Zoek.exe v5.0.0.0 Updated 22-05-2014 Tool run by toshiba on vr 23-05-2014 at 15:19:59,30. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\toshiba\Documents\zoek\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-05-11-153103.log 1107 bytes C:\zoek-results2014-05-12-073608.log 65547 bytes C:\zoek-results2014-05-19-142321.log 75372 bytes C:\zoek-results2014-05-19-154955.log 72089 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) ACSI Campsite Guide Europe 2013 Adobe AIR Adobe Flash Player 13 ActiveX Adobe Reader X (10.1.10) MUI ANT Drivers Installer x64 Apple Application Support Apple Mobile Device Support Apple Software Update Audacity 2.0.5 AVG 2014 Bonjour Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator EX 2.0 Canon MP620 series MP Drivers Canon Utilities Easy-PhotoPrint EX Canon Utilities My Printer Canon Utilities Solution Menu CCleaner Computer Security 12.71.102.0 (release) D3DX10 Delta toolbar DiskRedactor DriveImage XML (Private Edition) Dropbox Duplicate Cleaner Free 3.0.1 Elevated Installer F-Secure CCF Reputation F-Secure CCF Scanning 1.23.124.8831 (release) F-Secure Network CCF 1.02.126 Galerie de photos Windows Live Garmin City Navigator Europe NT 2013.10 Update Garmin Express Garmin Express Tray Garmin MapInstall Garmin USB Drivers Garmin WebUpdater Google Chrome Google Toolbar for Internet Explorer Google Update Helper Google+ Auto Backup High-Definition Video Playback HiJackThis iCloud IncrediMail IncrediMail 2.0 Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology iTunes Java 7 Update 55 Java Auto Updater Junk Mail filter update LADSPA_plugins-win-0.4.15 Malwarebytes Anti-Malware versie 2.0.1.1004 Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Primary Interoperability Assemblies 2005 Microsoft Silverlight Microsoft SkyDrive Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC100_CRT_SP1_x64 Microsoft_VC100_CRT_SP1_x86 Movie Studio Platinum 13.0 (64-bit) MSVC80_x64_v2 MSVC80_x86_v2 MSVC90_x64 MSVC90_x86 MSVCRT MSVCRT Redists MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 10 Movie ThemePack Basic Nero BackItUp 10 Nero BackItUp 10 Help (CHM) Nero BurnRights 10 Nero BurnRights 10 Help (CHM) Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Express 10 Nero Express 10 Help (CHM) Nero InfoTool 10 Nero InfoTool 10 Help (CHM) Nero MediaHub 10 Nero MediaHub 10 Help (CHM) Nero Multimedia Suite 10 Essentials Nero RescueAgent 10 Nero RescueAgent 10 Help (CHM) Nero StartSmart 10 Nero StartSmart 10 Help (CHM) Nero Update Nokia Connectivity Cable Driver Nokia Suite OpenOffice.org 3.4.1 OVT Scanner 16Bit PC Connectivity Solution Photo Notifier and Animation Creator Picasa 3 PlayReady PC Runtime amd64 Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Synaptics Pointing Device Driver TOSHIBA Assist TOSHIBA Bulletin Board TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Manuals TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA Online Product Information TOSHIBA Places Icon Utility TOSHIBA Recovery Media Creator TOSHIBA Recovery Media Creator Reminder TOSHIBA ReelTime TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA TEMPRO TOSHIBA Value Added Package TOSHIBA Web Camera Application TOSHIBA Wireless LAN Indicator Total Commander 64-bit (Remove or Repair) Uninstall OVT Scanner 16-bit Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Utility Common Driver Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows-stuurprogrammapakket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) Windows Driver Package - OmniVision (APL531) Image (03/10/2010 1.0.0.1) Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Ziggo Internetbeveiliging ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe C:\Users\toshiba\Documents\zoek\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fshoster deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fshoster deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FSMA deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FSMA deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FSORSPClient deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\FSORSPClient deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Hoster (45123)"=- "F-Secure Manager"=- ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4004 MB CPU Info: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz CPU Speed: 2291.7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633F Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 232.9GB | D: 232.5GB Hard Disks - Free: C: 99.5GB | D: 209.5GB Manufacturer *: TOSHIBA BIOS Info: AT/AT COMPATIBLE | 07/11/11 | TOSCPL - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: TOSHIBA PWWHA Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Virus: Basis On-access scanning disabled (Outdated) Anti-Spyware: Basis disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Default Browser: Google Chrome 35.0.1916.114 Internet Explorer Version: 11.0.9600.17107 Google Chrome version: 35.0.1916.114 Adobe Reader version: 10.1.10.18 Sun Java version: 1.7.0_55 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\toshiba\AppData\Local\Temp ==== 2014-05-19 15:50:37 BCB0728F4B117855765CE8FE883B5E9B 1536 ----a-w- C:\Users\toshiba\AppData\Local\Temp\NOSEventMessages.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-05-20 08:06:16 FBCF3F01177953EBF1E735643621CCF5 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-05-20 08:06:13 EB5347F6149D3FF25F4D609A21A3BD67 17382912 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-05-20 08:06:13 10D531ADC7B8FB36C7361D44AF6E8AB6 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-05-19 12:15:13 6EA69D2312F3571F6F8BEADD224165E8 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-05-19 12:15:04 9533FE0A942E00114047140B42DF8E3D 175016 ----a-w- C:\Windows\SysWOW64\java.exe 2014-05-19 12:15:04 3B10B54F50CD362537B9F2186267EDF8 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-05-19 12:15:04 37C15684482B4D596316735DCEEE939A 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-05-18 06:05:14 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-05-18 06:04:45 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-05-18 06:04:16 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-05-18 06:04:14 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-05-18 06:04:14 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-05-18 06:04:14 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-05-18 06:04:13 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-05-18 06:04:12 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-05-18 06:04:12 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-05-18 06:04:12 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-05-18 06:04:11 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-18 06:03:55 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-05-18 06:03:55 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-18 06:03:55 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-05-18 06:03:50 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-05-18 06:03:49 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-05-18 06:03:47 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-05-18 06:03:45 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-05-18 06:03:39 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-05-18 06:03:35 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-05-16 17:39:30 E9504E484076585F6DA3C59F0E20E122 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll 2014-05-16 17:39:14 204882085A7D984D455AA4DE7B7074C6 5694464 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-05-16 17:38:51 D96106CF60505734B14F6AE80AAA4B07 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2014-05-16 17:38:43 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2014-05-16 17:37:09 1C0E369575F387460E2A5F28269B2CC4 1247744 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2014-05-16 17:37:01 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-05-15 13:12:59 AB5EFB103DB01C1912C9D2F545EA5621 17920 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll 2014-05-15 13:12:59 8DEEE20D8D30E9B0FBDCA31E58A027BD 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2014-05-15 13:12:59 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-05-15 13:12:59 2EFB1279E7BEA7D12D9F4D6508D27880 50176 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-05-15 13:12:57 5E676B296B762E211D83B87635F2C330 855552 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll 2014-05-15 13:12:12 AAB5D8C5ABE71873DC19ED004EF25009 792576 ----a-w- C:\Windows\SysWOW64\TSWorkspace.dll 2014-05-15 12:44:35 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll 2014-05-14 09:56:38 E9D88493FBDB36D4B65C6F2F7F122C95 12874240 ----a-w- C:\Windows\SysWOW64\shell32.dll 2014-05-14 09:54:42 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 09:54:41 9DE19EA21DF99AF15BA5A947E5317F9E 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-05-14 09:54:39 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 09:54:38 ED195AC76E10F17F6DD60C49666F2A83 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 09:54:31 995B39A08421C7725D1DF8DACEBBFC89 538112 ----a-w- C:\Windows\SysWOW64\objsel.dll 2014-05-14 09:54:30 461B713DE7F353C6447B744F1A049930 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2014-05-14 09:54:30 3A1ABE045A3E30799576E83A2D012B43 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-05-14 09:54:29 541BB9B4C899ADCC5D3DB89208C1F409 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 09:54:27 FBC78B5D12A4F5A62D9C91E0E0E46D46 49664 ----a-w- C:\Windows\SysWOW64\adprovider.dll 2014-05-14 09:54:27 828185688FDAAE6C7959B884ABED1766 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-05-14 09:54:27 62C0798CC68EBF42F29C92E6CD6DC3D6 36864 ----a-w- C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 09:54:27 38A30B8E4216BE24D30F766EF3BAC2C7 48128 ----a-w- C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 09:54:27 335FA669FC952BC4888CEDBDB42607E2 51200 ----a-w- C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 09:54:26 834A859BB331B0B2CCAE25BB1986F80D 47616 ----a-w- C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 09:54:25 5E11C55CC4D9330E55CCB22B1F20BB33 35328 ----a-w- C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 09:54:24 2A86C18CE6869C77FCEB62F3B47D4D5B 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-05-14 09:54:23 C94CE65AE7701E9FDBA889045543E27C 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-05-14 09:54:23 75878492F2B33405EEF900F8C16C6D08 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-05-20 08:06:16 A920E1336F9FEA95477763E2CC15891B 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-05-20 08:06:16 797E2E5C309AFF76990D5B7AF457EACA 23544320 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-05-20 08:06:13 A45BFDCFD5864F658289A165E6E0227F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-05-18 06:05:15 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-05-18 06:04:45 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-05-18 06:04:24 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-05-18 06:04:24 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-05-18 06:04:24 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-05-18 06:04:24 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-05-18 06:04:16 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-05-18 06:04:15 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-05-18 06:04:15 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-05-18 06:04:14 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-05-18 06:04:14 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-05-18 06:04:13 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-05-18 06:04:12 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-05-18 06:04:12 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-05-18 06:03:54 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-05-18 06:03:54 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-05-18 06:03:53 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-05-18 06:03:53 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-05-18 06:03:49 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-05-18 06:03:47 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-05-18 06:03:45 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-05-18 06:03:43 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-05-18 06:03:41 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-05-18 06:03:37 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-05-16 17:39:30 4EDF8812713291DBBFDA67CE6215F236 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll 2014-05-16 17:39:11 879A3F94118D686E63041A386FE91EBE 6574592 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-05-16 17:38:49 E8710B5DDA963E6BA198DF5FB209E72A 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2014-05-16 17:38:45 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll 2014-05-16 17:37:11 DD85F00EC31F77315AE992B7B0411D65 1643520 ----a-w- C:\Windows\Sysnative\DWrite.dll 2014-05-16 17:37:02 AFCA5C1ECEAF948FC815178BC077680E 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2014-05-15 13:13:11 DDED7C5558B3AE09F568945281A9A6D1 44544 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll 2014-05-15 13:13:01 FEC6178962DFF33074D39CA907971405 12800 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll 2014-05-15 13:13:01 108C257D765AAD2E6EC46557DA0B02BD 13824 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe 2014-05-15 13:12:59 7BD2E6E2458A5B95F8341244C7FC7DD4 18944 ----a-w- C:\Windows\Sysnative\wksprtPS.dll 2014-05-15 13:12:59 79EE5ECB4BE89343E4CF1E48F7769F59 420864 ----a-w- C:\Windows\Sysnative\wksprt.exe 2014-05-15 13:12:59 5289A00E2D21BB3A7D6761646543ED5C 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2014-05-15 13:12:59 149A388C17F04AD1F99B477A43BE1A9F 56832 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll 2014-05-15 13:12:59 0D2C2FAC4F29B5868D39B7267058CFEF 83968 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2014-05-15 13:12:58 8E75B1112C374EBDF18FD640DA2F0655 1147392 ----a-w- C:\Windows\Sysnative\mstsc.exe 2014-05-15 13:12:57 A4420969E5AB94856E5C0C02E6099D3F 1057280 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll 2014-05-15 13:12:13 9E2EDE952A3EC44754A829F048CE93A0 1030144 ----a-w- C:\Windows\Sysnative\TSWorkspace.dll 2014-05-15 12:44:43 E9A0777DCA9148157E0EF9B71D7DE353 15360 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-05-15 12:44:35 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll 2014-05-15 12:44:35 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll 2014-05-15 12:44:34 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-05-14 09:56:52 427015D56DF17241F634611557146C57 14175744 ----a-w- C:\Windows\Sysnative\shell32.dll 2014-05-14 09:56:33 4A795989DF0043973711B666D36D2678 477184 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-05-14 09:56:30 485FB1F3792FF7B5D5EBB99AB870E588 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-05-14 09:54:50 9358149234A4F3FE00CF5C2096DC1652 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-05-14 09:54:45 B19C8390A1D641B9AC4490D4828A7B5E 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-05-14 09:54:38 E2A483E796D5FC7E447725FD01D98FA0 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-05-14 09:54:37 89EF1CE0CE43AB8F55247D746739A321 722944 ----a-w- C:\Windows\Sysnative\objsel.dll 2014-05-14 09:54:33 6B47CF5C27865DDF6680E4D834FBE34F 5550016 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2014-05-14 09:54:31 B6D8C1202DACA028AD94BDA2795CBBE9 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-05-14 09:54:30 851BB346CD59D9B3BC8854384C7DD5C3 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2014-05-14 09:54:30 26AF184300C0868D854D5A3092234E24 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-05-14 09:54:28 481F70241D4EA038BB02590A30F15A23 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-05-14 09:54:27 CF13522172342AD8196B329C15D68E23 44544 ----a-w- C:\Windows\Sysnative\dimsroam.dll 2014-05-14 09:54:27 BDA8B14AFE99A0C52BFEA64C5AC62171 52736 ----a-w- C:\Windows\Sysnative\dpapiprovider.dll 2014-05-14 09:54:27 9D942180B5B6CE1C882B9CC54EA1F275 57344 ----a-w- C:\Windows\Sysnative\cngprovider.dll 2014-05-14 09:54:27 692E9886B2A475684F7E3294BF66E97D 56832 ----a-w- C:\Windows\Sysnative\adprovider.dll 2014-05-14 09:54:27 4959DE74643CBC4B83E5BC99486A4FC9 53760 ----a-w- C:\Windows\Sysnative\capiprovider.dll 2014-05-14 09:54:26 C072064F95579C0D6D86AF5B3DC53192 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2014-05-14 09:54:25 9A3C6D8593F29A9F66744A3D4E6309B2 39936 ----a-w- C:\Windows\Sysnative\wincredprovider.dll 2014-05-14 09:54:25 204F3F58212B3E422C90BD9691A2DF28 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2014-05-14 09:54:24 82A72E99AA1CF0B04D3B9843CBA3AEC1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-05-14 09:54:24 8098627D0AA1706D69C5AF3F74332ABB 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2014-05-14 09:54:24 39312B37C5FE5138F99680A49ACD3AEA 28160 ----a-w- C:\Windows\Sysnative\secur32.dll ====== C:\Windows\Sysnative\drivers ===== 2014-05-18 12:16:30 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-05-18 12:15:59 C49915271600CFC2305FAA4271D0002F 63192 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-05-18 12:15:59 4A1356200B82B852E137B687F03E8054 88280 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-05-18 12:15:58 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-05-15 13:13:01 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-05-15 12:44:41 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-05-15 12:44:41 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-05-14 09:54:29 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-05-14 09:54:26 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-05-13 12:20:26 18A542A22A31DFFEA51666E75393E7A5 235800 ----a-w- C:\Windows\Sysnative\drivers\avgldx64.sys 2014-05-13 12:20:06 6FB25E61AC5885F5BD8BC5202D129BDF 273176 ----a-w- C:\Windows\Sysnative\drivers\avgtdia.sys 2014-05-13 12:05:40 73B684F26AD82BABC2A1B3E539ED027A 191768 ----a-w- C:\Windows\Sysnative\drivers\avgidsha.sys 2014-05-13 12:05:08 D89F8E4E025DAA0C39FF61AC0199E101 152344 ----a-w- C:\Windows\Sysnative\drivers\avgdiska.sys 2014-05-13 12:05:06 ADC65C6074A994D91CA9C6339C3DC978 130328 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys 2014-05-13 12:04:56 F9984B8432204D000E15DE0A40D6F9AD 236312 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2014-05-13 12:04:30 7D206FA06603E95984EFF9822C9FC958 31512 ----a-w- C:\Windows\Sysnative\drivers\avgrkx64.sys ====== C:\Windows\Tasks ====== 2014-05-12 12:56:04 C2BAD24E62A19379C1033D19D4336C69 3002 ----a-w- C:\Windows\Sysnative\Tasks\{0AC7FCCA-4F51-491B-AA4D-961D77528EF2} 2014-05-11 15:02:45 DC9099E05B9406E776BD9DDA4F0763BD 3168 ----a-w- C:\Windows\Sysnative\Tasks\{3D559E10-AD91-4AE0-90BA-634B9AC21196} 2014-05-11 15:01:16 30B02F085F4717AF178959349CD6C550 3156 ----a-w- C:\Windows\Sysnative\Tasks\{E7E6B778-371F-4870-AAFD-1E1F4D14DF82} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-05-21 06:09:35 -------- d-----w- C:\Program Files\iPod 2014-05-21 06:09:33 -------- d-----w- C:\Program Files\iTunes 2014-05-10 15:25:12 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-05-21 06:09:33 -------- d-----w- C:\PROGRA~2\iTunes 2014-05-19 12:16:00 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-05-19 12:14:41 -------- d-----w- C:\PROGRA~2\Java 2014-05-15 07:07:02 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-04-30 09:11:14 -------- d-----w- C:\PROGRA~2\Audacity ======= C: ===== ====== C:\Users\toshiba\AppData\Roaming ====== 2014-05-19 14:58:51 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp 2014-05-19 14:58:51 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-05-19 14:58:51 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-05-19 14:58:50 -------- d-----w- C:\Users\toshiba\AppData\Local\Temp 2014-05-19 14:58:50 -------- d-----w- C:\Users\Public\AppData\Local\temp 2014-05-19 14:58:50 -------- d-----w- C:\Users\Default\AppData\Local\temp 2014-05-19 14:58:50 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2014-05-19 11:35:12 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun 2014-05-18 12:10:10 -------- d-sh--w- C:\Users\toshiba\AppData\Local\EmieUserList 2014-05-18 12:10:10 -------- d-sh--w- C:\Users\toshiba\AppData\Local\EmieSiteList 2014-05-12 13:01:43 -------- d-----w- C:\Users\toshiba\AppData\Roaming\AVG2014 2014-05-12 13:00:54 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014 2014-05-12 13:00:20 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014 2014-05-12 12:58:14 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014 2014-05-12 12:57:17 -------- d-----w- C:\Users\toshiba\AppData\Local\Avg2014 2014-04-30 09:12:30 -------- d-----w- C:\Users\toshiba\AppData\Roaming\Audacity ====== C:\Users\toshiba ====== 2014-05-21 06:11:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-21 06:09:33 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-19 12:16:09 -------- d-----w- C:\ProgramData\Oracle 2014-05-19 12:15:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-19 12:07:49 92DF65EF28BD86A2EA4506310A76F9ED 921512 ----a-w- C:\Users\toshiba\Downloads\JavaSetup7u55.com 2014-05-19 09:15:56 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches 2014-05-12 13:00:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-05-12 12:58:41 -------- d-----w- C:\ProgramData\AVG2014 2014-05-10 15:25:55 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\toshiba\Downloads\RSITx64.exe ====== C: exe-files == 2014-05-23 13:11:11 184F24063DD5CD46D91F8ABDFB2A0E97 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1573529791-4049238610-3989334239-1000\$I1F5IKE.exe 2014-05-23 13:10:36 22462CA45BDBF3C5D92B342B9F858BEB 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-1573529791-4049238610-3989334239-1000\$IZPSRT1.exe 2014-05-23 12:33:11 3AF5806AAB54D86CDA7AAA034FD2C35E 38382160 ----a-w- C:\Program Files (x86)\Google\Update\Install\{B749C554-642C-41F8-9659-DF9338A7FCD8}\35.0.1916.114_chrome_installer.exe 2014-05-23 12:33:10 3AF5806AAB54D86CDA7AAA034FD2C35E 38382160 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.114\35.0.1916.114_chrome_installer.exe 2014-05-23 07:37:48 29198D93029027C9BB4DA8E9C70AF13E 26832976 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.114\35.0.1916.114_34.0.1847.137_chrome_updater.exe 2014-05-23 07:37:32 42AE0E1DB345024D8BD703C661715022 25165824 ----a-w- C:\Users\toshiba\Dropbox\.dropbox.cache\dropbox-upgrade-2.6.33.exe 2014-05-21 06:03:27 CA23D2D9A390E40AD505C1D8E1884DA8 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.2.0.115\SetupAdmin.exe 2014-05-19 12:15:13 6EA69D2312F3571F6F8BEADD224165E8 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-05-19 12:15:04 9533FE0A942E00114047140B42DF8E3D 175016 ----a-w- C:\Windows\SysWOW64\java.exe 2014-05-19 12:15:04 37C15684482B4D596316735DCEEE939A 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-05-19 12:14:48 FB67D8F555AA8E847DC6D7BFFF69C1C1 145832 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe 2014-05-19 12:14:48 B1CE4931FCA0E9D6493F18440A492472 49576 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe 2014-05-19 12:14:48 829199AE07062FE066CCD037190B4D04 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe 2014-05-19 12:14:48 7151FDB921CC188833E69690E969616A 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe 2014-05-19 12:14:48 67E721D8CA3F26695C2836870FF395E0 16808 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe 2014-05-19 12:14:48 5F32AD07982BE93452A755CE94F130BA 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe 2014-05-19 12:14:48 3B8C2991462B84868BB04C67E197CFC1 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe 2014-05-19 12:14:48 21190A2C683911E97E6484632F0A11AF 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe 2014-05-19 12:14:47 E788AC8198E99F9DA268A35719462DEF 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe 2014-05-19 12:14:47 CA8C3C3510377A38A0FD0386B1C8700D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe 2014-05-19 12:14:47 B863FBED45DA51498B42DEAE76006D94 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe 2014-05-19 12:14:47 3DAA029309C13F0A8DFB839372A3E8D3 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe 2014-05-19 12:14:47 0F298580559EE0929C572CFEB99B5AAA 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe 2014-05-19 12:14:46 C38B939945B2357D56B105C8F8FE7C45 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe 2014-05-19 12:14:46 77430E8234A0050ECCC5E2F5B30A7BEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe 2014-05-19 12:14:44 6EA69D2312F3571F6F8BEADD224165E8 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe 2014-05-19 12:14:44 37C15684482B4D596316735DCEEE939A 175528 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe 2014-05-19 12:14:44 00F5108D91D768CA9D4ABC5E5053F50F 68008 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 2014-05-19 12:14:43 FBC892A1196A03F695F112A5EDE032DC 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe 2014-05-19 12:14:43 9533FE0A942E00114047140B42DF8E3D 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe 2014-05-19 12:14:43 58B60ED489B1EDFA2BCDCAAF90B5EDD8 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe 2014-05-19 12:13:25 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\toshiba\AppData\LocalLow\Sun\Java\jre1.7.0_55\lzma.exe 2014-05-19 09:16:24 2C649861CD2408C4DD234CDA380B5571 16912 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgrdtesta.exe 2014-05-19 09:16:21 DF7181D515DE9E7639EF6AB217F87B3F 62992 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avguirux.exe 2014-05-19 09:16:20 CF72A115AC0342E0D1690B2277B1C5A4 6092288 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe 2014-05-19 09:16:20 2B806C2FDDE8C362513232CEC92A7290 15888 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgrdtestx.exe 2014-05-18 06:04:36 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-05-18 06:04:36 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-05-18 06:04:35 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-05-18 06:04:35 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-05-18 06:04:24 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-05-18 06:04:12 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-05-18 06:04:12 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-05-18 06:03:53 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-05-18 06:03:53 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-05-18 06:03:45 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-05-18 06:03:45 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe === C: other files == 2014-05-19 12:14:48 D95F1D4129F0CB2F7626CDCBAC2F512B 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip 2014-05-19 12:07:49 92DF65EF28BD86A2EA4506310A76F9ED 921512 ----a-w- C:\Users\toshiba\Downloads\JavaSetup7u55.com 2014-05-18 12:16:30 6140163BFE9D8F2DFDBA088ED5521C13 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-05-18 12:15:59 C49915271600CFC2305FAA4271D0002F 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-05-18 12:15:59 4A1356200B82B852E137B687F03E8054 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-05-18 12:15:58 FD5465B876D55534117963FAAA4B9DFC 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-05-17 05:39:09 D43A9D58F1AA9E9E46E2FA1505A78D63 1807846 ----a-w- C:\ProgramData\Garmin\Core Update Service\GRG-COL-Parking Lot Bundle\bundleParkingLot.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-21-1573529791-4049238610-3989334239-1000\Software\Microsoft\Windows\CurrentVersion\Run] "NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP" "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SVPWUTIL"="C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL" "HWSetup"="C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP" "KeNotify"="C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe LPCM" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 " "CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert_8hbar Uninstall] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Allin1Convert_8hbar Uninstall" "hkey"="HKLM" "command"="rundll32 C:\\PROGRA~2\\8HUNIN~1.DLL,O -3 uninstalltype=IE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GarminExpressTrayApp" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IncrediMail] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IncrediMail" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\IncrediMail\\bin\\IncMail.exe /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBAgent" "hkey"="HKLM" "command"="\"c:\\Program Files (x86)\\Nero\\Nero 10\\Nero BackItUp\\NBAgent.exe\" /WinStart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NokiaSuite.exe" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="swg" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TOPI.EXE] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TOPI.EXE" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Online Product Information\\topi.exe /STAR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toshiba Registration] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Toshiba Registration" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\Registration\\ToshibaReminder.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toshiba TEMPRO] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Toshiba TEMPRO" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Toshiba TEMPRO\\TemproTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToshibaServiceStation] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ToshibaServiceStation" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Service Station\\ToshibaServiceStation.exe /hide:60" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosNC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosNC" "hkey"="HKLM" "command"="%ProgramFiles%\\Toshiba\\BulletinBoard\\TosNcCore.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosReelTimeMonitor] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosReelTimeMonitor" "hkey"="HKLM" "command"="%ProgramFiles%\\TOSHIBA\\ReelTime\\TosReelTimeMonitor.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosSENotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosSENotify" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\TOSHIBA HDD SSD Alert\\TosWaitSrv.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosVolRegulator] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TosVolRegulator" "hkey"="HKLM" "command"="C:\\Program Files\\TOSHIBA\\TosVolRegulator\\TosVolRegulator.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk] "item"="Toshiba Places Icon Utility" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Toshiba Places Icon Utility.lnk" "backup"="C:\\Windows\\pss\\Toshiba Places Icon Utility.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\TOSHIBA\\TOSHIB~3\\TOSDIM~1.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^toshiba^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk] "item"="OpenOffice.org 3.4.1" "path"="C:\\Users\\toshiba\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.4.1.lnk" "backup"="C:\\Windows\\pss\\OpenOffice.org 3.4.1.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\OPENOF~1.OR~\\program\\QUICKS~1.EXE" ==== Startup Folders ====================== 2011-05-02 13:10:15 1258 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2011-05-02 13:10:15 1258 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2014-05-23 07:37:20 1063 ----a-w- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-05-2014 15:53] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-02-2012 10:13] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-02-2012 10:13] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\SysNative\tasks\4927" [wscript.exe C:\Users\toshiba\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\ConfigFree Startup Programs" [C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\{0AC7FCCA-4F51-491B-AA4D-961D77528EF2}" [C:\Users\toshiba\Downloads\avg_free_x64_all_2014_4577a7359.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Chrome Look ====================== Google Docs - toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Wallet - toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {A4DBC004-B83F-4138-BF87-A747E0EF3A62} Bing Url="http://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox" {EF7D0E23-43C9-467F-AC8E-9715860B327F} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7AURU_nlNL501" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Dropbox.lnk = toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB O18 - Protocol: linkscanner - (no CLSID) - (no file) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1038 folders=208 147626134 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\toshiba\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\toshiba\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 23-05-2014 at 17:01:52,72 ======================