Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Having adware with almost every site


  • This topic is locked This topic is locked
10 replies to this topic

#1 Thijsk1

Thijsk1

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:11:42 AM

Posted 18 November 2017 - 10:09 AM

When I go to a site, I just get an example of the site itself but whenever I try to click a link even when I just click on a random spot of the site such as the background color, I get directed to the original site and the tab where the example of the site is becomes some random ad. I already tried a lot of things such as superantispyware, AVG, adwcleaner etc but I can't find the source of this problem.

Attached Files



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:42 AM

Posted 18 November 2017 - 05:11 PM

Greetings Thijsk1 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Please consider and do this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have Peer 2 Peer (torrent) program(s) installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Peer 2 Peer programs, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001 -> DefaultScope {25EFF342-B6C3-4F40-9E2E-66E0F7AF3319} URL =
SearchScopes: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001 -> {25EFF342-B6C3-4F40-9E2E-66E0F7AF3319} URL =
S4 AVKService; "C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe" [X]
S1 vtuiso; system32\drivers\vtuiso.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
2017-11-01 12:04 - 2017-11-01 12:04 - 000000000 ____D C:\temp
2017-10-19 18:11 - 2017-10-19 18:11 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Tempzxpsign*
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-*.dll
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-*.dll
CustomCLSID: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-ADC032867DCB}\InprocServer32 -> %%systemroot%%\system32\shell32.dll
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
hosts:
emptytemp:
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Update on computer/browser behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Thijsk1

Thijsk1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:11:42 AM

Posted 19 November 2017 - 03:49 AM

Hello, I did all of the things listed above, I uninstalled µtorrent and did the fix thing. I went to some random sites and the adware is gone. Is it ok to leave this topic open for another week, if this adware comes again, I can just reply on this topic again.

 

Fixlog

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 18-11-2017
Gestart door Thijs Kunnen (19-11-2017 09:33:38) Run:1
Gestart vanaf C:\Users\Thijs Kunnen\Desktop
Geladen Profielen: Thijs Kunnen (Beschikbare Profielen: defaultuser0 & Thijs Kunnen & thijs)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001 -> DefaultScope {25EFF342-B6C3-4F40-9E2E-66E0F7AF3319} URL =
SearchScopes: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001 -> {25EFF342-B6C3-4F40-9E2E-66E0F7AF3319} URL =
S4 AVKService; "C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe" [X]
S1 vtuiso; system32\drivers\vtuiso.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
2017-11-01 12:04 - 2017-11-01 12:04 - 000000000 ____D C:\temp
2017-10-19 18:11 - 2017-10-19 18:11 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Tempzxpsign*
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-*.dll
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-*.dll
CustomCLSID: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-ADC032867DCB}\InprocServer32 -> %%systemroot%%\system32\shell32.dll
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
hosts:
emptytemp:
 
*****************
 
Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde is succesvol verwijderd
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{25EFF342-B6C3-4F40-9E2E-66E0F7AF3319} => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{25EFF342-B6C3-4F40-9E2E-66E0F7AF3319} => sleutel niet gevonden. 
HKLM\System\CurrentControlSet\Services\AVKService => sleutel is succesvol verwijderd
AVKService => dienst is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\vtuiso => sleutel is succesvol verwijderd
vtuiso => dienst is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\ZAM => sleutel is succesvol verwijderd
ZAM => dienst is succesvol verwijderd
C:\temp => is succesvol verplaatst
 
=========== "C:\Users\Thijs Kunnen\AppData\Local\Tempzxpsign*" ==========
 
niet gevonden
 
========= Eind -> "C:\Users\Thijs Kunnen\AppData\Local\Tempzxpsign*" ========
 
 
=========== "C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-*.dll" ==========
 
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1024858179097966466.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1056259171498212108.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-109361142290629723.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1119964936764256639.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1153994947180268721.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1154935720704348078.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1203150975946838013.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1218653405750811344.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1253818216239777380.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1313075682478097010.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1341455496930928052.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1359472621790182163.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1396326907247899214.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1408817802155782033.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-142175696449835238.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1422818280637322172.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1441800796722815291.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1455371449508616982.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1465207897986179503.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1556026838502938173.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1574773652911276278.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1594515343355694381.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1716120276081641127.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1758405021334285627.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-179274839172599586.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1793271751992239332.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-181603947334125541.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1868240636794866125.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-187231497779951831.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-190551898974783744.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1944162191646994852.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1981480734744416539.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-202893643065591589.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2104110236569057618.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2112728843752229573.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2123323048231162476.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2125826270360036955.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2136379269616686191.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2138948389255884264.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-214401966199503225.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2144939408528283168.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2156301260778345143.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-21639184730095087.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2222990590680470943.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2256130080416359399.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2261316965800810284.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2330496439188178903.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-236039356637307102.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-238104828196229257.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2385773458369775807.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2470932861674457590.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2487510183012370914.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2500467139338601600.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2558790284789429829.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2706489549782575395.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2743424994991869440.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2750511475988636035.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2754247234685802834.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2796418549043722207.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-279946876276248016.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2808244277262742966.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2814632839653541859.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2816017460043836241.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-282482640039837353.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-282565144499230522.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2862690654244551806.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2899361110594090807.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2921211137530041078.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2987944343176746484.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-2997101881333782285.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3043706475809216544.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3080710490690200950.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3132390709354011634.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3139742695252501366.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3162373370270804439.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3176056035593157494.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-323447753293690367.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3329178605680227909.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3352963351375036560.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3356807373070206495.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3420874439877545987.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-355275264355275108.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-356682630819176641.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3608100389030091877.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-362838362914770500.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3667743136124631702.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3707788366260634998.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3722615855729167858.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3731641954146476169.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-378886150417716547.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3796351785874351981.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3802477672121960432.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3844689740740763312.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3885826931002694116.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3896028016045457911.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3902106025186228641.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3946019185502056141.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4039907012436700977.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4040711377484194815.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4066017000710529911.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-411620847291184326.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4118594033157547905.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4127931928972901683.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4128799342131630171.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4135393015436485754.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4135835270096518832.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4204195439307670776.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4244356034811070794.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4251870753370780128.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4263715581784068110.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4275845493995298768.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4284479128993837317.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4298283730621858181.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4323592626487186874.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4327692922190311256.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4341252691919866025.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4368265884594164611.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4431417125570305440.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4451412788980248257.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4453858006563868925.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4532378281976842037.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4602226765751744822.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4636205131580607595.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4648592926937325546.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4685772788517383734.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-468793786640573081.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4689191598753557047.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4728330903199509020.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4749076172729522312.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4757589914908405449.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4847735235781290857.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4854112224820959448.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4947670632238760780.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4949123545157557590.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5041199373695860023.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5063912266370647955.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5097037107009015319.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5285368364745515991.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5307033980441093708.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-531638357900586272.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5320347357682973824.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-534180853457185867.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5345800358531051529.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5357553593276552971.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5370969176379983652.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5390860098464992426.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5433651295754448926.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5447757887701867404.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5471143975356598112.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5491674504929096792.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5493782098897861484.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5528008974033001893.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5529436756420769443.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5539251299124857127.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5570812213573493161.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5579635300919274205.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5621010458554672443.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5629138839683594670.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5657821621769542759.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5662752781730974619.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5668557837051513386.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5711930784121158421.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5777367239697933187.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5790767619904638384.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5808521891873963636.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5841369380950577826.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5887185877186359169.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5892966385371930592.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5898247643661971561.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5925725445842076552.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-5960436894559104145.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6014470610420003853.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6129666438079654851.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6140640553875699105.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6167227583329973744.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6179246358957643043.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6192084607460393068.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6201005658214969443.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6229714869829945715.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6243632823376550734.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-627914192238606671.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-629396921507323339.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6347111690280129408.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6350459087849194517.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6393054739051930666.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6405204197577805716.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-641369215374571947.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-644031313359856713.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6501158932308706608.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6512948689531661160.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6541062917877243795.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6554104789732262438.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6561554798126027416.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6647482243389339886.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6647638947958316504.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6736629758404904177.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6759386640408725197.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6869596595359696995.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6886736173365710258.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6896630348475243782.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6927058961964731677.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-6960964668096929841.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7110111585133307866.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7176725925913345070.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7237294905982919889.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7270741023914894902.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7288404624778424871.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7304793194370341973.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7322232506821301647.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7358494023324763251.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7369700457096613537.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7379894119145463843.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7396629272927152659.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7430571473225054324.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7477147790447052424.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7486003136659204790.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7533073422796876255.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-75579209469334213.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7559731812535184322.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-760745474361905272.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7702944775594214096.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7703913698587856254.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7863928125768203541.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7866965847329612401.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7932072589799087906.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8015035411274941904.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8035491977274179694.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8041579286073912929.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8048229940238774443.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8068025283616854570.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8080304186027505619.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8105514863345459994.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8115310035151835706.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8140326124817373584.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8170560439709383387.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-821360134704120453.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8220305317936899059.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8246831673562984283.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-825027463175585160.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8282233136371791515.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8295163586009299791.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8303818689808809946.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8305536396663004467.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8320805441872005379.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8371707275115157990.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8386117919286292063.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8390076195715987045.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8397027774371978563.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8439633242074034478.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8449428839751201820.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8452060265522356120.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8469687622611137934.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8472855528276394093.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8488903703364531377.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8526948742687316897.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8528634618240590359.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8562707623212837131.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8611949398122605496.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8631456223310236156.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8662573265084596314.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8676924965136303381.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8718113783181589484.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8722704927742836255.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8733339855383146155.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8824222531925624418.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8873270091301078337.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8879153988516787052.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8884679295087457753.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8940208940213692421.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8944388474581289408.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8965971752756440362.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-8978192251620830367.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-9001258859200743008.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-9003900261777081149.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-9113817294677515636.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-9120862464548512050.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-9126522183094533212.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-9169883314644259442.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-991923234418148912.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-1638853041651628319.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-20395376811204567.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-2809487025956321635.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-383065305552235253.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-4750282254665327749.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-489037025048791823.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-4946222652921715005.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-5314687074083864537.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-567800032372431578.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-5894423739501552216.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-6275279187011129909.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-6390502126297800669.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-6738531066627777197.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-7122680479177545094.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-7206561830825002053.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-7926919089325477681.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-8987995121683432790.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-596221b-9a1fc1e-979241800246590628.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-6016ac7-10c10b3-2321613839018971263.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-6016ac7-10c10b3-6730404563395642248.dll => is succesvol verplaatst
C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-6016ac7-10c10b3-739736214400642741.dll => is succesvol verplaatst
 
========= Eind -> "C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-*.dll" ========
 
 
=========== "C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-*.dll" ==========
 
niet gevonden
 
========= Eind -> "C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-git-Spigot-*.dll" ========
 
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-ADC032867DCB} => sleutel is succesvol verwijderd
 
========= netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= Eind van CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Toegang geweigerd.
 
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.
 
 
========= Eind van CMD: =========
 
 
========= netsh advfirewall reset =========
 
Ok.
 
 
========= Eind van CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= Eind van CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= Eind van CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= Eind van CMD: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => waarde is succesvol verwijderd
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => waarde is succesvol verwijderd
 
 
========= Eind van RemoveProxy: =========
 
C:\Windows\System32\Drivers\etc\hosts => is succesvol verplaatst
Hosts met succes hersteld.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 762478656 B
Java, Flash, Steam htmlcache => 115514954 B
Windows/system/drivers => 250401601 B
Edge => 142651868 B
Chrome => 478980184 B
Firefox => 198615200 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 51352 B
NetworkService => 484738 B
defaultuser0 => 0 B
Thijs Kunnen => 94238268156 B
thijs => 0 B
 
RecycleBin => 2181936167 B
EmptyTemp: => 91.6 GB tijdelijke gegevens verwijderd.
 
================================
 
 
Het systeem moest herstart worden.
 

 

==== Eind van Fixlog 09:40:32 ====


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:42 AM

Posted 19 November 2017 - 10:09 AM

Greetings.

Glad to hear, however we are not quite through yet.

Please do these things.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Review the list of entries and if there are any you want to keep stop and copy/paste the ESET.txt report in your reply for my review
  • If you do not wish to keep any of the entries check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

Security Analysis by Rocket Grannie

--------------------
  • Please download Security Analysis by Rocket Grannie and save it to your Desktop
  • Right click on the icon and select Run as admnistrator
  • Click OK on the disclaimer and ignore any security warnings that may appear
  • In your reply, please copy and paste the contents of the Notepad document that will appear on your desktop
===================================================

Right click on FRST64, select Rename, then rename it to FRST64English. Run another scan and post both reports in your reply. If the content is too long use multiple replies.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Analysis log
  • FRST.txt
  • Addition.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Thijsk1

Thijsk1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:11:42 AM

Posted 20 November 2017 - 03:48 PM

Done, here are the files:

 

ESET log

C:\OEM\Preload\APP\PCMANAGER\qqpcmgr_v10.5.15785.701_130175_Silence.exe a variant of Win32/Tencent.A potentially unwanted application cleaned by deleting
C:\Program Files (x86)\Windows Live\Photo Gallery\WinMovieMaker.exe a variant of Win32/Hoax.MovieMaker.A application cleaned by deleting
 

Secutity Analysis log

Result of Security Analysis by Rocket Grannie (x86) Updated: 18th Novemeber, 2017

Running from:C:\Users\Thijs Kunnen\Desktop (21:43:03 - 11/20/2017)
***---------------------------------------------------------***
Microsoft Windows 10 Education X64
UAC is Enabled
Internet Explorer 11
Default Browser: Google Chrome
***------------Antivirus - Antispyware - Firewall-----------***
Windows Defender (Disabled - up to Date)
AVG Antivirus (Disabled - up to Date)
Windows Defender (Disabled - up to Date)
AVG Antivirus (Disabled - up to Date)
Windows Firewall (Enabled)
No other Firewall Installed
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI (27.0.0.187)
Google Chrome (62.0.3202.94)
Java (8.0.1510.12)
SUPERAntiSpyware (6.0.1250)
 
***----------------Analysis Complete-------------------------***
 
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-11-2017
Ran by Thijs Kunnen (administrator) on DESKTOP-OF12HVT (20-11-2017 21:43:53)
Running from C:\Users\Thijs Kunnen\Desktop
Loaded Profiles: Thijs Kunnen (Available Profiles: defaultuser0 & Thijs Kunnen & thijs)
Platform: Windows 10 Education Version 1703 15063.726 (X64) Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Windows ® Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer Inc) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Electronic Arts) D:\Games\Origin\OriginWebHelperService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxEM.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Thijs Kunnen\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Rainmeter) C:\Rainmeter\Rainmeter.exe
(Adobe Systems Inc.) D:\Creative Cloud\Acrobat DC\Acrobat\acrotray.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated.) D:\Creative Cloud\Acrobat DC\Acrobat\acrodist.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer, Inc.) C:\Users\Thijs Kunnen\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Farbar) C:\Users\Thijs Kunnen\Desktop\FRST64English.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16704512 2016-11-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1471488 2016-11-08] (Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17718904 2017-06-07] (Logitech Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-10-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [302744 2017-11-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Creative Cloud\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596664 2017-08-30] (Razer Inc.)
HKLM-x32\...\Run: [Kraken71ChromaHelper] => C:\Program Files (x86)\Razer\Razer_Kraken71Chroma_Driver\Drivers\SysAudio\Kraken71ChromaHelper.exe [1600096 2017-02-14] (Razer Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Run: [Adobe Acrobat Synchronizer] => D:\Creative Cloud\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-11-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [638592 2017-07-14] ()
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Run: [GoogleChromeAutoLaunch_F39BA47E643B849088DE4AE29C1A792A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Run: [Spotify Web Helper] => C:\Users\Thijs Kunnen\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-09] (Spotify Ltd)
SSODL: EldosMountNotificator-cbfs6 - {15A2FC38-7185-4CEA-BD60-31D00D741A55} - C:\WINDOWS\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {15A2FC38-7185-4CEA-BD60-31D00D741A55} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
Startup: C:\Users\Thijs Kunnen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2017-09-09]
ShortcutTarget: DS4Windows.lnk -> C:\Users\Thijs Kunnen\AppData\Local\Temp\Temp2_DS4Windows.zip\DS4Windows.exe (No File)
Startup: C:\Users\Thijs Kunnen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2017-06-18]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Thijs Kunnen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-08-02]
ShortcutTarget: Rainmeter.lnk -> C:\Rainmeter\Rainmeter.exe (Rainmeter)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{72537704-24ff-497c-b565-0672480cfbf7}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{a5e7cc5a-784c-452d-b96e-4e462ec865cf}: [DhcpNameServer] 10.1.64.1 10.2.64.1
Tcpip\..\Interfaces\{d00d4521-2d3c-4406-8bef-ebd436d077a2}: [DhcpNameServer] 208.67.222.222 208.67.220.220
Tcpip\..\Interfaces\{f9dc0c83-52c9-413e-b641-8d56d18a4919}: [DhcpNameServer] 192.168.100.254 195.130.130.2 195.130.131.2
 
Internet Explorer:
==================
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-17] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-02] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-02] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-10-20] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-09-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-06] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-06] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: iw75l34l.default
FF ProfilePath: C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default [2017-11-19]
FF Extension: (العربية Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-ar@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Английски (САЩ) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-bg@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Dansk (da) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-da@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Ελληνικά Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-el@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (English (US) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Español (España) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Estonian Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-et@firefox.mozilla.org.xpi [2017-08-03] [Lagacy]
FF Extension: (Finnish Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-fi@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Français Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Hebrew (IL) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-he@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Magyar (HU) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-hu@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Italiano (IT) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-it@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Japanese Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-ja@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Korean (KR) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-ko@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Lietuvių Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-lt@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Norsk bokmål (NO) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-nb-NO@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Nederlands (NL) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-nl@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Polski Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-pl@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Português (pt-BR) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Português (Portugal) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-pt-PT@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Russian (RU) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-ru@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Slovenski jezik Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-sl@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (српски (sr) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-sr@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Svenska (SE) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-sv-SE@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (ไทย Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-th@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Türkçe (TR) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-tr@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Ukrainian (UA) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-uk@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-zh-CN@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2017-11-03] [Lagacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Thijs Kunnen\AppData\Roaming\Mozilla\Firefox\Profiles\iw75l34l.default\Extensions\partnerdefaults@mozilla.com [2017-08-02] [Lagacy]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - D:\Creative Cloud\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - D:\Creative Cloud\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-04]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - D:\Creative Cloud\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-02] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> D:\Creative Cloud\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default [2017-11-20]
CHR Extension: (Presentaties) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-01]
CHR Extension: (Documenten) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-01]
CHR Extension: (Google Drive) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-01]
CHR Extension: (YouTube) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-01]
CHR Extension: (Adblock Plus) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-11-01]
CHR Extension: (Spreadsheets) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-01]
CHR Extension: (Offline Documenten) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-01]
CHR Extension: (DotVPN — a better way to VPN) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2017-11-06]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-01]
CHR Extension: (Gmail) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Thijs Kunnen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-17]
CHR HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [282536 2017-11-11] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7600584 2017-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-10-31] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-05-21] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278616 2017-03-20] (Acer Incorporated)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063656 2017-11-02] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [303544 2015-08-01] (CyberLink)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [154816 2016-07-18] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [382504 2017-08-05] (EasyAntiCheat Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [54192 2017-11-15] (AnchorFree Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] ()
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26608 2016-07-12] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-06-07] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-06] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-10-11] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72832 2017-07-14] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72832 2017-07-14] (The OpenVPN Project)
S3 Origin Client Service; D:\Games\Origin\OriginClientService.exe [2123104 2017-11-02] (Electronic Arts)
R2 Origin Web Helper Service; D:\Games\Origin\OriginWebHelperService.exe [3002728 2017-11-02] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-11-12] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75064 2017-06-15] ()
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-05] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-05] (Acer Incorporated)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-08-07] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [179840 2017-08-07] (Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-08-12] (Razer Inc)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-19] ()
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [176880 2017-11-11] ()
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532352 2017-11-07] (Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [502144 2017-11-13] (Razer Inc.)
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2016-11-04] (Razer Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1770136 2015-08-04] (Intel Corporation)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2017-11-14] (AnchorFree Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [176000 2017-11-11] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166624 2017-11-11] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [314640 2017-11-11] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192584 2017-11-11] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336896 2017-11-11] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51336 2017-11-11] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39424 2017-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [140704 2017-11-11] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102792 2017-11-11] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76832 2017-11-11] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1018648 2017-11-11] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [447800 2017-11-15] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [196392 2017-11-11] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [356880 2017-11-11] (AVG Technologies CZ, s.r.o.)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-21] (/n software, Inc.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 IntcDMic; C:\WINDOWS\system32\DRIVERS\IntcDMic.sys [607344 2016-08-18] (Intel® Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-06-07] (Logitech Inc.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-09-05] (Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvlddmkm.sys [16923064 2017-10-07] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
U5 NvStUSB; C:\Windows\System32\Drivers\NvStUSB.sys [486976 2016-09-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-09-05] (Acer Incorporated)
S3 RazerHX; C:\WINDOWS\System32\drivers\RazerHX.sys [74256 2016-02-15] (Razer Inc)
S3 RAZERSEIREN; C:\WINDOWS\system32\DRIVERS\SEIREN.sys [3806920 2015-07-13] (Razer Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51736 2016-06-23] (Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36368 2016-06-23] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [45752 2017-07-19] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [139704 2017-07-18] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows ® Win 7 DDK provider)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [43544 2016-06-23] (Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [43544 2016-06-23] (Razer Inc)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 sparkocam; C:\WINDOWS\system32\DRIVERS\sparkocam.sys [37200 2016-09-01] (Sparkosoft)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] ()
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] ()
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [47784 2015-07-29] (Synaptics Incorporated)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-04-26] (Anchorfree Inc.)
S3 usbaudio2; C:\WINDOWS\system32\DRIVERS\usbaudio2.sys [225792 2017-03-18] (Microsoft Corporation)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-09-21] (/n software, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-11-11] (Zemana Ltd.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-20 21:43 - 2017-11-20 21:44 - 000043274 _____ C:\Users\Thijs Kunnen\Desktop\FRST.txt
2017-11-20 21:43 - 2017-11-20 21:43 - 000000858 _____ C:\Users\Thijs Kunnen\Desktop\SALog.txt
2017-11-20 21:43 - 2017-11-20 21:43 - 000000000 ____D C:\Users\Thijs Kunnen\Desktop\FRST-OlderVersion
2017-11-20 21:40 - 2017-11-20 21:40 - 000899584 _____ C:\Users\Thijs Kunnen\Desktop\RGSA.exe
2017-11-20 21:39 - 2017-11-20 21:39 - 000000588 _____ C:\Users\Thijs Kunnen\Desktop\ESET.txt
2017-11-20 16:53 - 2017-11-20 16:53 - 002870984 _____ (ESET) C:\Users\Thijs Kunnen\Downloads\esetsmartinstaller_enu.exe
2017-11-20 16:53 - 2017-11-20 16:53 - 000000000 ____D C:\Program Files (x86)\ESET
2017-11-20 16:52 - 2017-11-20 16:52 - 000000000 ___HD C:\OneDriveTemp
2017-11-19 09:41 - 2017-11-19 09:41 - 000000000 ____D C:\temp
2017-11-19 09:30 - 2017-11-19 09:30 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\LocalLow\uTorrent
2017-11-18 17:33 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-11-18 17:33 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-11-18 17:33 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-11-18 17:33 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-11-18 17:33 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-11-18 17:33 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-11-18 17:33 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-11-18 17:33 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-11-18 17:33 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-11-18 17:33 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-11-18 17:33 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-11-18 17:33 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-11-18 17:33 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-11-18 17:33 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-11-18 17:33 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-11-18 17:33 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-11-18 17:33 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-11-18 17:33 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-11-18 17:33 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-11-18 17:33 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-11-18 17:33 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-11-18 17:33 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-11-18 17:33 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-11-18 17:33 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-11-18 17:33 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-11-18 17:33 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-11-18 17:33 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-11-18 17:33 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-11-18 17:33 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-11-18 17:33 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-11-18 17:33 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-11-18 17:33 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-11-18 17:33 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-11-18 17:33 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-11-18 17:33 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-11-18 17:33 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-11-18 17:33 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-11-18 17:33 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-11-18 17:33 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-11-18 17:33 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-11-18 17:33 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-11-18 17:33 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-11-18 17:33 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-11-18 17:33 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-11-18 17:33 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-11-18 17:33 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-11-18 17:33 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-11-18 17:33 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-11-18 17:33 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-11-18 17:33 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-11-18 17:33 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-11-18 17:33 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-11-18 17:33 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-11-18 17:33 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-11-18 17:33 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-11-18 17:33 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-11-18 17:33 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-11-18 17:33 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-11-18 17:33 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-11-18 17:33 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-11-18 17:33 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-11-18 17:33 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-11-18 17:33 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-11-18 17:33 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-11-18 17:33 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-11-18 17:33 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-11-18 17:33 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-11-18 17:33 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-11-18 17:33 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-11-18 17:33 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-11-18 17:33 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-11-18 17:33 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-11-18 17:33 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-11-18 17:33 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-11-18 17:33 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-11-18 17:33 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-11-18 17:33 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-11-18 17:33 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-11-18 17:33 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-11-18 17:33 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-11-18 17:33 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-11-18 17:33 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-11-18 17:33 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-11-18 17:33 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-11-18 17:33 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-11-18 17:33 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-11-18 17:33 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-11-18 17:33 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-11-18 17:33 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-11-18 17:33 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-11-18 17:33 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-11-18 17:33 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-11-18 17:33 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-11-18 17:33 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-11-18 17:33 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-11-18 17:33 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-11-18 17:33 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-11-18 17:33 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-11-18 17:33 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-11-18 17:33 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-11-18 17:33 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-11-18 17:33 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-11-18 17:33 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-11-18 17:33 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-11-18 17:33 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-11-18 17:33 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-11-18 17:33 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-11-18 17:33 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-11-18 17:33 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-11-18 17:33 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-11-18 17:33 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-11-18 17:33 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-11-18 17:33 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-11-18 17:33 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-11-18 17:33 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-11-18 17:33 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-11-18 17:33 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-11-18 17:33 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-11-18 17:33 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-11-18 17:33 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-11-18 17:33 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-11-18 17:33 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-11-18 17:33 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-11-18 17:33 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-11-18 17:33 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-11-18 17:33 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-11-18 17:33 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-11-18 17:33 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-11-18 17:33 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-11-18 17:33 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-11-18 17:33 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-11-18 17:33 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-11-18 17:33 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-11-18 17:33 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-11-18 17:33 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-11-18 17:33 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-11-18 17:33 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-11-18 17:33 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-11-18 17:33 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-11-18 17:33 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-11-18 17:33 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-11-18 17:33 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-11-18 17:33 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-11-18 17:33 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-11-18 17:33 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-11-18 17:33 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-11-18 17:33 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-11-18 17:33 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-11-18 17:33 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-11-18 17:33 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-11-18 17:33 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-11-18 17:33 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-11-18 17:33 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-11-18 15:59 - 2017-11-20 21:43 - 002391552 _____ (Farbar) C:\Users\Thijs Kunnen\Desktop\FRST64English.exe
2017-11-18 15:59 - 2017-11-20 21:43 - 000000000 ____D C:\FRST
2017-11-18 12:02 - 2017-11-18 12:02 - 000095296 _____ C:\Users\Thijs Kunnen\Downloads\6PM FO GC CM.pdf
2017-11-16 22:14 - 2017-11-16 22:14 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\Unity
2017-11-16 22:14 - 2017-11-16 22:14 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\LocalLow\Unity
2017-11-16 22:14 - 2017-11-16 22:14 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Unity
2017-11-16 22:14 - 2017-11-16 22:14 - 000000000 ____D C:\ProgramData\Unity
2017-11-16 21:19 - 2017-11-16 21:19 - 000001309 _____ C:\Users\Thijs Kunnen\Desktop\qsdf.txt
2017-11-16 20:45 - 2017-11-16 20:45 - 000001145 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2017-11-16 20:45 - 2017-11-16 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2017-11-16 17:44 - 2017-11-16 17:44 - 000000294 _____ C:\Users\Thijs Kunnen\Desktop\FR karakter spreken.txt
2017-11-15 22:30 - 2017-11-15 22:30 - 000001363 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk
2017-11-15 22:30 - 2017-11-15 22:30 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\ServiceHub
2017-11-15 22:29 - 2017-11-15 22:30 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\vstelemetry
2017-11-15 22:29 - 2017-11-15 22:30 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\Visual Studio Setup
2017-11-15 22:29 - 2017-11-15 22:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2017-11-15 22:16 - 2017-11-15 22:16 - 000000000 ____D C:\Program Files (x86)\GtkSharp
2017-11-15 22:13 - 2017-11-15 22:13 - 000000840 _____ C:\Users\Public\Desktop\Unity 2017.2.0f3 (64-bit).lnk
2017-11-15 22:13 - 2017-11-15 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.2.0f3 (64-bit)
2017-11-15 21:56 - 2017-11-15 21:56 - 000736264 _____ C:\Users\Thijs Kunnen\Downloads\UnityDownloadAssistant-2017.2.0f3.exe
2017-11-15 17:39 - 2017-11-15 17:39 - 000809637 _____ C:\Users\Thijs Kunnen\Desktop\pagina 93.pdf
2017-11-15 17:39 - 2017-11-15 17:39 - 000797526 _____ C:\Users\Thijs Kunnen\Desktop\pagina 92.pdf
2017-11-15 17:37 - 2017-11-15 17:38 - 000854236 _____ C:\Users\Thijs Kunnen\Desktop\pagina 91.pdf
2017-11-15 17:37 - 2017-11-15 17:37 - 001087737 _____ C:\Users\Thijs Kunnen\Desktop\pagina 89.pdf
2017-11-14 20:14 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-14 20:14 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-14 20:14 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-14 20:14 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-14 20:14 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-14 20:14 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-14 20:14 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-14 20:14 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-14 20:14 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-14 20:14 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-14 20:14 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-14 20:14 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-14 20:14 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-14 20:14 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-14 20:14 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-14 20:14 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-14 20:14 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-14 20:14 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-14 20:14 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-14 20:14 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-14 20:14 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-14 20:14 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-14 20:14 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-14 20:14 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-14 20:14 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-14 20:14 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-14 20:14 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-14 20:14 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-14 20:14 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-14 20:14 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-14 20:14 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-14 20:14 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-14 20:14 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-14 20:14 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-14 20:14 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-14 20:14 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-14 20:14 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-14 20:14 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-14 20:14 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-14 20:14 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-14 20:14 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-14 20:14 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-14 20:14 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-14 20:14 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-14 20:14 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-14 20:14 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-14 20:14 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-14 20:14 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-14 20:14 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-14 20:14 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-14 20:14 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-14 20:14 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-14 20:14 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-14 20:14 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-14 20:14 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-14 20:14 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-14 20:14 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-14 20:14 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-14 20:14 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-14 20:14 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-14 20:14 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-14 20:14 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-14 20:14 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-14 20:14 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-14 20:14 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-14 20:14 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-14 20:14 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-14 20:14 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-14 20:14 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-14 20:14 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-14 20:14 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-14 20:14 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-14 20:14 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-14 20:14 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-14 20:14 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-14 20:14 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-14 20:14 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-14 20:14 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-14 20:14 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-14 20:14 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-14 20:14 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-14 20:14 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-14 20:14 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-14 20:13 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-14 20:13 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-14 20:13 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-14 20:13 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-14 20:13 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-14 20:13 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-14 20:13 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-14 20:13 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-14 20:13 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-14 20:13 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-14 20:13 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-14 20:13 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-14 20:13 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-14 20:13 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-14 20:13 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-14 20:13 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-14 20:13 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-14 20:13 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-14 20:13 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-14 20:13 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-14 20:13 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-14 20:13 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-14 20:13 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-14 20:13 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-14 20:13 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-14 20:13 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-14 20:13 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-14 20:13 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-14 20:13 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-14 20:13 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-14 20:13 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-14 20:13 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-14 20:13 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-14 20:13 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-14 20:13 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-14 20:13 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-14 20:13 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-14 20:13 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-14 20:13 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-14 20:13 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-14 20:13 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-14 20:13 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-14 20:13 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-14 20:13 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-14 20:13 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-14 20:13 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-14 20:13 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-14 20:13 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-14 20:13 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-14 20:13 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-14 20:13 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-14 20:13 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-14 20:13 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-14 20:13 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-14 20:13 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-14 20:13 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-14 20:13 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-14 20:13 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-14 20:13 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-14 20:13 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-14 20:13 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-14 20:13 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-14 20:13 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-14 20:13 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-14 20:13 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-14 20:13 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-14 20:13 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-14 20:13 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-14 20:13 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-14 20:13 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-14 20:13 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-14 20:13 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-14 20:13 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-14 20:13 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-14 20:13 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-14 20:13 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-14 20:13 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-14 20:13 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-14 20:13 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-14 20:13 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-14 20:13 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-14 20:13 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-14 20:13 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-14 20:13 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-14 20:13 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-14 20:13 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-14 20:13 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-14 20:13 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-14 20:13 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-14 20:13 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-14 20:13 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-14 20:13 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-14 20:13 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-14 20:13 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-14 20:13 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-14 20:13 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-14 20:13 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-14 20:13 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-14 20:13 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-14 20:13 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-14 20:13 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-14 20:13 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-14 20:13 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-14 20:13 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-14 20:13 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-14 20:13 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-14 20:13 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-14 20:13 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-14 20:13 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-14 20:13 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-14 20:13 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-14 20:13 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-14 20:13 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-14 20:13 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-14 20:13 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-14 20:13 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-14 19:18 - 2017-11-14 19:18 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Introversion
2017-11-14 19:01 - 2017-11-14 19:01 - 000000874 _____ C:\Users\Thijs Kunnen\Desktop\mail bedrijfsbezoek.txt
2017-11-13 21:30 - 2017-11-13 21:30 - 000021913 _____ C:\Users\Thijs Kunnen\Downloads\Toren.schematic
2017-11-13 21:20 - 2017-11-13 21:20 - 000000000 ____D C:\Users\Thijs Kunnen\Desktop\elytra
2017-11-13 21:19 - 2017-11-13 21:19 - 000004795 _____ C:\Users\Thijs Kunnen\Downloads\Angel Wings.zip
2017-11-13 17:15 - 2017-11-13 17:15 - 000000418 _____ C:\Users\Thijs Kunnen\index.php
2017-11-13 16:46 - 2017-11-13 16:46 - 000000000 ____D C:\ProgramData\Apple
2017-11-13 16:46 - 2017-11-13 16:46 - 000000000 ____D C:\Program Files\Bonjour
2017-11-13 16:46 - 2017-11-13 16:46 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-11-11 22:19 - 2017-11-11 22:19 - 000000042 _____ C:\Users\Thijs Kunnen\AppData\Roaming\TheHunterSettings_steam_live.cfg
2017-11-11 21:57 - 2017-11-11 21:57 - 000000000 ____D C:\Users\Thijs Kunnen\Documents\theHunter
2017-11-11 21:57 - 2017-11-11 21:57 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\theHunter
2017-11-11 21:57 - 2017-11-11 21:57 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\theHunter
2017-11-11 21:21 - 2017-11-11 22:28 - 000000096 _____ C:\Users\Thijs Kunnen\AppData\Roaming\LauncherSettings_live.cfg
2017-11-11 21:19 - 2017-11-11 21:19 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\theHunterSteam
2017-11-11 21:19 - 2017-11-11 21:19 - 000000000 ____D C:\ProgramData\Hunter
2017-11-11 19:15 - 2017-11-11 19:15 - 000120173 _____ C:\Users\Thijs Kunnen\Downloads\oakheart-castle-210670073.schematic
2017-11-11 17:58 - 2017-11-11 17:58 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\11bitstudios
2017-11-11 10:31 - 2017-11-11 10:31 - 000309586 _____ C:\Users\Thijs Kunnen\Downloads\_HTML5 Canvas.fla
2017-11-11 10:05 - 2017-11-11 10:05 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\AVG
2017-11-11 10:04 - 2017-11-20 21:44 - 000222823 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-11-11 10:04 - 2017-11-15 17:43 - 000447800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-11-11 10:04 - 2017-11-14 16:35 - 000004282 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-11-11 10:04 - 2017-11-13 16:43 - 000000000 ____D C:\Program Files (x86)\MalwareFox AntiMalware
2017-11-11 10:04 - 2017-11-11 14:47 - 000996543 _____ C:\WINDOWS\ZAM.krnl.trace
2017-11-11 10:04 - 2017-11-11 10:04 - 001018648 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000366288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-11-11 10:04 - 2017-11-11 10:04 - 000356880 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000336896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000314640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000196392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000192584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000176000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000140704 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-11-11 10:04 - 2017-11-11 10:04 - 000002133 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2017-11-11 10:04 - 2017-11-11 10:04 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Zemana
2017-11-11 10:04 - 2017-11-11 10:04 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Wolf of Webstreet OPC Private Limited
2017-11-11 10:03 - 2017-11-11 10:03 - 005747600 _____ (Zemana Ltd. ) C:\Users\Thijs Kunnen\Downloads\setup.exe
2017-11-11 10:03 - 2017-11-11 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-11-11 10:02 - 2017-11-20 17:05 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-11 10:02 - 2017-11-11 10:03 - 000000000 ____D C:\Program Files (x86)\AVG
2017-11-11 09:58 - 2017-11-11 15:11 - 000000000 ____D C:\ProgramData\Avg
2017-11-11 09:58 - 2017-11-11 10:05 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Avg
2017-11-11 09:58 - 2017-11-11 10:03 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\AvgSetupLog
2017-11-11 09:58 - 2017-11-11 09:58 - 003449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Thijs Kunnen\Downloads\AVG_Protection_Free_1606.exe
2017-11-10 18:29 - 2017-11-10 18:29 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\LocalLow\Unknown Worlds
2017-11-09 21:40 - 2017-11-09 21:41 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\LogIt
2017-11-09 21:39 - 2017-11-09 21:39 - 096843557 _____ C:\Users\Thijs Kunnen\Downloads\HEMMIT_MF_f82af (1).7z
2017-11-09 21:39 - 2017-11-09 21:39 - 001874428 _____ (World Of Trucks Database) C:\Users\Thijs Kunnen\Downloads\Logit_Installer (2).exe
2017-11-09 21:38 - 2017-11-09 22:09 - 159126304 _____ C:\Users\Thijs Kunnen\Downloads\Kraz_255.scs
2017-11-09 20:38 - 2017-11-09 20:38 - 004550511 _____ C:\Users\Thijs Kunnen\Downloads\2017-11-03-1.log.gz
2017-11-09 20:31 - 2017-11-09 20:31 - 000202216 _____ C:\Users\Thijs Kunnen\Downloads\2017-11-09-1.log.gz
2017-11-09 19:53 - 2017-11-09 19:55 - 226316122 _____ C:\Users\Thijs Kunnen\Downloads\military_cargo_pack_by_Jazzycat_v2.4.7z
2017-11-09 19:50 - 2017-11-09 19:53 - 038149676 _____ C:\Users\Thijs Kunnen\Downloads\HEMMIT_MF_f82af.7z
2017-11-09 19:40 - 2017-11-09 19:41 - 000014292 _____ C:\Users\Thijs Kunnen\Downloads\MZKT-742910_VOLAT_v3.0__1.25-_1.27__MF_b13d7.7z
2017-11-09 19:35 - 2017-11-09 19:36 - 047275181 _____ C:\Users\Thijs Kunnen\Downloads\Great_Poland_v_1.2.1.scs
2017-11-09 17:11 - 2017-11-09 17:11 - 007916104 _____ (Tim Kosse) C:\Users\Thijs Kunnen\Downloads\FileZilla_3.29.0_win64-setup.exe
2017-11-08 20:42 - 2017-11-08 20:44 - 001874439 _____ (World Of Trucks Database) C:\Users\Thijs Kunnen\Downloads\Logit_Installer (1).exe
2017-11-07 16:43 - 2017-11-19 09:24 - 000001562 _____ C:\Users\Public\Desktop\Razer Synapse.lnk
2017-11-06 19:17 - 2017-11-06 19:17 - 000005269 _____ C:\Users\Thijs Kunnen\Downloads\thijs.zip
2017-11-05 19:14 - 2017-11-05 19:14 - 000589985 _____ C:\Users\Thijs Kunnen\Downloads\Debat 19 okt 17.pdf
2017-11-04 15:20 - 2017-11-04 15:20 - 000024706 _____ C:\Users\Thijs Kunnen\Downloads\PMCVenomContest.schematic
2017-11-04 14:30 - 2017-11-04 14:31 - 000018412 _____ C:\Users\Thijs Kunnen\Downloads\MinecraftCapes Forge 1.11.2.jar
2017-11-04 13:45 - 2017-11-04 13:45 - 000111686 _____ C:\Users\Thijs Kunnen\Downloads\Spigot-CommandSigns.jar
2017-11-04 13:16 - 2017-11-04 13:16 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Notepad++
2017-11-04 13:16 - 2017-11-04 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-11-04 13:15 - 2017-11-04 13:15 - 000268820 _____ C:\Users\Thijs Kunnen\Downloads\AdvancedAchievements.jar
2017-11-03 17:34 - 2017-11-03 17:34 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Macromedia
2017-11-03 17:23 - 2017-11-03 17:23 - 003857730 _____ C:\Users\Thijs Kunnen\Downloads\S.L.U.T. Academy 0.3.2a.zip
2017-11-03 11:44 - 2017-11-03 11:44 - 000760108 _____ C:\Users\Thijs Kunnen\Downloads\Klas_NaamV_kalender.pdf
2017-11-01 14:07 - 2017-11-01 14:07 - 000000894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2018.lnk
2017-11-01 14:01 - 2017-11-01 14:01 - 000000810 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Animate CC 2018.lnk
2017-11-01 12:52 - 2017-11-01 12:52 - 000009641 _____ C:\Users\Thijs Kunnen\Downloads\leden.xlsx
2017-11-01 11:59 - 2017-11-01 11:59 - 003927048 _____ C:\Users\Thijs Kunnen\Downloads\RazerSynapseInstaller_V1.0.55.72.exe
2017-11-01 11:56 - 2017-11-01 11:56 - 014605768 _____ (HTC Corp.) C:\Users\Thijs Kunnen\Downloads\ViveCheck.exe
2017-11-01 11:23 - 2017-11-03 11:53 - 000000000 ____D C:\Users\Thijs Kunnen\Downloads\te verwijderen
2017-11-01 09:46 - 2017-11-14 21:51 - 000002296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-01 09:45 - 2017-11-15 17:36 - 000003574 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-01 09:45 - 2017-11-15 17:36 - 000003450 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-10-28 10:22 - 2017-11-18 15:35 - 000000000 ____D C:\AdwCleaner
2017-10-28 10:22 - 2017-10-28 10:22 - 008261584 _____ (Malwarebytes) C:\Users\Thijs Kunnen\Downloads\adwcleaner_7.0.4.0.exe
2017-10-28 09:09 - 2017-10-28 09:09 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\SUPERAntiSpyware.com
2017-10-28 09:09 - 2017-10-28 09:09 - 000000000 ____D C:\SUPERDelete
2017-10-28 09:08 - 2017-10-28 09:39 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2017-10-28 09:08 - 2017-10-28 09:08 - 000001853 _____ C:\Users\Thijs Kunnen\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-10-28 09:08 - 2017-10-28 09:08 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-10-28 09:08 - 2017-10-28 09:08 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-10-28 09:07 - 2017-10-28 09:07 - 030862368 _____ (SUPERAntiSpyware) C:\Users\Thijs Kunnen\Downloads\SUPERAntiSpyware.exe
2017-10-26 15:57 - 2017-10-26 15:59 - 135070249 _____ C:\Users\Thijs Kunnen\Downloads\ETS2 Studio 0-7-0-1.zip
2017-10-26 15:31 - 2017-10-26 15:32 - 037781568 _____ C:\Users\Thijs Kunnen\Downloads\Templates_All_Trucks.rar
2017-10-26 15:19 - 2017-10-26 15:19 - 000006601 _____ C:\Users\Thijs Kunnen\Downloads\Staff evaluatie (Reacties).xlsx
2017-10-25 17:42 - 2017-10-25 17:42 - 000002963 _____ C:\Users\Thijs Kunnen\Downloads\Verschijnselexamen.csv
2017-10-22 18:48 - 2017-10-22 18:48 - 006345113 _____ (World Of Trucks Database) C:\Users\Thijs Kunnen\Downloads\Logit_Installer.exe
2017-10-22 10:19 - 2017-10-22 10:19 - 023407451 _____ C:\Users\Thijs Kunnen\Downloads\sketch.zip
2017-10-22 09:54 - 2017-10-22 09:54 - 000000000 ____D C:\Users\Thijs Kunnen\Downloads\Dreamworld
2017-10-22 09:53 - 2017-11-06 19:16 - 000000000 ____D C:\Users\Thijs Kunnen\Downloads\VPN
2017-10-22 09:51 - 2017-10-22 09:51 - 000044111 _____ C:\Users\Thijs Kunnen\Downloads\Opdracht GIP voor het vak Engels - Google Documenten.pdf
2017-10-21 17:05 - 2017-10-21 17:05 - 000000000 ____D C:\Users\Thijs Kunnen\Documents\mirage
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-11-20 21:38 - 2017-05-09 20:51 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Ubisoft Game Launcher
2017-11-20 21:28 - 2017-05-28 17:50 - 000000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt
2017-11-20 21:03 - 2017-06-17 08:56 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-11-20 19:35 - 2017-05-24 10:28 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Spotify
2017-11-20 19:32 - 2017-05-24 10:27 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\Spotify
2017-11-20 19:01 - 2017-06-05 08:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-20 18:53 - 2017-05-09 18:46 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\.minecraft
2017-11-20 18:51 - 2017-06-05 08:58 - 000000000 ____D C:\Users\Thijs Kunnen
2017-11-20 17:43 - 2017-06-05 14:56 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4FE89DCA-78BB-4C9E-809B-34C886A0EDF4}
2017-11-20 17:21 - 2017-05-11 17:47 - 000000033 _____ C:\Users\Thijs Kunnen\AppData\Roaming\AdobeWLCMCache.dat
2017-11-20 16:57 - 2017-06-05 09:08 - 007914340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-20 16:57 - 2017-03-20 04:57 - 003958162 _____ C:\WINDOWS\system32\perfh013.dat
2017-11-20 16:57 - 2017-03-20 04:57 - 001094986 _____ C:\WINDOWS\system32\perfc013.dat
2017-11-20 16:54 - 2017-06-05 08:57 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-20 16:54 - 2017-05-10 19:49 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Adobe
2017-11-20 16:54 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-20 16:54 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-20 16:52 - 2017-05-09 17:55 - 000000000 ___RD C:\Users\Thijs Kunnen\OneDrive
2017-11-20 16:51 - 2017-06-05 09:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-20 16:51 - 2017-05-11 17:47 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\CrashDumps
2017-11-20 16:51 - 2017-05-09 17:53 - 000000000 __SHD C:\Users\Thijs Kunnen\IntelGraphicsProfiles
2017-11-20 16:51 - 2016-03-08 20:45 - 000190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2017-11-19 21:59 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-19 09:35 - 2017-06-02 12:37 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\LocalLow\Temp
2017-11-19 09:24 - 2017-05-09 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2017-11-19 09:23 - 2017-09-08 19:02 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\DS4Windows
2017-11-18 22:53 - 2017-05-09 19:20 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\FileZilla
2017-11-18 17:34 - 2017-05-09 19:57 - 000000000 ____D C:\Users\Thijs Kunnen\Documents\My Games
2017-11-18 15:26 - 2017-05-09 17:55 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\Skype
2017-11-17 23:08 - 2017-06-05 09:04 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-17 23:08 - 2017-05-24 10:12 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2017-11-17 23:08 - 2017-05-24 10:12 - 000001730 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2017-11-17 18:49 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-17 18:48 - 2017-05-09 19:18 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-17 18:39 - 2017-06-05 08:57 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-16 22:16 - 2017-06-15 13:41 - 000215128 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2017-11-16 22:16 - 2017-06-15 13:40 - 000215128 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2017-11-16 21:21 - 2017-05-10 20:20 - 000000665 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-11-16 20:45 - 2017-05-09 18:10 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2017-11-16 20:45 - 2016-03-08 20:16 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-16 20:44 - 2017-05-09 18:09 - 000000000 ____D C:\ProgramData\Hotspot Shield
2017-11-16 20:02 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-16 17:39 - 2017-06-05 09:04 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 09:04 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 09:04 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 09:04 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 09:04 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 09:04 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 09:04 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 09:04 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-16 17:39 - 2017-06-05 08:57 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-16 17:39 - 2017-06-05 08:57 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-16 17:39 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-16 16:18 - 2017-06-05 08:56 - 000414704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 16:18 - 2015-08-31 11:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-15 23:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 23:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-15 23:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-15 23:10 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-15 23:10 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 22:13 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-14 21:21 - 2017-05-09 20:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-14 21:20 - 2017-05-18 20:12 - 000000000 ____D C:\Users\Thijs Kunnen\Documents\The Crew
2017-11-14 21:19 - 2017-05-18 20:12 - 000000000 ____D C:\Users\Thijs Kunnen\Documents\ProfileCache
2017-11-14 20:15 - 2017-10-12 19:37 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-14 20:15 - 2017-05-09 20:34 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-14 17:23 - 2017-08-16 15:22 - 000004532 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-14 17:23 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-14 17:23 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-14 16:45 - 2017-05-09 17:53 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Packages
2017-11-14 16:36 - 2017-10-19 17:32 - 000000000 ____D C:\Users\Thijs Kunnen\Desktop\Games
2017-11-13 18:53 - 2017-10-19 17:32 - 000000000 ____D C:\Users\Thijs Kunnen\Desktop\School
2017-11-13 18:50 - 2017-06-15 13:41 - 000000000 ____D C:\Users\Thijs Kunnen\Documents\BFBC2
2017-11-13 18:50 - 2015-08-31 11:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-13 16:48 - 2015-08-31 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-11-13 16:47 - 2017-06-05 09:04 - 000003510 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2017-11-13 16:47 - 2017-05-09 17:55 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\clear.fi
2017-11-13 16:47 - 2015-08-31 12:43 - 000000000 ___HD C:\OEM
2017-11-11 21:19 - 2017-05-10 20:04 - 000000000 ____D C:\Users\Thijs Kunnen\Documents\Euro Truck Simulator 2
2017-11-11 14:42 - 2017-05-09 18:21 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-11-11 14:42 - 2017-05-09 18:21 - 000000000 ____D C:\ProgramData\Skype
2017-11-11 14:11 - 2017-05-14 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2017-11-11 09:53 - 2017-06-20 19:04 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\SkypePlugin
2017-11-10 19:12 - 2017-05-09 18:42 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\discord
2017-11-10 17:58 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-09 17:09 - 2017-05-10 19:54 - 000000000 ___RD C:\Users\Thijs Kunnen\Creative Cloud Files
2017-11-08 16:38 - 2017-10-20 17:40 - 000001405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2018.lnk
2017-11-08 16:38 - 2017-05-11 15:55 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-11-07 17:08 - 2017-05-09 18:10 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Comms
2017-11-06 23:08 - 2017-05-11 18:23 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-11-06 19:17 - 2017-10-15 22:24 - 000008142 _____ C:\Users\Thijs Kunnen\Desktop\werkend.ovpn
2017-11-05 02:40 - 2017-03-18 22:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-05 02:40 - 2017-03-18 22:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-04 13:16 - 2017-05-16 16:33 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\Notepad++
2017-11-03 18:11 - 2017-08-03 12:57 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\LocalLow\Mozilla
2017-11-03 11:05 - 2017-07-31 12:00 - 000003392 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3500986774-1710872821-3788070447-1001
2017-11-03 11:05 - 2017-05-09 17:55 - 000002412 _____ C:\Users\Thijs Kunnen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-02 22:48 - 2017-05-10 19:04 - 000000000 ____D C:\ProgramData\Oracle
2017-11-02 22:47 - 2017-05-21 09:41 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-11-02 22:47 - 2017-05-21 09:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-02 22:47 - 2017-05-21 09:40 - 000000000 ____D C:\Program Files\Java
2017-11-02 11:11 - 2017-05-09 17:53 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\Adobe
2017-11-01 12:02 - 2017-06-05 08:57 - 000000000 ____D C:\ProgramData\Razer
2017-11-01 12:02 - 2017-06-05 08:57 - 000000000 ____D C:\Program Files (x86)\Razer
2017-11-01 09:46 - 2017-05-09 18:00 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Local\Google
2017-11-01 09:45 - 2017-05-09 18:00 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-28 09:05 - 2017-10-14 09:26 - 000000000 ____D C:\Users\Thijs Kunnen\AppData\Roaming\SecondLife
2017-10-22 19:25 - 2017-08-16 09:59 - 000000000 ____D C:\ProgramData\TruckersMP
2017-10-22 09:53 - 2017-10-19 17:32 - 000000000 ____D C:\Users\Thijs Kunnen\Desktop\Chiro
 
==================== Files in the root of some directories =======
 
2017-05-11 17:47 - 2017-11-20 17:21 - 000000033 _____ () C:\Users\Thijs Kunnen\AppData\Roaming\AdobeWLCMCache.dat
2017-05-09 19:16 - 2017-05-09 19:16 - 000000000 _____ () C:\Users\Thijs Kunnen\AppData\Roaming\gdfw.log
2017-05-09 19:16 - 2017-05-09 19:16 - 000000779 _____ () C:\Users\Thijs Kunnen\AppData\Roaming\gdscan.log
2017-11-11 21:21 - 2017-11-11 22:28 - 000000096 _____ () C:\Users\Thijs Kunnen\AppData\Roaming\LauncherSettings_live.cfg
2017-11-11 22:19 - 2017-11-11 22:19 - 000000042 _____ () C:\Users\Thijs Kunnen\AppData\Roaming\TheHunterSettings_steam_live.cfg
2017-05-14 16:41 - 2017-06-02 14:29 - 000001456 _____ () C:\Users\Thijs Kunnen\AppData\Local\Adobe Opslaan voor web 13.0 Prefs
 
Some files in TEMP:
====================
2017-11-19 09:42 - 2017-11-20 16:51 - 000619616 _____ () C:\Users\Thijs Kunnen\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2017-11-19 11:26 - 2017-11-19 11:26 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-1688130823500596920.dll
2017-11-19 12:37 - 2017-11-19 12:37 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-3767455042573207332.dll
2017-11-20 18:51 - 2017-11-20 18:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-4362574578241176775.dll
2017-11-19 19:30 - 2017-11-19 19:30 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7155952938629012291.dll
2017-11-19 09:51 - 2017-11-19 09:51 - 000019968 ____N (Red Hat®, Inc.) C:\Users\Thijs Kunnen\AppData\Local\Temp\jansi-64-7851568173673271241.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-11-06 19:47
 
==================== End of FRST.txt ============================
 
Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2017
Ran by Thijs Kunnen (20-11-2017 21:44:40)
Running from C:\Users\Thijs Kunnen\Desktop
Windows 10 Education Version 1703 15063.726 (X64) (2017-06-05 08:07:16)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3500986774-1710872821-3788070447-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3500986774-1710872821-3788070447-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3500986774-1710872821-3788070447-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-3500986774-1710872821-3788070447-501 - Limited - Disabled)
thijs (S-1-5-21-3500986774-1710872821-3788070447-1002 - Limited - Enabled) => C:\Users\thijs
Thijs Kunnen (S-1-5-21-3500986774-1710872821-3788070447-1001 - Administrator - Enabled) => C:\Users\Thijs Kunnen
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-8d9b4f73-bb47-4fea-917d-c50dd2ffed5c) (Version: 3.0.2.118 - WildTangent) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Animate CC 2018 (HKLM-x32\...\FLPR_18_0) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2018 (HKLM-x32\...\DRWV_18_0) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe InDesign CC 2018 (HKLM-x32\...\IDSN_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2018 (HKLM-x32\...\AME_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 387.92 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.8.3036 - AVG Technologies)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.2.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
Crossout Launcher 1.0.3.18 (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\CrossOutLauncher_is1) (Version:  - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}) (Version: 0.7.2.61 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
Epic Games Launcher (HKLM-x32\...\{F7118EF5-320C-4340-99F4-25F970B428A3}) (Version: 1.1.125.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Evernote v. 6.7.5 (HKLM-x32\...\{65B334F4-9E45-11E7-A6A5-005056951CAD}) (Version: 6.7.5.5825 - Evernote Corp.)
Farming Simulator 17 (HKLM-x32\...\FarmingSimulator2017_is1) (Version: 1.0.0.0 - GIANTS Software)
FileZilla Client 3.28.0 (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\FileZilla Client) (Version: 3.28.0 - Tim Kosse)
FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Gebruikersregistratie voor Canon MG5700 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5700 series) (Version:  - ‭Canon Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Grand Theft Multiplayer (HKLM-x32\...\GrandTheftMultiplayer) (Version:  - Grand Theft Multiplayer Team)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Home Makeover (HKLM-x32\...\WTA-ff512562-ab4b-4aae-9e8c-1d09bd47ac58) (Version: 3.0.2.59 - WildTangent) Hidden
Hotspot Shield 7.4.0 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925C167AD5D}) (Version: 7.4.0.10810 - AnchorFree Inc.) Hidden
Hotspot Shield 7.4.0 (HKLM-x32\...\{c01d3584-2b69-4526-a37b-c999716db8a0}) (Version: 7.4.0.10810 - AnchorFree Inc.)
Hotspot Shield 7.4.0 (HKLM-x32\...\HotspotShield) (Version: 7.4.0 - AnchorFree Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-679326c7-f13f-4d56-ae2e-6a7fee2304c7) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-ad853ef4-00ea-4eae-8b6e-18dee9cd5722) (Version: 3.0.2.118 - WildTangent) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.94 (HKLM\...\Logitech Gaming Software) (Version: 8.94.86 - Logitech Inc.)
Magic Academy (HKLM-x32\...\WTA-4c57b906-a5ca-4c03-9798-68e13f3261f1) (Version: 2.2.0.97 - WildTangent) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.8625.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.12.111.1002 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.1 - Notepad++ Team)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 387.92 - NVIDIA Corporation)
NVIDIA PhysX Systeem Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
OnePlus USB Drivers 1.00 (HKLM-x32\...\OnePlus USB Drivers 1.00) (Version: 1.00 - OnePlus, Inc)
OpenIV (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\OpenIV) (Version: 2.9.1.926 - .black/OpenIV Team)
OpenVPN 2.4.3-I602  (HKLM\...\OpenVPN) (Version: 2.4.3-I602 - OpenVPN Technologies, Inc.)
Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.259.0 - Overwolf Ltd.)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-d421feba-0407-4288-b40c-de6252d31e83) (Version: 3.0.2.59 - WildTangent) Hidden
Popcorn-Time (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Popcorn-Time) (Version: 0.3.10 - Popcorn Time)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
Python 3.5.1 (64-bit) (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\{b8440650-9dbe-4b7d-8167-6e0e3dcdf5d0}) (Version: 3.5.1150.0 - Python Software Foundation)
Python 3.5.1 Add to Path (64-bit) (HKLM\...\{495EFF61-4949-4304-872E-441B48022991}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Core Interpreter (64-bit) (HKLM\...\{2690DE23-49CD-4973-AA74-F77C4C852189}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Development Libraries (64-bit) (HKLM\...\{70D9C8DA-F1A1-43B0-B325-6263CD21E535}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Documentation (64-bit) (HKLM\...\{5C8D887B-998A-4708-9120-CE040C4A5B47}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Executables (64-bit) (HKLM\...\{39F30A3E-99D9-46E3-8582-7422FE54A1FB}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 pip Bootstrap (64-bit) (HKLM\...\{E98CFF92-01E0-4E30-8C72-3C82111091C2}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Standard Library (64-bit) (HKLM\...\{0F774261-D55F-4180-B266-A9E1C6F4CD7A}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Tcl/Tk Support (64-bit) (HKLM\...\{A47BAF5B-53CC-4E60-847A-E13CAF26F467}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Test Suite (64-bit) (HKLM\...\{A1B06412-F898-47C9-968F-D3B331ABB202}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python 3.5.1 Utility Scripts (64-bit) (HKLM\...\{34E72E6D-77E8-4C17-99B8-42497B7308C8}) (Version: 3.5.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{323AC113-C6CE-4F99-842F-4936332D055A}) (Version: 3.6.5923.0 - Python Software Foundation)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0099 - Qualcomm Atheros)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 r2746 - )
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.5.3 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 8.4.17.561 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.00.830 - Razer Inc.)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.2.1116.127 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
Rory's Restaurant (HKLM-x32\...\WTA-6e35cc10-c9f5-48e9-baf9-e03aec7ff14d) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-4527bc60-c537-4ef8-8c87-cc9539bb1241) (Version: 3.0.2.126 - WildTangent) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3143 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1250 - SUPERAntiSpyware.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
Thunderbolt™ Software (HKLM-x32\...\{5B88BE64-93E7-4D6B-83D0-37B911166FF2}) (Version: 15.2.35.250 - Intel Corporation)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Twitch (HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Unity (HKLM-x32\...\Unity) (Version: 2017.2.0f3 - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 32.1 - Ubisoft)
Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.16 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {3602C3E4-045E-40E4-A225-2CAF75364B95} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (/n software, Inc.)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {3602C3E4-045E-40E4-A225-2CAF75364B95} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (/n software, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Creative Cloud\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-08-29] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-11-11] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_7ee21f0fcd504371\igfxDTCM.dll [2016-11-23] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-06] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => D:\Creative Cloud\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-11-11] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-16] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {092EC1F5-E050-4E42-87F2-9C2A977F5208} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {19241A34-409D-4F1A-B060-09862A10488E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14] (Adobe Systems Incorporated)
Task: {1B8BCDCA-4D4C-40F6-8E5D-E20FA7EC5BC6} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kunnenthijs@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {20668AD9-DAAB-4DFE-A517-E9627886ECEB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated)
Task: {2B3EA3EA-911E-4E06-8A97-CF78023E4295} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {2EDEDBFE-9AEA-4DB9-9484-D59FE9FDACD4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
Task: {2FD048C5-EEE9-4862-9901-4E701BF46B3B} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {3174A51C-5011-4837-B205-5EDBD4D706E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)
Task: {3AC0CEEA-47B7-4A8E-B25A-D032718F6398} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {3C67B4EB-7200-4F97-B02E-E857144D6C98} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)
Task: {3F3B295D-32F3-41C1-847A-985413AB722F} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {41F0D64D-EB48-4779-95A1-F77D092BDA90} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-11-11] (AVG Technologies CZ, s.r.o.)
Task: {4A0C48DC-453E-416C-91C8-6BE257C644A8} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {4F117C79-2706-4FBF-A748-C0259F51CEFA} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {535A8141-41E3-4F52-A0BD-B932BB634C95} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {5689ED1D-D12F-4CEA-8C4A-86A212F86353} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-09-05] (Acer Incorporated)
Task: {5A2BF1F9-2605-4CDA-B43A-7A9EF80FF408} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {5C52DA42-528F-4F40-8187-043669EDDFE9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-11-17] (Microsoft Corporation)
Task: {5D3B1418-2F17-4DFB-B69F-C31F12219DC4} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {64038EA3-600A-47E4-91B8-625F8B69CD70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-01] (Google Inc.)
Task: {641A5337-DF66-4476-9FE2-A63E921AF422} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {64231C0D-18DF-4C83-BAB3-D9DD16CB8A9E} - System32\Tasks\Microsoft\Windows\Display\Brightness\BrightnessReset
Task: {6A1AECEC-0766-473B-AE79-EAAA31DE758F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {6A250F7B-4F8A-4FEA-8CAE-31F28DA85202} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-05-24] ()
Task: {7EF343A7-929A-4E91-BB1B-80CC092047DF} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {876BC7AD-C6CA-4457-85E1-45198C849BDD} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-OF12HVT-Thijs Kunnen => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {932EC946-767B-4FAA-9B54-A4A4A2DF1822} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {A47B98F9-3995-4EE4-AED8-32C6DD035BF6} - System32\Tasks\S-1-5-21-3500986774-1710872821-3788070447-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-02] (Microsoft Corporation)
Task: {A9ED2AB5-55F0-4454-AACA-CADC21B9BD5E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {AA487B7D-A9D2-4BCA-B470-20009C18F69F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-11-17] (Microsoft Corporation)
Task: {B0109414-65B5-4559-950F-B92E5A415877} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {BF20F64C-5492-4E7C-815E-FEACE5F934FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-11-02] (Microsoft Corporation)
Task: {D0848F93-66D4-476E-BD85-CBE9C02374AB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {D1B3C078-5D3C-4E93-9489-AF54328146E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {D22DBFC6-263E-40A1-BD0B-92E46DEA7F4D} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-11-12] (Overwolf LTD)
Task: {F886B867-84C2-449E-BF94-ECC764A6A109} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-11-17] (Microsoft Corporation)
Task: {F8AAD71F-4EEC-465D-B37C-7370178465C7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {F9C6D403-83E2-4233-8254-EE50CAE5902E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {FBE1992D-A1B2-44DD-9601-A1A2F799B096} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {FC20E16D-CC54-4B5D-BBFE-1211D76E7D5F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {FC8C635F-55C6-4065-8611-DA7B90CCA03E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-10-09 22:18 - 2017-10-06 12:44 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-12 19:55 - 2016-07-12 19:55 - 001299952 _____ () C:\WINDOWS\system32\IntelSSTAPO\ParameterService\libxml2.dll
2017-05-18 18:08 - 2017-10-11 02:05 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-11 18:23 - 2016-02-04 10:53 - 000387144 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-06-15 13:40 - 2017-06-15 13:40 - 000075064 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-07-19 23:09 - 2017-07-19 23:09 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-11-11 02:07 - 2017-11-11 02:07 - 000176880 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-08-31 11:56 - 2015-05-08 18:41 - 000111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-09-29 11:32 - 2017-09-29 11:32 - 000076456 _____ () D:\Filezilla\FileZilla FTP Client\fzshellext_64.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-08-29 01:43 - 2017-08-29 01:43 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-11-11 02:07 - 2017-11-11 02:07 - 000171760 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service Process.exe
2017-11-11 02:11 - 2017-11-11 02:11 - 000499440 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
2015-06-16 02:53 - 2015-06-16 02:53 - 000628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-06-07 23:54 - 2017-06-07 23:54 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-06-07 23:54 - 2017-06-07 23:54 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-07-14 14:26 - 2017-07-14 14:26 - 000638592 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2017-11-11 10:04 - 2017-11-11 10:04 - 000068528 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\module_lifetime.dll
2017-11-14 21:51 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-14 21:51 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-07-29 03:45 - 2017-07-29 03:45 - 000298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2016-07-18 09:39 - 2016-07-18 09:39 - 000154816 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2017-05-24 19:11 - 2017-05-24 19:11 - 004645168 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2017-09-14 15:39 - 2017-09-14 15:40 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-09 17:14 - 2017-11-09 17:16 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-11-09 17:14 - 2017-11-09 17:16 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 20:18 - 2017-10-04 20:20 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-09 17:14 - 2017-11-09 17:16 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-04 20:18 - 2017-10-04 20:19 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-11-09 17:14 - 2017-11-09 17:15 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-11-09 17:14 - 2017-11-09 17:16 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-11-09 17:14 - 2017-11-09 17:16 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-11-09 17:14 - 2017-11-09 17:15 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-11-09 17:14 - 2017-11-09 17:14 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-30 11:14 - 2017-08-30 11:14 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-09 17:14 - 2017-11-09 17:16 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-11-09 17:14 - 2017-11-09 17:15 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2017-11-09 17:14 - 2017-11-09 17:15 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-11-09 17:14 - 2017-11-09 17:16 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-11-09 17:14 - 2017-11-09 17:15 - 000084480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2017-11-17 18:45 - 2017-11-17 18:45 - 035241472 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-11-17 18:45 - 2017-11-17 18:45 - 009218560 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-08-23 15:29 - 2017-08-23 15:29 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 15:32 - 2017-09-26 15:32 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-17 18:45 - 2017-11-17 18:45 - 013224960 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-07-14 14:26 - 2017-07-14 14:26 - 000225696 _____ () C:\Program Files\OpenVPN\bin\liblzo2-2.dll
2017-07-14 14:26 - 2017-07-14 14:26 - 000126992 _____ () C:\Program Files\OpenVPN\bin\libpkcs11-helper-1.dll
2017-03-18 21:59 - 2017-03-20 04:58 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-15 15:52 - 2017-11-15 15:52 - 000161200 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2017-11-20 16:51 - 2017-11-11 02:02 - 000149744 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.ChromaSDKWrapper.dll
2017-11-20 16:51 - 2017-11-11 02:03 - 000179440 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\Common.NativeDeviceDetectionWrapper.dll
2017-11-20 16:51 - 2017-11-11 02:04 - 000081648 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_AccelWinM.dll
2017-11-20 16:51 - 2017-11-11 02:04 - 000946928 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_DriverMode.dll
2017-11-20 16:51 - 2017-11-11 02:02 - 000115952 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_KeyboardKeysWrapper.dll
2017-11-20 16:51 - 2017-11-11 02:04 - 000086256 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedCommon.dll
2017-11-20 16:51 - 2017-11-11 02:04 - 000962800 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_ManagedMacros.dll
2017-11-20 16:51 - 2017-11-11 02:02 - 000950000 _____ () C:\ProgramData\Razer\Synapse3\Service\Bin\RSy3_PowerSwitchWrapper.dll
2017-11-11 02:07 - 2017-11-11 02:07 - 000115952 _____ () C:\Program Files (x86)\Razer\Synapse3\Service\RSy3_KeyboardKeysWrapper.dll
2017-05-18 18:08 - 2017-10-11 02:05 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-11-19 09:42 - 2017-11-20 16:51 - 000619616 _____ () C:\Users\Thijs Kunnen\AppData\Local\Temp\0Kraken71ChromaDevProps.dll
2017-11-07 04:24 - 2017-11-07 04:26 - 001005408 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.dll
2017-11-07 04:24 - 2017-11-07 04:26 - 053444984 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libcef.dll
2017-11-11 02:09 - 2017-11-11 02:09 - 000115952 _____ () C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Common.Dependencies\RSy3_KeyboardKeysWrapper.dll
2017-11-11 10:02 - 2017-11-11 09:58 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-11-07 04:24 - 2017-11-07 04:26 - 000691056 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.Core.dll
2017-11-07 04:24 - 2017-11-07 04:26 - 001984392 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libglesv2.dll
2017-11-07 04:24 - 2017-11-07 04:26 - 000082824 _____ () C:\Program Files (x86)\Razer\Razer Services\Razer Central\libegl.dll
2017-05-18 18:08 - 2017-10-11 02:05 - 070805952 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-11-11 10:04 - 2017-11-11 10:04 - 000168216 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-11-11 10:04 - 2017-11-11 10:04 - 000060160 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll
2017-11-11 10:04 - 2017-11-11 10:04 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-11-11 10:04 - 2017-11-11 10:04 - 000238928 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-11-11 10:04 - 2017-11-11 10:04 - 000245704 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2016-09-09 09:51 - 2016-09-09 09:51 - 000202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 09:51 - 2016-09-09 09:51 - 000119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2017-09-20 13:54 - 2017-09-20 13:54 - 000667520 _____ () C:\Program Files (x86)\Evernote\Evernote\tidy.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () D:\Creative Cloud\Acrobat DC\Acrobat\locale\nl_nl\acrotray.nld
2017-05-22 11:13 - 2017-05-22 11:13 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-07-31 23:32 - 2017-07-31 23:32 - 001190400 _____ () D:\Creative Cloud\Acrobat DC\Acrobat\locale\nl_nl\adistres.NLD
2017-08-30 11:09 - 2017-04-13 18:58 - 050656768 _____ () C:\Users\Thijs Kunnen\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-08-30 11:09 - 2017-04-13 18:58 - 001874944 _____ () C:\Users\Thijs Kunnen\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2017-08-30 11:09 - 2017-04-13 18:58 - 000075264 _____ () C:\Users\Thijs Kunnen\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-08-07 10:09 - 2015-08-07 10:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000654072 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2017-09-22 15:14 - 2017-09-22 15:14 - 000202528 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2017-09-22 15:17 - 2017-09-22 15:17 - 000641312 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2017-09-22 15:16 - 2017-09-22 15:16 - 000119072 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2017-11-13 16:47 - 2017-11-13 16:47 - 000015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2017-03-20 14:24 - 2017-03-20 14:24 - 000013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2017-03-20 14:21 - 2017-03-20 14:21 - 000277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\...\sharepoint.com -> hxxps://visomariakerke-files.sharepoint.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 12:04 - 2017-11-19 09:34 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3500986774-1710872821-3788070447-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Thijs Kunnen\Pictures\wallpapers\Background.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{A7D9BDFB-2EEF-4D38-8902-0973953A2F11}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{ACFCB37A-7461-4707-B4F2-87E716C1E690}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{48D45C62-CB04-48DF-9AA3-55D118E11A15}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{5CAC2A16-B242-48C1-8C04-74FF2F26EFDF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{D96EC7D2-3CCD-4005-A2BF-8A5A3B3FB84A}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{12D06E04-D308-4DF1-9B9D-5BCD89ACFF1B}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B15ED94F-7F7A-4E8E-A600-D77A7D5F652B}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{64A76F77-D180-471A-B00C-3D1902FA0E44}] => (Allow) D:\Games\Steam\Steam.exe
FirewallRules: [{596D9335-76DA-47AA-A1DF-011AFFD70C99}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9C59BC01-85BC-4679-B3F3-4259D60D179B}] => (Allow) D:\Games\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{A7EDB9D4-48BD-4642-AA5B-4E2A3BB1BACF}D:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{3BF4D6C9-6103-47F0-8710-C2CF1E5D3F6A}D:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\games\steam\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{64248F18-5F91-4892-B04F-BC35508D5CA2}C:\users\thijs kunnen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thijs kunnen\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3236A028-9CA9-4778-9C0B-5CDFB7FE2575}C:\users\thijs kunnen\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thijs kunnen\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E6E4F257-911A-45BD-A0A8-A5CFA88FD82D}] => (Allow) D:\Games\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{7C9D7363-3DC3-4855-8928-92EAA62D4BFC}] => (Allow) D:\Games\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{97414A83-0462-459C-9EE6-3B2C4F03903C}] => (Allow) D:\Games\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{90736F0A-88D4-4EEB-A152-FD04E25A7A2B}] => (Allow) D:\Games\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [TCP Query User{5BEAD044-CB94-44B2-B6C1-A03738DACF3A}D:\games\ubisoft game launcher\games\tom clancy's the division\thedivision.exe] => (Allow) D:\games\ubisoft game launcher\games\tom clancy's the division\thedivision.exe
FirewallRules: [UDP Query User{758A3FC7-EDD7-4E01-8EDC-2B985E5FD1D1}D:\games\ubisoft game launcher\games\tom clancy's the division\thedivision.exe] => (Allow) D:\games\ubisoft game launcher\games\tom clancy's the division\thedivision.exe
 
==================== Restore Points =========================
 
18-11-2017 17:33:23 DirectX is geïnstalleerd.
19-11-2017 09:33:42 Restore Point Created by FRST
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/20/2017 09:41:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Kan activeringscontext voor C:\Users\Thijs Kunnen\Downloads\esetsmartinstaller_enu.exe niet maken. Fout in manifest of beleidsbestand  op regel .
Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
 
Error: (11/20/2017 07:39:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 864: ERROR: read_msg errno 10054 (De externe host heeft een verbinding verbroken.)
 
Error: (11/20/2017 07:38:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 556: ERROR: read_msg errno 10054 (De externe host heeft een verbinding verbroken.)
 
Error: (11/20/2017 07:38:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 608: ERROR: read_msg errno 10054 (De externe host heeft een verbinding verbroken.)
 
Error: (11/20/2017 07:35:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Unlock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (11/20/2017 07:35:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Lock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (11/20/2017 07:35:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Unlock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (11/20/2017 07:35:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceive: mDNS_Lock locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
 
Error: (11/20/2017 06:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 700: ERROR: read_msg errno 10054 (De externe host heeft een verbinding verbroken.)
 
Error: (11/20/2017 06:50:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 880: ERROR: read_msg errno 10054 (De externe host heeft een verbinding verbroken.)
 
 
System errors:
=============
Error: (11/20/2017 09:07:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: 
Het laden van het stuurprogramma wordt geblokkeerd
 
Error: (11/20/2017 09:07:05 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\THIJSK~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/20/2017 09:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: 
Het laden van het stuurprogramma wordt geblokkeerd
 
Error: (11/20/2017 09:07:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\THIJSK~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/20/2017 09:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: 
Het laden van het stuurprogramma wordt geblokkeerd
 
Error: (11/20/2017 09:07:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\THIJSK~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/20/2017 09:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: 
Het laden van het stuurprogramma wordt geblokkeerd
 
Error: (11/20/2017 09:07:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\THIJSK~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/20/2017 09:07:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\THIJSK~1\AppData\Local\Temp\ehdrv.sys
 
Error: (11/20/2017 09:07:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De eapihdrv-service kan vanwege de volgende fout niet worden gestart: 
Het laden van het stuurprogramma wordt geblokkeerd
 
 
CodeIntegrity:
===================================
  Date: 2017-11-10 18:05:45.351
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-09 19:08:06.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-08 17:16:18.345
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-07 19:54:20.479
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-06 21:34:49.382
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-05 09:54:28.625
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-03 13:05:42.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-02 16:33:46.061
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f1f487ead2706ad4\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-11-01 14:02:43.956
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsl45ec5a40.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-11-01 14:02:42.898
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Definition Updates\{D353B6CB-911C-4EDB-8966-CFBB8A115AE2}\MpKslefb3a292.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 26%
Total physical RAM: 16296.78 MB
Available physical RAM: 11900.42 MB
Total Virtual: 17320.78 MB
Available Virtual: 11381.9 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:237.87 GB) (Free:118 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:355.85 GB) NTFS
Drive e: (TCTD Installer Disc 5) (CDROM) (Total:0.62 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 02349B4B)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 02349B59)
 
Partition: GPT.
 
==================== End of Addition.txt ============================


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:42 AM

Posted 20 November 2017 - 04:07 PM

That looks pretty good. Are there any remaining issues?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Thijsk1

Thijsk1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:11:42 AM

Posted 21 November 2017 - 02:03 AM

Nope, everything is fine now. Thank you very much for tour help!

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:42 AM

Posted 21 November 2017 - 08:52 AM

Excellent.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and we will now remove the tools used and logs created during our steps. Please do this.

===================================================

Delfix by Xplode

--------------------
  • Download Delfix and save it to your Desktop
  • Double click the icon
  • Place checkmarks in:

Remove disinfection tools
Create registry backup
Purge system restore

  • Click Run
===================================================

You may delete any additional programs or logs on your computer which were not automatically removed by Delfix. Simply delete the log files or desktop icons. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. ohmy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Thijsk1

Thijsk1
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:11:42 AM

Posted 21 November 2017 - 10:21 AM

And that's done. Thank you very much for all of the great help I got. I think this topic can be closed (or deleted / whatever you do whit it) ;)



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:42 AM

Posted 21 November 2017 - 10:33 AM

Perfect. It is our pleasure to help and you are welcome to pop back in anything you need assistance.

Gary
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 38,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:42 AM

Posted 21 November 2017 - 10:34 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users