Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by hugoke on zo 20/03/2016 at 7:29:10,14. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\hugoke\AppData\Local\Microsoft\Windows\INetCache\IE\JZHJQJ8Z\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-03-19-200922.log 33649 bytes ==== Empty Folders Check ====================== C:\Users\hugoke\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 64 Bit HP CIO Components Installer 7-Zip 15.14 (x64) Adobe Acrobat Reader DC - Nederlands Adobe AIR Adobe Refresh Manager Ashampoo AppLauncher (Medion) v.1.0.0 Belgium e-ID middleware 4.1.7 (build 1666) Computer Security 14.150.101.0 (release) CyberLink LabelPrint 2.5 CyberLink MediaEspresso 6.5 CyberLink PhotoDirector 3 CyberLink PhotoNow CyberLink Power2Go 8 CyberLink PowerDirector CyberLink PowerDVD 10 CyberLink PowerDVD Copy 1.5 CyberLink PowerRecover CyberLink YouCam 5 D3DX10 EaseUS Todo Backup Free 8.9 F-Secure F-Secure CCF Reputation F-Secure CCF Scanning 1.72.115.709 (release) F-Secure Network CCF 1.04.119 F-Secure SafeSearch 1.07.110.0 (release) Fotogalerie Galerie de photos Google Toolbar for Internet Explorer Google Update Helper HP Support Solutions Framework Image Resizer for Windows Image Resizer for Windows (64 bit) Intel PROSet Wireless Intel(R) Management Engine Components Intel(R) ME UninstallLegacy Intel(R) Processor Graphics Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel(R) WiDi Intel© PROSet/Wireless WiFi Software Intel© Trusted Connect Service Client Java 8 Update 71 Java Auto Updater Macrium Reflect Free Edition Mediathek Medion Home Cinema 10 Microsoft Application Error Reporting Microsoft Mouse and Keyboard Center Microsoft Office 2013 voor Thuisgebruik en Zelfstandigen - nl-nl Microsoft OneDrive Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Movie Maker Mozilla Firefox 45.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 MSVCRT110_amd64 Naviextras Toolbox Prerequesities NVIDIA-configuratiescherm 331.65 NVIDIA 3D Vision stuurprogramma 331.65 NVIDIA Grafisch stuurprogramma 331.65 NVIDIA Install Application NVIDIA Optimus 1.15.2 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.15.2 NVIDIA Update Components Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Online Safety 2.150.3659.2518 PHotkey Photo Common Photo Gallery QuickLaunch Realtek Ethernet Controller All-In-One Windows Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Skype Click to Call SkypeT 7.15 Softwarenetz Agenda3 Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Toyota Touch & Go Toolbox Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinZip 20.0 ==== Running Processes ====================== C:\Program Files (x86)\PHotkey\ASLDRSrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe C:\Program Files (x86)\F-Secure\Internet Security\fshoster32.exe C:\Program Files (x86)\F-Secure\Internet Security\apps\CCF_Reputation\fsorsp.exe C:\Program Files (x86)\F-Secure\Internet Security\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe C:\Program Files (x86)\F-Secure\Internet Security\apps\ComputerSecurity\Common\FSMA32.EXE C:\Program Files (x86)\F-Secure\Internet Security\apps\ComputerSecurity\Anti-Virus\fssm32.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\MsgTranAgt.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\PHotkey\POSD.exe C:\Program Files (x86)\PHotkey\GPMTray.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\F-Secure\Internet Security\fshoster32.exe C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe C:\Users\hugoke\AppData\Local\Microsoft\Windows\INetCache\IE\JZHJQJ8Z\zoek (1).exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8071 MB CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz CPU Speed: 2535,7 MHz Sound Card: LG ULTRAWIDE (Intel(R) Display | Realtek Digital Output (Realtek | Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 730M Monitors: 1x; Generic PnP Monitor | Generic PnP Monitor | Generic PnP Monitor | Screen Resolution: 2560 X 1080 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Realtek PCIe GBE Family Controller | Intel(R) Centrino(R) Wireless-N 2230 CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208BB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 636,0GB | D: 60,0GB Hard Disks - Free: C: 315,9GB | D: 32,8GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1 Time Zone: Romance (standaardtijd) Motherboard *: Medion P7818 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: Antivirus by F-Secure *Disabled/Updated* {0F70A6C4-76E4-6A3B-2695-519F428B1C20} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Antivirus by F-Secure *Disabled/Updated* {B4114720-50DE-65B5-1C25-6AED390C569D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Default Browser: Firefox 45.0 Internet Explorer Version: 11.0.9600.18231 Mozilla Firefox version: 45.0 (x86 nl) Adobe Reader version: 15.10.20056.167417 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-03-19 08:44:49 B3541A5A20C6264781909B1B7FE54836 2757616 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\hugoke\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-03-19 08:45:49 44CA43C03FE8ED39A5D1BD402E18E80B 2464256 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2016-03-19 08:45:46 15439CD1D00346692DAEBDDA3107171D 3607040 ----a-w- C:\WINDOWS\SysWOW64\msi.dll 2016-03-19 08:45:35 8E7BB0D381C61232C965CB55F654B17F 786152 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-03-19 08:45:16 AD578BB9B6D5B7E6EFCE4A669C80F55D 2170880 ----a-w- C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-03-19 08:45:16 A7C63FCE6FFCA73296525D4897611C48 236032 ----a-w- C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-03-19 08:45:16 387AE1C533753700D933DFCA3E08A206 26112 ----a-w- C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-03-19 08:45:15 F931707B1619201ED8EA76BFDE4FCB92 144384 ----a-w- C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-03-19 08:45:00 858C3FF4EA3EF5A75C4F042F9DDAA8B0 12879360 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-03-19 08:44:59 A0ED98E02F573061266EC850D94287F3 19794896 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-03-19 08:44:48 97A7A0521E059D242907EFB73A844F29 2412576 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-03-19 08:44:46 17C5D5794D00549C01C8D886F91302F0 2712576 ----a-w- C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-03-19 08:44:44 3F603A1C83F216D8BCF1E307A857CFDC 954880 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-03-19 08:44:43 53166038F5957488A958AB310163A1C3 667648 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-03-19 08:44:43 16B881B874E3FCE2D4BD1869258E63D9 520192 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll 2016-03-19 08:44:41 A19C33C9FBD061AB7CCC9D85FFC27C56 539648 ----a-w- C:\WINDOWS\SysWOW64\hgcpl.dll 2016-03-19 08:44:41 53180E265985C82FD44F3C9DB66C95C8 2551808 ----a-w- C:\WINDOWS\SysWOW64\themecpl.dll 2016-03-19 08:44:40 FA3D63AFE7A99B9BE64BC281BBCFFD3E 1197056 ----a-w- C:\WINDOWS\SysWOW64\usercpl.dll 2016-03-19 08:44:40 C41BDB3963A03443B76D991E0C6A0CC1 141312 ----a-w- C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-03-19 08:44:40 842897D3785C0ADE5021263268B59911 524288 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-03-19 08:44:40 4CA047ECA771B3F32BDE96626D71BEAD 305152 ----a-w- C:\WINDOWS\SysWOW64\stobject.dll 2016-03-19 08:44:14 437A0D42B9FAC5B2C81F83BB8867A4E8 1482240 ----a-w- C:\WINDOWS\SysWOW64\storagewmi.dll 2016-03-19 08:44:07 AFFB1E2AD9B84E114BB5E1141C93EA81 142848 ----a-w- C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-03-19 08:43:49 BCCA19DEC592190AAD8B3E40FB0967AA 24064 ----a-w- C:\WINDOWS\SysWOW64\dsparse.dll 2016-03-19 08:43:40 30AB8A394D14DC529E15DC5FE8B0CD44 1501488 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-03-19 08:43:23 6658E616E766290B32E703FEA44C077F 272384 ----a-w- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-03-19 08:43:23 4582BB64B2B68D8AD81173CB52BF4B46 561664 ----a-w- C:\WINDOWS\SysWOW64\nshwfp.dll 2016-03-09 13:45:23 C04FE126FE7661A727E2EACA3773BF63 496640 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-03-09 13:45:23 6D78ABE37BC816FBC67A62A7A1A5C582 1311744 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-03-09 13:45:23 072926C6A8342EB10FF4DA3BBBE57DB5 687104 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-03-09 13:45:22 F513214BA350CF5D0D362A002FE79733 2050560 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-03-09 13:45:22 3DF6C79B9F93A289D02395642645319C 20352512 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-09 13:45:21 F02CF24E59AF96F7F2FFF8C3204F57B8 13012480 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-03-09 13:45:21 B8106E5CE39EAF8472DB521BB2C62150 663552 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2016-03-09 13:45:20 EFB16D89CDDE7648D14E09D765AE52EB 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll 2016-03-09 13:45:20 D1A735C183F2AD39CF6FE60E8593B0B2 4611072 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-03-09 13:45:19 EDB9618FF3238EF0FC2734F584B13A33 2121216 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-03-09 13:45:19 983EA7706B55540693305DD53F405DFB 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2016-03-09 13:45:19 0D9E4C237A6B6B78BF237FCA65A1103C 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-03-09 13:45:12 C54971134F66CFBDE313D7D74A297AAC 2280448 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-03-09 13:45:12 B1E39E53C031843678B32F6EAB27B27E 99328 ----a-w- C:\WINDOWS\SysWOW64\hlink.dll 2016-03-09 13:43:58 DC3454FD35D11CC14F70911EF0F3D633 5264384 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 13:43:58 C7D765C22C291B9E5236776151498648 5268480 ----a-w- C:\WINDOWS\SysWOW64\glcndFilter.dll 2016-03-09 13:43:50 E56E15C641F753C3D7D0641648268FAC 726528 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll 2016-03-09 13:43:50 68705DEAC2446053E41E422A178B3CA2 124928 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll 2016-03-09 13:43:50 46D953472D24A8AA84760746CA3C7624 81920 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll 2016-03-09 13:43:50 142DB747039AFAC012C6CF03563C56E8 29696 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe 2016-03-09 13:43:13 E3AFB4D35463635DE91500F34530B9DF 86016 ----a-w- C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-09 13:43:13 7708A50DC77886DD8FF3F7FEE291F9F6 1212248 ----a-w- C:\WINDOWS\SysWOW64\ole32.dll 2016-03-09 13:43:13 1C5410484E6DA6D3D1FAF3FC1F4BF344 77824 ----a-w- C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-09 13:42:43 FFA03787B448FE4C9C3FEF80D6998243 536776 ----a-w- C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2016-03-09 13:42:41 8A497FBFF0C7AB5FB8543248FAD9A74F 875720 ----a-w- C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2016-03-09 13:42:35 33979D307A112DD75956FD995871BA83 801792 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-03-09 13:42:13 38D0ADAE47F15F76F8B72A315A54367E 13318144 ----a-w- C:\WINDOWS\SysWOW64\wmp.dll 2016-03-09 13:42:13 23E3C47E971C5889DD036E8BEE8C3213 243032 ----a-w- C:\WINDOWS\SysWOW64\WMASF.DLL 2016-03-09 13:42:01 A011FF70D327D440D84C44B555187C00 301568 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-09 13:42:01 71A77336CBBD50601228B6CA76D47DA6 35840 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-03-09 13:41:59 E67779CDA3275404802CA4FD8E23149A 483328 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-03-19 08:45:47 E2BB5D1E0531B15DC06F4EAB0CE4B236 2778624 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2016-03-19 08:45:45 600D506FEA867E0BAEAFFEFCE54F35B3 118624 ----a-w- C:\WINDOWS\Sysnative\consent.exe 2016-03-19 08:45:45 31C3CEB4DA4A56BE736D4C81BB406C4A 3320832 ----a-w- C:\WINDOWS\Sysnative\msi.dll 2016-03-19 08:45:44 734622FBA766DBD65B1803549B24A04A 110080 ----a-w- C:\WINDOWS\Sysnative\appinfo.dll 2016-03-19 08:45:36 A954355BC773A1581BE80DB1CB68FBEB 952928 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2016-03-19 08:45:27 E4220FD9C7F1579D9C5F9DFB00427841 817664 ----a-w- C:\WINDOWS\Sysnative\rpcss.dll 2016-03-19 08:45:27 D0CBA7B3531CCF2ADB985856D5F92434 1455104 ----a-w- C:\WINDOWS\Sysnative\VSSVC.exe 2016-03-19 08:45:17 427873F889F2F508BE8BE982219CE578 2609152 ----a-w- C:\WINDOWS\Sysnative\WsmSvc.dll 2016-03-19 08:45:16 6FF1E914D60B5DBECA5E135F5997ED6A 31744 ----a-w- C:\WINDOWS\Sysnative\WsmAgent.dll 2016-03-19 08:45:16 22079FC5D8B31634AAD2463F699D9EA0 162304 ----a-w- C:\WINDOWS\Sysnative\WsmAuto.dll 2016-03-19 08:45:15 7912E6936C9335A66B5110350C68E629 285184 ----a-w- C:\WINDOWS\Sysnative\WsmWmiPl.dll 2016-03-19 08:44:52 E5675B1BAF9136DC38A335987AEF582E 14466560 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-03-19 08:44:51 55A7B2CAFB61218BC45644090254FFC6 22365472 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-03-19 08:44:47 0DEA27D0A9693EC4E3FEC5982F5E7669 3120640 ----a-w- C:\WINDOWS\Sysnative\ExplorerFrame.dll 2016-03-19 08:44:46 FC60724EA1DA491695F2BCE9E716EA71 2819584 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers.dll 2016-03-19 08:44:45 ABCBE39A48BFAC43B70FB2889B1C5B44 1220096 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll 2016-03-19 08:44:44 894BD81C81FD1E6A712042E72B739808 2171904 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlowUI.dll 2016-03-19 08:44:43 E4480E60A7952A655D0EE25E73651ED3 655872 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll 2016-03-19 08:44:43 B63F655E50AF21D82403247095DB00D5 273264 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe 2016-03-19 08:44:43 9A7C59794E0E2CABE953FE4501BA3C11 599552 ----a-w- C:\WINDOWS\Sysnative\hgcpl.dll 2016-03-19 08:44:43 5E68D8846A89943285ADC5D416F77FE8 653824 ----a-w- C:\WINDOWS\Sysnative\SettingSyncHost.exe 2016-03-19 08:44:43 2B687F77C7B18454E8297F2CA2ADFC9D 841728 ----a-w- C:\WINDOWS\Sysnative\SettingSyncCore.dll 2016-03-19 08:44:42 0C9E38D94527F52C45767565211C3561 955392 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2016-03-19 08:44:41 D31D49D5E21FFF52D3140080F675D331 2592256 ----a-w- C:\WINDOWS\Sysnative\themecpl.dll 2016-03-19 08:44:41 73672397196FF76D2550B7DDC9A39EA6 336384 ----a-w- C:\WINDOWS\Sysnative\stobject.dll 2016-03-19 08:44:41 636A4DEC0F508AA667895BC975EB0851 1278464 ----a-w- C:\WINDOWS\Sysnative\usercpl.dll 2016-03-19 08:44:41 459957A61331236C92A6D8768EC38967 173056 ----a-w- C:\WINDOWS\Sysnative\SettingMonitor.dll 2016-03-19 08:44:40 E0F846ADE7DED88981D0908DE56FF160 1348096 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2016-03-19 08:44:37 EDFA5CEDBE174FAAA4A09A6B297AEA42 1673728 ----a-w- C:\WINDOWS\Sysnative\workfolderssvc.dll 2016-03-19 08:44:37 144D07F144D0E19AB8451ABC69075727 787456 ----a-w- C:\WINDOWS\Sysnative\WorkfoldersControl.dll 2016-03-19 08:44:15 24D35B8BA7E9A17CB0BD1B59B56880F1 2487296 ----a-w- C:\WINDOWS\Sysnative\storagewmi.dll 2016-03-19 08:44:07 5EF843033E3D4A6AEA46E337FE6CEF69 222720 ----a-w- C:\WINDOWS\Sysnative\dhcpsapi.dll 2016-03-19 08:43:51 DC27203F6D9CFC66E4331D6413ED8F50 779264 ----a-w- C:\WINDOWS\Sysnative\WindowsAnytimeUpgradeui.exe 2016-03-19 08:43:51 139D842E5FB75A1E2F0212FBD7B0E457 1574912 ----a-w- C:\WINDOWS\Sysnative\wbengine.exe 2016-03-19 08:43:49 7BC112CC5EA2FACB0DA9CC8954449B2E 30208 ----a-w- C:\WINDOWS\Sysnative\dsparse.dll 2016-03-19 08:43:40 1986D762FB04C1E768B1F33C917AE199 246784 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll 2016-03-19 08:43:39 EDBAFA8E4AB9AE3CBC02AA60937EF6DA 1737088 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-03-19 08:43:39 A0BE22DA4724A9926E73246BF7691015 7452504 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-03-19 08:43:38 22CD72E4DED83171DA7CD232B7799F06 1663184 ----a-w- C:\WINDOWS\Sysnative\winload.efi 2016-03-19 08:43:36 55EFDBA65774A8A6DC2B21B3593F645D 1523208 ----a-w- C:\WINDOWS\Sysnative\winload.exe 2016-03-19 08:43:35 E5757AFDDF3D4A308D50CB478A08EFBB 1490120 ----a-w- C:\WINDOWS\Sysnative\winresume.efi 2016-03-19 08:43:35 68E97FBD0733F7990CD0054CC03A245A 1358952 ----a-w- C:\WINDOWS\Sysnative\winresume.exe 2016-03-19 08:43:23 D0A5395DCB9EC61D03A1F3C38AEC8D84 713216 ----a-w- C:\WINDOWS\Sysnative\nshwfp.dll 2016-03-19 08:43:23 BD6CDB467A0D5B1F9ECD9ABA837BD462 422400 ----a-w- C:\WINDOWS\Sysnative\FWPUCLNT.DLL 2016-03-19 08:43:23 5059D93764340D4EAEDF49C47133118F 845312 ----a-w- C:\WINDOWS\Sysnative\BFE.DLL 2016-03-19 08:43:23 2530D33CE2F5F30D08A039EC33E91F17 1083904 ----a-w- C:\WINDOWS\Sysnative\IKEEXT.DLL 2016-03-09 13:45:34 FE323BDBE00DB71740D5C3A47359B823 76800 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-03-09 13:45:34 F809935C814853C159F97F5809A8A278 1373184 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2016-03-09 13:45:34 9111570948C5A64D5D51DA99AD5BEE10 1168896 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2016-03-09 13:45:34 8EF9BDFBFB8E8B261988DB1FE0585CCD 46768 ----a-w- C:\WINDOWS\Sysnative\CompatTelRunner.exe 2016-03-09 13:45:34 63ABD1E5E37D096A54A383CB5F12D1A7 689152 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2016-03-09 13:45:33 6639BE7D8BFD124CBC51D5E3668D695D 499200 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2016-03-09 13:45:33 4A4C972237F6F087021AA0F43CD9B41D 696832 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2016-03-09 13:45:22 FB56458B902E3B7F4D09A493FC8CBFFE 1546752 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-03-09 13:45:21 A66C23356E24B52B0C877B5147E5005F 571904 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-03-09 13:45:21 0326E57CEEE24A37F39FB43F0F8E7B29 798720 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-03-09 13:45:20 3E116772A7B17F05C6F26EA613949D98 2123264 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2016-03-09 13:45:19 7CA39F793BB3D0D0F823DE3BFB1B6711 108544 ----a-w- C:\WINDOWS\Sysnative\hlink.dll 2016-03-09 13:45:19 612B73825E88F6CF137D29A44495BD82 817664 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2016-03-09 13:45:18 89176EBC1F9E152BF444B114AB802D2A 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2016-03-09 13:45:18 3DA511916E94D4B75D173E4CD8B7DA51 14613504 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-03-09 13:45:17 59F1834740128C82558092CC774D35F9 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2016-03-09 13:45:17 595BA3503BB82E49F21DE04C0374BE7D 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2016-03-09 13:45:17 26DCAEEFB541175137FCE9406E2AF2B0 6052352 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-03-09 13:45:16 C15649DEABA6B45562009663673E23D1 2597376 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-03-09 13:45:16 8F84D4D9632C0B95D16C1BB5D74C793B 25816576 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-03-09 13:45:12 530EDBCCA18717998332B45F5E71F01B 2887680 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-03-09 13:45:12 4A04E33E7B5F3F1D9C2F54F8400E149D 2880000 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2016-03-09 13:45:11 85C65082595511D7153C18D3F422E632 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2016-03-09 13:43:59 BF2AF15BCFE5292C128601F067D5BC30 7784960 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll 2016-03-09 13:43:58 D2ADFF964E44B7983876917D4D3DC354 7075840 ----a-w- C:\WINDOWS\Sysnative\glcndFilter.dll 2016-03-09 13:43:51 020F47C655ED1F63BBA834AA53575D5C 3708416 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-03-09 13:43:50 F9F1A6F266649E8D1ED1758085BA72A7 140288 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll 2016-03-09 13:43:50 E788BFB05CC9E069630760AF66BA65C3 95744 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll 2016-03-09 13:43:50 8B2FC33C31949801A37EFA0667D7D209 35840 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe 2016-03-09 13:43:50 4AF30188640A8DF505AB3F63FEC174CF 2244096 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll 2016-03-09 13:43:50 288C851F6D7C90B85AAD3CABDE0A5592 136904 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2016-03-09 13:43:50 2542743AF56610BDFB085FF54151545C 409088 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll 2016-03-09 13:43:50 074A9631F113ED8868093062F3FC44F1 897024 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll 2016-03-09 13:43:13 B7A19BF9718CFEF788D078213776D5F9 1661576 ----a-w- C:\WINDOWS\Sysnative\ole32.dll 2016-03-09 13:43:13 9E52BB399666BA43D267577FE8E40A5A 91136 ----a-w- C:\WINDOWS\Sysnative\asycfilt.dll 2016-03-09 13:42:42 BA6B9C8A82DC3BA9F2F2B5FECAD90AF3 678600 ----a-w- C:\WINDOWS\Sysnative\msvcp120_clr0400.dll 2016-03-09 13:42:39 970900EACEAFFFB613C70CBCB7A1865D 869576 ----a-w- C:\WINDOWS\Sysnative\msvcr120_clr0400.dll 2016-03-09 13:42:35 6627154693B6C2B8A59727F5B38728E8 31744 ----a-w- C:\WINDOWS\Sysnative\seclogon.dll 2016-03-09 13:42:35 1299388203829CD48E26A4AD8010E6FF 987648 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-03-09 13:42:20 B368DAA78ADE4C466B425F6025D0EC66 15432704 ----a-w- C:\WINDOWS\Sysnative\wmp.dll 2016-03-09 13:42:13 B8C5844D4576612F286E9E55BFBAE73B 292696 ----a-w- C:\WINDOWS\Sysnative\WMASF.DLL 2016-03-09 13:42:06 CE1C60AE8AFBA26AA6B46EAE2B2B6ABC 4174336 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2016-03-09 13:42:01 8F915027C1515674FEDD7109F6BD1B52 358912 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-03-09 13:42:01 60B54321ECB357F4B4F1364C212B0D6C 44032 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-03-09 13:41:59 13FA5D25FA04E28966B2F795DA66B6B1 603648 ----a-w- C:\WINDOWS\Sysnative\mfds.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-03-19 08:45:44 235624C147E3CB4C288D5D3D8E8D64A2 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys 2016-03-19 08:45:15 C800DCD904016B2BF6AB541083770A3A 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\IPMIDrv.sys 2016-03-19 08:44:24 8B1E62881D5AC68E673CD94B136B34AC 99672 ----a-w- C:\WINDOWS\Sysnative\drivers\disk.sys 2016-03-19 08:44:18 DAC438FB5FF85A9E72806E2341D5D732 72024 ----a-w- C:\WINDOWS\Sysnative\drivers\vpci.sys 2016-03-19 08:44:18 BEE38B3B44364E01BF28640EE8B5617E 65536 ----a-w- C:\WINDOWS\Sysnative\drivers\vpcivsp.sys 2016-03-19 08:43:48 B058C6DA172461B2F2E9D437601B821E 378712 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2016-03-19 08:43:11 D537962695CAFEC1301F3EB7C8C3A1D2 316760 ----a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys 2016-03-19 08:43:11 34CAF69BF4166AB40BFF0ED068FF6F91 551256 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2016-03-09 13:42:09 9D168BFA334D47BE404367EB58D4E130 148832 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2016-03-01 09:12:40 9980B262DBE439AE6BDC91AA985F19EE 2017624 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-03-01 09:12:40 8003E034E3EA0E29DA54215A770FC27C 416768 ----a-w- C:\WINDOWS\Sysnative\drivers\srv.sys 2016-03-01 09:12:34 C996CBEF922B5653A01E3F50DDCE2F86 91992 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbehci.sys 2016-03-01 09:12:31 B45AE0970B2D66CCE756DE6989E23EEC 419160 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2016-03-01 09:12:31 7E1F0553BE9539F333F0CB20217A371D 331608 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2016-03-01 09:11:30 CECD84D511DEF9759D834FA0AF010400 470360 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-03-18 10:54:34 -------- d-----w- C:\Program Files\7-Zip 2016-03-16 19:01:37 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\hugoke\AppData\Roaming ====== ====== C:\Users\hugoke ====== 2016-03-20 06:25:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-03-18 15:38:39 -------- d-----w- C:\ProgramData\UniqueId 2016-03-18 10:54:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip ====== C: exe-files == 2016-03-19 08:45:45 600D506FEA867E0BAEAFFEFCE54F35B3 118624 ----a-w- C:\Windows\System32\consent.exe 2016-03-19 08:45:27 D0CBA7B3531CCF2ADB985856D5F92434 1455104 ----a-w- C:\Windows\System32\VSSVC.exe 2016-03-19 08:44:49 B3541A5A20C6264781909B1B7FE54836 2757616 ----a-w- C:\Windows\explorer.exe 2016-03-19 08:44:48 97A7A0521E059D242907EFB73A844F29 2412576 ----a-w- C:\Windows\SysWOW64\explorer.exe 2016-03-19 08:44:43 B63F655E50AF21D82403247095DB00D5 273264 ----a-w- C:\Windows\System32\SystemSettingsAdminFlows.exe 2016-03-19 08:44:43 5E68D8846A89943285ADC5D416F77FE8 653824 ----a-w- C:\Windows\System32\SettingSyncHost.exe 2016-03-19 08:44:40 842897D3785C0ADE5021263268B59911 524288 ----a-w- C:\Windows\SysWOW64\SettingSyncHost.exe 2016-03-19 08:43:51 DC27203F6D9CFC66E4331D6413ED8F50 779264 ----a-w- C:\Windows\System32\WindowsAnytimeUpgradeui.exe 2016-03-19 08:43:51 139D842E5FB75A1E2F0212FBD7B0E457 1574912 ----a-w- C:\Windows\System32\wbengine.exe 2016-03-19 08:43:39 A0BE22DA4724A9926E73246BF7691015 7452504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-03-19 08:43:36 55EFDBA65774A8A6DC2B21B3593F645D 1523208 ----a-w- C:\Windows\System32\winload.exe 2016-03-19 08:43:36 55EFDBA65774A8A6DC2B21B3593F645D 1523208 ----a-w- C:\Windows\System32\Boot\winload.exe 2016-03-19 08:43:35 68E97FBD0733F7990CD0054CC03A245A 1358952 ----a-w- C:\Windows\System32\winresume.exe 2016-03-18 13:48:07 C5A067D39E46BDBF9FAC843349A1BAEA 196568 ----a-w- C:\ProgramData\F-Secure\GUTS2\hydrawin\1458304736\install.exe 2016-03-18 10:54:34 EF59E1B1E3615E963398FFA9F85E35DB 555008 ----a-w- C:\Program Files\7-Zip\7zG.exe 2016-03-18 10:54:34 7F5A400F84A1A5EE493B98F7AE586E7A 838144 ----a-w- C:\Program Files\7-Zip\7zFM.exe 2016-03-18 10:54:34 649C31D60A6D50E0E9B204944A430838 14848 ----a-w- C:\Program Files\7-Zip\Uninstall.exe 2016-03-18 10:54:34 506E5B371882A5A62B669F04CE04DBA8 447488 ----a-w- C:\Program Files\7-Zip\7z.exe 2016-03-16 19:01:37 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\hugoke.exe === C: other files == 2016-03-19 20:10:14 234019FAAC45C60888F018AD9E9C9B31 4867 ----a-w- C:\Users\hugoke\AppData\Local\Temp\xpi\tmp.zip 2016-03-19 08:45:44 235624C147E3CB4C288D5D3D8E8D64A2 112640 ----a-w- C:\Windows\System32\drivers\rasl2tp.sys 2016-03-19 08:45:15 C800DCD904016B2BF6AB541083770A3A 80896 ----a-w- C:\Windows\System32\drivers\IPMIDrv.sys 2016-03-19 08:44:24 8B1E62881D5AC68E673CD94B136B34AC 99672 ----a-w- C:\Windows\System32\drivers\disk.sys 2016-03-19 08:44:18 DAC438FB5FF85A9E72806E2341D5D732 72024 ----a-w- C:\Windows\System32\drivers\vpci.sys 2016-03-19 08:44:18 BEE38B3B44364E01BF28640EE8B5617E 65536 ----a-w- C:\Windows\System32\drivers\vpcivsp.sys 2016-03-19 08:43:48 B058C6DA172461B2F2E9D437601B821E 378712 ----a-w- C:\Windows\System32\drivers\storport.sys 2016-03-19 08:43:11 D537962695CAFEC1301F3EB7C8C3A1D2 316760 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2016-03-19 08:43:11 34CAF69BF4166AB40BFF0ED068FF6F91 551256 ----a-w- C:\Windows\System32\drivers\vhdmp.sys ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "F-Secure GUI (666)"="C:\Program Files (x86)\F-Secure\Internet Security\FsGuiStarter.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2015-11-20 15:42:23 1985 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk 2015-11-20 15:42:24 2255 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update-melder.lnk 2015-11-20 15:42:23 1976 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/10/2015 14:25] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/10/2015 14:25] C:\WINDOWS\tasks\Scheduled scanning task.job --a-------- C:\PROGRA2\F-Secure\INTERN1\apps\COMPUT1\ANTI-V1\fsav.exe [] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [05/09/2012 03:54] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Scheduled scanning task" [C:\PROGRA~2\F-Secure\INTERN~1\apps\COMPUT~1\ANTI-V~1\fsav.exe] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{833E24E7-E24D-423C-95FD-11F958550EE7}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{E1023C3B-DB26-4311-97AB-A5D3FDFF63F7}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\hugoke\AppData\Roaming\Mozilla\Firefox\Profiles\gb9x1bj1.default 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jmjjnhpacphpjmnnlnccpfmhkcloaade - C:/Program Files (x86)/F-Secure/Internet Security/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx[11/01/2016 13:48] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.stamnummer3.be/viewforum.php?f=2" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.stamnummer3.be/viewforum.php?f=2" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{202B6C89-35A4-4435-AF6B-5D4B420293D7} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GUEA_nlBE662 ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Browsing Protection by F-Secure - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\Internet Security\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll O2 - BHO: SafeSearchBHO - {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} - C:\Program Files (x86)\F-Secure\Internet Security\apps\SafeSearch\IE\FSSafeSearch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O3 - Toolbar: F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\F-Secure\Internet Security\apps\SafeSearch\IE\FSSafeSearch.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [F-Secure GUI (666)] "C:\Program Files (x86)\F-Secure\Internet Security\FsGuiStarter.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe O4 - Global Startup: Update-melder.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe O8 - Extra context menu item: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.be - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1553-154558-44482-6/4 (file missing) (HKCU) O9 - Extra button: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O9 - Extra 'Tools' menuitem: Verzenden naar Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU) O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Botkind Service (BotkindSyncService) - Unknown owner - C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: Service Agent EaseUS (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Internet Security\fshoster32.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Internet Security\apps\ComputerSecurity\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Internet Security\apps\CCF_Reputation\fsorsp.exe O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hugoke\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\hugoke\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\hugoke\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\hugoke\AppData\Local\Microsoft\Windows\INetCache\IE\JZHJQJ8Z will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\hugoke\AppData\Local\Mozilla\Firefox\Profiles\gb9x1bj1.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=83 folders=13 22558403 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\hugoke\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\hugoke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\hugoke\AppData\Local\Microsoft\Windows\INetCache\IE\JZHJQJ8Z" not found "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 20/03/2016 at 8:06:54,87 ======================