Zoek.exe v5.0.0.0 Updated 26-10-2014 Tool run by Nick on ma 27-10-2014 at 22:30:25,80. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Nick\Downloads\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 27-10-2014 22:32:55 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\Nick\AppData\Roaming\JPEGsnoop deleted successfully C:\Users\Nick\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Nick\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Nick\AppData\Local\Bundled software uninstaller deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files\AVAST Software\Avast\avastui.exe C:\Users\Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nick\Downloads\zoek (1).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update service deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\Nick\.android deleted C:\PROGRA~2\MyFree Codec deleted C:\PROGRA~2\Wondershare deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\Users\Nick\AppData\Roaming\Wondershare deleted C:\PROGRA~3\Registry Helper deleted C:\Users\Nick\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\AI_RecycleBin deleted C:\end deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\RegistryHelperLM.ocx deleted "C:\Users\Nick\AppData\Local\PMB Filer?pa" deleted "C:\Program Files (x86)\Popcorn Time" deleted "C:\PROGRA~2\Windows Portable Devices" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4003 MB CPU Info: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz CPU Speed: 2538,4 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | NVIDIA GeForce 610M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: 802.11n Wireless LAN Card | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) CD / DVD Drives: 3x (E: | F: | G: | ) E: MATSHITADVD-RAM UJ8B0AW | F: | G: Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 119,2GB | D: 153,9GB Hard Disks - Free: C: 19,6GB | D: 46,7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 12/22/11 | _ASUS_ - 6222004 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer Inc. K73SD Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 38.0.2125.111 Internet Explorer Version: 11.0.9600.17358 Google Chrome version: 38.0.2125.111 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Nick\AppData\Local\Temp ==== 2014-10-21 17:07:29 76899DB53374DCB97308C827B60738D9 24512 ----a-w- C:\Users\Nick\AppData\Local\Temp\SIntfNT.dll 2014-10-21 17:07:28 C72263A0B16B36E0B4BD2FD442FFFD54 12067 ----a-w- C:\Users\Nick\AppData\Local\Temp\SIntf16.dll 2014-10-21 17:07:28 3F760DC6E191C9FD1382D676D74ACFE0 19924 ----a-w- C:\Users\Nick\AppData\Local\Temp\SIntf32.dll 2014-10-21 17:07:24 86323BDA0F577C8C4AF93A800CDFC5D3 37376 ----a-w- C:\Users\Nick\AppData\Local\Temp\CmdLineExt01.dll 2014-10-20 20:04:55 4E566FEA83FCEEAF2873702806B55006 43008 ----a-w- C:\Users\Nick\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7_c8ap.dll 2014-10-18 19:55:24 CD56E4F730ECF4B11A96A64C3D4D0905 316544 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_wwanecm.sys 2014-10-18 19:55:24 6B5E4D5E6E5ECD6ACD14AED59768CE5C 28672 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\usbccid.sys 2014-10-18 19:55:24 50B06713A12D9916BB1A2F36DDBB5964 376448 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_wwanecm.sys 2014-10-18 19:55:23 EDB56860790F4A988298BA10E1DCFA84 117248 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_cdcecm.sys 2014-10-18 19:55:23 E5950BF1A7156DB9599B4D3CC59005BD 208384 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_juwwanecm.sys 2014-10-18 19:55:23 DC63053744A3086BE6E473A93D48EE39 77824 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_jubusenum.sys 2014-10-18 19:55:23 CACBDF30051DFB383E24B3E731D82BDE 22016 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_hwupgrade.sys 2014-10-18 19:55:23 ABD9692AC0C6891DC02BC7DE559F967E 19200 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_hwupgrade.sys 2014-10-18 19:55:23 A744D66BCD4CABDD4B111D9E220B4D57 95232 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_hwusbdev.sys 2014-10-18 19:55:23 9FF1915F672AACA0E241A11F7E0BB677 246272 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_juwwanecm.sys 2014-10-18 19:55:23 9B5E73BE5ABE398D9A0ABDE9194B38E6 134784 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_cdcecm.sys 2014-10-18 19:55:23 86A435B98574BEC232D19262E8B76FD3 77312 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_jucdcecm.sys 2014-10-18 19:55:23 73E0BB3F22FD486458D89DC469225DD0 110592 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_jucdcacm.sys 2014-10-18 19:55:23 7230F4CF9F20DCD1DBF4BB3296EEED68 109568 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_hwusbdev.sys 2014-10-18 19:55:23 6DFC27CB945CB886AFF5DC69195E034B 108032 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_cdcacm.sys 2014-10-18 19:55:23 6B4AC26C62F55AF324E3809EE2AD9F0C 11904 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_usbenumfilter.sys 2014-10-18 19:55:23 61BE99E6D1EA098CA00144D624EEF871 27776 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_juextctrl.sys 2014-10-18 19:55:23 6196072AB259D45261619FA1230D6E1A 91648 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_jubusenum.sys 2014-10-18 19:55:23 616A53FCE073763DDB010A6CEC75FD56 101248 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_jucdcacm.sys 2014-10-18 19:55:23 5222D99C7E3245882E864D2EA7011387 14976 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_usbenumfilter.sys 2014-10-18 19:55:23 4565D7B2738BA36D7B723A9E46D5C32E 30720 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_juextctrl.sys 2014-10-18 19:55:23 2148D4F231408223DC33BD2F0B6A785C 70528 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ew_jucdcecm.sys 2014-10-18 19:55:23 106D9D117070AF30E09F69ECA1718D75 121728 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ew_cdcacm.sys 2014-10-18 19:55:22 DBD1B4FC295AD6CDA49A4923264E115B 456192 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ewusbwwan.sys 2014-10-18 19:55:22 484244A76C3FD64FAC99E780641E9843 381952 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ewusbwwan.sys 2014-10-18 19:55:21 F572B7467B5CB4FA8FB6319575902E41 32768 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ewdcsc.sys 2014-10-18 19:55:21 F49001B6ECB47DFE50DBFE7F66984D88 609872 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\UpdateDog\RunOuc.exe 2014-10-18 19:55:21 F3C3D7D0DFD42AB30BF59E826248735F 78944 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\XStartScreen.exe 2014-10-18 19:55:21 B42560BD7EE5F11E6841AEBD5AF02D85 743424 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\mt.exe 2014-10-18 19:55:21 672AD51D34871AC48038C23CF829282E 71760 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\UpdateDog\RunLiveUpd.exe 2014-10-18 19:55:21 53CDBB093B0AEE9FD6CF1CBD25A95077 290304 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\subinacl.exe 2014-10-18 19:55:21 53B8D9B905223CBB6317B0FFF61D155A 651856 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\UpdateDog\ouc.exe 2014-10-18 19:55:21 4216386DA9622C9AD330AA749C1E6517 226048 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ewusbmdm.sys 2014-10-18 19:55:21 31309017CA0EB3DF78AA8BD01DA12241 199168 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ewusbmdm.sys 2014-10-18 19:55:21 21B9BACDD4418B59B546C42B4C5A084A 25856 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ewdcsc.sys 2014-10-18 19:55:21 1CC0C005013D5AE3E684550C5D43D34E 286720 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\ewusbnet.sys 2014-10-18 19:55:21 189774E141CE6B5C99BF59F15AF6496E 19808 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\UnblockPin.exe 2014-10-18 19:55:21 14385332A1F7BD012AD869141E7B9E38 249600 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\ewusbnet.sys 2014-10-18 19:55:20 9541F5DB55D4C5B2BD9629634ADA1B15 1531472 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\UpdateDog\LiveUpd.exe 2014-10-18 19:55:20 329C83407B52F6A1BEDA0AF5B2525A30 333176 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\DriverUninstall.exe 2014-10-18 19:55:20 180E02BA1A00AF222C4A60713D31FFAF 515072 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\mobilepartner.exe 2014-10-18 19:55:19 B604B551D9F35C112D38A2F08857F292 333176 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\DriverSetup.exe 2014-10-18 19:55:19 9354199CF530A9F2BB85384EFEF067C7 301696 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\devsetup32.exe 2014-10-18 19:55:19 7D8DFF95D0E6657966653CEBE36218EA 416384 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\devsetup64.exe 2014-10-18 19:55:19 43FAC43DC2FEC11CBE384338AA8502ED 181640 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunUninstall.exe 2014-10-18 19:55:18 EE41D31BFA0AFAC19FE6D23EE174D452 579912 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AutoRun\AutoRunSetup.exe 2014-10-18 19:55:18 D0141DBF9B2E3AB0A326CE05194CC28D 607584 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AddPbk.exe 2014-10-18 19:55:18 9B1DB2DE91D136428D5E1315DEF3CE21 270848 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\XFramePlugin.dll 2014-10-18 19:55:17 A4EFD22E2F5EBB56690AE417606224AA 157696 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\Trace.dll 2014-10-18 19:55:17 A2F8E991E957A4022528D9F48070E9F5 174080 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\VPNPlugin.dll 2014-10-18 19:55:17 8517CFA6F408BBF856B32BD643A32975 142336 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\USSDSrvPlugin.dll 2014-10-18 19:55:17 81D9BCCEB78795CD0315B24960F2D130 1112288 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\WdfCoInstaller01007.dll 2014-10-18 19:55:17 7280F30AD6268C8BBA57DF0AB3C745CA 155648 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\Win7Support.dll 2014-10-18 19:55:17 3C59CC19F9B0E415B69B8FA93C03EC7C 195584 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\XCodec.dll 2014-10-18 19:55:17 21214A58C09543607DB947EDBD050593 487424 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\USSDUIPlugin.dll 2014-10-18 19:55:17 0E9AD2D3784A0996A5131512939C09C0 1490656 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\WdfCoInstaller01007.dll 2014-10-18 19:55:16 F4FA373C130F5960E43AA279C2894364 219648 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\ToolBarMgrPlugin.dll 2014-10-18 19:55:15 E0A55F4FFE9A992D189C75091E392276 149504 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\SettingUIPlugin.dll 2014-10-18 19:55:15 D4EF1E8FC0F5790053652C3FECCF8306 157184 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\STKSrvPlugin.dll 2014-10-18 19:55:15 B4BB20D47278045339C9CECFD649FD98 704000 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\SmsAppPlugin.dll 2014-10-18 19:55:15 AAA5BC2A65E1A05531AE4B3873522EB5 855552 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\SMSUIPlugin.dll 2014-10-18 19:55:15 83FC79453F11408998CA9CB3060903B2 260096 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\STKPlugin.dll 2014-10-18 19:55:15 712E27645DC460A7F0F11B575B54B41B 220160 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\SmsSrvPlugin.dll 2014-10-18 19:55:15 55CB1F68E51EED6438F819EF76416CF3 195584 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\QuickLinkUIPlugin.dll 2014-10-18 19:55:15 47F7A554E166CB9E45E15080B215EA0E 323072 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\StatusBarMgrPlugin.dll 2014-10-18 19:55:15 382D6F31E1049CA57FFB59F0D4702A8F 224256 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\tdpcvoice.dll 2014-10-18 19:55:15 00AF957AD17E8EAE8166250AB78BF471 288768 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\sdk.dll 2014-10-18 19:55:14 F27AFC946C0286A4C8F5032D37446A8C 398336 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\qtlib\QtXml4.dll 2014-10-18 19:55:14 CCAFB213EB9EF1981A155FDA85F64BFE 370176 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\plugins\imageformats\qtiff4.dll 2014-10-18 19:55:14 4B29B99B3FE72786FB87788C079319E8 1148416 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\qtlib\QtNetwork4.dll 2014-10-18 19:55:12 86FE8FC2FF9172DA91DBF00F97C7A0F9 2417152 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\qtlib\QtCore4.dll 2014-10-18 19:55:12 24C25CB846BCB11C5192D6A12E993938 9559040 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\qtlib\QtGui4.dll 2014-10-18 19:55:11 EB90EE8111A610DE17B9A7C8DD18419A 197632 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\plugins\codecs\qcncodecs4.dll 2014-10-18 19:55:11 E9DDE61259372B0697B5365D2960B540 102400 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\OSAdapt.dll 2014-10-18 19:55:11 E861FFA34C88AAC745958C4CCE571D3C 166912 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\OSDialup.dll 2014-10-18 19:55:11 DAF79EC0FB95DCB4E2A425F89EA8665C 131584 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\OSNDIS.dll 2014-10-18 19:55:11 D02BCD2CF1F3147603F9C6DC7449415D 407552 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\Proxy.dll 2014-10-18 19:55:11 BB3551438A9874A56E24C3CD37141300 81920 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\plugins\imageformats\qico4.dll 2014-10-18 19:55:11 B13C22C23F5F02EF471EB98BACB98625 82944 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\plugins\imageformats\qgif4.dll 2014-10-18 19:55:11 8A595E965811927ED60EB31D2039A6E8 583168 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\PluginContainer.dll 2014-10-18 19:55:11 673ED5AEADBDED77EF922769BF021F45 65536 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\OSPowerMgr.dll 2014-10-18 19:55:11 55A959E8B56F6C67FB66EE74391E378B 107008 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\Outlook.dll 2014-10-18 19:55:11 53FEC05CE6AD5FC383CA4E280C484D31 350720 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\plugins\imageformats\qmng4.dll 2014-10-18 19:55:11 4980989F0D2D73772814A5A37018C74E 192000 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\plugins\imageformats\qjpeg4.dll 2014-10-18 19:55:11 2BC84D69B6AF621B1174A53C535A9BC7 62976 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\OSCall.dll 2014-10-18 19:55:11 067EFBDCAFB3B9973032FEEAD18DB4C8 103424 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\Outlook Express.dll 2014-10-18 19:55:10 95082C25DDD19E1649B9E0CD72C89175 253952 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NetSrvPlugin.dll 2014-10-18 19:55:10 6F6619D2791EC85C0A80BFEC7116748C 574976 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NetSettingPlugin.dll 2014-10-18 19:55:10 3F9909EA3F11519286A7A1587FAC7F01 97792 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NotifyServicePlugin.dll 2014-10-18 19:55:09 DB6280AF69AF9AA0305F960FC7872895 201728 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NDISPlugin.dll 2014-10-18 19:55:09 806198875D7C312A0829CD1A04403DCB 158720 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NetConnectSrvPlugin.dll 2014-10-18 19:55:09 75EC37B985905CA5139B9B06C750A889 493568 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NetInfoUIExPlugin.dll 2014-10-18 19:55:09 67500D53D009729F6F48213848A07A04 702464 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NetInfoSrvPlugin.dll 2014-10-18 19:55:09 66CB6434D29096ADD4C3B1F5E0FFB54D 212992 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NetInfoRecordUIPlugin.dll 2014-10-18 19:55:09 3F78800D3CD9BF6C2A6C26EB9D0DC46D 394240 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NetConnectPlugin.dll 2014-10-18 19:55:08 799DB824799A4F2A13AD5BC984A73FD9 1146880 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\NDISAPI.dll 2014-10-18 19:55:08 59A6413FB2CC89FD8651B1D2962FB8B9 413696 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\msvcp60.dll 2014-10-18 19:55:07 F273FC4F549598C4574B3ED8AFFFED36 176128 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\mcciwin32.dll 2014-10-18 19:55:07 DBDA60D92E774B4ACB3B1CD71F909426 11362 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\qtlib\mingwm10.dll 2014-10-18 19:55:07 C4B4409F186DA70FCF2BCC60D5F05489 43008 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\qtlib\libgcc_s_dw2-1.dll 2014-10-18 19:55:07 C1E50F08F96367F50DBBD5CFAF846196 338944 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\MenuMgrPlugin.dll 2014-10-18 19:55:07 A98E629C6FEA8C4DF177B7F5152D71BF 117248 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\LayoutPlugin.dll 2014-10-18 19:55:07 9C7486FBCAFC842F8545D76733366CEE 692224 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\LiveUpdateInterface.dll 2014-10-18 19:55:07 8FF231E3816842AF1513989868EC7217 7568 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\LocateDevice.dll 2014-10-18 19:55:07 054AF2AE070F1D7903C791831C61776E 777216 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\MiniFramePlugin.dll 2014-10-18 19:55:06 A6A92D71AF57E40CEA0D68A123A7FFDD 363008 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X64\hwgpssensor.dll 2014-10-18 19:55:05 F009A7D7FDD30660313A9C394F1AC507 599040 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\DialupUIPlugin.dll 2014-10-18 19:55:05 B44F8027A22B3F51D2D00DF809F881A6 350720 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\C16\Driver\Driver\X86\hwgpssensor.dll 2014-10-18 19:55:05 805735A30E41889B37EA2B6FF36F8FB2 66048 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\ErrorHandleSrvPlugin.dll 2014-10-18 19:55:05 455901B821F383D0FD251D627392CEDB 93696 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\ErrorHandleUIPlugin.dll 2014-10-18 19:55:04 EF2E1ECE2707F874A40AA54381630D49 731136 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\DeviceAppPlugin.dll 2014-10-18 19:55:04 EDC95AAAC470F2A2575B76C66EEEDAFC 303616 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\DiagnosisPlugin.dll 2014-10-18 19:55:04 DB5C1D0FFA71E34BD65B185FC7596DD1 730112 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\DeviceSrvPlugin.dll 2014-10-18 19:55:04 CA8351961258A51B733E9F3360AED82C 581120 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\DeviceMgrUIPlugin.dll 2014-10-18 19:55:04 248C29D6AC8B34606203A3C14E44DDAF 236032 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\DialUpPlugin.dll 2014-10-18 19:55:03 FE798EFD1ECDD3662570F051C006EAE0 119296 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\ConnectMgrUIPlugin.dll 2014-10-18 19:55:03 B6A6E73459817DA72501457614909C07 155136 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\DataServicePlugin.dll 2014-10-18 19:55:03 AE82F258FB8B629B8D58E194CFC72754 126464 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\CBSSettingPlugin.dll 2014-10-18 19:55:03 9EE32DF8A6FCCD437ABE189ABB5839A5 177152 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\CallSrvPlugin.dll 2014-10-18 19:55:03 485F081678612E00529F0E4B34129F53 628224 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\Common.dll 2014-10-18 19:55:03 2484A60FDEB7A7FAACA425701F0EA1D3 715776 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\CallUIPlugin.dll 2014-10-18 19:55:03 0BF2103EC97E09E72BFA8C9AC9C44E80 529408 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\core.dll 2014-10-18 19:55:02 608F73F462C159DB02687211BD6BF7AB 168960 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\ATR2SMgr.dll 2014-10-18 19:55:02 1AAA43B4762D04502D67C6FAC2A839C8 646144 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AtCodec.dll 2014-10-18 19:55:02 0FB50CC8E652FD88973C5A974DBE4AB6 187392 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\CallAppPlugin.dll 2014-10-18 19:55:01 FF11DEFD9A3217010FFB4314AF735C14 819712 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AddrBookUIPlugin.dll 2014-10-18 19:55:01 EC0FCF8400BDA30693042C4A064D421F 672768 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AddrBookSrvPlugin.dll 2014-10-18 19:55:01 8238D960E2F51856D9699A37FEEAB58A 1124352 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AddrBookPlugin.dll 2014-10-18 19:55:01 67D8989241DE8A091B9D6B04577CCE58 81920 ----a-w- C:\Users\Nick\AppData\Local\Temp\UTPS\common\AboutPlugin.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-10-15 19:14:00 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\SysWOW64\mscorier.dll 2014-10-15 19:14:00 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\SysWOW64\dfshim.dll 2014-10-15 19:13:59 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\SysWOW64\mscories.dll 2014-10-15 19:13:49 2C5D7D6C3C3E998306F0BFD7FF7114B9 744960 ----a-w- C:\Windows\SysWOW64\blackbox.dll 2014-10-15 19:13:47 C1140AAB50F59C68394CE4C4046A9A8D 988160 ----a-w- C:\Windows\SysWOW64\drmv2clt.dll 2014-10-15 19:13:41 089236B6EC2E6C52A1864B79A09D7690 617984 ----a-w- C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-15 19:13:39 152FCD9B979D70FDB703A28152B634EA 11411456 ----a-w- C:\Windows\SysWOW64\wmp.dll 2014-10-15 19:13:36 F50F1EBD832CA070E1717C2044806ECF 3208704 ----a-w- C:\Windows\SysWOW64\mf.dll 2014-10-15 19:13:36 1858EF9B8A1E334AC1262D664367F451 406016 ----a-w- C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-15 19:13:35 9153F819C855EBD72417DAE7C176CF50 442880 ----a-w- C:\Windows\SysWOW64\AUDIOKSE.dll 2014-10-15 19:13:31 776DBF61BA3E8FA64FFA052559A29174 195584 ----a-w- C:\Windows\SysWOW64\AudioSes.dll 2014-10-15 19:13:29 FDA08BEB01B0B0E372088DC21CBA73F3 3970488 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-15 19:13:27 623E143F2DF17C0106A9988F5D7DC878 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2014-10-15 19:13:26 E365C7B3EBB96451D3C9DF6B6B6900C2 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2014-10-15 19:13:25 F8028D69DE63F180623D4444A39BAB3E 489984 ----a-w- C:\Windows\SysWOW64\evr.dll 2014-10-15 19:13:25 B18B9BD51C8D86596110B9ABD138B92F 3914680 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-15 19:13:24 5C3BA07E215B4F693E7D78D6F4980D98 1329664 ----a-w- C:\Windows\SysWOW64\quartz.dll 2014-10-15 19:13:23 8C147D67D4E75882DA88206DF098229A 354816 ----a-w- C:\Windows\SysWOW64\mfplat.dll 2014-10-15 19:13:23 6BB12A7CA8779D96334B258548B071F5 1005056 ----a-w- C:\Windows\SysWOW64\cryptui.dll 2014-10-15 19:13:23 454BF1E3B844306E764ADC0EA7B6E64C 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2014-10-15 19:13:21 77F95AE51E834BAFE903912F7EBE825B 374784 ----a-w- C:\Windows\SysWOW64\AudioEng.dll 2014-10-15 19:13:21 6B07EE9C7668D2C704563DA838026828 81408 ----a-w- C:\Windows\SysWOW64\cryptsp.dll 2014-10-15 19:13:18 534177269B23D1999DD1FCA50A396611 504320 ----a-w- C:\Windows\SysWOW64\msscp.dll 2014-10-15 19:13:18 4BA17820B97F1CAED69E5BE5F1BC7C96 265216 ----a-w- C:\Windows\SysWOW64\msnetobj.dll 2014-10-15 19:13:17 60FBCF033FF42A40C916C01A962A8802 50176 ----a-w- C:\Windows\SysWOW64\rrinstaller.exe 2014-10-15 19:13:16 20257A0BFB824B49055A6EEC29C72C03 103424 ----a-w- C:\Windows\SysWOW64\mfps.dll 2014-10-15 19:13:14 4F1FCBB6A312825B9A84F813E5093AE9 50688 ----a-w- C:\Windows\SysWOW64\appidapi.dll 2014-10-15 19:13:11 D17954CA6343F43B62637F51996B4E95 23040 ----a-w- C:\Windows\SysWOW64\mfpmp.exe 2014-10-15 19:13:11 9590D4F5699C176217A8CA2330E54D8A 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2014-10-15 19:13:08 E637A7187CAFB3EEEED0540CBEF27C8B 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll 2014-10-15 19:13:07 73AC4B12E706CD7D0447976507E50DBE 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll 2014-10-15 19:13:04 73AC4B12E706CD7D0447976507E50DBE 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx 2014-10-15 19:13:01 52096F5F476733F2E2725CF346FF373B 2048 ----a-w- C:\Windows\SysWOW64\mferror.dll 2014-10-15 19:12:58 A7DD5C1F29877A473265D4B98B3495ED 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2014-10-15 19:12:35 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-15 19:12:35 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-10-15 19:12:34 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-10-15 19:12:34 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-10-15 19:12:33 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-10-15 19:12:32 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-10-15 19:12:31 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-10-15 19:12:31 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-10-15 19:12:31 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-15 19:12:30 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-10-15 19:12:29 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-10-15 19:12:28 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-10-15 19:12:27 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-10-15 19:12:26 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-10-15 19:12:24 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-10-15 19:12:23 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-10-15 19:12:23 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-10-15 19:12:22 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-10-15 19:12:17 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-10-15 19:12:17 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-10-15 19:12:17 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-15 19:12:16 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-10-15 19:12:16 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-10-15 19:12:15 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-10-15 19:12:14 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-15 19:12:14 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-10-15 19:11:41 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-10-15 19:11:34 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\SysWOW64\rastls.dll 2014-10-15 19:11:23 3ABACF6D4EBEA5EF3014FEFA1D8FF5F8 3221504 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-10-15 19:11:19 0DBD0B4D4766CADEB8C30242A0611395 1051136 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2014-10-15 19:11:17 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\SysWOW64\winsta.dll 2014-10-15 19:11:15 97896EE4254176CFDD9010B5B243B89F 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2014-10-15 19:11:15 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-10-15 19:11:13 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-10-15 19:11:03 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\SysWOW64\packager.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-10-15 19:14:02 5602D4C331FD7938ADE06D9242138922 3198976 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-10-15 19:14:00 5083CC5456FE8A5D21ECF9E32ACC779F 1943696 ----a-w- C:\Windows\Sysnative\dfshim.dll 2014-10-15 19:14:00 2D6C77A3DB3D8EE00FB55834A67E4073 156312 ----a-w- C:\Windows\Sysnative\mscorier.dll 2014-10-15 19:13:59 50EC828370CB5F5E9FF08B10F1B701C8 73880 ----a-w- C:\Windows\Sysnative\mscories.dll 2014-10-15 19:13:49 2F5AF776A7B24C6B82D20B5F3179B235 842240 ----a-w- C:\Windows\Sysnative\blackbox.dll 2014-10-15 19:13:48 EF86A7118A3950F03B364FAC93A08E96 1202176 ----a-w- C:\Windows\Sysnative\drmv2clt.dll 2014-10-15 19:13:44 73D3B2408952890DE8157EAA014B9A52 14632960 ----a-w- C:\Windows\Sysnative\wmp.dll 2014-10-15 19:13:42 FE4ABDE0BC70BF9F82531FDB416C4B4E 4120576 ----a-w- C:\Windows\Sysnative\mf.dll 2014-10-15 19:13:42 868FE3B478D05A225D27A28E933CE33C 782848 ----a-w- C:\Windows\Sysnative\wmdrmsdk.dll 2014-10-15 19:13:40 87222A707545E783D9FAE7940645A2C3 500224 ----a-w- C:\Windows\Sysnative\AUDIOKSE.dll 2014-10-15 19:13:37 5807843607013D16EEEDC15DA4AA83E7 497664 ----a-w- C:\Windows\Sysnative\drmmgrtn.dll 2014-10-15 19:13:35 999A7FD4D9F8B1656F1167D94743E50A 457400 ----a-w- C:\Windows\Sysnative\ci.dll 2014-10-15 19:13:34 84396ACFCF981E2CBFACD084DF1271B9 616352 ----a-w- C:\Windows\Sysnative\winresume.efi 2014-10-15 19:13:33 DA9AF4793B4874BE0BE28170DB890CDF 440832 ----a-w- C:\Windows\Sysnative\AudioEng.dll 2014-10-15 19:13:33 00B454421642EF68B7A17D2C153920E2 693176 ----a-w- C:\Windows\Sysnative\winload.efi 2014-10-15 19:13:32 C2664AA33B7127C737FC5612EBEB4DE9 619056 ----a-w- C:\Windows\Sysnative\winload.exe 2014-10-15 19:13:32 8F3FE4C327D30629266F1F0650C2E910 1574400 ----a-w- C:\Windows\Sysnative\quartz.dll 2014-10-15 19:13:31 7FC292D1527EDFEBA2576B6789DE6AB5 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll 2014-10-15 19:13:31 73D81B5B4B2655CB1B5662E770F755D5 532176 ----a-w- C:\Windows\Sysnative\winresume.exe 2014-10-15 19:13:31 19D511CC455C19DE1ADF60E6C39C85B6 187904 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2014-10-15 19:13:30 F06D511B37BB101A7951A1837224B7A5 631808 ----a-w- C:\Windows\Sysnative\evr.dll 2014-10-15 19:13:30 D382414098819BA8A0C2A5F362A710DC 5551032 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2014-10-15 19:13:28 6B381E24EC6A6519DC0A67F1DF5EF82C 284672 ----a-w- C:\Windows\Sysnative\EncDump.dll 2014-10-15 19:13:27 08835F1772B58DE4C3AAF604760276A5 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll 2014-10-15 19:13:26 C92075D9FFC8429E6CA1279EA8D25722 296448 ----a-w- C:\Windows\Sysnative\AudioSes.dll 2014-10-15 19:13:26 81A2008198A6E450E4BC7EF361154C8A 1069056 ----a-w- C:\Windows\Sysnative\cryptui.dll 2014-10-15 19:13:25 2C1B6A64294F2182DC4999F923873974 679424 ----a-w- C:\Windows\Sysnative\audiosrv.dll 2014-10-15 19:13:24 4BE4D8091FBE4DE496B3EFBA206F29AE 432128 ----a-w- C:\Windows\Sysnative\mfplat.dll 2014-10-15 19:13:23 724EE88C7003974720087A4344331FC1 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2014-10-15 19:13:23 256390425414F90FCBC12F525A84EB11 188416 ----a-w- C:\Windows\Sysnative\pcasvc.dll 2014-10-15 19:13:22 D9A61370B40ABAA9F509113504CD8425 82432 ----a-w- C:\Windows\Sysnative\cryptsp.dll 2014-10-15 19:13:21 6F86A81133E8D468DDBE74E2A96CEA03 641024 ----a-w- C:\Windows\Sysnative\msscp.dll 2014-10-15 19:13:19 F71CA01C24FC3798A717B5A6F682F9AD 32256 ----a-w- C:\Windows\Sysnative\appidsvc.dll 2014-10-15 19:13:19 F4F4D51214FEC718D798CA4FF7629FC5 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2014-10-15 19:13:19 D179B4872554CFFD5621FD76E4469C81 325632 ----a-w- C:\Windows\Sysnative\msnetobj.dll 2014-10-15 19:13:18 A8DDFADCA566D4EA38C9DA928D14A658 126464 ----a-w- C:\Windows\Sysnative\audiodg.exe 2014-10-15 19:13:18 01C98E5902E428D5C7EA136895FAEF4C 58880 ----a-w- C:\Windows\Sysnative\appidapi.dll 2014-10-15 19:13:17 68E09E7CD4DC52F132A4B492ACE8C243 55808 ----a-w- C:\Windows\Sysnative\rrinstaller.exe 2014-10-15 19:13:16 9797A23F773C0782A0D91BEC44054166 206848 ----a-w- C:\Windows\Sysnative\mfps.dll 2014-10-15 19:13:14 D79539E35A0F4A1A6E5DC9A268696DC5 146944 ----a-w- C:\Windows\Sysnative\appidpolicyconverter.exe 2014-10-15 19:13:13 AB2EB93A982A2C26BA3E4D2D65328804 24576 ----a-w- C:\Windows\Sysnative\mfpmp.exe 2014-10-15 19:13:12 C15F3DF9122C70F42AC6D66CBC90918B 63488 ----a-w- C:\Windows\Sysnative\setbcdlocale.dll 2014-10-15 19:13:11 310A2A61A5588D932002F83651188C9E 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2014-10-15 19:13:10 B86AE91A441FA81CFFF2B53F2A1BF123 17920 ----a-w- C:\Windows\Sysnative\appidcertstorecheck.exe 2014-10-15 19:13:09 5C90E1F072AF0579620B500DA14588C3 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll 2014-10-15 19:13:08 855056F06F3677063DB2CC51899BC216 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx 2014-10-15 19:13:08 855056F06F3677063DB2CC51899BC216 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll 2014-10-15 19:13:00 63578DB847FCC40883CB8F303E785D46 2048 ----a-w- C:\Windows\Sysnative\mferror.dll 2014-10-15 19:12:57 71EF970D853661A6BAFBD45C36714FEC 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2014-10-15 19:12:41 974F83636F841739FEA5CC6219BFB241 276480 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-10-15 19:12:41 510D5492BCA9E63E10E3CE0285965722 507392 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-10-15 19:12:37 767D478BB4B2F84B47B3C0956E6A5A05 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-10-15 19:12:34 C109D5136DF0A6CA668C7AD888AA125F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-10-15 19:12:33 739D9C9F220CCEDAFD8212C6B976B60D 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-10-15 19:12:33 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-10-15 19:12:31 DD8E9C85F9F428859713055183661956 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-10-15 19:12:31 4D21F4FDF57DF86FAD9149ED1C071D15 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-10-15 19:12:27 87D14AF9A2C3F3D5233B613CFA9C321D 378552 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-10-15 19:12:27 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-10-15 19:12:25 B07E9AFF50DC007E7D5AC54736AA5A25 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-10-15 19:12:24 E9109E91BB8366759822DC2FC9B5DA8B 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-10-15 19:12:23 DAF317E9F4CEC206D0D443014A427341 446464 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-10-15 19:12:22 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-10-15 19:12:20 0467A4DDA6B2CE8E27A8178BF035BA18 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-10-15 19:12:19 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-10-15 19:12:18 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-10-15 19:12:15 BE37AA454460539877420951EEA16EF0 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-10-15 19:12:12 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-10-15 19:12:12 88D2165E07CEDC3F34CBE1A5A807673D 595968 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-10-15 19:12:10 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-10-15 19:12:09 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-10-15 19:12:08 F9FA80C1CB6EAC55A7F534937F6AC4E4 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-10-15 19:12:08 70527367E5779C3537992F0768D9C59A 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-10-15 19:12:07 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-10-15 19:12:07 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-10-15 19:12:06 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-10-15 19:12:06 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-10-15 19:12:05 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-10-15 19:12:03 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-10-15 19:12:01 EB710A3AF29BEC4EE7475A1ED5C575DE 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-10-15 19:11:59 15847E14811FEDDF77E934AF4F0BEF45 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-10-15 19:11:58 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-10-15 19:11:42 ADD3F2C3E6B89BD16D4BFC61B3658DD9 3241472 ----a-w- C:\Windows\Sysnative\msi.dll 2014-10-15 19:11:35 DD7C31F12936795C0516BB6C59CBCCD8 424448 ----a-w- C:\Windows\Sysnative\rastls.dll 2014-10-15 19:11:22 467D0E831D6DF8DA16BF856D0537A153 3722240 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-10-15 19:11:20 8516703179C3BDE90A3ED31B9EC16F8D 1118720 ----a-w- C:\Windows\Sysnative\mstsc.exe 2014-10-15 19:11:19 4FC4C50985E5B840F4D72E57286887B8 681984 ----a-w- C:\Windows\Sysnative\termsrv.dll 2014-10-15 19:11:18 C23B6D9D16FD86F446BE607CA18389D9 235520 ----a-w- C:\Windows\Sysnative\winsta.dll 2014-10-15 19:11:17 0374D83D003043E7DE33036294A2EFAE 150528 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll 2014-10-15 19:11:15 85E03B6E05939845BC924C91AEDE0E24 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-10-15 19:11:14 560CF90C026C0FE51CC6820302FF94FE 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-10-15 19:11:03 1DB68B8A1E3BDE3C19F1D3612CE436CA 77312 ----a-w- C:\Windows\Sysnative\packager.dll ====== C:\Windows\Sysnative\drivers ===== 2014-10-20 21:26:12 95B3CEAF06A2DF96FE28CD0755D319C4 79064 ----a-w- C:\Windows\Sysnative\drivers\axxaxsu.sys 2014-10-18 19:58:07 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2014-10-18 19:58:01 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf 2014-10-18 19:56:51 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2014-10-18 19:56:43 0E9AD2D3784A0996A5131512939C09C0 1490656 ----a-w- C:\Windows\Sysnative\drivers\WdfCoInstaller01007.dll 2014-10-15 19:13:35 946010CDFA91469351B22E2620CEBCD8 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2014-10-15 19:13:18 80B9412C4DE09147581FC935FB4C97AB 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2014-10-15 19:11:17 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2014-10-15 19:11:13 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-25 13:23:54 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-10-21 16:53:16 -------- d-----w- C:\PROGRA~2\Infogrames 2014-10-18 19:54:48 -------- d-----w- C:\PROGRA~2\KPN Mobile Connect ======= C: ===== ====== C:\Users\Nick\AppData\Roaming ====== 2014-10-18 22:32:59 -------- d-----w- C:\Users\Nick\AppData\Local\Diagnostics ====== C:\Users\Nick ====== 2014-10-25 13:23:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nick\Downloads\RSITx64 (1).exe 2014-10-25 13:22:46 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nick\Downloads\RSITx64.exe 2014-10-24 20:21:32 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Nick\Downloads\TeamViewer_Setup_nl.exe 2014-10-21 16:53:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames 2014-10-20 19:51:32 C1A4A3F35E98DD217A497BA3CA6A6C06 58937436 ----a-w- C:\Users\Nick\Downloads\PopcornTime-latest (1).exe 2014-10-18 19:57:05 -------- d-----w- C:\ProgramData\KPN Mobile Connect 2014-10-18 19:54:14 -------- d-----w- C:\ProgramData\DatacardService ====== C: exe-files == 2014-10-27 19:33:21 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Program Files (x86)\Google\Update\Install\{AD36E40E-425A-4B83-98E0-8938AB989BB4}\38.0.2125.111_38.0.2125.104_chrome_updater.exe 2014-10-27 19:33:20 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.111\38.0.2125.111_38.0.2125.104_chrome_updater.exe 2014-10-25 13:23:56 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Nick.exe 2014-10-25 13:23:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nick\Downloads\RSITx64 (1).exe 2014-10-25 13:22:46 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nick\Downloads\RSITx64.exe 2014-10-24 20:23:00 945A5EE810361F7DFD7A7D427EDE355F 465440 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\uninstall.exe 2014-10-24 20:23:00 8C8E7948B3940BC2987D06D633DF4AEA 264464 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe 2014-10-24 20:23:00 83DE0CC30F2E7F7108F550AEBDDCE4C7 229648 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe 2014-10-24 20:23:00 4ACFC5853A3F0C6C2F54E537C23EE90F 4799760 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe 2014-10-24 20:22:59 DE8E8FA274122C38CE0A7ED291177759 4812048 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe 2014-10-24 20:22:57 12220BA871C6D7BAE08FFDD137BAB697 13559056 ----a-w- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe 2014-10-24 20:21:32 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Nick\Downloads\TeamViewer_Setup_nl.exe 2014-10-24 20:14:11 77ED3BFE03113FB4A2D674BC62080521 424248 ------r- C:\ProgramData\NVIDIA\Updatus\Download\6694\updatus.19000563_RUNASUSER.exe 2014-10-21 17:09:08 8A3046F3E419EF5FAB32AD3FBAFCB9F4 41548 ----a-w- C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\RegSetup.exe 2014-10-21 17:07:58 FE0F00D1E8273E1B5D6D5FA6DD4C5D27 6868431 ----a-w- C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe 2014-10-21 17:00:09 FB6674A519505CC93E28CF600BBC23A3 168448 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{B1AD83A0-DC92-41E3-B111-E9472349768C}\Setup.exe 2014-10-21 16:59:29 B712B81773B388F988B5B8B99305EC70 2732856 ----a-w- C:\Users\Nick\AppData\Roaming\PowerISO\Upgrade\PowerISO6.exe 2014-10-21 16:57:43 5B2065FA6F2EC63FE28BE26FDB7B0480 107512 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}\setup.exe 2014-10-21 16:57:00 19D3DC3C2159C407800D69089BA8CE3D 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2014-10-21 16:53:15 FB6674A519505CC93E28CF600BBC23A3 168448 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\Setup.exe 2014-10-21 16:45:22 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateBroker.exe 2014-10-21 16:45:22 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe 2014-10-21 16:45:21 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateSetup.exe 2014-10-21 16:45:12 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe 2014-10-21 16:45:12 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe 2014-10-21 16:45:11 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe 2014-10-21 16:44:49 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleUpdate.exe 2014-10-21 16:44:39 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe === C: other files == 2014-10-21 17:08:46 857FC6B6E89339854B5F42AF20288107 18559 ----a-w- C:\Users\Nick\Downloads\Rollercoaster Tycoon 2 NoCD.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-941128547-3586144941-2954896835-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-941128547-3586144941-2954896835-1001\Software\Microsoft\Windows\CurrentVersion\Run] "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-941128547-3586144941-2954896835-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S" "SonicMasterTray"="C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "PWRISOVM.EXE"="C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup" "Registry Helper"="C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup" @="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 " "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SynAsusAcpi"="%ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ACMON] "command"="C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe" "hkey"="HKLM" "item"="ACMON" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2013-11-19 18:57:08 1051 ----a-w- C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-05-26 20:08:19 1065 ----a-w- C:\Users\Nick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk 2011-10-19 04:34:37 2062 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21-08-2013 19:44] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-05-2013 21:53] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-05-2013 21:53] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12-07-2014 15:49] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12-07-2014 15:49] Google Docs - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avast Online Security - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup O4 - HKLM\..\Run: [Registry Helper] "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Wondershare Helper Compact.exe] "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelperSetup.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-941128547-3586144941-2954896835-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-941128547-3586144941-2954896835-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Nick\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Intel(R) Turbo Boost Technology Monitor 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3678 folders=757 354960309 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Nick\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nick\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 28-10-2014 at 17:18:44,43 ======================