Zoek.exe v5.0.0.0 Updated 16-December-2013 Tool run by Brian_Pc on di 17-12-2013 at 14:51:33,67. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Brian_Pc\Desktop\zoek.scr [Scan all users] [Script inserted] ==== System Restore Info ====================== 17-12-2013 14:53:24 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Brian_Pc\AppData\Roaming\Mozilla\Firefox\Profiles\v3rmnfky.default user.js not found ---- Lines ask.com removed from prefs.js ---- user_pref("keyword.URL", "http://nortonsafe.search.ask.com/web?o=APN10506&gct=kwd&qsrc=2869&l=dis&prt=NIS&chn=retail&geo=NL&ver=20&q="); ---- FireFox user.js and prefs.js backups ---- prefs_17-12-2013_1459_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\Users\Brian_Pc\AppData\Roaming\AutoGK.ini deleted C:\ProgramData\Package Cache deleted C:\Windows\Syswow64\themeui.dll.tmp deleted C:\Windows\Syswow64\uxtheme.dll.tmp deleted C:\Users\Brian_Pc\AppData\Roaming\Mozilla\Firefox\Profiles\v3rmnfky.default\searchplugins\safesearch.xml deleted C:\Users\Brian_Pc\Desktop\GemistDownloader.lnk deleted C:\Users\Brian_Pc\Desktop\setup_GemistDownloader_2816.exe deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-12-08 19:37:05 332FEAB1435662FC6C672E25BEB37BE3 2871808 ----a-w- C:\Windows\explorer.exe ====== C:\Users\Brian_Pc\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-12-10 20:30:25 6C4B2E1A25841077084EB9F76FF6FFA7 11410432 ----a-w- C:\Windows\SysWOW64\wmp.dll 2013-12-10 20:30:25 02DF0628BE8B64B84D50FBE53549AA3B 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2013-12-10 20:29:38 C74500A1BCB4113A7310295DD3FA4440 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-12-10 20:29:37 3D43EAC957F2F797BE82CF6B04A933F8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-12-10 20:29:37 355BF103E2CF862B00EEB3731E25E802 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-12-10 20:29:36 B2E1F7B212502BB49AAD4EFAD37C5CF5 2166784 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-12-10 20:29:36 927FA6456AD6D7630F6854828D2FD16B 1820160 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-12-10 20:29:36 35DE59C975A0C97E8DBBE095BCC3644E 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2013-12-10 20:29:36 08881C59F795C356DE12067E44FFD260 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2013-12-10 20:29:35 84EAF0A08C7742697816E148C066D757 1928192 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-12-10 20:29:35 0763C5D8660436D4D961F72609E33BBE 1157632 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-12-10 20:29:34 BFAFE990C4A191E83843362B5AC64A9B 17112576 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-12-10 20:29:34 A60A222D3126DD9E380F9D8B651BC13D 4243968 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-12-10 20:29:34 4B638CE3DAA3A082E576C0DDF9D635D4 11221504 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-12-10 20:25:50 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll 2013-12-10 20:25:49 E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 159232 ----a-w- C:\Windows\SysWOW64\imagehlp.dll 2013-12-10 20:25:49 AFA53BD631FB0509A91A99391209BB70 301568 ----a-w- C:\Windows\SysWOW64\msieftp.dll 2013-12-10 20:25:48 4EC2C3B15B9EC41AD0D6CD918D20376E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-12-10 20:25:46 A3B1D1312602280839A4A2AFBDFD066E 163840 ----a-w- C:\Windows\SysWOW64\scrrun.dll 2013-12-10 20:25:46 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe 2013-12-10 20:25:46 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe 2013-12-10 20:25:46 09F65975C1C9793B923BB52A7FA83453 121856 ----a-w- C:\Windows\SysWOW64\wshom.ocx 2013-12-08 22:05:13 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll 2013-12-08 22:05:13 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll 2013-12-08 22:05:12 83EBA442F07AAB8D6375D2EEC945C46C 1868128 ----a-w- C:\Windows\SysWOW64\d3dcsx_43.dll 2013-12-08 22:05:12 4FD7BCB9D8AF6A165E9BA0C2EB702E7C 239960 ----a-w- C:\Windows\SysWOW64\xactengine3_7.dll 2013-12-08 22:05:12 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll 2013-12-08 22:05:11 F81C4678A55FFEE585AC75825FAF5582 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_6.dll 2013-12-08 22:05:11 E4CE2AF32F501A7F7DDDD908704A0EE6 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_4.dll 2013-12-08 22:05:11 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll 2013-12-08 22:05:11 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll 2013-12-08 22:05:11 4976243BD70FAE3D1D24E49739AB2710 528216 ----a-w- C:\Windows\SysWOW64\XAudio2_6.dll 2013-12-08 22:05:11 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll 2013-12-08 22:05:10 DB3C93E87452B8DAB4F58ED1FD2B1998 238936 ----a-w- C:\Windows\SysWOW64\xactengine3_5.dll 2013-12-08 22:05:10 C811E70C8804CFFF719038250A43B464 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_7.dll 2013-12-08 22:05:10 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\SysWOW64\XAudio2_5.dll 2013-12-08 22:05:09 D09AC80A4B5312239852836C84DF3392 235344 ----a-w- C:\Windows\SysWOW64\d3dx11_42.dll 2013-12-08 22:05:09 C6A44FC3CF2F5801561804272217B14D 1892184 ----a-w- C:\Windows\SysWOW64\D3DX9_42.dll 2013-12-08 22:05:09 B33B21DB610116262D906305CE65C354 1974616 ----a-w- C:\Windows\SysWOW64\D3DCompiler_42.dll 2013-12-08 22:05:09 B337306DFB508A1BCEF1974BFBB8D924 5501792 ----a-w- C:\Windows\SysWOW64\d3dcsx_42.dll 2013-12-08 22:05:09 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_42.dll 2013-12-08 22:05:08 E684C5FA18ADF9EA14737757413BF727 517448 ----a-w- C:\Windows\SysWOW64\XAudio2_4.dll 2013-12-08 22:05:08 3FA06CF5079B84155D18B05C08F7131B 4178264 ----a-w- C:\Windows\SysWOW64\D3DX9_41.dll 2013-12-08 22:05:08 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\SysWOW64\XAPOFX1_3.dll 2013-12-08 22:05:07 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll 2013-12-08 22:05:07 E763798CAD2A90B6AB61854F50CD47DD 22360 ----a-w- C:\Windows\SysWOW64\X3DAudio1_6.dll 2013-12-08 22:05:07 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll 2013-12-08 22:05:07 686F8D1B4926D48227A06ACD4D41CD1E 235352 ----a-w- C:\Windows\SysWOW64\xactengine3_4.dll 2013-12-08 22:05:07 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll 2013-12-08 22:05:06 D95EAABF5D277EF91D9CA70151209E56 68616 ----a-w- C:\Windows\SysWOW64\XAPOFX1_1.dll 2013-12-08 22:05:06 8BA296419AF3417D1E9806B83166E472 235856 ----a-w- C:\Windows\SysWOW64\xactengine3_3.dll 2013-12-08 22:05:06 50F4A0D5E6A0BAFEFA78F353533B8E06 509448 ----a-w- C:\Windows\SysWOW64\XAudio2_2.dll 2013-12-08 22:05:06 47ED15DC87AE334C13C4DACD1BE2CCED 514384 ----a-w- C:\Windows\SysWOW64\XAudio2_3.dll 2013-12-08 22:05:06 350FEFE18B86BD4D9AB2A96D00215A49 23376 ----a-w- C:\Windows\SysWOW64\X3DAudio1_5.dll 2013-12-08 22:05:06 295E47A75F278580F9441041EAAEA3D2 70992 ----a-w- C:\Windows\SysWOW64\XAPOFX1_2.dll 2013-12-08 22:05:05 F3C6BE26949CAADB11DBF0086082FAC9 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_2.dll 2013-12-08 22:05:05 E34FF0115B1EE3B4E03D22AE9840EE03 507400 ----a-w- C:\Windows\SysWOW64\XAudio2_1.dll 2013-12-08 22:05:05 DD165760F1B95200A3DA2D9DFDB84234 65032 ----a-w- C:\Windows\SysWOW64\XAPOFX1_0.dll 2013-12-08 22:05:05 2E0E25252E1D41752876E9FE12ADE175 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_1.dll 2013-12-08 22:05:04 E3832514BD21236067B7227F6165EF95 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_4.dll 2013-12-08 22:05:04 A2650B27472C21CDD817EEEDE65648E1 467984 ----a-w- C:\Windows\SysWOW64\d3dx10_38.dll 2013-12-08 22:05:04 8F3EB548AC4ED90252394F60C77E3196 3850760 ----a-w- C:\Windows\SysWOW64\D3DX9_38.dll 2013-12-08 22:05:04 8A83673F0AB001870583FDE2B004FA59 238088 ----a-w- C:\Windows\SysWOW64\xactengine3_0.dll 2013-12-08 22:05:04 418CDC57E55EE79C3F86C13A19B3D5E3 479752 ----a-w- C:\Windows\SysWOW64\XAudio2_0.dll 2013-12-08 22:05:04 103CBFC5591008AD33046E20E8E1EEBE 1491992 ----a-w- C:\Windows\SysWOW64\D3DCompiler_38.dll 2013-12-08 22:05:03 EA752DBCE35045D3C830DC16578CC8AB 1420824 ----a-w- C:\Windows\SysWOW64\D3DCompiler_37.dll 2013-12-08 22:05:03 C593FD0A96EE4B6390B653C4C641313F 25608 ----a-w- C:\Windows\SysWOW64\X3DAudio1_3.dll 2013-12-08 22:05:03 AC3C517FB0FBBE45FE44007BCD3625A7 3786760 ----a-w- C:\Windows\SysWOW64\D3DX9_37.dll 2013-12-08 22:05:03 4A43E9A2B17E4CAFA9CB5FEC0B5B686B 462864 ----a-w- C:\Windows\SysWOW64\d3dx10_37.dll 2013-12-08 22:05:02 FB4299688A0D3A37687C015AC2B9922D 1374232 ----a-w- C:\Windows\SysWOW64\D3DCompiler_36.dll 2013-12-08 22:05:02 D9158E78A368B08D9133043EB3058C12 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_36.dll 2013-12-08 22:05:02 73E055AF78A64F9B2779D44407CA2AB6 267272 ----a-w- C:\Windows\SysWOW64\xactengine2_10.dll 2013-12-08 22:05:02 44BFEC5C9C82A2EE9871D88FD3B9A0E2 3734536 ----a-w- C:\Windows\SysWOW64\d3dx9_36.dll 2013-12-08 22:05:01 F3764552E45880DC49B82F38699AA87C 444776 ----a-w- C:\Windows\SysWOW64\d3dx10_35.dll 2013-12-08 22:05:01 5B441670A4F5F8BCCE76741902B8AF56 1358192 ----a-w- C:\Windows\SysWOW64\D3DCompiler_35.dll 2013-12-08 22:05:01 46EE68F04A75A1CCF40235EA6F1CBA05 267112 ----a-w- C:\Windows\SysWOW64\xactengine2_9.dll 2013-12-08 22:05:01 3EF18B78D17C962F2B71AC1CB7757684 3727720 ----a-w- C:\Windows\SysWOW64\d3dx9_35.dll 2013-12-08 22:05:00 F6A9FC2AD2F9111372B5AB3BBA3707EC 17928 ----a-w- C:\Windows\SysWOW64\X3DAudio1_2.dll 2013-12-08 22:05:00 77F595DEE5FFACEA72B135B1FCE1312E 81768 ----a-w- C:\Windows\SysWOW64\xinput1_3.dll 2013-12-08 22:05:00 75F206C195BBACA6EF28565B1C0CD75C 1124720 ----a-w- C:\Windows\SysWOW64\D3DCompiler_34.dll 2013-12-08 22:05:00 5AA9987F2E62B56D7661B6901901F927 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_34.dll 2013-12-08 22:05:00 499210C45AFEAADEE8CF4DCF7D5E570B 266088 ----a-w- C:\Windows\SysWOW64\xactengine2_8.dll 2013-12-08 22:05:00 1CA939918ED1B930059B3A882DE6F648 3497832 ----a-w- C:\Windows\SysWOW64\d3dx9_34.dll 2013-12-08 22:04:59 FAE7E1D578C42A7C3D9D61A99D178BD5 1123696 ----a-w- C:\Windows\SysWOW64\D3DCompiler_33.dll 2013-12-08 22:04:59 CDB1CD22BAFF21F48606B3C1A18B000B 3495784 ----a-w- C:\Windows\SysWOW64\d3dx9_33.dll 2013-12-08 22:04:59 7FEBB8CE2233CBAE738B16D42ED29674 261480 ----a-w- C:\Windows\SysWOW64\xactengine2_7.dll 2013-12-08 22:04:59 37A8171ACCF46A9C196054066C28827F 443752 ----a-w- C:\Windows\SysWOW64\d3dx10_33.dll 2013-12-08 22:04:58 86C93789E9006F1AC47ED9DD47D4C8A1 251672 ----a-w- C:\Windows\SysWOW64\xactengine2_5.dll 2013-12-08 22:04:58 6F34F7405807DCBF0B9BF6811C94C6D9 440080 ----a-w- C:\Windows\SysWOW64\d3dx10.dll 2013-12-08 22:04:58 39000E033D39D19CCCE21AEAFCCE2476 255848 ----a-w- C:\Windows\SysWOW64\xactengine2_6.dll 2013-12-08 22:04:58 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\Windows\SysWOW64\d3dx9_32.dll 2013-12-08 22:04:57 69D841744B2BAE38FBB2D40A230A549C 236824 ----a-w- C:\Windows\SysWOW64\xactengine2_3.dll 2013-12-08 22:04:57 6550E1A0A7BE611592C31222FCB981FB 237848 ----a-w- C:\Windows\SysWOW64\xactengine2_4.dll 2013-12-08 22:04:57 33B62BE226934E1B01F5043870C70427 62744 ----a-w- C:\Windows\SysWOW64\xinput1_2.dll 2013-12-08 22:04:57 121B131EAA369D8F58DACC5C39A77D80 15128 ----a-w- C:\Windows\SysWOW64\x3daudio1_1.dll 2013-12-08 22:04:56 F1726346E583442541FE73429F8E9C10 62672 ----a-w- C:\Windows\SysWOW64\xinput1_1.dll 2013-12-08 22:04:56 7C9952111F4C743B9F0D8B68B6ED93C9 229584 ----a-w- C:\Windows\SysWOW64\xactengine2_1.dll 2013-12-08 22:04:56 5C4D3843B491C047B7A619901FBD2EC1 230168 ----a-w- C:\Windows\SysWOW64\xactengine2_2.dll 2013-12-08 22:04:55 E415862612E65F10D7D888443ECD7594 2388176 ----a-w- C:\Windows\SysWOW64\d3dx9_30.dll 2013-12-08 22:04:55 BE19B603DFBAA829EE5B7749B3BA97DB 2323664 ----a-w- C:\Windows\SysWOW64\d3dx9_28.dll 2013-12-08 22:04:55 99F4FC172A5ACE36CF00AA7038D23F2C 2332368 ----a-w- C:\Windows\SysWOW64\d3dx9_29.dll 2013-12-08 22:04:55 4E961525CC7FF0E5D7DA19E170B7C14C 14032 ----a-w- C:\Windows\SysWOW64\x3daudio1_0.dll 2013-12-08 22:04:55 2112FE0C46662D429347A7D7B49E3ECE 230096 ----a-w- C:\Windows\SysWOW64\xactengine2_0.dll 2013-12-08 22:04:54 BC831661963763AC4D504C5CABB1FDD9 2222800 ----a-w- C:\Windows\SysWOW64\d3dx9_24.dll 2013-12-08 22:04:54 852EDC778A7A50077694F84D8E601234 2319568 ----a-w- C:\Windows\SysWOW64\d3dx9_27.dll 2013-12-08 22:04:54 5B48FE9D6686F0D54B26A005ACE24D1D 2337488 ----a-w- C:\Windows\SysWOW64\d3dx9_25.dll 2013-12-08 22:04:54 523AB607EEF81CC4D909E7FEBD8A788E 2297552 ----a-w- C:\Windows\SysWOW64\d3dx9_26.dll 2013-12-08 19:36:50 5992A9DF57FD5E6960FDCC2DB69867F7 2755072 ----a-w- C:\Windows\SysWOW64\themeui.dll.backup 2013-12-08 19:36:50 43964FA89CCF97BA6BE34D69455AC65F 245760 ----a-w- C:\Windows\SysWOW64\uxtheme.dll.backup 2013-12-04 00:42:43 DF0961EA60A1CD175F360495F1DA8CCB 1653088 ----a-w- C:\Windows\SysWOW64\PerfStringBackup.INI ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-12-10 20:30:26 AB272BBFB05A8585C3405EFA9F605774 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2013-12-10 20:30:24 8CBBB27369F9F07BC5E874E750EAF9D0 14631424 ----a-w- C:\Windows\Sysnative\wmp.dll 2013-12-10 20:29:38 FB13F4873F6747AB4E3C37CAFEA8ACAE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2013-12-10 20:29:38 A3427586C75749B51BF5DEBEDEB4AD5C 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-12-10 20:29:37 EF098867663B07247587587C29E631DB 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-12-10 20:29:37 DACB9A752CEB29C1D931514EF73803E1 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2013-12-10 20:29:37 4E249022336591E9C6DE374A68C18EF6 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-12-10 20:29:37 40B33A42F90DED26DE4F5AAFA00F24CA 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2013-12-10 20:29:37 3A722B49408BE7FE8A375C3B8FD57BB1 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-12-10 20:29:37 2E2875FFC6C2DC1ACF4F46AFC7819BD5 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-12-10 20:29:37 2A0B7281854ACBECA25D8FDD06A4D714 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-12-10 20:29:37 0F753FDA08F495E515629210FF0DA59E 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-12-10 20:29:36 95EED00D70485F6F82983EB7C03CC42A 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2013-12-10 20:29:36 7016991D493B9F9FA492E75BD13D031D 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-12-10 20:29:36 16B0A65F52531B769B891DC251ECC6C0 23183360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-12-10 20:29:36 14074CF6190B937EB70BE2F93113B5FE 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2013-12-10 20:29:35 FA30E3DC75EA42FE19B819F30FBDED8D 1995264 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-12-10 20:29:35 EDF5C6A9F33FBD3D717D1B77A9864C64 12996608 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-12-10 20:29:35 C8CF11D73017CC588411FCB936891CF4 1395200 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-12-10 20:29:35 9B6678DB9C6A232C5A84D2FDFFF8B0E1 2334208 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-12-10 20:29:34 6491B719695D713335B431FCF0EAE28B 5769216 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-12-10 20:25:50 4EDF8812713291DBBFDA67CE6215F236 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll 2013-12-10 20:25:49 B4F29F65AD3114051F01E9403346047F 81408 ----a-w- C:\Windows\Sysnative\imagehlp.dll 2013-12-10 20:25:49 AC38EC8D0C1B4C783CA6A24D239A71B7 335360 ----a-w- C:\Windows\Sysnative\msieftp.dll 2013-12-10 20:25:49 97D50B0CABF18A6D40F8883D02DDB519 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-12-10 20:25:48 5FD67F205773EC80674DBBD609DB5315 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-12-10 20:25:46 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\Sysnative\cscript.exe 2013-12-10 20:25:46 731131A477F69476F2D739B0DB6A9281 202752 ----a-w- C:\Windows\Sysnative\scrrun.dll 2013-12-10 20:25:46 05D80FF3483BD8F268B01703C859198A 150016 ----a-w- C:\Windows\Sysnative\wshom.ocx 2013-12-10 20:25:46 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\Sysnative\wscript.exe 2013-12-08 22:05:13 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\Sysnative\XAPOFX1_5.dll 2013-12-08 22:05:13 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\Sysnative\XAudio2_7.dll 2013-12-08 22:05:12 BDEC09A032DB44D9CDB3A0D97224D64E 176984 ----a-w- C:\Windows\Sysnative\xactengine3_7.dll 2013-12-08 22:05:12 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\Sysnative\D3DCompiler_43.dll 2013-12-08 22:05:12 5F1DA86286A2DFB01C4FED55C2DD1D61 1907552 ----a-w- C:\Windows\Sysnative\d3dcsx_43.dll 2013-12-08 22:05:11 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll 2013-12-08 22:05:11 A9724EB3D6CC032D0C4ECAFF4AD8C17F 78680 ----a-w- C:\Windows\Sysnative\XAPOFX1_4.dll 2013-12-08 22:05:11 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll 2013-12-08 22:05:11 936DCC640B2991905D909395E03B64F9 176984 ----a-w- C:\Windows\Sysnative\xactengine3_6.dll 2013-12-08 22:05:11 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll 2013-12-08 22:05:11 05E88C8D8E652DFF03B469331F474CCE 530776 ----a-w- C:\Windows\Sysnative\XAudio2_6.dll 2013-12-08 22:05:10 C291AEFD47A587FF5F509E2F96613F7D 517960 ----a-w- C:\Windows\Sysnative\XAudio2_5.dll 2013-12-08 22:05:10 B4FF2A39685C1A6D43F0E56EB350AF3A 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_7.dll 2013-12-08 22:05:10 51D65BE2F794B944CADAF287B34EF603 176968 ----a-w- C:\Windows\Sysnative\xactengine3_5.dll 2013-12-08 22:05:09 F13B90F5090EBA9041558BC6AAED79B8 5554512 ----a-w- C:\Windows\Sysnative\d3dcsx_42.dll 2013-12-08 22:05:09 E92D2E4AFA43CD39A8C1C2C2DB59667E 2582888 ----a-w- C:\Windows\Sysnative\D3DCompiler_42.dll 2013-12-08 22:05:09 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\Windows\Sysnative\d3dx10_42.dll 2013-12-08 22:05:09 522749761B6CC69F8630F4B472DCA623 285024 ----a-w- C:\Windows\Sysnative\d3dx11_42.dll 2013-12-08 22:05:09 1AF7AE1FDE027A30B9097280819A0A86 2475352 ----a-w- C:\Windows\Sysnative\D3DX9_42.dll 2013-12-08 22:05:08 ECDDB13BC805B9F3EF3A855E6FD85C69 5425496 ----a-w- C:\Windows\Sysnative\D3DX9_41.dll 2013-12-08 22:05:08 E730967811E3702499446FFC8A432607 520544 ----a-w- C:\Windows\Sysnative\d3dx10_41.dll 2013-12-08 22:05:08 B94F08069EFE2F8151DEF350E526E063 521560 ----a-w- C:\Windows\Sysnative\XAudio2_4.dll 2013-12-08 22:05:08 A59A5BADE4AF200C720D99EAE6E04E0E 2430312 ----a-w- C:\Windows\Sysnative\D3DCompiler_41.dll 2013-12-08 22:05:08 37B348A79C4C9B8AB925B18FFD241E96 73544 ----a-w- C:\Windows\Sysnative\XAPOFX1_3.dll 2013-12-08 22:05:07 EEE871CC4F5563FF8B3C8385B32B0C5F 24920 ----a-w- C:\Windows\Sysnative\X3DAudio1_6.dll 2013-12-08 22:05:07 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll 2013-12-08 22:05:07 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll 2013-12-08 22:05:07 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll 2013-12-08 22:05:07 1BA01062450BD1F052C54C01C12248F6 174936 ----a-w- C:\Windows\Sysnative\xactengine3_4.dll 2013-12-08 22:05:06 E335DF094836EE7030F1B9CE7429E884 513544 ----a-w- C:\Windows\Sysnative\XAudio2_2.dll 2013-12-08 22:05:06 CFF1C1F7B9F855DDEE431D7B5DCACDF8 25936 ----a-w- C:\Windows\Sysnative\X3DAudio1_5.dll 2013-12-08 22:05:06 84B41FD03CAFC5048346B3B2AB92D199 175440 ----a-w- C:\Windows\Sysnative\xactengine3_3.dll 2013-12-08 22:05:06 758139A39AECC1B512576275A27C1177 518480 ----a-w- C:\Windows\Sysnative\XAudio2_3.dll 2013-12-08 22:05:06 2F8F9B707FED2405A787380230CC6FA9 74576 ----a-w- C:\Windows\Sysnative\XAPOFX1_2.dll 2013-12-08 22:05:06 0F2DB378FBE2D124E4D3631B329688AE 72200 ----a-w- C:\Windows\Sysnative\XAPOFX1_1.dll 2013-12-08 22:05:05 EAA692FDC990ED0407DF957316DA33C2 540688 ----a-w- C:\Windows\Sysnative\d3dx10_39.dll 2013-12-08 22:05:05 E9C0F926D7C9082A805F4FEF81DEEB30 511496 ----a-w- C:\Windows\Sysnative\XAudio2_1.dll 2013-12-08 22:05:05 CC8399A9E51B2AF1C2C20A26D85EB60E 177672 ----a-w- C:\Windows\Sysnative\xactengine3_2.dll 2013-12-08 22:05:05 A2A098BF5A8C255A0090818AD8E87B0F 177672 ----a-w- C:\Windows\Sysnative\xactengine3_1.dll 2013-12-08 22:05:05 7741A0A6CED6C441B97D625B730D6075 1942552 ----a-w- C:\Windows\Sysnative\D3DCompiler_39.dll 2013-12-08 22:05:05 7505C133FC704B40CFDDFD38777BAAC3 4992520 ----a-w- C:\Windows\Sysnative\D3DX9_39.dll 2013-12-08 22:05:05 0E92D8C0ECA74B6D0A55ABAD53226113 68104 ----a-w- C:\Windows\Sysnative\XAPOFX1_0.dll 2013-12-08 22:05:04 E5EC2AB7156A752F9614CDA4BE66EFE8 4991496 ----a-w- C:\Windows\Sysnative\D3DX9_38.dll 2013-12-08 22:05:04 DE6004D16DBACD781ED4596C4FEA7D14 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_4.dll 2013-12-08 22:05:04 A8B5370B7B61D3777D840DA1C64A1C2D 177672 ----a-w- C:\Windows\Sysnative\xactengine3_0.dll 2013-12-08 22:05:04 A7E59BB6FAC119FABB83F18BD72AA1D7 1941528 ----a-w- C:\Windows\Sysnative\D3DCompiler_38.dll 2013-12-08 22:05:04 72CB653CECF4EA670E7F5A8D74358423 540688 ----a-w- C:\Windows\Sysnative\d3dx10_38.dll 2013-12-08 22:05:04 29AF48F6C894328A58DEFDC560A70CF3 489480 ----a-w- C:\Windows\Sysnative\XAudio2_0.dll 2013-12-08 22:05:03 C4C2ED69B18EE1C60026877FCC470FA7 28168 ----a-w- C:\Windows\Sysnative\X3DAudio1_3.dll 2013-12-08 22:05:03 A8C5688BBA00C1630550F26260AB5CAE 529424 ----a-w- C:\Windows\Sysnative\d3dx10_37.dll 2013-12-08 22:05:03 8A10974DC6E1E42BDC635C2C2AFBD2CC 4910088 ----a-w- C:\Windows\Sysnative\D3DX9_37.dll 2013-12-08 22:05:03 31026CEA5AFA2798292179102C06FE40 1860120 ----a-w- C:\Windows\Sysnative\D3DCompiler_37.dll 2013-12-08 22:05:02 E8932AF24786765859558CB79E385AC2 411656 ----a-w- C:\Windows\Sysnative\xactengine2_10.dll 2013-12-08 22:05:02 BBB6C6833C30E323B41860D6DF61972D 5081608 ----a-w- C:\Windows\Sysnative\d3dx9_36.dll 2013-12-08 22:05:02 7299DF5CF81135934740211D9A946737 2006552 ----a-w- C:\Windows\Sysnative\D3DCompiler_36.dll 2013-12-08 22:05:02 570FDAE7041775DE0C67747BB7081939 508264 ----a-w- C:\Windows\Sysnative\d3dx10_36.dll 2013-12-08 22:05:01 B21427EDF0449E92000FF497DAAF89C9 1985904 ----a-w- C:\Windows\Sysnative\D3DCompiler_35.dll 2013-12-08 22:05:01 A69C32C2BD01522A088D254342826866 411496 ----a-w- C:\Windows\Sysnative\xactengine2_9.dll 2013-12-08 22:05:01 84116AA94672D623B95217648AE5B5B9 508264 ----a-w- C:\Windows\Sysnative\d3dx10_35.dll 2013-12-08 22:05:01 1B3AF16A27D390096925576202A64037 5073256 ----a-w- C:\Windows\Sysnative\d3dx9_35.dll 2013-12-08 22:05:00 FA485E76F94B7457767E372F47757733 409960 ----a-w- C:\Windows\Sysnative\xactengine2_8.dll 2013-12-08 22:05:00 BFB3091B167550EC6E6454813D3DB244 107368 ----a-w- C:\Windows\Sysnative\xinput1_3.dll 2013-12-08 22:05:00 BC78D5328541410510DDE06B9FA92024 21000 ----a-w- C:\Windows\Sysnative\X3DAudio1_2.dll 2013-12-08 22:05:00 AE5D5439525B4A4CBF206058D493685D 4496232 ----a-w- C:\Windows\Sysnative\d3dx9_34.dll 2013-12-08 22:05:00 9D9407F52B8E24E99358D9944B0D5FA3 1401200 ----a-w- C:\Windows\Sysnative\D3DCompiler_34.dll 2013-12-08 22:05:00 1ED4E7A82BD5C7DEED082F00E63BB7A0 506728 ----a-w- C:\Windows\Sysnative\d3dx10_34.dll 2013-12-08 22:04:59 8C970509E0AE10061E3ED6D51E34FEB9 403304 ----a-w- C:\Windows\Sysnative\xactengine2_7.dll 2013-12-08 22:04:59 839C3921005BB41D441E3752C74F2292 506728 ----a-w- C:\Windows\Sysnative\d3dx10_33.dll 2013-12-08 22:04:59 3EBF620536A13CA343E52ECA4F0DE7F8 1400176 ----a-w- C:\Windows\Sysnative\D3DCompiler_33.dll 2013-12-08 22:04:59 3172C3CAC8EA7CA1B5D5AF6699C037D6 4494184 ----a-w- C:\Windows\Sysnative\d3dx9_33.dll 2013-12-08 22:04:58 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\Windows\Sysnative\d3dx9_32.dll 2013-12-08 22:04:58 8251826F04BA0822D08AD9B92C65A3D5 469264 ----a-w- C:\Windows\Sysnative\d3dx10.dll 2013-12-08 22:04:58 4837A54574A6105D404A8560984B93DD 393576 ----a-w- C:\Windows\Sysnative\xactengine2_6.dll 2013-12-08 22:04:58 398FF46FF7354FED2F0F1AECDB546866 390424 ----a-w- C:\Windows\Sysnative\xactengine2_5.dll 2013-12-08 22:04:57 FAAA0BB9CD2905B25334132E5BA093EB 3977496 ----a-w- C:\Windows\Sysnative\d3dx9_31.dll 2013-12-08 22:04:57 58BB51253427A834A8807B9245CC5965 364824 ----a-w- C:\Windows\Sysnative\xactengine2_4.dll 2013-12-08 22:04:57 489E5B8BB1BD1028FF1C798EAAEC65E4 17688 ----a-w- C:\Windows\Sysnative\x3daudio1_1.dll 2013-12-08 22:04:57 06F15D3CB1AE0EAFA50F595B3FF8D9F5 83736 ----a-w- C:\Windows\Sysnative\xinput1_2.dll 2013-12-08 22:04:57 0396D2A98B0CCD4419B572EBF618E81E 363288 ----a-w- C:\Windows\Sysnative\xactengine2_3.dll 2013-12-08 22:04:56 DC5A914C34EB12056531777D4DD0F44E 354072 ----a-w- C:\Windows\Sysnative\xactengine2_2.dll 2013-12-08 22:04:56 6F9D3289D8B166E478AFFF9EFA92C42C 83664 ----a-w- C:\Windows\Sysnative\xinput1_1.dll 2013-12-08 22:04:56 0CC809422AB40974DFF8078392E4D507 352464 ----a-w- C:\Windows\Sysnative\xactengine2_1.dll 2013-12-08 22:04:55 F77D5AB654881E683CFF6650916C424E 16592 ----a-w- C:\Windows\Sysnative\x3daudio1_0.dll 2013-12-08 22:04:55 E09A9CF383ACF4A28038561E62277377 3927248 ----a-w- C:\Windows\Sysnative\d3dx9_30.dll 2013-12-08 22:04:55 CE5753F9A27837259EB52F3F47F39593 355536 ----a-w- C:\Windows\Sysnative\xactengine2_0.dll 2013-12-08 22:04:55 88BAC8306D4EC79A82B1FFA17DC8CF4A 3815120 ----a-w- C:\Windows\Sysnative\d3dx9_28.dll 2013-12-08 22:04:55 68B35CBDB4A8CC424718BBCC894FEEEA 3830992 ----a-w- C:\Windows\Sysnative\d3dx9_29.dll 2013-12-08 22:04:54 B165DF72E13E6AF74D47013504319921 3544272 ----a-w- C:\Windows\Sysnative\d3dx9_24.dll 2013-12-08 22:04:54 914C3237E4D145A18DCD1D0D4C8659E1 3807440 ----a-w- C:\Windows\Sysnative\d3dx9_27.dll 2013-12-08 22:04:54 4C56E7C5B2A61353E534C7D15D05856D 3823312 ----a-w- C:\Windows\Sysnative\d3dx9_25.dll 2013-12-08 22:04:54 44F5C5E27D6825E4E62420BC29B8B533 3767504 ----a-w- C:\Windows\Sysnative\d3dx9_26.dll 2013-12-08 19:37:17 492CB6A624D5DAD73EE0294B5DB37DD6 4835840 ----a-w- C:\Windows\Sysnative\xpsrchvw.exe 2013-12-08 19:37:15 B22CB67919EBAD88B0E8BB9CDA446010 427520 ----a-w- C:\Windows\Sysnative\StikyNot.exe 2013-12-08 19:37:15 47F0F526AD4982806C54B845B3289DE1 142336 ----a-w- C:\Windows\Sysnative\SoundRecorder.exe 2013-12-08 19:37:14 7633F554EEAFDE7F144B41C2FCAF5F63 431104 ----a-w- C:\Windows\Sysnative\SnippingTool.exe 2013-12-08 19:37:13 F3B306179F1840C0813DC6771B018358 238080 ----a-w- C:\Windows\Sysnative\recdisc.exe 2013-12-08 19:37:13 3DB5A1EACE7F3049ECC49FA64461E254 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2013-12-08 19:37:11 F2C7BB8ACC97F92E987A2D4087D021B1 193536 ----a-w- C:\Windows\Sysnative\notepad.exe 2013-12-08 19:37:11 B918311A8E59FB8CCF613A110024DEBA 692736 ----a-w- C:\Windows\Sysnative\osk.exe 2013-12-08 19:37:11 AFA10DB13B9A0537297AEEF2CD66352F 1077248 ----a-w- C:\Windows\Sysnative\Narrator.exe 2013-12-08 19:37:10 E79DF53BAD587E24B3CF965A5746C7B6 651264 ----a-w- C:\Windows\Sysnative\msra.exe 2013-12-08 19:37:10 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\Sysnative\mstsc.exe 2013-12-08 19:37:09 E19D102BAF266F34592F7C742FBFA886 300032 ----a-w- C:\Windows\Sysnative\msconfig.exe 2013-12-08 19:37:09 D291620D4C51C5F5FFA62CCDC52C5C13 378880 ----a-w- C:\Windows\Sysnative\msinfo32.exe 2013-12-08 19:37:09 458F4590F80563EB2A0A72709BFC2BD9 6676480 ----a-w- C:\Windows\Sysnative\mspaint.exe 2013-12-08 19:37:08 509E88FF7B257885775791FAF0965D6A 102400 ----a-w- C:\Windows\Sysnative\mobsync.exe 2013-12-08 19:37:07 FA4C36B574BF387D9582ED2C54A347A8 957440 ----a-w- C:\Windows\Sysnative\mblctr.exe 2013-12-08 19:37:07 3EEC0FB1DDD317AA1E8933B912439736 146944 ----a-w- C:\Windows\Sysnative\MdSched.exe 2013-12-08 19:37:06 233B45DDF77BD45E53872881CFF1839B 652800 ----a-w- C:\Windows\Sysnative\Magnify.exe 2013-12-08 19:37:02 C7301A1D3DB09DE86528D9D916069859 606208 ----a-w- C:\Windows\Sysnative\dfrgui.exe 2013-12-08 19:37:02 B795E6138E29A37508285FC31E92BD78 529408 ----a-w- C:\Windows\Sysnative\DisplaySwitch.exe 2013-12-08 19:37:02 35E397D6CA8407B86D8A7972F0C90711 359936 ----a-w- C:\Windows\Sysnative\eudcedit.exe 2013-12-08 19:37:01 FD3F34830C39F4B554106ADA19924F4E 114688 ----a-w- C:\Windows\Sysnative\control.exe 2013-12-08 19:37:01 85EA5C1262CF39BA63E54DB029DA6E63 216064 ----a-w- C:\Windows\Sysnative\cleanmgr.exe 2013-12-08 19:37:01 1F6DC007EAB7F6911130D729B4739A12 86528 ----a-w- C:\Windows\Sysnative\colorcpl.exe 2013-12-08 19:37:00 B4C2CE57F51B9F62956D256EB68973ED 165888 ----a-w- C:\Windows\Sysnative\charmap.exe 2013-12-08 19:37:00 10E4A1D2132CCB5C6759F038CDB6F3C9 918528 ----a-w- C:\Windows\Sysnative\calc.exe 2013-12-08 19:36:59 C3489639EC8E181044F6C6BFD3D01AC9 273920 ----a-w- C:\Windows\Sysnative\SndVol.exe 2013-12-08 19:36:59 09F7401D56F2393C6CA534FF0241A590 257024 ----a-w- C:\Windows\Sysnative\taskmgr.exe 2013-12-08 19:36:58 C3761661C17C2248A9379A8FB89E3DE1 257024 ----a-w- C:\Windows\Sysnative\stobject.dll 2013-12-08 19:36:58 34152997FB906895290E0199AC94B85F 1930752 ----a-w- C:\Windows\Sysnative\authui.dll 2013-12-08 19:36:57 F15FA38D56D6DBAC6BF03B63F29CA559 705536 ----a-w- C:\Windows\Sysnative\imagesp1.dll 2013-12-08 19:36:53 EED05D42D91835064703E2318552ED25 1866240 ----a-w- C:\Windows\Sysnative\ExplorerFrame.dll 2013-12-08 19:36:53 5AA945234E9D4CCE4F715276B9AA712C 20268032 ----a-w- C:\Windows\Sysnative\imageres.dll 2013-12-08 19:36:52 DFE2AC103D69709C1B1456255C32CEB8 389120 ----a-w- C:\Windows\Sysnative\pnpui.dll 2013-12-08 19:36:52 D7F1EF374A90709B31591823B002F918 225280 ----a-w- C:\Windows\Sysnative\SndVolSSO.dll 2013-12-08 19:36:51 F832EEEA97CDDA1AF577E721F652A0D1 749568 ----a-w- C:\Windows\Sysnative\batmeter.dll 2013-12-08 19:36:51 92DBF0A4C9239169010FC6E07859C82E 780800 ----a-w- C:\Windows\Sysnative\ActionCenter.dll 2013-12-08 19:36:51 10F815BE90A66AAFC6C713D1BD626064 1808384 ----a-w- C:\Windows\Sysnative\pnidui.dll 2013-12-08 19:36:49 2C647ABE9A424E55B5F3DAE4629B4277 2851840 ----a-w- C:\Windows\Sysnative\themeui.dll.backup 2013-12-08 19:36:48 F0344071948D1A1FA732231785A0664C 44544 ----a-w- C:\Windows\Sysnative\themeservice.dll.backup 2013-12-08 19:36:48 D29E998E8277666982B4F0303BF4E7AF 332288 ----a-w- C:\Windows\Sysnative\uxtheme.dll.backup ====== C:\Windows\Sysnative\drivers ===== 2013-12-10 20:25:46 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys 2013-12-10 20:25:46 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys 2013-12-02 22:34:56 95314C3A08589471983C2C8173F23CDA 16376 ----a-w- C:\Windows\Sysnative\drivers\TVMonitor.sys ====== C:\Windows\Tasks ====== 2013-11-29 17:59:44 9394303489AF7E511213EF7DB667E6CE 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-29 17:59:44 34467BB8C83214546BFED47931CE0414 1060 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-29 17:59:44 2285EBFB95FE8A7A6916000572FFEBC9 3804 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2013-11-29 17:59:44 04A40EBB0ED6DC04AC918E4F6F76E032 4056 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2013-11-25 17:24:09 5B402710C5940204B004AE7BD42D94E9 3158 ----a-w- C:\Windows\Sysnative\Tasks\{76268CE6-7C94-4E89-BD5B-CE7F7AA5D2FA} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2013-12-17 01:42:54 -------- d-----w- C:\PROGRA~2\Hp 2013-12-15 00:09:17 -------- d-----w- C:\PROGRA~2\GemistDownloader 2013-12-11 22:23:17 -------- d-----w- C:\PROGRA~2\Evernote 2013-12-08 19:37:25 -------- d-----w- C:\PROGRA~2\Skin Pack ======= C: ===== ====== C:\Users\Brian_Pc\AppData\Roaming ====== 2013-12-15 00:09:18 -------- d-----w- C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GemistDownloader 2013-12-14 00:13:42 -------- d-----w- C:\Users\Brian_Pc\AppData\Roaming\vlc 2013-12-08 22:15:03 -------- d-----w- C:\Users\Brian_Pc\AppData\Roaming\SeriousBit 2013-12-08 21:28:16 -------- d-----w- C:\Users\Brian_Pc\AppData\Roaming\SideSlide 2013-12-08 20:29:49 -------- d-----w- C:\Users\Brian_Pc\AppData\Roaming\Brynt Younce Software 2013-12-08 20:26:05 -------- d-----w- C:\Users\Brian_Pc\AppData\Roaming\GemistDownloader 2013-12-08 19:41:26 -------- d-----w- C:\Users\Brian_Pc\AppData\Local\Blue_Onion_Software 2013-12-08 16:49:42 16E53BFC96CE14021C0E07EB1C198478 99384 ----a-w- C:\Users\Brian_Pc\AppData\Roaming\inst.exe 2013-12-04 01:13:21 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\CrashDumps 2013-12-02 21:56:57 -------- d-----w- C:\Users\Brian_Pc\AppData\Local\NPE 2013-11-29 17:59:59 -------- d-----w- C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C:\Users\Brian_Pc ====== 2013-12-16 20:04:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Brian_Pc\Desktop\RSITx64.exe 2013-12-13 01:07:25 B9B82E1C59A4BD55F7D7832260CD1B65 67 --sh--w- C:\ProgramData\desktop.ini 2013-12-11 22:23:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote 2013-12-08 21:33:30 -------- d-----w- C:\Users\Brian_Pc\FSL 2013-11-29 17:59:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C: exe-files == 2013-12-17 01:42:27 7E218C9C4D1C164F684B85867749C4D3 21304 ----a-w- C:\Users\Brian_Pc\AppData\Roaming\Mozilla\Firefox\Profiles\v3rmnfky.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\Setup.exe 2013-12-16 20:04:51 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Brian_Pc\Desktop\RSITx64.exe 2013-12-15 00:09:18 F5715D21DBBD0A33D245A1D849ED5829 169449 ----a-w- C:\Program Files (x86)\GemistDownloader\uninst.exe 2013-12-14 17:53:27 F4CCCAB03392ECA3BCB6EAB9DB2089E0 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_NSPOS.exe 2013-12-14 17:53:27 F228ECDCDF7D094326F43ADF29A0DBD5 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_EMEA.exe 2013-12-14 17:53:27 C7EC72A8673DD2CC88A8384CA6D00120 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_US.exe 2013-12-14 17:53:27 5288FEC36ADB27C8A24623F6DB8858B8 72920 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe 2013-12-14 14:34:42 9FFFFF84A7AC0539A04D51FB60FD70B7 2346104 ----a-w- C:\Program Files (x86)\GemistDownloader\GemistDownloader.exe 2013-12-13 00:46:07 9973DCFD2D080C325F865C08D13610DB 130408 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2013-12-13 00:46:07 960FC5D26E103A124E0F4CE82D038C36 103272 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2013-12-13 00:46:07 77D4A137779DB57638C9CB9048973B68 54632 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2013-12-13 00:46:07 42D121320D4642A8E6212561F19F88B1 59392 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2013-12-11 22:22:31 A7A22643DD368A30329D03BF5B66FFB2 58823520 ----a-w- C:\Users\Brian_Pc\AppData\Local\Evernote\Evernote\AutoUpdate\Evernote_5.0.3.1614.exe 2013-12-10 20:30:26 D21DD7BFC81C8623DE48EBB17133D59C 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2013-12-10 20:30:26 9AED8E824CF5FAAB67957EDBC5512060 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2013-12-10 20:29:38 78CCC9D9665DC2A4DDC31CD99ED374FC 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2013-12-10 20:29:38 0E1D755673453108415F802C90704327 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2013-12-10 20:29:37 DACB9A752CEB29C1D931514EF73803E1 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-12-10 20:29:37 3A722B49408BE7FE8A375C3B8FD57BB1 218624 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-12-10 20:29:37 0F753FDA08F495E515629210FF0DA59E 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-12-10 20:25:46 ECB021CA3370582F0C7244B0CF06732C 156160 ----a-w- C:\Windows\System32\cscript.exe 2013-12-10 20:25:46 A3A35EE79C64A640152B3113E6E254E2 126976 ----a-w- C:\Windows\SysWOW64\cscript.exe 2013-12-10 20:25:46 979D74799EA6C8B8167869A68DF5204A 141824 ----a-w- C:\Windows\SysWOW64\wscript.exe 2013-12-10 20:25:46 045451FA238A75305CC26AC982472367 168960 ----a-w- C:\Windows\System32\wscript.exe === C: other files == 2013-12-10 20:25:49 97D50B0CABF18A6D40F8883D02DDB519 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-12-10 20:25:46 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys 2013-12-10 20:25:46 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2191765731-929917457-40214162-1000\Software\Microsoft\Windows\CurrentVersion\Run] "WinBar (x86)"="P:\Winbar\WinBar.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LWS"="C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "OpwareSE4"="P:\Canon\OpwareSE4.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WinBar (x86)"="P:\Winbar\WinBar.exe" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon" "CanonMyPrinter"="P:\Canon\BJMyPrt.exe /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=" C:\\PROGRA~2\\OPTIMI~1\\OPTPRO~2.DLL" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BitTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Brian_Pc\\AppData\\Roaming\\BitTorrent\\BitTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlueStacks Agent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BlueStacks Agent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\BlueStacks\\HD-Agent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner" "hkey"="HKCU" "command"="\"P:\\Ccleaner\\CCleaner64.exe\" /AUTO" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSystemDetect] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellSystemDetect" "hkey"="HKCU" "command"="C:\\Users\\Brian_Pc\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Dell\\Dell System Detect.appref-ms" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Brian_Pc\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"P:\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="T:\\virus scanners\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tango] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Tango" "hkey"="HKCU" "command"="P:\\Tango\\Tango.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\!SASCORE] ==== Startup Folders ====================== 2013-12-08 20:29:51 586 ----a-w- C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Coolbarz.lnk 2013-09-05 14:42:00 552 ----a-w- C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk 2013-09-11 17:24:28 1318 ----a-w- C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk 2013-12-08 21:33:30 604 ----a-w- C:\Users\Brian_Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FSL Launcher.lnk 2013-12-08 19:37:22 1249 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DeskDrive.lnk 2013-12-08 19:37:19 1249 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finderbar.lnk 2013-12-08 20:06:31 990 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Refresh.lnk 2013-12-08 19:37:21 1259 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk 2013-12-08 19:37:23 1090 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SkinPackMenu.lnk 2013-12-08 19:37:21 1239 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UberIcon.lnk 2013-12-08 19:37:22 1249 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VirtuaWin.lnk 2013-12-08 19:37:19 1225 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Winroll.lnk 2013-12-08 19:37:23 1225 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\xwidget.lnk 2013-12-08 19:37:23 1239 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\YzShadow.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 22:44] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2191765731-929917457-40214162-1000Core.job --a------ C:\Users\Brian_Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe [11-09-2013 18:24] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2191765731-929917457-40214162-1000UA.job --a------ C:\Users\Brian_Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe [11-09-2013 18:24] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-11-2013 18:59] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-11-2013 18:59] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AutoRearm" [C:\Windows\AutoRearm\AutoRearm.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["P:\Ccleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2191765731-929917457-40214162-1000Core" [C:\Users\Brian_Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2191765731-929917457-40214162-1000UA" [C:\Users\Brian_Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["P:\Norton Internet Security 2013\Engine\20.4.0.40\WSCStub.exe"] "C:\Windows\SysNative\tasks\{CEB5D2D3-CF0E-4263-92D7-6117E735D82E}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [P:\Norton Internet Security 2013\Engine\20.4.0.40\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [P:\Norton Internet Security 2013\Engine\20.4.0.40\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn" [17-12-2013 14:42] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Brian_Pc\AppData\Roaming\Mozilla\Firefox\Profiles\v3rmnfky.default - Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\IPSFF - Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\coFFPlgn - HP Detect - %ProfilePath%\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} - HTML5 Media Player - %ProfilePath%\extensions\html5player@horning.us.xpi - Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi - Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Brian_Pc\AppData\Roaming\Mozilla\Firefox\Profiles\v3rmnfky.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash CBFE3156904AB2D1A097F5E74A6C62F3 - P:\Vlc Player\VLC\npvlc.dll - VLC Web Plugin C2321043FA2CA4C32FF449DE6116B5D9 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll - Shockwave for Director / Shockwave for Director 3E0EB8CC0526CF152C80628A7EBAD7C3 - C:\Users\Brian_Pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player C548328E9DE5EB73350EF292D7140662 - T:\Picasa\Picasa3\npPicasa3.dll - Picasa 2BF85B6162528E0635DD8D632EB975C8 - C:\Users\Brian_Pc\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll - Facebook Desktop ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - P:\Norton Internet Security 2013\Engine\20.4.0.40\Exts\Chrome.crx[28-11-2013 14:56] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[25-09-2013 05:05] BeGone Guerra Online - Brian_Pc - Default\Extensions\ahcchnfnladlkddlceegencfccjcfnjp Google Docs - Brian_Pc - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Brian_Pc - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf TV - Brian_Pc - Default\Extensions\beobeededemalmllhkmnkinmfembdimh YouTube - Brian_Pc - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Facebook - Brian_Pc - Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm Sniper OMOH - Brian_Pc - Default\Extensions\cbgpnekbennkmggdcahbdjnbckcbakpg Pool - Brian_Pc - Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb Last updated at time on date - Brian_Pc - Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Brian_Pc - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Candy Crush Saga - Brian_Pc - Default\Extensions\dibdjfeclkefkigajajioodoplfhafic Weerplaza - Brian_Pc - Default\Extensions\djakjaebiehcbcjclfgifnhipfcobpaa Pyramid Jewels Challenge - Brian_Pc - Default\Extensions\djpolicdanocdhepamfhapnbgahgebbi Rush Team - Brian_Pc - Default\Extensions\ecdnoeebfjlplfkljdedokbcmebojbpb 3D Table Tennis - Brian_Pc - Default\Extensions\eceoimpjbncjmhghmhfpmbkkkgkkchen 3D Bowling - Brian_Pc - Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm AdBlock - Brian_Pc - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Air Hockey - Brian_Pc - Default\Extensions\gojagedhadegobocpaokaifiacjiolph Windows Media Player Extension for HTML5 - Brian_Pc - Default\Extensions\hokdglbhghcebcopdbanieangmcamaak New York Taxi License - Brian_Pc - Default\Extensions\lllhlpegibamimlkpnhjpohppfcckcfb Google Maps - Brian_Pc - Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Park the car on this shopping mall parking as quick as you can. - Brian_Pc - Default\Extensions\mjfoehokglnmbbnncflhhgapdfkhahle Norton Identity Protection - Brian_Pc - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk DVDVideoSoft - Brian_Pc - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Apple Thema - Brian_Pc - Default\Extensions\nmpilofaiabmckmfenobkedopnhimcdd Teletekst - Brian_Pc - Default\Extensions\noblnklnhglbnfomoipgcidnbpdjfbom Background Tab - Brian_Pc - Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic 3D Bomb Destroyer - Brian_Pc - Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom Gmail - Brian_Pc - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Brian_Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjfoehokglnmbbnncflhhgapdfkhahle deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.nl/search?hl=nl&q=%s" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{F0B91F3D-BAED-41AB-8C89-170FF4C46F57}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {F0B91F3D-BAED-41AB-8C89-170FF4C46F57} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brian_Pc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Brian_Pc\AppData\Local\Mozilla\Firefox\Profiles\v3rmnfky.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Brian_Pc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== Empty Temp Folders ====================== C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Brian_Pc\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Brian_Pc\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 17-12-2013 at 15:07:53,33 ======================