Zoek.exe v5.0.0.0 Updated 11-November-2014
Tool run by Wilco on wo 12-11-2014 at 10:28:34,69.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wilco\Downloads\zoek.exe    [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

12-11-2014 10:32:57 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Acer Incorporated deleted successfully
C:\Program Files\ArcSoft deleted successfully
C:\Program Files\Astonsoft deleted successfully
C:\Program Files\AVS4YOU deleted successfully
C:\Program Files\Elaborate Bytes deleted successfully
C:\Program Files\Fiat deleted successfully
C:\Program Files\Lavasoft deleted successfully
C:\Program Files\LibreOffice 4.0 deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\MusicBee deleted successfully
C:\Program Files\Nitro PDF deleted successfully
C:\Program Files\Panda Security deleted successfully
C:\Program Files\PrettyRun deleted successfully
C:\Program Files\Common Files\Nero deleted successfully
C:\PROGRA~2\BankingTools deleted successfully
C:\PROGRA~2\firebird deleted successfully
C:\PROGRA~2\NtiDvdCopy deleted successfully
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Default\AppData\Roaming\iolo deleted successfully
C:\Users\Wilco\AppData\Roaming\DigitalVolcano deleted successfully
C:\Users\Wilco\AppData\Roaming\dvdcss deleted successfully
C:\Users\Wilco\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Wilco\AppData\Roaming\Nokia Suite deleted successfully
C:\Users\Wilco\AppData\Roaming\Skinux deleted successfully
C:\Users\Wilco\AppData\Roaming\WinAVI deleted successfully
C:\Users\Wilco\AppData\Local\Adobe deleted successfully
C:\Users\Wilco\AppData\Local\calibre-cache deleted successfully
C:\Users\Wilco\AppData\Local\KodakGallery deleted successfully
C:\Users\Wilco\AppData\Local\Safe mirror deleted successfully
C:\Users\Wilco\AppData\Local\Secunia PSI deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{31264a33-a653-46c4-af49-1232c59a7da5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\System32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files\Internetbeveiliging\fshoster32.exe
C:\Program Files\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
C:\Program Files\Common Files\Iconix\IconixService.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\nvraidservice.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Internetbeveiliging\fshoster32.exe
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files\Greenshot\Greenshot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Wilco\AppData\Roaming\Spotify\spotify.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\MyDrive Connect\MyDriveConnect.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Evernote\Skitch\Skitch.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Wilco\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\DllHost.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Wilco\Downloads\zoek.exe
C:\Windows\explorer.exe
C:\Users\Wilco\Downloads\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Wilco\AppData\Roaming\Profiles\w2mp2moj.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_12-11-2014_1054_.backup

ProfilePath: C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328

user.js not found
---- Lines CT3329621 removed from prefs.js ----
user_pref("CT3329621.FF19Solved", "true");
user_pref("CT3329621.UserID", "UN20531503071553130");
user_pref("CT3329621.fullUserID", "UN20531503071553130.IN.20140923090835");
user_pref("CT3329621.installDate", "23/09/2014 09:08:44");
user_pref("CT3329621.installSessionId", "1f7db58c-246f-4244-bcde-003aebba78ef");
user_pref("CT3329621.installSp", "FALSE");
user_pref("CT3329621.installerVersion", "1.8.1.4");
user_pref("CT3329621.searchRevert", "false");
user_pref("CT3329621.searchUninstallUserMode", "4");
user_pref("CT3329621.searchUserMode", "4");
user_pref("CT3329621.toolbarInstallDate", "23-09-2014 09:08:35");
user_pref("CT3329621.versionFromInstaller", "10.33.0.17");
user_pref("CT3329621.xpeMode", "1");
---- FireFox user.js and prefs.js backups ---- 

prefs_12-11-2014_1054_.backup

ProfilePath: C:\Users\Wilco\AppData\Roaming\Thunderbird\Profiles\kr81kfxv.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_12-11-2014_1054_.backup

ProfilePath: C:\Users\Wilco\AppData\Roaming\TomTom\HOME\Profiles\6e3nn6xx.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_12-11-2014_1054_.backup

ProfilePath: C:\Users\Wilco\AppData\Roaming\TomTom\HOME\Profiles\ye6rzgxg.default

prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ---- 


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] 
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Users\Wilco\AppData\LocalLow\BS_Player_ControlBar_B deleted
C:\Program Files\FastestTube deleted
C:\Program Files\Mozilla Firefox\extensions\{B7DC7831-B684-4099-9778-C9E9F687256E} deleted
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted
C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\extensions\ascsurfingprotection@iobit.com deleted
C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\extensions\{31264a33-a653-46c4-af49-1232c59a7da5} deleted
C:\Windows\system32\appdata deleted
C:\Program Files\Java deleted
C:\Users\Wilco\daemonprocess.txt deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\Program Files\Uninstall Information\ib_uninst_514 deleted
C:\Program Files\Uninstall Information\ib_uninst_567 deleted
C:\Program Files\Uninstall Information\ib_uninst_569 deleted
C:\user.js deleted
C:\Users\Wilco\AppData\Roaming\burnaware.ini deleted
C:\Users\Wilco\AppData\Roaming\profiles.ini deleted
C:\Users\Wilco\AppData\Roaming\Sammsoft deleted
C:\Users\Wilco\AppData\Roaming\ParetoLogic deleted
C:\Users\Wilco\AppData\Roaming\DriverCure deleted
C:\PROGRA~2\ParetoLogic deleted
C:\PROGRA~2\ProductData deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Wilco\AppData\Local\CRE deleted
C:\Users\Wilco\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 deleted
C:\Users\Wilco\AppData\LocalLow\Softonic.com.NL_FF deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\Windows\system32\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\Windows\system32\Tasks\RegCure Pro deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted
C:\Windows\system32\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted
C:\END deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\AI_RecycleBin deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\jetpack deleted
C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\CT3329621 deleted
C:\Users\Wilco\AppData\Roaming\msiexplore.exe deleted
"C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\searchplugins\duckduckgo.xml" deleted
"C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\searchplugins\ixquick-https---nederlands.xml" deleted
"C:\Users\Wilco\AppData\Roaming\Jollylog" deleted
"C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.EXE" deleted
"C:\Users\Wilco\AppData\Roaming\Temp" deleted
"C:\Program Files\Microsoft\BingBar" not deleted
"C:\Program Files\Microsoft\BingBar\7.3.132.0" not deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Memory (RAM): 3072 MB
CPU Info: Intel(R) Core(TM)2 Quad  CPU   Q8200  @ 2.33GHz
CPU Speed: 2332,0 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek Digital Output (Realtek | 
Display Adapters: ATI Radeon HD 3600 Series | ATI Radeon HD 3600 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Bluetooth-apparaat (Personal Area Network) | NVIDIA nForce 10/100/1000 Mbps Ethernet
CD / DVD Drives: 1x (E: | ) E: ATAPI   DVD A  DH16A6S
Ports: COM1 LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  293,3GB | D:  293,1GB | K:  931,5GB
Hard Disks - Free: C:  150,8GB | D:  204,4GB | K:  414,6GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 09/11/08 | ACRSYS - 20080911
Time Zone: West-Europa (standaardtijd)
Motherboard *: ACER MCP73PV
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Virus: Basis On-access scanning disabled (Outdated)
Anti-Spyware: Basis disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Spybot - Search and Destroy disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Firefox	33.1
Internet Explorer Version: 11.0.9600.17358 
Mozilla Firefox version: 33.1 (x86 nl)
Opera Browser version: 25.0.1614.68
Google Chrome version: 38.0.2125.111
Adobe Reader version: 11.0.9.29
Flash Player version: 15.0.0.189

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Wilco\AppData\Local\Temp ====
2014-11-12 09:24:05	4E566FEA83FCEEAF2873702806B55006	43008	----a-w-	C:\Users\Wilco\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw939fl.dll
2014-11-11 07:53:38	FD556822B2457F263C1556678F5CEE44	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoSv.dll
2014-11-11 07:53:38	F8D382B1F034377F7D04CE85EB813056	324552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\_setup.dll
2014-11-11 07:53:38	DD82998FF43047561458FBE6010DC31D	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoZht.dll
2014-11-11 07:53:38	D6AD77DFCAB5451D0B7A1839A716B3B5	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoNl.dll
2014-11-11 07:53:38	C98C8F81E2C56F315AE80D2F984DC459	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoEnu.dll
2014-11-11 07:53:38	B05F3138D7EC81A5FB9D6CCEC45B6D1C	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoEng.dll
2014-11-11 07:53:38	AFDF14B56822E6030A33ECE795851C33	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\SMU\nvcosmu.dll
2014-11-11 07:53:38	AFDF14B56822E6030A33ECE795851C33	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\SMBUS\nvcosmb.dll
2014-11-11 07:53:38	AAB0FE5554A30A9FA256CCE98AEC0391	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoFr.dll
2014-11-11 07:53:38	AA28C7D2D33918B8F6C6D90BD63A5026	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoRu.dll
2014-11-11 07:53:38	97778C3CB3AF6B2243648D0DCD4D8916	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\nvstor32.sys
2014-11-11 07:53:38	95453F34000EDAAFF36BB8CA0031AEC8	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoNo.dll
2014-11-11 07:53:38	8C5CFE2D914035D5CF05275EAFBD3177	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoZhc.dll
2014-11-11 07:53:38	8978A8099F92766371AF8C7F57998410	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoJa.dll
2014-11-11 07:53:38	6C48E05107EB494620AB0DC96D3C5B80	535552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\ISSetup.dll
2014-11-11 07:53:38	4DFAAC0E7DECA70FC923AD4FCC91BDA3	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoFi.dll
2014-11-11 07:53:38	4212544B0C0450398E7E3091E912C3E6	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoKo.dll
2014-11-11 07:53:38	1EB7FF9C7BAE76AF275556F9F8F51906	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoEs.dll
2014-11-11 07:53:38	17311FA57EF67662AE719BBBF76412D9	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoIt.dll
2014-11-11 07:53:38	10297032C1BF5AA5E7A50CFBB3432545	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoEsm.dll
2014-11-11 07:53:38	0A8F815A6DD2899A1F6D8A9FA8289A83	379496	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\setup.exe
2014-11-11 07:53:38	0A73818C0044C1AB55EA4953DCAFDCBF	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoPtb.dll
2014-11-11 07:53:38	09DFA5BADF7FCC899625418F98C7CBD8	600680	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\SMU\nvusmu.exe
2014-11-11 07:53:38	09DFA5BADF7FCC899625418F98C7CBD8	600680	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\SMBUS\nvusmb.exe
2014-11-11 07:53:38	02A9F366BCB94B286E34825B2094CB38	18944	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\SMU\nvsmu.sys
2014-11-11 07:53:37	F8D382B1F034377F7D04CE85EB813056	324552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\raidtool\_setup.dll
2014-11-11 07:53:37	E466652B9B8D30D2B096479A00A69D77	372840	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\nvraidco.dll
2014-11-11 07:53:37	D20EAF758B2C2569E2EA709146BE1A10	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoIt.dll
2014-11-11 07:53:37	C84F14F6532B10A557645655563C0F56	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoZht.dll
2014-11-11 07:53:37	BF6DBD79E64ED9DB1D2733553D311D84	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoEnu.dll
2014-11-11 07:53:37	BB6DB65530F2F79FC44647A6B18226D4	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoDe.dll
2014-11-11 07:53:37	9D9DFCFF691BBC23BAF40309040488B5	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoNl.dll
2014-11-11 07:53:37	9D12AE56D81480C324C54D6712FF6A49	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoNo.dll
2014-11-11 07:53:37	92A6FDCE9FBDE337157324CCD2388689	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoPtb.dll
2014-11-11 07:53:37	8C98D67A228B7C4476656B80633CD485	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\nvstor32.sys
2014-11-11 07:53:37	86CD69ABB216236AC9DFC987BB8D3643	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoEs.dll
2014-11-11 07:53:37	77A7C2EC31C34E2A7F23B5B784029B41	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoRu.dll
2014-11-11 07:53:37	716A9670034D4E816A319FE6793DC8BD	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoZhc.dll
2014-11-11 07:53:37	704E50252CEDD5B780688BC33E522285	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoEng.dll
2014-11-11 07:53:37	6C48E05107EB494620AB0DC96D3C5B80	535552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\raidtool\ISSetup.dll
2014-11-11 07:53:37	65AFD34460FAC472BEC017E013507C78	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoEsm.dll
2014-11-11 07:53:37	4F388A052ED8CF67FAC6915D6A7BDD27	372840	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\nvraidco.dll
2014-11-11 07:53:37	4F261442FFEE625C01BCCBB044FC6B7D	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoKo.dll
2014-11-11 07:53:37	3C0D13D2B181DAEA0C99FBFC135BBA0F	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoFr.dll
2014-11-11 07:53:37	330080B52AFC44A666C07F6FF70F1BE7	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoFi.dll
2014-11-11 07:53:37	2D75579D8EEADA7C5114E5B7E2DCE351	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoDe.dll
2014-11-11 07:53:37	2C1DB31FA06170C8671EA0E7CD0E69AC	139368	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\nvrd32.sys
2014-11-11 07:53:37	2A461A192B6325D899334F3E27355470	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoJa.dll
2014-11-11 07:53:37	21D6E6C6FDE1956FCDEB39EC27D1C79B	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\NvRCoDa.dll
2014-11-11 07:53:37	12C737616B5F3E2F547B547BA6CEA6A8	379496	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\raidtool\setup.exe
2014-11-11 07:53:37	07867200F5F82C94B5F3DB8B9A7E9866	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoSv.dll
2014-11-11 07:53:37	0130072C5E5740564DE704E25DFBB1B0	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\NvRCoDa.dll
2014-11-11 07:53:36	FD556822B2457F263C1556678F5CEE44	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoSv.dll
2014-11-11 07:53:36	F8D382B1F034377F7D04CE85EB813056	324552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\raidtool\_setup.dll
2014-11-11 07:53:36	E466652B9B8D30D2B096479A00A69D77	372840	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\nvraidco.dll
2014-11-11 07:53:36	DD82998FF43047561458FBE6010DC31D	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoZht.dll
2014-11-11 07:53:36	D6AD77DFCAB5451D0B7A1839A716B3B5	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoNl.dll
2014-11-11 07:53:36	D20EAF758B2C2569E2EA709146BE1A10	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoIt.dll
2014-11-11 07:53:36	C98C8F81E2C56F315AE80D2F984DC459	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoEnu.dll
2014-11-11 07:53:36	C84F14F6532B10A557645655563C0F56	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoZht.dll
2014-11-11 07:53:36	BF6DBD79E64ED9DB1D2733553D311D84	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoEnu.dll
2014-11-11 07:53:36	BB6DB65530F2F79FC44647A6B18226D4	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoDe.dll
2014-11-11 07:53:36	B861CCF78151716A8CA74DE9955AF696	207464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\nvconrm.dll
2014-11-11 07:53:36	B05F3138D7EC81A5FB9D6CCEC45B6D1C	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoEng.dll
2014-11-11 07:53:36	AAB0FE5554A30A9FA256CCE98AEC0391	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoFr.dll
2014-11-11 07:53:36	AA28C7D2D33918B8F6C6D90BD63A5026	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoRu.dll
2014-11-11 07:53:36	9D9DFCFF691BBC23BAF40309040488B5	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoNl.dll
2014-11-11 07:53:36	9D12AE56D81480C324C54D6712FF6A49	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoNo.dll
2014-11-11 07:53:36	97778C3CB3AF6B2243648D0DCD4D8916	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\nvstor32.sys
2014-11-11 07:53:36	95453F34000EDAAFF36BB8CA0031AEC8	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoNo.dll
2014-11-11 07:53:36	92A6FDCE9FBDE337157324CCD2388689	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoPtb.dll
2014-11-11 07:53:36	8C98D67A228B7C4476656B80633CD485	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\nvstor32.sys
2014-11-11 07:53:36	8C5CFE2D914035D5CF05275EAFBD3177	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoZhc.dll
2014-11-11 07:53:36	8978A8099F92766371AF8C7F57998410	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoJa.dll
2014-11-11 07:53:36	86CD69ABB216236AC9DFC987BB8D3643	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoEs.dll
2014-11-11 07:53:36	84427C3B7488BD05D89D86163401B3EC	291560	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\nvmfdx32.sys
2014-11-11 07:53:36	77A7C2EC31C34E2A7F23B5B784029B41	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoRu.dll
2014-11-11 07:53:36	716A9670034D4E816A319FE6793DC8BD	14952	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoZhc.dll
2014-11-11 07:53:36	704E50252CEDD5B780688BC33E522285	17000	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoEng.dll
2014-11-11 07:53:36	6C48E05107EB494620AB0DC96D3C5B80	535552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\raidtool\ISSetup.dll
2014-11-11 07:53:36	6B6416D475289340DFFA2898BB56D762	600680	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\nvunrm.exe
2014-11-11 07:53:36	65AFD34460FAC472BEC017E013507C78	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoEsm.dll
2014-11-11 07:53:36	4F388A052ED8CF67FAC6915D6A7BDD27	372840	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\nvraidco.dll
2014-11-11 07:53:36	4F261442FFEE625C01BCCBB044FC6B7D	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoKo.dll
2014-11-11 07:53:36	4DFAAC0E7DECA70FC923AD4FCC91BDA3	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoFi.dll
2014-11-11 07:53:36	4212544B0C0450398E7E3091E912C3E6	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoKo.dll
2014-11-11 07:53:36	3C0D13D2B181DAEA0C99FBFC135BBA0F	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoFr.dll
2014-11-11 07:53:36	330080B52AFC44A666C07F6FF70F1BE7	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoFi.dll
2014-11-11 07:53:36	2D75579D8EEADA7C5114E5B7E2DCE351	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoDe.dll
2014-11-11 07:53:36	2C1DB31FA06170C8671EA0E7CD0E69AC	139368	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\nvrd32.sys
2014-11-11 07:53:36	2A461A192B6325D899334F3E27355470	15464	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoJa.dll
2014-11-11 07:53:36	21D6E6C6FDE1956FCDEB39EC27D1C79B	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoDa.dll
2014-11-11 07:53:36	1EB7FF9C7BAE76AF275556F9F8F51906	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoEs.dll
2014-11-11 07:53:36	17311FA57EF67662AE719BBBF76412D9	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoIt.dll
2014-11-11 07:53:36	12C737616B5F3E2F547B547BA6CEA6A8	379496	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\raidtool\setup.exe
2014-11-11 07:53:36	10297032C1BF5AA5E7A50CFBB3432545	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoEsm.dll
2014-11-11 07:53:36	0A73818C0044C1AB55EA4953DCAFDCBF	18024	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\NvRCoPtb.dll
2014-11-11 07:53:36	07867200F5F82C94B5F3DB8B9A7E9866	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoSv.dll
2014-11-11 07:53:36	0219B05730635FCAB3A9925D3374C464	296936	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\nvm62x32.sys
2014-11-11 07:53:36	0130072C5E5740564DE704E25DFBB1B0	17512	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\NvRCoDa.dll
2014-11-11 07:53:35	F8D382B1F034377F7D04CE85EB813056	324552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\_setup.dll
2014-11-11 07:53:35	BE3541BFDA8A81C474224EB84E977004	521128	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\DPInst.exe
2014-11-11 07:53:35	B259F3E31417F98216B1BED6C45B97DD	758784	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\cohelper.dll
2014-11-11 07:53:35	9ADD5A9C7FD12337B084FC1FA05C0A71	20823832	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\NAM\NAMSetupIS.exe
2014-11-11 07:53:35	6BD344DFED23D72D07B1491B36C863C8	379496	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\setup.exe
2014-11-11 07:53:35	5B594113FDC5B20FF8C029E2BEFE30F4	953856	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\fdco1.dll
2014-11-11 07:53:34	F78CD10DAD1216797D5A2D9C6692B589	4897208	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\PDsetup.exe
2014-11-11 07:53:34	BB273691E2E76278E406471AA76CD71E	267368	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\nviewsetup.exe
2014-11-11 07:53:34	6B3E56527908A731158D67E73632F7D6	34135392	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\PhysX_10.01.29_9.10.0129_SystemSoftware.exe
2014-11-11 07:53:34	13345F590554682C2FE44C27E160AC3E	600680	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\nvudisp.exe
2014-11-11 07:53:32	6C48E05107EB494620AB0DC96D3C5B80	535552	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\ISSetup.dll
2014-11-11 07:53:32	600BCD24975D2BC75D13D58F1E7BA2B5	40293624	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\NvCplSetupInt.exe
2014-11-11 07:53:31	F523755572C68E1609EB2CE48A1CE629	16980456	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Display\3DVision_197.13.exe
2014-11-11 07:53:29	6C6D6701A76529963F9416D285D2F4D9	24680	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Awy\nvamacpi.sys
2014-11-11 07:53:29	64868C58756AF9B078A485402BA10EB2	592488	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Awy\nvuawy.exe
2014-11-11 07:53:29	584ECC2CB56B7E18152AE6389F7B2181	182888	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Awy\nvcoawy.dll
2014-11-11 07:50:04	31900A95A64614297B6875D633E2EFDC	48107216	----a-w-	C:\Users\Wilco\AppData\Local\Temp\MouseKeyboardCenterx86_1033.exe
2014-11-09 13:16:00	6E41E16283463ED20104480490541D0D	11231456	----a-w-	C:\Users\Wilco\AppData\Local\Temp\FoxitUpdater.exe
2014-11-09 13:09:06	8BE39BCD389F0DF74237104260B39C59	97009664	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Evernote.msi
====== Java Cache =====
====== C:\Windows\system32 =====
2014-11-11 08:03:48	83EBA442F07AAB8D6375D2EEC945C46C	1868128	----a-w-	C:\Windows\System32\d3dcsx_43.dll
2014-11-11 08:03:48	4FD7BCB9D8AF6A165E9BA0C2EB702E7C	239960	----a-w-	C:\Windows\System32\xactengine3_7.dll
2014-11-11 08:03:48	20C835843FCEC4DEDFCD7BFFA3B91641	470880	----a-w-	C:\Windows\System32\d3dx10_43.dll
2014-11-11 08:03:47	F81C4678A55FFEE585AC75825FAF5582	238936	----a-w-	C:\Windows\System32\xactengine3_6.dll
2014-11-11 08:03:47	E4CE2AF32F501A7F7DDDD908704A0EE6	74072	----a-w-	C:\Windows\System32\XAPOFX1_4.dll
2014-11-11 08:03:47	C811E70C8804CFFF719038250A43B464	22360	----a-w-	C:\Windows\System32\X3DAudio1_7.dll
2014-11-11 08:03:47	86E39E9161C3D930D93822F1563C280D	1998168	----a-w-	C:\Windows\System32\D3DX9_43.dll
2014-11-11 08:03:47	4976243BD70FAE3D1D24E49739AB2710	528216	----a-w-	C:\Windows\System32\XAudio2_6.dll
2014-11-11 08:03:46	DB3C93E87452B8DAB4F58ED1FD2B1998	238936	----a-w-	C:\Windows\System32\xactengine3_5.dll
2014-11-11 08:03:46	B33B21DB610116262D906305CE65C354	1974616	----a-w-	C:\Windows\System32\D3DCompiler_42.dll
2014-11-11 08:03:46	B337306DFB508A1BCEF1974BFBB8D924	5501792	----a-w-	C:\Windows\System32\d3dcsx_42.dll
2014-11-11 08:03:46	8B01FB723F3B30AB3DEBDDBF97CFE577	515416	----a-w-	C:\Windows\System32\XAudio2_5.dll
2014-11-11 08:03:45	D09AC80A4B5312239852836C84DF3392	235344	----a-w-	C:\Windows\System32\d3dx11_42.dll
2014-11-11 08:03:45	C6A44FC3CF2F5801561804272217B14D	1892184	----a-w-	C:\Windows\System32\D3DX9_42.dll
2014-11-11 08:03:44	E763798CAD2A90B6AB61854F50CD47DD	22360	----a-w-	C:\Windows\System32\X3DAudio1_6.dll
2014-11-11 08:03:44	E684C5FA18ADF9EA14737757413BF727	517448	----a-w-	C:\Windows\System32\XAudio2_4.dll
2014-11-11 08:03:44	686F8D1B4926D48227A06ACD4D41CD1E	235352	----a-w-	C:\Windows\System32\xactengine3_4.dll
2014-11-11 08:03:44	3FA06CF5079B84155D18B05C08F7131B	4178264	----a-w-	C:\Windows\System32\D3DX9_41.dll
2014-11-11 08:03:44	30686ECE80545E06D78D156EB9F7D463	69464	----a-w-	C:\Windows\System32\XAPOFX1_3.dll
2014-11-11 08:03:43	EEA5E428CE63804F9B12D21C97B5968F	4379984	----a-w-	C:\Windows\System32\D3DX9_40.dll
2014-11-11 08:03:43	91B4AAD4412BB223B466F3DFB43E86DA	452440	----a-w-	C:\Windows\System32\d3dx10_40.dll
2014-11-11 08:03:43	3384134EEB8F223178C2EB8323003EC0	2036576	----a-w-	C:\Windows\System32\D3DCompiler_40.dll
2014-11-11 08:03:42	D95EAABF5D277EF91D9CA70151209E56	68616	----a-w-	C:\Windows\System32\XAPOFX1_1.dll
2014-11-11 08:03:42	8BA296419AF3417D1E9806B83166E472	235856	----a-w-	C:\Windows\System32\xactengine3_3.dll
2014-11-11 08:03:42	50F4A0D5E6A0BAFEFA78F353533B8E06	509448	----a-w-	C:\Windows\System32\XAudio2_2.dll
2014-11-11 08:03:42	47ED15DC87AE334C13C4DACD1BE2CCED	514384	----a-w-	C:\Windows\System32\XAudio2_3.dll
2014-11-11 08:03:42	350FEFE18B86BD4D9AB2A96D00215A49	23376	----a-w-	C:\Windows\System32\X3DAudio1_5.dll
2014-11-11 08:03:42	295E47A75F278580F9441041EAAEA3D2	70992	----a-w-	C:\Windows\System32\XAPOFX1_2.dll
2014-11-11 08:03:41	F3C6BE26949CAADB11DBF0086082FAC9	238088	----a-w-	C:\Windows\System32\xactengine3_2.dll
2014-11-11 08:03:41	E6C2F1D8B667DDC04CB55B9F0159EF97	467984	----a-w-	C:\Windows\System32\d3dx10_39.dll
2014-11-11 08:03:41	E34FF0115B1EE3B4E03D22AE9840EE03	507400	----a-w-	C:\Windows\System32\XAudio2_1.dll
2014-11-11 08:03:41	DD165760F1B95200A3DA2D9DFDB84234	65032	----a-w-	C:\Windows\System32\XAPOFX1_0.dll
2014-11-11 08:03:41	C4F1972497FE2CEB7D900938C97FCF91	1493528	----a-w-	C:\Windows\System32\D3DCompiler_39.dll
2014-11-11 08:03:41	8CB3DEFB8887C4F0846DB1FC1304D6D2	3851784	----a-w-	C:\Windows\System32\D3DX9_39.dll
2014-11-11 08:03:40	E3832514BD21236067B7227F6165EF95	25608	----a-w-	C:\Windows\System32\X3DAudio1_4.dll
2014-11-11 08:03:40	A2650B27472C21CDD817EEEDE65648E1	467984	----a-w-	C:\Windows\System32\d3dx10_38.dll
2014-11-11 08:03:40	8F3EB548AC4ED90252394F60C77E3196	3850760	----a-w-	C:\Windows\System32\D3DX9_38.dll
2014-11-11 08:03:40	2E0E25252E1D41752876E9FE12ADE175	238088	----a-w-	C:\Windows\System32\xactengine3_1.dll
2014-11-11 08:03:40	103CBFC5591008AD33046E20E8E1EEBE	1491992	----a-w-	C:\Windows\System32\D3DCompiler_38.dll
2014-11-11 08:03:39	EA752DBCE35045D3C830DC16578CC8AB	1420824	----a-w-	C:\Windows\System32\D3DCompiler_37.dll
2014-11-11 08:03:39	C593FD0A96EE4B6390B653C4C641313F	25608	----a-w-	C:\Windows\System32\X3DAudio1_3.dll
2014-11-11 08:03:39	AC3C517FB0FBBE45FE44007BCD3625A7	3786760	----a-w-	C:\Windows\System32\D3DX9_37.dll
2014-11-11 08:03:39	8A83673F0AB001870583FDE2B004FA59	238088	----a-w-	C:\Windows\System32\xactengine3_0.dll
2014-11-11 08:03:39	4A43E9A2B17E4CAFA9CB5FEC0B5B686B	462864	----a-w-	C:\Windows\System32\d3dx10_37.dll
2014-11-11 08:03:39	418CDC57E55EE79C3F86C13A19B3D5E3	479752	----a-w-	C:\Windows\System32\XAudio2_0.dll
2014-11-11 08:03:38	73E055AF78A64F9B2779D44407CA2AB6	267272	----a-w-	C:\Windows\System32\xactengine2_10.dll
2014-11-11 08:03:37	FB4299688A0D3A37687C015AC2B9922D	1374232	----a-w-	C:\Windows\System32\D3DCompiler_36.dll
2014-11-11 08:03:37	D9158E78A368B08D9133043EB3058C12	444776	----a-w-	C:\Windows\System32\d3dx10_36.dll
2014-11-11 08:03:37	46EE68F04A75A1CCF40235EA6F1CBA05	267112	----a-w-	C:\Windows\System32\xactengine2_9.dll
2014-11-11 08:03:37	44BFEC5C9C82A2EE9871D88FD3B9A0E2	3734536	----a-w-	C:\Windows\System32\d3dx9_36.dll
2014-11-11 08:03:35	F3764552E45880DC49B82F38699AA87C	444776	----a-w-	C:\Windows\System32\d3dx10_35.dll
2014-11-11 08:03:35	5B441670A4F5F8BCCE76741902B8AF56	1358192	----a-w-	C:\Windows\System32\D3DCompiler_35.dll
2014-11-11 08:03:34	F6A9FC2AD2F9111372B5AB3BBA3707EC	17928	----a-w-	C:\Windows\System32\X3DAudio1_2.dll
2014-11-11 08:03:34	499210C45AFEAADEE8CF4DCF7D5E570B	266088	----a-w-	C:\Windows\System32\xactengine2_8.dll
2014-11-11 08:03:34	3EF18B78D17C962F2B71AC1CB7757684	3727720	----a-w-	C:\Windows\System32\d3dx9_35.dll
2014-11-11 08:03:33	75F206C195BBACA6EF28565B1C0CD75C	1124720	----a-w-	C:\Windows\System32\D3DCompiler_34.dll
2014-11-11 08:03:33	5AA9987F2E62B56D7661B6901901F927	443752	----a-w-	C:\Windows\System32\d3dx10_34.dll
2014-11-11 08:03:33	1CA939918ED1B930059B3A882DE6F648	3497832	----a-w-	C:\Windows\System32\d3dx9_34.dll
2014-11-11 08:03:32	7FEBB8CE2233CBAE738B16D42ED29674	261480	----a-w-	C:\Windows\System32\xactengine2_7.dll
2014-11-11 08:03:32	77F595DEE5FFACEA72B135B1FCE1312E	81768	----a-w-	C:\Windows\System32\xinput1_3.dll
2014-11-11 08:03:31	FAE7E1D578C42A7C3D9D61A99D178BD5	1123696	----a-w-	C:\Windows\System32\D3DCompiler_33.dll
2014-11-11 08:03:31	37A8171ACCF46A9C196054066C28827F	443752	----a-w-	C:\Windows\System32\d3dx10_33.dll
2014-11-11 08:03:29	86C93789E9006F1AC47ED9DD47D4C8A1	251672	----a-w-	C:\Windows\System32\xactengine2_5.dll
2014-11-11 08:03:29	6F34F7405807DCBF0B9BF6811C94C6D9	440080	----a-w-	C:\Windows\System32\d3dx10.dll
2014-11-11 08:03:29	39000E033D39D19CCCE21AEAFCCE2476	255848	----a-w-	C:\Windows\System32\xactengine2_6.dll
2014-11-11 08:03:27	797E24743937D67D69F28F2CF5052EE8	2414360	----a-w-	C:\Windows\System32\d3dx9_31.dll
2014-11-11 08:03:27	6550E1A0A7BE611592C31222FCB981FB	237848	----a-w-	C:\Windows\System32\xactengine2_4.dll
2014-11-11 08:03:27	121B131EAA369D8F58DACC5C39A77D80	15128	----a-w-	C:\Windows\System32\x3daudio1_1.dll
2014-11-11 08:03:26	69D841744B2BAE38FBB2D40A230A549C	236824	----a-w-	C:\Windows\System32\xactengine2_3.dll
2014-11-11 08:03:26	5C4D3843B491C047B7A619901FBD2EC1	230168	----a-w-	C:\Windows\System32\xactengine2_2.dll
2014-11-11 08:03:26	33B62BE226934E1B01F5043870C70427	62744	----a-w-	C:\Windows\System32\xinput1_2.dll
2014-11-11 08:03:25	F1726346E583442541FE73429F8E9C10	62672	----a-w-	C:\Windows\System32\xinput1_1.dll
2014-11-11 08:03:25	7C9952111F4C743B9F0D8B68B6ED93C9	229584	----a-w-	C:\Windows\System32\xactengine2_1.dll
2014-11-11 08:03:12	E415862612E65F10D7D888443ECD7594	2388176	----a-w-	C:\Windows\System32\d3dx9_30.dll
2014-11-11 08:03:12	4E961525CC7FF0E5D7DA19E170B7C14C	14032	----a-w-	C:\Windows\System32\x3daudio1_0.dll
2014-11-11 08:03:12	2112FE0C46662D429347A7D7B49E3ECE	230096	----a-w-	C:\Windows\System32\xactengine2_0.dll
2014-11-11 08:03:11	BE19B603DFBAA829EE5B7749B3BA97DB	2323664	----a-w-	C:\Windows\System32\d3dx9_28.dll
2014-11-11 08:03:11	99F4FC172A5ACE36CF00AA7038D23F2C	2332368	----a-w-	C:\Windows\System32\d3dx9_29.dll
2014-11-11 08:03:10	852EDC778A7A50077694F84D8E601234	2319568	----a-w-	C:\Windows\System32\d3dx9_27.dll
2014-11-11 08:03:10	523AB607EEF81CC4D909E7FEBD8A788E	2297552	----a-w-	C:\Windows\System32\d3dx9_26.dll
2014-11-11 08:03:09	BC831661963763AC4D504C5CABB1FDD9	2222800	----a-w-	C:\Windows\System32\d3dx9_24.dll
2014-11-11 08:03:09	5B48FE9D6686F0D54B26A005ACE24D1D	2337488	----a-w-	C:\Windows\System32\d3dx9_25.dll
2014-11-11 08:00:27	2494F7215E7EE00A61FDE799BD86D0B8	1823320	----a-w-	C:\Windows\System32\WavesGUILib.dll
2014-11-11 08:00:27	107A9B8F83207F0F5F5F63A3C73090E7	2140976	----a-w-	C:\Windows\System32\SStudio.dll
2014-11-11 08:00:26	ECD592FBB13403E71C94BF09F26F5A63	219896	----a-w-	C:\Windows\System32\slprp32.dll
2014-11-11 08:00:26	D525A83CC1E42FC586BE4C84F287B2A1	2566872	----a-w-	C:\Windows\System32\RtkPgExt.dll
2014-11-11 08:00:26	42793EB431E705E27C9E429D07048C82	818936	----a-w-	C:\Windows\System32\sl3apo32.dll
2014-11-11 08:00:26	3077F888B3E7FF3B26F3D89677F78893	1892056	----a-w-	C:\Windows\System32\RTSndMgr.cpl
2014-11-11 08:00:26	136DED23C781F8C0E8D61DDAF5AB611D	606968	----a-w-	C:\Windows\System32\sltech32.dll
2014-11-11 08:00:26	11AA14D49F31B280C736338FB6AE145B	966904	----a-w-	C:\Windows\System32\slcnt32.dll
2014-11-11 08:00:25	E01C648498B8AA52649C5461E4E3B2D5	916696	----a-w-	C:\Windows\System32\RtkCoInstII.dll
2014-11-11 08:00:25	2224AFEBB5B561BCB374E4E4936382E7	782040	----a-w-	C:\Windows\System32\RtkApoApi.dll
2014-11-11 08:00:20	919504CFCB81474F7AD06BB92AB3F728	2474200	----a-w-	C:\Windows\System32\RltkAPO.dll
2014-11-11 08:00:20	81957BB126CA2A83F6A757EB1CE4CA8B	60636160	----a-w-	C:\Windows\System32\RCoRes.dat
2014-11-11 08:00:20	740368BFFF06A1DC461419BD949DAE32	890160	----a-w-	C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
2014-11-11 08:00:20	2FD456024A5FB3D9823173CAB681C6D9	5086984	----a-w-	C:\Windows\System32\NAHIMICAPOlfx.dll
2014-11-11 08:00:19	B0214C172AB164EC20100A99D4CDEB6C	798296	----a-w-	C:\Windows\System32\MaxxVoiceAPO20.dll
2014-11-11 08:00:19	574986B3EB6946F91014C559182EACD0	11821656	----a-w-	C:\Windows\System32\MaxxVoiceAPO30.dll
2014-11-11 08:00:19	3CA9FD518F67A3B75ECF344A82097A8A	3683416	----a-w-	C:\Windows\System32\MaxxAudioVnN.dll
2014-11-11 08:00:19	218672571C80F0679343CF4DA5B69D1B	948336	----a-w-	C:\Windows\System32\MaxxSpeechAPO.dll
2014-11-11 08:00:18	C1B6A53190A0761B0FBD6F844FF5E099	1940056	----a-w-	C:\Windows\System32\MaxxAudioEQ.dll
2014-11-11 08:00:18	9A2164676F45CFD88DC4D7A415761F37	14585432	----a-w-	C:\Windows\System32\MaxxAudioRealtek.dll
2014-11-11 08:00:18	729012538A382953E4457CF9582345F8	966744	----a-w-	C:\Windows\System32\MaxxAudioAPO40.dll
2014-11-11 08:00:18	59434189B1C1BCAC73E49E9D74291C5B	900696	----a-w-	C:\Windows\System32\MaxxAudioAPOShell.dll
2014-11-11 08:00:18	53517093B16C710F6B86A69B2C9A0557	987224	----a-w-	C:\Windows\System32\MaxxAudioAPO50.dll
2014-11-11 08:00:18	531ECEC94D93E8A94F957B71DC8F1D41	1691224	----a-w-	C:\Windows\System32\MaxxAudioRealtek2.dll
2014-11-11 08:00:18	4673BA1EDDC22868364A0C83A86044E5	1116248	----a-w-	C:\Windows\System32\MaxxAudioAPO60.dll
2014-11-11 08:00:18	2DCEF8FA9555383EE420FDA47C3D8B84	28062296	----a-w-	C:\Windows\System32\MaxxAudioVnA.dll
2014-11-11 08:00:17	0AABBED11783B6E2108A8216A0A138FD	265376	----a-w-	C:\Windows\System32\ICEsoundAPO.dll
2014-11-11 08:00:16	E649116FF21E279C3E647DFA238611B0	274264	----a-w-	C:\Windows\System32\DDPO32A.dll
2014-11-11 08:00:16	C4E932E89AA372B40E824BBCACF9A96D	2421792	----a-w-	C:\Windows\System32\FMAPO.dll
2014-11-11 08:00:16	9D4CAF9DE08BA90B7550F426ED40682E	221528	----a-w-	C:\Windows\System32\DDPA32.dll
2014-11-11 08:00:16	8B19C324B15ADE3E5AD17C67301244E6	29496	----a-w-	C:\Windows\System32\audioLibVc.dll
2014-11-11 08:00:16	77AF3071507A1BFDFB9855E1FFA158BD	1490264	----a-w-	C:\Windows\System32\DDPD32A.dll
2014-11-11 08:00:16	341A988DF23F88B021F3D986A326E0E3	6177624	----a-w-	C:\Windows\System32\DDPP32A.dll
2014-11-11 07:59:43	152893CBDCFDAC9CECA7B5ED9A570A0D	9889496	----a-w-	C:\Windows\System32\RsCRIcon.dll
2014-11-11 07:59:21	C43A07AB2BFD3F949B306BEDAD39E025	28448	----a-w-	C:\Windows\System32\nvhdap32.dll
2014-11-11 07:58:37	BC5A9BEBF3CB10351B38BCE0CD9FE05A	357720	----a-w-	C:\Windows\System32\RTEEP32H.dll
2014-11-11 07:58:37	BB6784465C0CEE92CDFC236EE3155E2E	3320936	----a-w-	C:\Windows\System32\RtkHDMI.dll
2014-11-11 07:58:37	9FA7AD5128A70059D8790F8D5DA24156	76120	----a-w-	C:\Windows\System32\RTEEL32H.dll
2014-11-11 07:58:36	DA501BB0CAA4923B5A65BF2A55A75EFF	64856	----a-w-	C:\Windows\System32\RTEEG32H.dll
2014-11-11 07:58:36	AA7A1C7B5D0E4A4DD222F66FDF7EC928	170840	----a-w-	C:\Windows\System32\RTEED32H.dll
2014-11-11 07:58:36	A819DBDBF85A7FEECECD03480606F3C8	2275432	----a-w-	C:\Windows\System32\RHDMIExt.dll
2014-11-11 07:58:36	8C87F840222442B54F5C83A086FE37DB	295768	----a-w-	C:\Windows\System32\RH3DAA32.dll
2014-11-11 07:58:36	8A556A06A58FFE812812932E73B93A46	76392	----a-w-	C:\Windows\System32\RHCoInst.dll
2014-11-11 07:58:36	334AD0C15315D699BB3B5CC7865FC929	295768	----a-w-	C:\Windows\System32\RH3DHT32.dll
2014-11-11 07:58:35	AE117391481EB09BE5C3363AC5E5207F	7161696	----a-w-	C:\Windows\System32\R4EEP32H.dll
2014-11-11 07:58:35	AD21BC7AF3EE0F9AE40063E41777031D	351072	----a-w-	C:\Windows\System32\R4EED32H.dll
2014-11-11 07:58:35	869E94A1FF7C7C7580F530EA33A8308A	105824	----a-w-	C:\Windows\System32\R4EEL32H.dll
2014-11-11 07:58:35	5B639E18D776EA35838F2E78A6C0F99E	61792	----a-w-	C:\Windows\System32\R4EEG32H.dll
2014-11-11 07:58:35	00725D625DED41AF8D788462B3928A30	91488	----a-w-	C:\Windows\System32\R4EEA32H.dll
2014-11-11 07:58:17	B259F3E31417F98216B1BED6C45B97DD	758784	----a-w-	C:\Windows\System32\cohelper.dll
2014-11-11 07:58:08	B861CCF78151716A8CA74DE9955AF696	207464	----a-w-	C:\Windows\System32\nvconrm.dll
2014-11-11 07:58:06	5B594113FDC5B20FF8C029E2BEFE30F4	953856	----a-w-	C:\Windows\System32\fdco2.dll
2014-11-11 07:53:38	AFDF14B56822E6030A33ECE795851C33	215656	----a-w-	C:\Windows\System32\NVCOSMU.DLL
2014-11-11 07:48:52	79FBC6942E85AC0207460676343AE209	2210992	----a-w-	C:\Windows\System32\coin94.dll
2014-11-09 13:28:05	55CEF8FE478E41C8EBCF7B27AF991A3F	18968	----a-w-	C:\Windows\System32\sdnclean.exe
2014-10-30 07:32:52	2180AB9B12D84F3B600D2AF0D26CDBBA	7028	----a-w-	C:\Windows\System32\.crusader
====== C:\Windows\system32\drivers =====
2014-11-11 08:00:26	886CE666A9507E17475C7156B157D181	5804772	----a-w-	C:\Windows\System32\drivers\rtvienna.dat
2014-11-11 08:00:26	19B572DD46F038509846589DCB702B19	3086040	----a-w-	C:\Windows\System32\drivers\RTKVHDA.sys
2014-11-11 08:00:20	4013C8B5C62F7F8E6A027DFB19173A4E	1099203	----a-w-	C:\Windows\System32\drivers\RTAIODAT.DAT
2014-11-11 07:59:44	670869352FE448A733DE674383E306FE	216280	----a-w-	C:\Windows\System32\drivers\RtsUStor.sys
2014-11-11 07:59:21	9F8EE4948B7ADD9D12F778F61A2758A4	162592	----a-w-	C:\Windows\System32\drivers\nvhda32v.sys
2014-11-11 07:58:37	79C8488DFA2AA377441645123CB73845	204432	----a-w-	C:\Windows\System32\drivers\RtHDMIV.sys
2014-11-11 07:58:08	0219B05730635FCAB3A9925D3374C464	296936	----a-w-	C:\Windows\System32\drivers\nvmf6232.sys
2014-11-11 07:53:38	02A9F366BCB94B286E34825B2094CB38	18944	----a-w-	C:\Windows\System32\drivers\nvsmu.sys
2014-11-11 07:50:01	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_Kernel_dc3d_01011.Wdf
2014-11-11 07:49:26	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_Kernel_point32_01011.Wdf
2014-11-11 07:48:52	56E08C5366865A8DE8D106BFC27490A4	44208	----a-w-	C:\Windows\System32\drivers\point32.sys
2014-11-04 06:00:15	B9BB8E2093C1615AD6EA55AD96214354	27192	----a-w-	C:\Windows\System32\drivers\revoflt.sys
2014-11-03 08:20:21	DC4B8FD4E8662953425FF802ECECEAA6	28256	----a-w-	C:\Windows\System32\drivers\rawdsk3.sys
2014-10-15 15:46:15	CD9214A6AE17D188D17C3CF8CB9CC693	184320	----a-w-	C:\Windows\System32\drivers\rdpwd.sys
2014-10-15 15:46:14	6C5139E4283249518F7743D7043775B3	31232	----a-w-	C:\Windows\System32\drivers\tssecsrv.sys
2014-10-15 15:45:15	344D1FA0438A967F1A2BAA42C86D6E19	593920	----a-w-	C:\Windows\System32\drivers\PEAuth.sys
2014-10-15 15:45:08	E499E422412EF37576092A52648DB2B4	50176	----a-w-	C:\Windows\System32\drivers\appid.sys
====== C:\Windows\Tasks ======
2014-11-11 07:53:02	3BA182412D3407912BD189F72C42882E	3118	----a-w-	C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-11-11 07:53:01	F55F6CFB42C4E24A686A91E857F693B3	3092	----a-w-	C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-11-11 07:45:17	24163DA8BC973A5CF3FB783412AF998B	3202	----a-w-	C:\Windows\system32\Tasks\Driver Booster Scan
2014-11-11 07:45:15	F6495BE4A2FBECE89124BE75DF5FEA9D	3146	----a-w-	C:\Windows\system32\Tasks\Driver Booster Update
2014-10-24 12:00:51	A1FFCA7144605FF7DA4750C6790FCD20	1014	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-862677247-1756649656-1137367909-1000Core1cfef8228035e10.job
2014-10-15 15:41:54	6B2EBFE804A8AB9BCD4820D39CFF7755	3812	----a-w-	C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1390489823
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-11-11 13:08:19	--------	d-----w-	C:\Program Files\ALDI Foto bestelsoftware
2014-11-11 07:52:15	--------	d-----w-	C:\Program Files\Microsoft Mouse and Keyboard Center
2014-11-10 09:52:20	--------	d-----w-	C:\Program Files\Fotoalbum
2014-11-09 13:20:33	--------	d-----w-	C:\Program Files\Common Files\Java
2014-11-06 12:51:34	--------	d-----w-	C:\Program Files\LibreOffice 4
2014-11-05 06:44:37	--------	d-----w-	C:\Program Files\Greenshot
2014-11-05 06:37:06	--------	d-----w-	C:\Program Files\stinger
2014-11-04 06:00:10	--------	d-----w-	C:\Program Files\VS Revo Group
======= C: =====
====== C:\Users\Wilco\AppData\Roaming ======
2014-11-06 08:24:13	--------	d-----w-	C:\Users\Wilco\AppData\Local\EvernoteNW
2014-11-05 06:45:00	--------	d-----w-	C:\Users\Wilco\AppData\Roaming\Greenshot
2014-11-05 06:44:59	--------	d-----w-	C:\Users\Wilco\AppData\Local\Greenshot
2014-11-04 06:00:26	--------	d-----w-	C:\Users\Wilco\AppData\Local\VS Revo Group
====== C:\Users\Wilco ======
2014-11-12 07:40:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALDI Foto bestelsoftware
2014-11-11 13:32:06	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Wilco\Downloads\RSIT(1).exe
2014-11-11 12:55:25	8ED917CB01B8029C454AC62CF7753FDC	798912	----a-w-	C:\Users\Wilco\Downloads\SyncBack_Setup_inst.exe
2014-11-11 07:53:15	C6A350CD40882804B4742AD96BA639B6	10800528	----a-w-	C:\Users\Wilco\Downloads\driver_booster_setup(1).exe
2014-11-11 07:52:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2014-11-11 07:45:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-11-11 07:44:00	C6A350CD40882804B4742AD96BA639B6	10800528	----a-w-	C:\Users\Wilco\Downloads\driver_booster_setup.exe
2014-11-10 14:57:54	9FCF12BEE6B5D4C94C3FC05DE9239D19	5517496	----a-w-	C:\Users\Wilco\Downloads\MaxUtilities_Setup.exe
2014-11-10 14:44:33	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Wilco\Downloads\RSIT.exe
2014-11-10 10:13:48	F0762F1795DA7CCD8D6D6FF223F389BF	46342192	----a-w-	C:\Users\Wilco\Downloads\FoxitReader615.0624_prom_L10N_Setup.exe
2014-11-10 09:55:53	75E06B3C52C38B9854EA3E522DE88181	265694048	----a-w-	C:\Users\Wilco\Downloads\ALDI_Foto_bestelsoftware_Setup.exe
2014-11-09 13:18:32	--------	d-----w-	C:\Users\Public\Foxit Software
2014-11-09 13:18:07	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-11-09 13:15:21	2A6EDF9A0AA7E496A1CDB275F2F71C79	37730024	----a-w-	C:\Users\Wilco\Downloads\FoxitReader703.0916_enu_Setup.exe
2014-11-09 13:11:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-11-06 12:52:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2014-11-05 06:44:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Greenshot
2014-11-05 06:29:53	--------	d-----w-	C:\ProgramData\Unchecky
2014-11-04 06:00:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-11-04 06:00:15	--------	d-----w-	C:\ProgramData\VS Revo Group
2014-10-31 05:19:06	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skitch

====== C: exe-files ==
2014-11-12 07:40:35	897B8F4DBEEAACA2E6A4CB18D4ABF1DB	63450	----a-w-	C:\Program Files\ALDI Foto bestelsoftware\Uninstall.exe
2014-11-11 08:00:20	00750AA417E59292AD766ABFAF596AB9	1013616	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
2014-11-11 08:00:18	557B06A7B30C27AA89F76ECCB9925D1D	2897496	----a-w-	C:\Program Files\Realtek\Audio\HDA\MaxxAudioControl.exe
2014-11-11 08:00:16	607DBD5AF746909DE2514F7D815A93DD	75808	----a-w-	C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-11-11 07:58:08	6B6416D475289340DFFA2898BB56D762	600680	----a-w-	C:\Program Files\NVIDIA Corporation\Uninstall\nvunrm.exe
2014-11-11 07:54:17	58F1D8E95E8D061EEAC3A04E4CBD1DB0	1197376	----a-w-	C:\Program Files\IObit\Driver Booster\unins000.exe
2014-11-11 07:53:49	09DFA5BADF7FCC899625418F98C7CBD8	600680	----a-w-	C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe
2014-11-11 07:53:38	09DFA5BADF7FCC899625418F98C7CBD8	600680	----a-w-	C:\Program Files\NVIDIA Corporation\Uninstall\nvusmu.exe
2014-11-11 07:45:11	7C98BFB1A71E4E473418B0A94B3E5870	2154784	----a-w-	C:\Program Files\IObit\Driver Booster\Freeware\Driver_Booster_FreeSoftwareDownloader.exe
2014-11-11 07:45:06	B80235CD74644FEC41A8306355AB40CF	1046848	----a-w-	C:\Program Files\IObit\Driver Booster\DpInst\x64\dpinst.exe
2014-11-11 07:45:06	7B6C4C8F3E873D39F49FCD69E3860413	582976	----a-w-	C:\Program Files\IObit\Driver Booster\DrvInstall\DpInstX32.exe
2014-11-11 07:45:06	67F4DC9D22FCE62AF172214F556438DD	921408	----a-w-	C:\Program Files\IObit\Driver Booster\DpInst\x86\dpinst.exe
2014-11-11 07:45:06	54000CF2F4D567E3BBB275CB6A22D581	874816	----a-w-	C:\Program Files\IObit\Driver Booster\DrvInstall\DpInstX64.exe
2014-11-11 07:45:04	DB1D053B89E946853F42191866AD0FC2	229184	----a-w-	C:\Program Files\IObit\Driver Booster\MakeSFX.exe
2014-11-11 07:45:04	DAB8B44870B0E617E1DCD3A36F45FF4B	197952	----a-w-	C:\Program Files\IObit\Driver Booster\ChangeIcon.exe
2014-11-11 07:45:04	7C98BFB1A71E4E473418B0A94B3E5870	2154784	----a-w-	C:\Program Files\IObit\Driver Booster\IObitDownloader.exe
2014-11-11 07:45:04	6653D80A4256977DE82F51694082BCC1	63296	----a-w-	C:\Program Files\IObit\Driver Booster\Scheduler.exe
2014-11-11 07:45:04	344D4C1CAD7D3A52375F4AEDC6B8D265	1889088	----a-w-	C:\Program Files\IObit\Driver Booster\Promote.exe
2014-11-11 07:45:04	046B5F9A7D09DEBF1BDB5C81DC70F487	24896	----a-w-	C:\Program Files\IObit\Driver Booster\AUpdate.exe
2014-11-11 07:45:03	F0B8AD6658597672A10A24060BB1041E	4108608	----a-w-	C:\Program Files\IObit\Driver Booster\DriverBooster.exe
2014-11-11 07:45:03	964E4209BC7585DA3E3A9D5688B8EB94	1391936	----a-w-	C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
2014-11-11 07:45:03	7E6020C67D30539389A16EDD23092D48	1050944	----a-w-	C:\Program Files\IObit\Driver Booster\SetupHlp.exe
2014-11-10 10:49:51	0EF53619F8DF1BC6AB2616920D250B2A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IV5FRWB.exe
2014-11-10 09:50:57	330919D5700C6A391FC0A18799B3A6A4	1624256	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RV5FRWB.exe
2014-11-10 08:35:47	41DCFDD833CB567E4146207B4565D62D	1479392	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\unins000.exe
2014-11-09 13:33:18	5BDB810DD77A0BE8CD056452E7587A32	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IS1V1NY.exe
2014-11-09 13:33:08	B2245966F753C0F83871ED4978D6D4F3	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IVUAEYG.exe
2014-11-09 13:33:03	7279649D2101DE4B2186D40D188EE05E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IPIJ5YU.exe
2014-11-09 13:32:56	9D6194B0B5E9F21FCD3AE98C9FCFB917	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$I03EPET.exe
2014-11-09 13:32:48	AC49BFB369A77967B135F130787B0566	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$I08Y9RT.exe
2014-11-09 13:32:39	B49A60FAC1F830CE905DA2D4086D0550	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IEXQA0C.exe
2014-11-09 13:32:28	286861326F37E4655D31B6D5F5449E9C	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$I9A0BF9.exe
2014-11-09 13:18:06	A27E29C299C073D711A12761E32998DD	98016	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe
2014-11-09 13:18:03	FCDC387B6AFA528179DB36BAC330322D	2093280	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\SendCrashReport.exe
2014-11-09 13:18:01	6E41E16283463ED20104480490541D0D	11231456	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\FoxitUpdater.exe
2014-11-09 13:17:57	67351E23225583A36DE8028DC740B1C1	62176	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\plugins\Creator\FXC_ProxyProcess.exe
2014-11-09 13:17:57	5F85DFA22C11C48B56F58473A335DA2C	42093280	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe
2014-11-09 13:17:56	EDD8457EFA827A0C53E33215A39B7137	2004704	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\UninstallPrint.exe
2014-11-09 13:17:45	6D52C01B49CB42E148BEA6D66E1F5D5A	2273504	----a-w-	C:\Program Files\Foxit Software\Foxit Reader\TrackReview.exe
2014-11-09 13:13:46	7C4773E5B9DB80A9B9A3B94FE0D443B9	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IUT48NZ.exe
2014-11-09 13:13:35	A906F985F258A3CB3109CC44A7C82A37	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IW9DJWF.exe
2014-11-09 13:09:01	1ABF814A13B5BB2CDDC9ABF9ACE10D1A	97452896	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RUT48NZ.exe
2014-11-09 10:24:13	E0797E7358557BE996F1F367D1F1E0FC	46525608	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$REXQA0C.exe
2014-11-09 10:23:52	2CDD85286C5531557F3F20A7CAFA7291	29727656	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$R03EPET.exe
2014-11-09 10:23:26	4E536D3DCB6DEBBAF0AD204A9D72419B	770360	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RVUAEYG.exe
2014-11-09 10:22:49	F974C4EFDC10D85912397B11D85AD36E	499976	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RS1V1NY.exe
2014-11-09 10:22:30	3F895E11B4D3ED4FFDAEA82251EFE459	770360	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$R9A0BF9.exe
2014-11-09 07:10:22	49801EEF5EFDA4B6CB0795A82AEB05E4	1624032	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$R08Y9RT.exe
2014-11-09 06:55:18	C75D14F8C65B1854818A2D9878F247B0	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IRS0V4U.exe
2014-11-09 06:54:41	245DCB5708375B8E7AE8B62F1D884BAA	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IYNIW52.exe
2014-11-09 06:54:34	CE5C6302AE454ACC67F8F59F1D039F1A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$ISM17TW.exe
2014-11-09 06:54:30	8C0B4BCA9793B17D29F3F949A3CAB8E1	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$IHGVL1A.exe
2014-11-08 12:17:55	75E06B3C52C38B9854EA3E522DE88181	265694048	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RHGVL1A.exe
2014-11-06 14:11:22	04F066F5904AF37D045DC814CD3BA292	1271536	----a-w-	C:\Program Files\2BrightSparks\SyncBackFree\unins000.exe
2014-11-06 14:10:44	45D0D5E0255861EE55483DE62B3C4693	13895496	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RYNIW52.exe
2014-11-06 14:09:50	45D0D5E0255861EE55483DE62B3C4693	13895496	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RPIJ5YU.exe
2014-11-06 10:31:33	75E06B3C52C38B9854EA3E522DE88181	265694048	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-862677247-1756649656-1137367909-1000\$RSM17TW.exe
2014-11-05 20:40:34	F9B0F2FB6F418667BCE7ED0C6DCC2B59	154464	----a-w-	C:\Program Files\Evernote\Evernote\EvernoteCleanup.exe
2014-11-05 20:40:20	1BAE7F92F8D3D3BB14A1432B63DF66D3	4516192	----a-w-	C:\Program Files\Evernote\Evernote\ENScript.exe
2014-11-05 20:40:14	36E2DAF8D6992ED8571ED73E238308DE	41697120	----a-w-	C:\Program Files\Evernote\Evernote\NodeWebKit\EvernoteNW.exe
2014-11-05 20:40:00	CF40CCA4E94936E566FF369511FB040F	585056	----a-w-	C:\Program Files\Evernote\Evernote\EvernoteThumbnailer.exe
2014-11-05 20:40:00	0FB8F835E0D7B3B94371E4FC323288B5	398688	----a-w-	C:\Program Files\Evernote\Evernote\EvernoteTray.exe
2014-11-05 20:39:58	AB8962B34B990B69BAAD2F18F4784F3F	887136	----a-w-	C:\Program Files\Evernote\Evernote\EvernotePlayer.exe
2014-11-05 20:39:58	9254A4F0F2E80AA8F482C9024272248F	1111904	----a-w-	C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
2014-11-05 20:39:58	4AD75033151F6CFEAD944FF08D157574	19192160	----a-w-	C:\Program Files\Evernote\Evernote\Evernote.exe
=== C: other files ==
2014-11-11 08:00:26	19B572DD46F038509846589DCB702B19	3086040	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_f633b1e2d2f470cb\RTKVHDA.sys
2014-11-11 08:00:26	19B572DD46F038509846589DCB702B19	3086040	----a-w-	C:\Windows\System32\drivers\RTKVHDA.sys
2014-11-11 07:59:44	670869352FE448A733DE674383E306FE	216280	----a-w-	C:\Windows\System32\DriverStore\FileRepository\rtsustor.inf_x86_neutral_99b8f00f9c8c0810\RtsUStor.sys
2014-11-11 07:59:44	670869352FE448A733DE674383E306FE	216280	----a-w-	C:\Windows\System32\drivers\RtsUStor.sys
2014-11-11 07:59:21	9F8EE4948B7ADD9D12F778F61A2758A4	162592	----a-w-	C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_x86_neutral_e1ba75768c57b62b\nvhda32v.sys
2014-11-11 07:59:21	9F8EE4948B7ADD9D12F778F61A2758A4	162592	----a-w-	C:\Windows\System32\drivers\nvhda32v.sys
2014-11-11 07:59:21	47FEB587AAE06F6717FCABF8BCF184FD	129312	----a-w-	C:\Windows\System32\DriverStore\FileRepository\nvhda.inf_x86_neutral_e1ba75768c57b62b\nvhda32.sys
2014-11-11 07:58:37	79C8488DFA2AA377441645123CB73845	204432	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdaati.inf_x86_neutral_04331477f752e3ef\RtHDMIV.sys
2014-11-11 07:58:37	79C8488DFA2AA377441645123CB73845	204432	----a-w-	C:\Windows\System32\drivers\RtHDMIV.sys
2014-11-11 07:58:08	84427C3B7488BD05D89D86163401B3EC	291560	----a-w-	C:\Windows\System32\DriverStore\FileRepository\nvfd6x32.inf_x86_neutral_937e9358fe3ccbc0\nvmfdx32.sys
2014-11-11 07:58:08	0219B05730635FCAB3A9925D3374C464	296936	----a-w-	C:\Windows\System32\DriverStore\FileRepository\nvfd6x32.inf_x86_neutral_937e9358fe3ccbc0\nvm62x32.sys
2014-11-11 07:58:08	0219B05730635FCAB3A9925D3374C464	296936	----a-w-	C:\Windows\System32\drivers\nvmf6232.sys
2014-11-11 07:53:38	97778C3CB3AF6B2243648D0DCD4D8916	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sata_ide\nvstor32.sys
2014-11-11 07:53:38	02A9F366BCB94B286E34825B2094CB38	18944	----a-w-	C:\Windows\System32\DriverStore\FileRepository\smuc.inf_x86_neutral_ee59a20d45ab7799\nvsmu.sys
2014-11-11 07:53:38	02A9F366BCB94B286E34825B2094CB38	18944	----a-w-	C:\Windows\System32\drivers\nvsmu.sys
2014-11-11 07:53:38	02A9F366BCB94B286E34825B2094CB38	18944	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\SMU\nvsmu.sys
2014-11-11 07:53:37	8C98D67A228B7C4476656B80633CD485	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\nvstor32.sys
2014-11-11 07:53:37	2C1DB31FA06170C8671EA0E7CD0E69AC	139368	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\WinVista\sataraid\nvrd32.sys
2014-11-11 07:53:36	97778C3CB3AF6B2243648D0DCD4D8916	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sata_ide\nvstor32.sys
2014-11-11 07:53:36	8C98D67A228B7C4476656B80633CD485	215656	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\nvstor32.sys
2014-11-11 07:53:36	84427C3B7488BD05D89D86163401B3EC	291560	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\nvmfdx32.sys
2014-11-11 07:53:36	2C1DB31FA06170C8671EA0E7CD0E69AC	139368	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\IDE\Win7\sataraid\nvrd32.sys
2014-11-11 07:53:36	0219B05730635FCAB3A9925D3374C464	296936	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Ethernet\nvm62x32.sys
2014-11-11 07:53:29	6C6D6701A76529963F9416D285D2F4D9	24680	----a-w-	C:\Users\Wilco\AppData\Local\Temp\Dbz59B5B\Awy\nvamacpi.sys
2014-11-11 07:48:52	56E08C5366865A8DE8D106BFC27490A4	44208	----a-w-	C:\Windows\System32\DriverStore\FileRepository\point32.inf_x86_neutral_9a39fda1a2edc1ed\point32.sys
2014-11-11 07:48:52	56E08C5366865A8DE8D106BFC27490A4	44208	----a-w-	C:\Windows\System32\drivers\point32.sys
2014-11-09 06:48:30	600630D8A1703CFC9ED00E20C0CA6212	575984	----a-w-	C:\Program Files\stinger\mfehidk.sys
2014-11-09 06:48:30	469F5BC46C4850FC653365005C58E076	94520	----a-w-	C:\Program Files\stinger\mferkdet.sys
2014-11-08 06:26:45	0E13D04A111D2C44EF61FCD94D582D5C	210	----a-w-	C:\Users\Wilco\AppData\Local\Temp\tmpBB63.vbs
2014-11-07 06:48:51	9F2C31E779855342DAAA57D3B760D37F	11752863	----a-w-	C:\Users\Public\Desktop\fsdiag.zip
2014-11-05 20:39:54	E33D484B794C8CB3B52F7D48B55324CA	2898964	----a-w-	C:\Program Files\Evernote\Evernote\Atlas.zip
2014-11-05 20:39:54	7FBD5F4F10995067C64D02382B5896BB	1490329	----a-w-	C:\Program Files\Evernote\Evernote\Announcements.zip
2014-11-05 20:39:54	7704E0FAAA50482FC4166A13623DDD35	19129	----a-w-	C:\Program Files\Evernote\Evernote\MessageView.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Copy"="C:\Users\Wilco\AppData\Roaming\Copy\CopyAgent.exe"

[HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN3981330M0602:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1"
"Google Update"="C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify"="C:\Users\Wilco\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"GoogleChromeAutoLaunch_6ED97802CEDA0576BDCF631126D91757"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"
"Spotify Web Helper"="C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\MyDriveConnect.exe"
"B96496BDCBE9D60B693EEE688C6986BC756C8358._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"
"Skitch"="C:\Program Files\Evernote\Skitch\Skitch.exe -start-on-hide"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Copy"="C:\Users\Wilco\AppData\Roaming\Copy\CopyAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"NVRaidService"="C:\Windows\system32\nvraidservice.exe"
"NvSvc"="RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"F-Secure Hoster (45123)"="C:\Program Files\Internetbeveiliging\fshoster32.exe -app -hosterid:1"
"F-Secure Manager"="C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash"
"Greenshot"="C:\Program Files\Greenshot\Greenshot.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SDTray"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN3981330M0602:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1"
"Google Update"="C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify"="C:\Users\Wilco\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"GoogleChromeAutoLaunch_6ED97802CEDA0576BDCF631126D91757"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"
"Spotify Web Helper"="C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"MyDriveConnect.exe"="C:\Program Files\MyDrive Connect\MyDriveConnect.exe"
"B96496BDCBE9D60B693EEE688C6986BC756C8358._service_run"="C:\Program Files\Google\Chrome\Application\chrome.exe --type=service"
"Skitch"="C:\Program Files\Evernote\Skitch\Skitch.exe -start-on-hide"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent Sync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BitTorrent Sync"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\BitTorrent Sync\\BTSync.exe\"  /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Copy]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Copy"
"hkey"="HKCU"
"command"="\"C:\\Users\\Wilco\\AppData\\Roaming\\Copy\\CopyAgent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GBMLite8AgentLaCie]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GBMLite8AgentLaCie"
"hkey"="HKLM"
"command"="C:\\Program Files\\LaCie\\Genie Backup Assistant\\GBMAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Desktop Search"
"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files\\Samsung\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="C:\\Program Files\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyPoi Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MyPoi Monitor"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\MyPoiWorld Shared\\MyPoiMonitor\\MyPoiMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyTomTomSA.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MyTomTomSA.exe"
"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCMMediaSharing]
"command"="C:\\Program Files\\Acer Arcade Live\\Acer HomeMedia Connect\\Kernel\\DMS\\PCMMediaSharing.exe"
"hkey"="HKLM"
"item"="PCMMediaSharing"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Rohos]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Rohos"
"hkey"="HKCU"
"command"="C:\\Program Files\\Rohos\\agent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SDTray"
"hkey"="HKLM"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skitch]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skitch"
"hkey"="HKCU"
"command"="C:\\Program Files\\Evernote\\Skitch\\Skitch.exe -start-on-hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Wilco\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SpybotSD TeaTimer"
"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toolwiz BSafe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Toolwiz BSafe"
"hkey"="HKCU"
"command"="\"F:\\Toolwiz BSafe\\BSafe.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UnlockerAssistant]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UnlockerAssistant"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Unlocker\\UnlockerAssistant.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UsbBoost]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UsbBoost"
"hkey"="HKLM"
"command"="C:\\Program Files\\UsbBoost\\TurboHddUsb.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
"backup"="C:\\Windows\\pss\\Empowering Technology Launcher.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Acer\\EMPOWE~1\\EAPLAU~1.EXE 9999"
"item"="Empowering Technology Launcher"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"item"="HP Digital Imaging Monitor"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iPrint.lnk]
"backup"="C:\\Windows\\pss\\iPrint.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\iPrint\\iPrint.exe "
"item"="iPrint"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
"backup"="C:\\Windows\\pss\\Secunia PSI Tray.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"item"="Secunia PSI Tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wilco^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Wilco\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wilco^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
"backup"="C:\\Windows\\pss\\EvernoteClipper.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\Evernote\\Evernote\\EVERNO~2.EXE "
"item"="EvernoteClipper"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wilco^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeClip.lnk]
"backup"="C:\\Windows\\pss\\FreeClip.lnk.Startup"
"backupExtension"=".Startup"
"item"="FreeClip"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HitmanProScheduler]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mfefire]


==== Startup Folders ======================

2014-08-10 14:54:11	1050	----a-w-	C:\Users\Wilco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-12-05 10:44:46	1948	----a-w-	C:\Users\Wilco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk
2014-07-14 16:40:12	1226	----a-w-	C:\Users\Wilco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
2014-04-25 09:57:22	2020	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-11-2014 08:56]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-11-2014 13:51]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02-11-2014 13:51]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-862677247-1756649656-1137367909-1000Core1cf8fb3e3727200.job --a------ C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe [24-10-2014 13:00]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-862677247-1756649656-1137367909-1000Core1cfef8228035e10.job --a------ C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe [24-10-2014 13:00]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-862677247-1756649656-1137367909-1000UA.job --a------ C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe [24-10-2014 13:00]
C:\Windows\tasks\NeroLiveEpgUpdate-WILCO_Wilco.job --a------ C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\ASC7_SkipUac_Wilco" ["C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe" /SkipUac]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\Driver Booster Scan" [C:\Program Files\IObit\Driver Booster\Scheduler.exe]
"C:\Windows\system32\tasks\Driver Booster SkipUAC (Wilco)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\system32\tasks\Driver Booster Update" [C:\Program Files\IObit\Driver Booster\AutoUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-862677247-1756649656-1137367909-1000Core" [C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-862677247-1756649656-1137367909-1000UA" [C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\MessageCheck.exe]
"C:\Windows\system32\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe]
"C:\Windows\system32\tasks\HPCustParticipation HP Photosmart 5520 series" ["C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe"]
"C:\Windows\system32\tasks\hpUrlLauncher.exe_{64A5156D-D725-4B6B-B1BF-574078D6C5DC}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe]
"C:\Windows\system32\tasks\hpUrlLauncher.exe_{79FC9B63-D1B0-4821-8E23-7347B2A6ACF9}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe]
"C:\Windows\system32\tasks\hpUrlLauncher.exe_{A5B6A856-527D-4DEA-98B7-A3A79ECAE45C}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe]
"C:\Windows\system32\tasks\hpUrlLauncher.exe_{B8C4A858-70CE-42B2-973D-5709D4546E9B}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe]
"C:\Windows\system32\tasks\hpUrlLauncher.exe_{D8E798CA-F55B-4067-98AB-81440CBBB70C}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe]
"C:\Windows\system32\tasks\hpUrlLauncher.exe_{E7978BCE-B020-46A4-B50A-59DDBAC6FD85}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe]
"C:\Windows\system32\tasks\hpUrlLauncher.exe_{FF92056A-C456-458F-B9C4-544297F09732}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe]
"C:\Windows\system32\tasks\NeroLiveEpgUpdate-WILCO_Wilco" [C:\Program Files\Nero\Nero 9\Nero Live\NeroLive.exe]
"C:\Windows\system32\tasks\Opera scheduled Autoupdate 1390489823" [C:\Program Files\Opera\launcher.exe]
"C:\Windows\system32\tasks\ParetoLogic Registration3" [C:\Windows\system32\rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns]
"C:\Windows\system32\tasks\ParetoLogic Update Version3" [C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe]
"C:\Windows\system32\tasks\ParetoLogic Update Version3 Startup Task" [C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe]
"C:\Windows\system32\tasks\PC Health Advisor" [C:\Program Files\ParetoLogic\PCHA\PCHA.exe]
"C:\Windows\system32\tasks\PC Health Advisor Defrag" [C:\Program Files\ParetoLogic\PCHA\PCHA.exe]
"C:\Windows\system32\tasks\ScanToPCActivationApp.exe_{7DE7D82C-3D52-4D98-8D91-361B3E9982F4}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe]
"C:\Windows\system32\tasks\ScanToPCActivationApp.exe_{9298C79D-C128-47F4-B6F4-501E1D078E3D}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe]
"C:\Windows\system32\tasks\ScanToPCActivationApp.exe_{D56873E1-4BAA-45B0-BE84-E990E1EAF5D8}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe]
"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\system32\tasks\Toolbox.exe_{3454A451-A1A2-4E64-A970-15613DCE4713}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\Toolbox.exe]
"C:\Windows\system32\tasks\Toolbox.exe_{4AC02348-EFCA-461A-9932-D7F99FCC9C8A}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\Toolbox.exe]
"C:\Windows\system32\tasks\Toolbox.exe_{B3A88746-E19F-40F2-8ED3-980BBF980146}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\Toolbox.exe]
"C:\Windows\system32\tasks\Toolbox.exe_{D61BBD0B-AD89-45A0-93BD-E07CFC2C4547}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\Toolbox.exe]
"C:\Windows\system32\tasks\Toolbox.exe_{F1561A30-38D3-40FF-BB11-854F8CAABB22}" [C:\Program Files\HP\HP Photosmart 5510 series\Bin\Toolbox.exe]
"C:\Windows\system32\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{46FE5129-8106-4061-ACC7-21939AB8A467}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{6F403648-75FF-4021-B4A4-C680C2E629C8}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Afbeeldingen" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Boeken" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Contacts" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Dagafschriften" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Davilex" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Documenten" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree E-mail contacts favorieten" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Email" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree favorites" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Financiën" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Maandelijks" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Mijn financiële zaken" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Muziek" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Passwords" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\2BrightSparks\SyncBackFree\WILCO-Wilco\SyncBackFree Program files" [C:\Program Files\2BrightSparks\SyncBackFree\SyncBackFree.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"]
"C:\Windows\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe"]
"C:\Windows\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"quickprint@hp.com"="C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension" [26-01-2011 14:27]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [17-02-2010 10:21]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328
- Undetermined - C:\Program Files\IObit Apps Toolbar\FF
- Undetermined - {E0B8C461-F8FB-49b4-8373-FE32E9252800}
- Undetermined - 2.0@disconnect.me
- Undetermined - isreaditlater@ideashower.com
- Undetermined - support@lastpass.com
- Undetermined - {73a6fe31-595d-460b-a920-fcc0f8843232}
- Undetermined - donottrackplus@abine.com
- Undetermined - %ProfilePath%\extensions\0db1244977147da61b16decbb97aff8babedac2dca98de9ce27984727436e7bb_lp.key
- Undetermined - %ProfilePath%\extensions\0db1244977147da61b16decbb97aff8babedac2dca98de9ce27984727436e7bb_lp.key
- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com
- Pocket - %ProfilePath%\extensions\isreaditlater@ideashower.com
- LastPass - %ProfilePath%\extensions\support@lastpass.com
- Evernote Web Clipper - %ProfilePath%\extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
- Disconnect - %ProfilePath%\extensions\2.0@disconnect.me.xpi
- CleanPrint - %ProfilePath%\extensions\cleanprint@formatdynamics.com.xpi
- Terms of Service; Didnt Read - %ProfilePath%\extensions\jid0-3GUEt1r69sQNSrca5p8kx9Ezc3U@jetpack.xpi
- HTTPtoHTTPS - %ProfilePath%\extensions\jid0-ad08RZ08iNQBNTcg20ZWy84a73I@jetpack.xpi
- Translate This - %ProfilePath%\extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi
- DuckDuckGo Plus - %ProfilePath%\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
- MyPermissions Cleaner - %ProfilePath%\extensions\{6140bbfd-aa20-11e1-aba7-109add603214}.xpi
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Consumentenbond InformBar - %ProfilePath%\extensions\{c4860a46-18a0-4ee2-973d-a85ddafa93c1}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Wilco\AppData\Roaming\TomTom\HOME\Profiles\6e3nn6xx.default
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com

AppDir: C:\Program Files\Mozilla Firefox
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328
40AAE0A1A4F664828DF5A95875AEA1C8	- C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll -	Google Update
63F8C13F269B10BC9363B007DAAACAE6	- C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll -	Shockwave Flash
40AAE0A1A4F664828DF5A95875AEA1C8	- C:\Users\Wilco\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll -	Google Update
64C4ADE063A9C93D3BAE09922AD90C27	- C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
446BCAE59E26321802E000FC3E0C390A	- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
56F5E4EB843F2351FDDB83396543FF78	- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll -	Foxit Reader Plugin for Mozilla
9419AA8A2799526EC32B473C2BB7A10D	- C:\Program Files\Google\Picasa3\npPicasa3.dll -	Picasa
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
893BF7D2261C56C24F813405D9D018E0	- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll -	Silverlight Plug-In
A85DDF6ABB0F540EF0800D5CF824C0E6	- C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll -	Foxit PhantomPDF Plugin for Mozilla
F0E80E561C3F715DB01ACCC97B72463A	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Photo Gallery
0CA4180B21C6B728578F3B0433BB740E	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
5B92CB0A3EEE50F6B9AE036B4F9B0F0C	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies
65D5FF4B089A1E1B0C1BC81F045C5094	- C:\Program Files\Virtual Earth 3D\npVE3D.dll -	Virtual Earth 3D 4.00090316005 plugin for Mozilla
AB87EEFFD18F2BAAFC274E7075EA6C67	- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -	Windows Presentation Foundation / Windows Presentation Foundation
8DA2ED6B04EA33F2EAE8BA883F903729	- C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll -	Microsoft® Silverlight


==== Deleted Firefox Extensions ======================

C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\extensions\donottrackplus@abine.com deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
enhljpgmfjednccepebhodcpbdbdpjch - No path found[]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[12-10-2013 12:04]
niogeckbkdcabhnapjbkeiklablhjoca - No path found[]

Proxy Service - Wilco\AppData\Local\Epic Privacy Browser\User Data\Default\Extensions\bfnhnefchjpncddinphaaghojhkdiicd
Encrypted Connection Preference - Wilco\AppData\Local\Epic Privacy Browser\User Data\Default\Extensions\gldbhgnhlaiagaifjoilpoldndcgnkfd
Umbrella Button - Wilco\AppData\Local\Epic Privacy Browser\User Data\Default\Extensions\lnbljomoelmhegncbidenhndbelgdahg
Epic Filter - Wilco\AppData\Local\Epic Privacy Browser\User Data\Default\Extensions\ojmkmloghldahkpgloknaapbpembjija
AutoPatchWork - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeolcjbaammbkgaiagooljfdepnjmkfd
Google Docs - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Consumentenbond InformBar - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcomninkjloljbaklalcpcnacnognje
Bookmark Sentry (scanner) - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga
Show the YouTube Channel bar or the name. - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn
YouTube - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
DuckDuckGo for Chrome - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpphkkgodbfncbcpgopijlfakfgmclao
AddThis - Share & Bookmark (new) - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde
Google Search - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Bookmark Sentry - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegemblolpamdgdahcfhiajpjdidibde
Black Menu for Googleâ„¢ - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke
YoWindow Weather - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef
Print or PDF with CleanPrint - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fklmmmdcofimkjmfjdnobmmgmefbapkf
Google Analytics Opt-out Add-on by Google - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh
HTTPS Everywhere - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp
Vanilla - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gieohaicffldbmiilohhggbidhephnjj
AdBlock - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
LastPass - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd
Safe Preview - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmbdchmgaaihfdlphhcdlecjehdngbk
WebWinkelChecker - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinppecmejpiipipaplhmibbiahjghmk
Google Dictionary (by Google) - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja
Ghostery - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
Downloader - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm
AVG Secure Search - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Advanced SystemCare Surfing Protection - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
RSS Subscription Extension by Google - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd
Google Wallet - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Readability - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi
Google Calendar Checker - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek
Evernote Web Clipper - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc
Gmail - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
iReader - Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppelffpjgkifjfgnbaaldcehkpajlmbc
Evernote Web Clipper - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\afgbccjghcnbcdjgogpckamibfkceahd
Ghostery - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg
HTTPS Everywhere - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\edaplhobcmdaneconioghljnnopmkhgm
Disconnect - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\hciohocinlhbdkbjldffomiadmnhjnoj
Pocket (formerly Read It Later) - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\hedlhkdmdlcjhiblbmfggdiaeekblnoi
LastPass - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo
Translate - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed
Last updated at time on date - Wilco\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp

==== Chromium Fix ======================

C:\Users\Wilco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://trovi.com?SearchSource=10&CUI=UN20940738143003919&UM=4&ctid=CT3329621"
"Search Bar"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
"Default"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{462A5B55-0F4F-4179-A01F-978AC73E7DDF} Wikipedia (nl) Url="http://nl.wikipedia.org/w/index.php?title=Speciaal:Zoeken&search={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_nl"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-862677247-1756649656-1137367909-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\enhljpgmfjednccepebhodcpbdbdpjch deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A5E785-5197-4EAD-8EE3-D660271E49BC} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\587E5A317915DAE4E83E6D0672E194CB deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toolwiz BSafe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent deleted successfully

==== HijackThis Entries ======================

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Google Analytics Opt-out Browser Add-on - {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} - C:\Program Files\Google\Google Analytics Opt-Out\gaoptout.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [F-Secure Hoster (45123)] "C:\Program Files\Internetbeveiliging\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [Greenshot] C:\Program Files\Greenshot\Greenshot.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] "C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN3981330M0602:NW" -scfn "HP Photosmart 5520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Wilco\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Spotify] "C:\Users\Wilco\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6ED97802CEDA0576BDCF631126D91757] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Wilco\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [MyDriveConnect.exe] C:\Program Files\MyDrive Connect\MyDriveConnect.exe
O4 - HKCU\..\Run: [B96496BDCBE9D60B693EEE688C6986BC756C8358._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [Skitch] C:\Program Files\Evernote\Skitch\Skitch.exe -start-on-hide
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [Copy] "C:\Users\Wilco\AppData\Roaming\Copy\CopyAgent.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Copy] "C:\Users\Wilco\AppData\Roaming\Copy\CopyAgent.exe" (User 'Default user')
O4 - Startup: Dropbox.lnk = Wilco\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk = ?
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files\Common Files\lpuninstall.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Afbeelding knippen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Kopieer selectie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Kopieer URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Nieuwe notitie - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Pagina opemen - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: (no name) - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll
O9 - Extra 'Tools' menuitem: About Email ID - {BC3F6B6D-2E49-4603-B028-7411655713F3} - C:\Program Files\Iconix\IEAddOn\IconixBHO_46.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - Invalid registry found
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O21 - SSODL: EldosMountNotificator-cbfs4 - {CDF86991-33A6-4493-BA44-14F6B1CB3280} - C:\Windows\system32\cbfsMntNtf4.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {CDF86991-33A6-4493-BA44-14F6B1CB3280} - C:\Windows\system32\cbfsMntNtf4.dll
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: BingBar Service (BBSvc) - Unknown owner - C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe (file missing)
O23 - Service: BBUpdate - Unknown owner - C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Corporation - C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Google Update Service (gupdate1c9861ddb57cde0) (gupdate1c9861ddb57cde0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iconix Update Service (IconixService) - Unknown owner - C:\Program Files\Common Files\Iconix\IconixService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Windows\system32\mfevtps.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wilco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wilco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Wilco\AppData\Local\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\cache2 emptied successfully
C:\Users\Wilco\AppData\Roaming\Mozilla\Firefox\Profiles\o0g3l72o.default-1388916247328\ReadItLater\RIL_assets\www.simyo.nl\blog\wp-content\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Wilco\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Wilco\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================


==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Wilco\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Wilco\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\Microsoft\BingBar"  not found

==== EOF on wo 12-11-2014 at 11:59:18,47 ======================