Zoek.exe v5.0.0.0 Updated 23-04-2015 Tool run by Louise on wo 29-04-2015 at 13:50:46,82. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OSTQWR8\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-07-20-181751.log 22390 bytes C:\zoek-results2014-08-09-164348.log 6636 bytes C:\zoek-results2015-02-07-163146.log 29110 bytes C:\zoek-results2015-02-08-154105.log 30612 bytes C:\zoek-results2015-02-09-195351.log 37487 bytes C:\zoek-results2015-02-10-195613.log 34581 bytes C:\zoek-results2015-03-19-211356.log 952 bytes C:\zoek-results2015-04-28-172256.log 46495 bytes C:\zoek-results2015-04-29-115019.log 39222 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? ???? ??? Windows Live ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? ???? Windows Live ????? Windows Live ?????? ??????? ?? Windows Live ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? ???????? ?????????? Windows Live ????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) ??????????? ?? Windows Live ABN AMRO e.dentifier2 software Acer eRecovery Management Acer Games ActivePerl 5.20.1 Build 2000 Adobe AIR Adobe Creative Cloud Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Photoshop CC 2014 Adobe Reader X (10.1.13) MUI AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Control Center AMD Catalyst Install Manager AMD Drag and Drop Transcoding AMD Fuel AMD Media Foundation Decoders AMD Steady Video Plug-In Apple Application Support Apple Mobile Device Support Apple Software Update AVG 2015 AVI to DVD Converter Bonjour Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CINEMA 4D Demo 16.020 Craften Terminal 4.0.2 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Evernote v. 4.5.1 Fotogalerija Windows Live Fraps (remove only) Galeria de Fotografias do Windows Live Galerˇa fotogr fica de Windows Live Galeria fotogr…fica del Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galerie foto Windows Live Google Chrome Hi-Rez Studios Authenticate and Update Service High-Definition Video Playback 10 Hotkey Utility HP Deskjet 2540 series Basissoftware van het apparaat HP Deskjet 2540 series Help HP FWUpdateEDO2 HP Photo Creations HP Update iCloud Intel(R) C++ Redistributables on Intel(R) 64 iTunes Java 8 Update 45 Java 8 Update 45 (64-bit) Java Auto Updater Junk Mail filter update Kontrola Windows Live Mesh ActiveX za daljinske veze Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Mesh Runtime Metasploit Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Minecraft MSVCRT MSVCRT Redists MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWinLocker MyWinLocker 4 MyWinLocker Suite Nero 10 Menu TemplatePack Basic Nero 10 Movie ThemePack Basic Nero BackItUp 10 Help (CHM) Nero Burning ROM 10 Nero BurningROM 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero CoverDesigner 10 Nero CoverDesigner 10 Help (CHM) Nero DiscSpeed 10 Nero DiscSpeed 10 Help (CHM) Nero Dolby Files 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Nero Recode 10 Nero Recode 10 Help (CHM) Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero SoundTrax 10 Nero SoundTrax 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nero Vision 10 Nero Vision 10 Help (CHM) Nero WaveEditor 10 Nero WaveEditor 10 Help (CHM) Notepad++ Open Broadcaster Software Ovl dacˇ prvek ActiveX platformy Windows Live Mesh pro vzd len  pripojenˇ Ovl dacˇ prvok ActiveX programu Windows Live Mesh pre vzdialen‚ pripojenia Poczta uslugi Windows Live Podstawowe programy Windows Live Posta Windows Live Python 2.7.9 QuickTime Raccolta foto di Windows Live Ralink RT2860 Wireless LAN Card Realtek Ethernet Controller Driver Realtek High Definition Audio Driver S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.1 (KB3037581) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shredder Simple Port Forwarding SkypeT 7.3 Smite St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?ća???sć??e? s??d?se?? Symantec Endpoint Protection Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Unchecky v0.3.7 Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition Update Installer for WildTangent Games App Urruneko konexioetarako Windows Live Mesh ActiveX kontrola Uzak BaglantŐlar I‡in Windows Live Mesh ActiveX Denetimi Vegas Pro 12.0 (64-bit) Verzoek of wijziging voorlopige aanslag 2014 Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Vuze WildTangent Games App (Acer Games) Windows Live ??? Windows Live ???? Windows Live Argazki Galeria Windows Live Communications Platform Windows Live Essentials Windows Live Fotogal‚ria Windows Live Fotogalerie Windows Live Fotogalleri Windows Live Fotograf Galerisi Windows Live Fot˘t r Windows Live Galeria de Fotos Windows Live Galerija fotografija Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vez‚rlo t voli kapcsolatokhoz Windows Live Mesh ActiveX control for remote connections Windows Live Mesh ActiveX Control for Remote Connections Windows Live Meshin et„yhteyksien ActiveX-komponentti Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven asennusty”kalu Windows Liven s„hk”posti Windows Liven valokuvavalikoima WinPcap 4.1.3 WinRAR 4.20 (32-bit) WinRAR 5.20 (64-bit) WinZip 18.0 Xilisoft Audio Converter 6 XSplit Gamecaster ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\metasploit\postgresql\bin\pg_ctl.exe C:\metasploit\ruby\bin\ruby.exe C:\metasploit\postgresql\bin\postgres.exe C:\Users\Louise\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\metasploit\postgresql\bin\postgres.exe C:\metasploit\postgresql\bin\postgres.exe C:\metasploit\postgresql\bin\postgres.exe C:\metasploit\postgresql\bin\postgres.exe C:\metasploit\postgresql\bin\postgres.exe C:\metasploit\postgresql\bin\postgres.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\metasploit\ruby\bin\ruby.exe C:\metasploit\ruby\bin\ruby.exe C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe C:\Program Files (x86)\Unchecky\bin\Unchecky_bg.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\metasploit\postgresql\bin\postgres.exe C:\metasploit\postgresql\bin\postgres.exe C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OSTQWR8\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe C:\metasploit\apps\pro\engine\arch-lib\win32\nginx\bin\nginxr7.exe C:\Windows\SysWOW64\cmd.exe C:\metasploit\postgresql\bin\postgres.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Files \ Folders ====================== ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3541 MB CPU Info: AMD A6-3620 APU with Radeon(tm) HD Graphics CPU Speed: 2193.7 MHz Sound Card: Speakers (Realtek High Definiti | Luidsprekers (XSplit Stream A | Display Adapters: AMD Radeon HD 6530D | AMD Radeon HD 6530D | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic Non-PnP Monitor | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter #8 | 802.11n Wireless LAN Card #2 | Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH70N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 446.7GB | I: 931.5GB Hard Disks - Free: C: 257.1GB | I: 646.7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/20/11 | ACRSYS - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer Aspire X3470 Country: Language: ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated) Firewall: AVG update module disabled Internet Explorer Version: 11.0.9600.17728 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Louise\AppData\Local\Temp ==== 2015-04-29 11:46:17 C9889FA47FA63E6257B7A966C40BE286 43008 -c--a-w- C:\Users\Louise\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpanjs6n.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-04-15 13:14:15 E981C27FA6C2F45C135DB4AF78D6FE1F 92672 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-04-15 13:14:15 C7E498E41D92CF8C2EAED9995781A7F7 29696 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-04-15 13:14:15 9D68CE45935C439D5082ECB56902124D 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-04-15 13:14:15 751C4859FD46A1461B3FB57252F541D8 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-04-15 13:14:15 031C03C9639CE0D294695968C68A5775 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-04-15 13:14:09 2B381229CCACA02AFF9D27B09073E523 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2015-04-15 13:14:08 DA5B856A037872BE089CA6967C7050C5 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2015-04-15 13:14:08 78492CF3C3697FB5AF4EAABB2BAF8595 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2015-04-15 13:14:00 32B9FEE479FF55234ED6BCF1D7976189 1309696 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-04-15 13:13:59 11896E75E1A118ABFAD126BEB650A189 3920824 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-04-15 13:13:57 A6A644BFAE31F111F35F8C3C7BA2A8A0 3976632 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-04-15 13:13:55 99DE8BADC0E85C9AB4A8301A3723FFEA 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2015-04-15 13:13:53 DB7CFA08957C94F6CFAA0DBB8BE4B906 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-04-15 13:13:53 BC09159AFF6639DB2CB28058731199F0 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-04-15 13:13:53 56977F27A96383E2A6C8BACEFC17E9CA 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-04-15 13:13:53 2DE438AE95C59FB33B3E4E34827C1100 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-04-15 13:13:52 E6A73ED322D8D0E85589894157F81940 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-04-15 13:13:52 C2A7AEA0A0FF0E7284632902FF9BD73A 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-04-15 13:13:52 A169307F0105183092F2AEDA9A8BD15D 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-04-15 13:13:52 A057B61F8A553F6DA38563597FA3676B 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-04-15 13:13:52 6F8CEB8115737D2E049804B191AE41A9 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-04-15 13:13:52 6A9FFEF19C4F8F2E9082A50BB07ECDF1 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-04-15 13:13:52 655C88135254C78E6FB66B6C2F6AC5DA 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-04-15 13:13:52 52C84F726B8B84634F2E666C49076CDE 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2015-04-15 13:13:52 47A1F23EE40C2389FCD53E9D5CEA3430 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-04-15 13:13:52 0FF9EEFF3EFC725FD90AD2CDA5A96776 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-04-15 13:13:52 06C69684C3730E1A31DF06D4DD4042BC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-04-15 13:13:51 FC898E44379D877DE92D869E713528CD 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-04-15 13:13:51 C557EB6CD735B4EE5076EA289B02CEAC 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-04-15 13:13:51 C0693456929F40833B9CC36C9CF7E3A8 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-04-15 13:13:51 53C485BC8BBD41877F58AEB89412F5D7 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-04-15 13:13:51 4B21D227B191A6305087BDD6BB19220F 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-04-15 13:13:51 2E0F849B7BF17969E45881FA4EB9B487 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-04-15 13:13:21 DC155C2C14DC69EA400020CF92895873 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-04-15 13:13:21 D730BA653F9F95EC044F6636E6E45905 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-04-15 13:13:21 BA897AB3BC3DBC25829946EBA487496C 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-04-15 13:13:21 8CD57250F538CFFA0D5DCA9773AEDCAB 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-04-15 13:13:21 2CBD6D22499EB13A2666F62EF33D00E2 16303 ----a-w- C:\Windows\SysWOW64\ieuinit.inf 2015-04-15 13:13:20 EC442CB6F2D08F4FAA6BA68A23B82383 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-04-15 13:13:20 CD91FE4F2718A88FC1C9C9C2E73EABB2 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-04-15 13:13:20 92CF8BC1B198C01CDC55A1A91E510700 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-04-15 13:13:20 89CACDF654626F1948BF6C19A6D610BE 342704 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-04-15 13:13:20 8127C2EE2E287BB3AB7843F9923B62BD 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-04-15 13:13:19 2F42037DD6F2831332653EB7F35D7E9A 19695616 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-04-15 13:13:18 CA4F96D21BEF43DE9407210CFF76FCEA 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-04-15 13:13:18 8E30C9B4E16C23211F1DD02B517E4FA8 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-04-15 13:13:18 01C2BB4C13E6E0AF50867BCE8EE8A03E 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-04-15 13:13:17 B7BFB7C2970DF5E779FF729C037BD8E4 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-04-15 13:13:17 A305BEDA0CD8304102BFBBA0EB2A48CA 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-04-15 13:13:17 8A083313C1F7F50098D1D4F2FC092BD1 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-04-15 13:13:17 77104FDBBD821F2D73338D9370675EF3 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-04-15 13:13:17 2B5DD86A4B6E92E5A79C479C0652E727 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-04-15 13:13:17 1DFA1B4968C4E9E23CD6E68AF9CC063F 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-04-15 13:13:16 AE8A9FCDC135F681EFE9135929CF4A7B 12825600 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-04-15 13:13:16 94D64C343FE6341430A4C61BC490FEBF 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-04-15 13:13:13 BDE9AA78B575CDA7C946A725926021F7 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-04-15 13:13:13 43A5A38E45F0D4FA02A0CCD51244AA17 4305408 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-04-15 13:13:12 C46904F2E9E121A91DDDABB48D7648C3 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-04-15 13:13:12 B55293D48979DADE6049944C252A3BDB 340992 ----a-w- C:\Windows\SysWOW64\html.iec 2015-04-15 13:13:12 7776F3DA2B1AEDC2DA226F726B1E9A01 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-04-15 13:13:12 2396395B6F563158BEC2E0526D7F6CD2 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-04-15 13:12:38 D824C1C235349B67E652A5CA70D1AA49 58880 ----a-w- C:\Windows\SysWOW64\clfsw32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-04-15 13:14:15 C5D90D20035928387FE27E4485EE463F 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-04-15 13:14:15 AEA602B4036CF95522818E911654F52E 135168 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-04-15 13:14:15 95A9A336CFF6AC51B33BBFDBEA6D848B 60416 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-04-15 13:14:15 6C21C983C1F83900DBEDE51DCA247B72 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-04-15 13:14:14 AECC03D0A794619E15FF1CB92D65EF9E 191488 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-04-15 13:14:14 6BAC8DCC6C58755A1B9E6D3B04C28FC5 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-04-15 13:14:14 2ADEA6F221BBF0992FDF9A3E25BA9F59 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-04-15 13:14:14 2A77BD58F0A8D3743D4299434390922E 35328 ----a-w- C:\Windows\Sysnative\wups.dll 2015-04-15 13:14:14 21DF773EF8EFEF531E7E0BF477E03047 3298816 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-04-15 13:14:14 21CA4277E6918B019525ECCD748EF401 37376 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-04-15 13:14:14 0814A74C853F50B354F08F83DDA9F7FB 2553856 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-04-15 13:14:10 E72C92A252EC4B230287BC6E06F24296 957952 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-04-15 13:14:10 826A7F422014E4762C700B4254F5C588 1111552 ----a-w- C:\Windows\Sysnative\aeinv.dll 2015-04-15 13:14:10 5D0A492C42A43DCF73284F2865519712 30720 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-04-15 13:14:10 3FCD3FE7F58935A85ACC33019129358E 419840 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-04-15 13:14:10 0E0723E6D064ACD3D603BEF93EE0B950 769536 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-04-15 13:14:10 05ED759DD0821294F05A41F6A8F1E18F 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-04-15 13:14:09 72098048AB8AE2CAFA4ECE35D5051D62 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll 2015-04-15 13:14:09 3F0FFBA1765470F979D57F88248070CA 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-04-15 13:14:09 205EE22E14A9848FB2266FF035BE0C9C 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-04-15 13:14:08 2AA1704C1475AD9D18560AD07BDA66DF 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2015-04-15 13:14:08 0B85F3551337FE233477DA31545DC45C 1882624 ----a-w- C:\Windows\Sysnative\msxml3.dll 2015-04-15 13:14:01 DCB7D8034C773ADB660FA8F1139AC0A0 5557696 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-04-15 13:14:00 E75074EFBE3C24FBC95C7C1985E08FDE 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2015-04-15 13:14:00 B47C4E8E9AF9044F9D59443196D54608 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2015-04-15 13:14:00 96C2380819EBAC0BF592A7E8977E9E8A 1727904 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-04-15 13:13:55 CBEFBE487F0C09EE0F8AC5299447450E 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2015-04-15 13:13:55 5EA8A53A243ED52DA1F705D000854B2A 341504 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-04-15 13:13:54 6DEDB5E0258998C01C26280DBDB2A4B9 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-04-15 13:13:53 F87B5878D7621A16A0A5CF1D94BE5A53 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-04-15 13:13:53 F36EF8DBE5CE842B8F04515BF422DFB4 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-04-15 13:13:53 EA32F4EA3AE06EDD122FBCD5A489E457 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2015-04-15 13:13:53 CB33B9F21F06764DCA561FC194823199 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-04-15 13:13:53 B00F1AC213172C557EF84F71E4DF5EA3 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-04-15 13:13:53 A32CA33E8692DA882133341AF31A4C36 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2015-04-15 13:13:53 8E615D40A652999B224EDBBFA7B4035B 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-04-15 13:13:53 799E731B83F911A6220E678722A73DDF 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-04-15 13:13:53 7220246418A40D3BF7470058A2DB939A 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-04-15 13:13:53 5E9E31A2F213E757184EB2CA4B562E6C 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-04-15 13:13:53 234529666FB5BBE12343FF58380E8234 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-04-15 13:13:52 DE328CD9E0678A55880C2189EE5BDBDC 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-04-15 13:13:52 CFDA43CD05B94C4853042E4A9561B156 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-04-15 13:13:52 CACB6D061EAAE5CEB9203A26127843AF 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-04-15 13:13:52 CA4FC33FB22D92368A0B221092B46374 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-04-15 13:13:52 C631969919195C040E135CC380018A65 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-04-15 13:13:52 978BC01DD41125DED32AC03925A16578 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-04-15 13:13:52 5905040249D279F61AE988A7F5F0D241 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-04-15 13:13:52 2ABF1BA930E5CE0017D6197A06B03E07 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-04-15 13:13:52 1150C2D3C72887571581DF6D0E58540D 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-04-15 13:13:52 0B6514A14631E41DE4D6D40D1C80BE68 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-04-15 13:13:51 88B6EDA230EFEFC780AF717AA9640CAD 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-04-15 13:13:51 55BF60184106FCF60B999CDEB4EACB2E 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-04-15 13:13:51 39D0217773202CF09F13C1E420CBA6CA 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-04-15 13:13:51 3474740668B86841E999893D9314193E 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-04-15 13:13:21 B664D90F9BFCFBBCF520C63B17736880 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-04-15 13:13:21 3B69EBB762C52E8EFC127857C93CAC4F 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-04-15 13:13:21 3278499EBA0DAA54EB4B68F695F0FB43 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-04-15 13:13:20 9D3E174BD20A383523D5551A46C24BF6 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-04-15 13:13:20 7571102ACD8A82A55D1657CDF96A1A0E 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-04-15 13:13:20 2CBD6D22499EB13A2666F62EF33D00E2 16303 ----a-w- C:\Windows\Sysnative\ieuinit.inf 2015-04-15 13:13:20 0B077004AE4C2F7DE630445391360262 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-04-15 13:13:18 F36C78BC3D456BFB42A606A6B723F6DC 389808 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-04-15 13:13:17 B137E42258BCE4D1DA6D7F11C084983A 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-04-15 13:13:17 68996E442920AD397279C3CD2AC37551 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-04-15 13:13:17 630FB85EF5FFB7441A7AFB4CC9FC9DB6 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-04-15 13:13:17 3C9D34F1F5A2C6867ECC60026F1F6CB7 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-04-15 13:13:16 9171D1A18B1185A78BA33FEE884B8912 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-04-15 13:13:16 0E98ED153699741D42472B0B429B3434 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-04-15 13:13:15 706A56A863BD5F24FC98EF5E2D0582AD 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-04-15 13:13:15 3408F27ABC8B2426481306336F747949 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-04-15 13:13:14 50B2A19B2FBFEFE0FFC537C1BA6C5DD9 2886144 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-04-15 13:13:12 E935163C8AFFEB519572CEB8AA10E8E1 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-04-15 13:13:12 35B570D079F77FDE5D816CCB2FCE9C98 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-04-15 13:13:11 FA10EC0F44A75511D13F9D93184CFC90 14397440 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-04-15 13:13:11 8E9A5B0DA4B6DFCD3CB13A69E89417D6 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-04-15 13:13:11 0DD9381BE8609D889F01812B7EFB1693 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-04-15 13:13:10 AA0640B3252BB6E9F90715F79EE77399 6025216 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-04-15 13:13:10 93B4EB4C7FF742BB834607B24EEF9F8F 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-04-15 13:13:10 3C9C1ADE982DB6FD77AD19FFE252B80A 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-04-15 13:13:10 3457A873B2246B36F1FF58876841D7FE 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-04-15 13:13:09 E593E891B374088572AD021431EBC38B 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-04-15 13:13:09 77B35D0FC22A2D2EAC8D07C3F9784DBF 2358784 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-04-15 13:13:08 E0B5729CDAD0701839569A16DE68D311 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-04-15 13:13:08 899C731AF8C5FF826DFA6C19D725A355 417280 ----a-w- C:\Windows\Sysnative\html.iec 2015-04-15 13:13:08 58DF183B856803E74BED39550FED0BCE 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-04-15 13:13:07 DBC0C4554A8B2A81F68690D30F12C99E 24980480 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-04-15 13:12:38 745DE455E02693423B1B78F448D52961 79360 ----a-w- C:\Windows\Sysnative\clfsw32.dll 2015-04-15 13:12:38 404B7DF9CA4D1CB675045AF220FF3285 367552 ----a-w- C:\Windows\Sysnative\clfs.sys ====== C:\Windows\Sysnative\drivers ===== 2015-04-15 13:13:53 1FA627E63195BF3BF636BFEF0D7190D4 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-04-15 13:13:53 063C09DB965E3DFD6F4F08416F6DB8F5 95672 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-04-15 13:13:22 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\Windows\Sysnative\drivers\http.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-04-22 14:51:26 -------- d-----w- C:\PROGRA~2\Minecraft ======= C: ===== ====== C:\Users\Louise\AppData\Roaming ====== 2015-04-28 18:18:33 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-04-28 18:18:33 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-04-28 18:18:33 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-04-28 18:18:33 -------- d-----w- C:\Users\Martijn\AppData\Local\temp 2015-04-28 18:18:32 -------- d-----w- C:\Users\Fleur\AppData\Local\temp 2015-04-28 18:18:32 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-04-28 18:18:32 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-04-28 18:18:31 -------- dc----w- C:\Users\Louise\AppData\Local\Temp 2015-04-16 16:42:33 -------- d-----w- C:\Users\Martijn\AppData\Roaming\.technic ====== C:\Users\Louise ====== 2015-04-23 14:07:37 -------- d-----w- C:\Users\Martijn\Tracing 2015-04-22 14:51:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-04-16 16:42:11 7726F192317FEB6AFE64946BBFEF7AA4 4629928 ----a-w- C:\Users\Martijn\Downloads\TechnicLauncher.exe ====== C: exe-files == 2015-04-22 14:51:53 E512E19ABB0905DDD6966D8A285378F1 15784 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\rmid.exe 2015-04-22 14:51:53 E4637864454A133F78366F9EE8F13DAE 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\keytool.exe 2015-04-22 14:51:53 D2440F16BB04B2BA00E6B7D3B16386B0 15784 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\jjs.exe 2015-04-22 14:51:53 B46B4608D10D2999F09F610E1F3598C1 99240 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\jp2launcher.exe 2015-04-22 14:51:53 ABE7423B4F03500EE51BCCA239856F75 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\pack200.exe 2015-04-22 14:51:53 A7812249FF577AE77DC2974C4179C233 16808 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\rmiregistry.exe 2015-04-22 14:51:53 A18D9444F006007569AE38BA4BC7587D 16808 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\policytool.exe 2015-04-22 14:51:53 74295D477250AD744520D5C0321D6486 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\tnameserv.exe 2015-04-22 14:51:53 689BF70CD2AAFF5F9853F8AAF69847C0 320936 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaws.exe 2015-04-22 14:51:53 2BF5652B3E0ACABE545186725B47BB7B 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\ktab.exe 2015-04-22 14:51:53 1C95FFFA46178E256C878AC59501303A 66472 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\ssvagent.exe 2015-04-22 14:51:53 19FBC4DF38E7813B541AF6056454ABB6 197544 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\unpack200.exe 2015-04-22 14:51:53 15FC3374508FCDBFA9EE6BCEE79516AE 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\kinit.exe 2015-04-22 14:51:53 15F93809B280128FB304AD7F3480A544 16808 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\servertool.exe 2015-04-22 14:51:53 147355AED2BC7E5E4AD517F8460F70F2 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\klist.exe 2015-04-22 14:51:53 0111B4B086BC3FC50A6A2A3BB4FF33B6 16296 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\orbd.exe 2015-04-22 14:51:52 C1228BDB2C61E626F8E4F3C1D1AA3169 34216 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\jabswitch.exe 2015-04-22 14:51:52 83A17CFF2CF0E9E02B342F52B5F1EF6C 190888 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe 2015-04-22 14:51:52 70CF52440D822C531623014383EB860F 191400 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe 2015-04-22 14:51:52 0D1BED637BC1D3B5EE6A66B1A92005D5 15784 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\java-rmi.exe 2015-04-22 14:51:52 0181F6F681D28D596D71FAEBAEBFB9CB 77224 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javacpl.exe 2015-04-22 14:51:34 920CA9D8423F449BB6B5C91B74654053 101888 ----a-w- C:\Program Files (x86)\Minecraft\tools\NativeUpdater.exe 2015-04-22 14:51:33 F28C19973BD82EE50BB16A5A39C1BA83 1294088 ----a-w- C:\Program Files (x86)\Minecraft\MinecraftLauncher.exe 2015-04-22 14:45:48 F20D09EECDD420E8DA72DECF1D3EC7C3 16808 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe 2015-04-22 14:45:48 E94688906AAEBF41D1CFA933F3A2359A 34216 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe 2015-04-22 14:45:48 E4035085164887C82AD4FE42C8E651D1 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\klist.exe 2015-04-22 14:45:48 E37F13789B1A4A07F1899AD26F9F3A49 16808 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-04-22 14:45:48 DF8FC30233F3DB1BA5A7448BF089D781 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe 2015-04-22 14:45:48 D3687FBDA125FE3A3D850C47D8F12EEC 197544 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe 2015-04-22 14:45:48 CF05CC9FFD3AF5CF9158EDD1E7648348 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe 2015-04-22 14:45:48 C9A0BAB4D629B048C84DC276EAEEE16A 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe 2015-04-22 14:45:48 C053E710928A2F84AE7ED657A0D3B06C 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe 2015-04-22 14:45:48 A23356A87A3533AB88084FE82DC7CB95 66472 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe 2015-04-22 14:45:48 9C3CFD3363A002030890900E37B91B27 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe 2015-04-22 14:45:48 978753D4042800BBEDA7D857FE3CE1FA 16808 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe 2015-04-22 14:45:48 84A8EB74BE8562F6C635F2333FE08E8C 207272 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe 2015-04-22 14:45:48 83CAAA533B706C6F663598CD4BC35218 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe 2015-04-22 14:45:48 7ED9FC5743D42EFA8D2265A868EC98F5 206760 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\java.exe 2015-04-22 14:45:48 6F0C3490CBDFD619A0EED88C781D8679 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe 2015-04-22 14:45:48 693376C701A467C659AB4080931FCAA8 15784 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe 2015-04-22 14:45:48 35263D0520F07865CDE935D59C1B925B 16296 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe 2015-04-22 14:45:48 236E1297BD2B2FA9F5E42B411F8896C9 99752 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-04-22 14:45:48 0684B0B564F8C696D72C52602CA5AC5E 77224 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 2015-04-22 14:45:48 03F3CC162812BD1F007FD5A9601C5C20 319912 -c--a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe 2015-04-22 14:44:55 F65FA872AB42C3F0DBDDE26DF9609F5C 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe 2015-04-22 14:44:55 EEF1E60EE8CD91EB27B465DF7D97D747 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-04-22 14:44:55 EECA4389069973E098AC4A167D58DC47 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe 2015-04-22 14:44:55 E830232219E9156AF3E7F0ACB1B85FC8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe 2015-04-22 14:44:55 D7168BCC2877E533EB32E0E00DCEEAE6 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe 2015-04-22 14:44:55 C885370364208460FD31001113F2B2A2 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe 2015-04-22 14:44:55 BDFE80354D388518D8C4E71F2734796D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe 2015-04-22 14:44:55 B406B32BDFDE96384C5F0A93D0090403 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe 2015-04-22 14:44:55 B2ED82B1A6ACCED29498BB9BA43D430F 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe 2015-04-22 14:44:55 B175AD07294EB83FD12947B47B009D66 190888 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe 2015-04-22 14:44:55 9A78F5C33E24C55B7025416C79658759 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe 2015-04-22 14:44:55 90D8F0F8665DFE0F5616902F8A0E8561 76712 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-04-22 14:44:55 7AEB4F5D482E1167E1FE9A726584BCD6 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe 2015-04-22 14:44:55 6EE11615820FCCBC8879FD86DD033515 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe 2015-04-22 14:44:55 6045943DD4B9731735DB0774B25AE114 191400 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe 2015-04-22 14:44:55 57631CADE6FE87A131913D6241A5343A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe 2015-04-22 14:44:55 3C07B66A8BB9F028DC8EB87F84915DF0 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe 2015-04-22 14:44:55 33EF14CDCDD35CB53D3C3FCB3C2819CC 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe 2015-04-22 14:44:55 12F3D9FC2D1D68BB1C9AF782F94E4CF8 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe 2015-04-22 14:44:55 11EEA5DB4A0B073867E3DCBCDBF12118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe 2015-04-22 14:44:55 01E2DB324E5D3C31D1C31D7E3B9748CF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe === C: other files == 2015-04-22 15:07:52 72455476C8CCECAFB145AE0518DDC72C 52 ----a-w- C:\Users\Martijn\Desktop\test\run.bat 2015-04-22 15:04:37 195D1EDCCA0189CC25D5E878F1526903 359178384 ----a-w- C:\Users\Martijn\Desktop\server.zip 2015-04-22 14:59:53 195D1EDCCA0189CC25D5E878F1526903 359178384 ----a-w- C:\Users\Martijn\Downloads\server.zip 2015-04-22 14:51:53 E6188BE460746F84D5F3EAEE736FE1CA 14130 ----a-w- C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\lib\deploy\ffjcext.zip 2015-04-22 14:45:48 547213453B9C592F74696B1FF4511924 14130 -c--a-w- C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip 2015-04-22 14:44:55 34AD992DE8D6023490DB5C9017FAE6E8 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="StartCCC" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe\" MSRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" ==== Startup Folders ====================== 2015-04-17 18:08:10 1143 ----a-w- C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2013 18:59] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Louise-PC-Martijn" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - a364086f41794e9e8093872bf91b41629d759379d1e44bd3a213c79d014d3e1b" [C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - e82353b7bf0e487db1116a779fa4254ec29882fc8f4f4ec8b99b8d2125929322" [C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\{C9330069-EB10-4CD2-BB8C-9AA3B1FF77FD}" [C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe] "C:\Windows\SysNative\tasks\{FBCC7BFE-8E4C-438A-92CA-133C146A45EF}" [C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF" [14-12-2013 16:21] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Wallet - Fleur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Monster energy - Martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikmiciggennficcomjdfkpniplkpihm Google Wallet - Martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: New Values: ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== Reset Google Chrome ====================== C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Louise\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Louise\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Louise\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Louise\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Louise\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Louise\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user') O4 - Startup: Dropbox.lnk = Louise\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: metasploitPostgreSQL - PostgreSQL Global Development Group - C:\metasploit\postgresql\bin\pg_ctl.exe O23 - Service: Metasploit Pro Service (metasploitProSvc) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe O23 - Service: Metasploit Thin Service (metasploitThin) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe O23 - Service: Metasploit Worker (metasploitWorker) - http://www.ruby-lang.org/ - C:\metasploit\ruby\bin\ruby.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Symantec Endpoint Protection (SepMasterService) - Unknown owner - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Symantec Management Client (SmcService) - Unknown owner - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe (file missing) O23 - Service: Symantec Network Access Control (SNAC) - Unknown owner - C:\Program Files\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Unchecky - RaMMicHaeL - C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3OSTQWR8 will be deleted at reboot C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1QDB1FU will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Martijn\AppData\Local\Mozilla\Firefox\Profiles\t30rbs2p.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Louise\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4449 folders=896 434117758 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Fleur\AppData\Local\temp emptied successfully C:\Users\Louise\AppData\Local\Temp will be emptied at reboot C:\Users\Martijn\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot