwvxlvqhunnetpnjowlgaqbzmjucjg\sh_installer.exe 2017-02-16 17:54:09 F794CDF8E5979DDDA760A4F82DE4AAC5 4015056 ----a-w- C:\Users\melle\Downloads\adwcleaner_6.043 (1).exe 2017-02-16 16:41:12 527811C63BC0ED0E3199890179BC7679 9261616 ----a-w- C:\Users\melle\Downloads\ccsetup527.exe 2017-02-16 16:31:57 9A3490BCAF70CA5250FE53C84F927125 10225352 ----a-w- C:\Users\melle\AppData\Local\NVIDIA\NvBackend\Packages\00009cbe\DAO.21710002.exe 2017-02-16 16:28:50 AB9BD512A244653081EE0C581AF7FE9B 36915544 ----a-w- C:\Users\melle\Downloads\BOIE9_NLNL_VIS64.exe 2017-02-15 16:20:02 E69B63B378D57A6B8323DA980115B40F 346512 ----a-w- C:\Users\melle\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2017-02-15 16:20:00 8CF66F86C982FA907A86AF08C24DA092 436624 ----a-w- C:\Users\melle\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe 2017-02-15 15:44:41 E5D5D423916265EB8D1DE61741E7389B 859816 ----a-w- C:\AdwCleaner\quarantine\files\qnagugmflluxodqucrhzvnyhhvqjhrjg\SpyHunter\SH4Service.exe 2017-02-15 15:44:41 77703E5928A62BCF65CA12088575F57F 29864 ----a-w- C:\AdwCleaner\quarantine\files\qnagugmflluxodqucrhzvnyhhvqjhrjg\SpyHunter\native.exe 2017-02-15 15:44:41 5B1184D34A3EE940D16F3B5E742B8624 9766056 ----a-w- C:\AdwCleaner\quarantine\files\qnagugmflluxodqucrhzvnyhhvqjhrjg\SpyHunter\SpyHunter4.exe 2017-02-15 15:44:40 8911606A092D617390EF738D10FA6C4E 4615856 ----a-w- C:\AdwCleaner\quarantine\files\umhlmryoyzttdoknoshvudtgyvuknauk\sh_installer.exe 2017-02-15 15:43:12 F794CDF8E5979DDDA760A4F82DE4AAC5 4015056 ----a-w- C:\Users\melle\Downloads\adwcleaner_6.043.exe 2017-02-14 10:42:40 5B23FA755B8281CDD346DD31A09F1238 55566792 ----a-w- C:\Users\melle\Desktop\mb3-setup-consumer-3.0.6.1469.exe 2017-02-14 07:30:53 6F07F3285B4478D438FD7C3A018CBE48 1582808 ----a-w- C:\Program Files (x86)\Euro Truck Simulator 2\unins000.exe 2017-02-14 07:25:00 B88CC36206F6F55EE0F308E321648250 37839232 ----a-w- C:\Users\melle\Downloads\325289AEDD75.TorrentRTFREE_qtx9tqphctw9r!App\Downloads\EuroTruckSimulator2_1_26_2_4_dlc_east_setup.exe 2017-02-12 10:59:35 3B850E841275D497F6C814571E2C8C6A 8813488 ----a-w- C:\Users\melle\Downloads\ccsetup526 (1).exe === C: other files == 2017-02-17 16:44:16 79121DC3729879ACB4A401C46FD6CA28 306 ----a-w- C:\Program Files (x86)\Hoppie\ACARS-MSFS\start_acars.bat 2017-02-16 18:05:05 5B1184D34A3EE940D16F3B5E742B8624 9766056 ----a-w- C:\AdwCleaner\quarantine\files\tkxrhmmcmaeddmqkmtbntxipefhsmosz\SpyHunter\SpyHunter4.com 2017-02-16 18:05:04 7AEC5E76816178BF6C543A155D8208B6 15920 ----a-w- C:\AdwCleaner\quarantine\files\tkxrhmmcmaeddmqkmtbntxipefhsmosz\SpyHunter\esgiguard.sys 2017-02-16 18:05:04 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\AdwCleaner\quarantine\files\tkxrhmmcmaeddmqkmtbntxipefhsmosz\SpyHunter\EsgScanner.sys 2017-02-15 15:44:41 5B1184D34A3EE940D16F3B5E742B8624 9766056 ----a-w- C:\AdwCleaner\quarantine\files\qnagugmflluxodqucrhzvnyhhvqjhrjg\SpyHunter\SpyHunter4.com 2017-02-15 15:44:40 7AEC5E76816178BF6C543A155D8208B6 15920 ----a-w- C:\AdwCleaner\quarantine\files\qnagugmflluxodqucrhzvnyhhvqjhrjg\SpyHunter\esgiguard.sys 2017-02-15 15:44:40 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\AdwCleaner\quarantine\files\qnagugmflluxodqucrhzvnyhhvqjhrjg\SpyHunter\EsgScanner.sys 2017-02-15 12:04:07 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat 2017-02-14 07:44:14 FF46BE5A2038070C7CC7E5DDB18B230E 5336 ----a-w- C:\Users\melle\AppData\Roaming\Profiles\Arverspharerght.default\features\{40cdb13b-5718-4e06-9ae3-89ad486cb023}\hsts-priming@mozilla.org.xpi 2017-02-14 07:44:13 56D3B0435CCD413EBF6856EADE2D9B47 5527 ----a-w- C:\Users\melle\AppData\Roaming\Profiles\Arverspharerght.default\features\{40cdb13b-5718-4e06-9ae3-89ad486cb023}\diagnostics@mozilla.org.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-595942859-672628744-3623613245-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\melle\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "HP Officejet Pro 8610 (NET)"="C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe -deviceID CN57VF32G6:NW -scfn HP Officejet Pro 8610 (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\melle\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "HP Officejet Pro 8610 (NET)"="C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe -deviceID CN57VF32G6:NW -scfn HP Officejet Pro 8610 (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "BtServer"="C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe" "ProfilerU"="C:\Program Files\Saitek\SD6\Software\ProfilerU.exe" "SaiMfd"="C:\Program Files\Saitek\SD6\Software\SaiMfd.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe"" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [11-11-2016 10:56] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - 04ee7c68da1949109f5cbb18c45d2b579497210d71454ae09c88f41fa48a3c6a" [C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - 11f1651ea06f49cea8765a0f2b9fee0bbf9af3e327d942a1b097b728f2feae95" [C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - 283b6a57522e48c6a079011d0bc3ea187708c2223f69427cb15da7f57a779fe0" [C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - 91bc0af3628543379ce7829ff031eedb23bfa657dfaa40b7a10886e09861080c" [C:\Program Files\HP\HP Officejet Pro 8610\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Officejet Pro 8610" ["C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\Java Platform SE Auto Updater" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe] "C:\WINDOWS\SysNative\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\WINDOWS\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe] "C:\WINDOWS\SysNative\tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\melle\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1473427140" [C:\Program Files (x86)\Opera\launcher.exe] "C:\WINDOWS\SysNative\tasks\PDVDServ12 Task" [C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe] "C:\WINDOWS\SysNative\tasks\PTUI" [C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Client\XtuUiLauncher.exe] "C:\WINDOWS\SysNative\tasks\USER_ESRV_SVC_WILLAMETTE" ["C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{6770984F-EEDA-4731-AD72-10E0D88D96BD}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Product Configurator" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] "C:\WINDOWS\SysNative\tasks\Intel\Intel Telemetry 2 (x86)" [C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi" [] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Fake Chromium Profiles Check ====================== Fake profile C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - No path found[] McAfee® WebAdvisor - melle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Chrome Web Store Payments - melle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chrome Media Router - melle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {96DA7C55-9C64-44D8-AC42-8E3A8FE554B5} Bing Url="http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iFly Jets - The 737NG for FS2004 DVD Updater deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\melle\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [HP Officejet Pro 8610 (NET)] "C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe" -deviceID "CN57VF32G6:NW" -scfn "HP Officejet Pro 8610 (NET)" -AutoStart 1 O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (file missing) O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{0c421127-621e-4ced-810d-ac97f1b0966c}: NameServer = 8.8.8.8,7.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: NameServer = 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\..\{c03882fb-5e0a-4348-8bab-32ef6cad1c66}: NameServer = 8.8.8.8,8.8.8.7 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\..\{0c421127-621e-4ced-810d-ac97f1b0966c}: NameServer = 8.8.8.8,7.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: RunSwUSB - Unknown owner - C:\Windows\runSW.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\melle\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\melle\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\melle\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\melle\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\melle\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\melle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=670 folders=68 139090746 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\melle\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 18-02-2017 at 16:25:39,62 ======================