Logfile of random's system information tool 1.10 (written by random/random) Run by Stephane Delhove at 2015-01-03 14:15:44 Microsoft Windows 8.1 Enterprise System drive C: has 268 GB (58%) free of 464 GB Total RAM: 16295 MB (79% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:16:10, on 3/01/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe C:\Users\Stephane Delhove\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\Wolfram Research\Mathematica\10.0\SystemFiles\Converters\Binaries\Windows-x86-64\XML.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Stephane Delhove.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Microsoft Web Test Recorder 12.0 Helper - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\Run: [EaseUS TB Tray Agent] "C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: @%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000 (c2wts) - Unknown owner - C:\Program Files (x86)\Windows Identity Foundation\v3.5\c2wtshost.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11088 bytes ======Listing Processes====== wininit.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Backup "C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe" C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Cache C:\WINDOWS\System32\SvcHost.exe -k BullGuard C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Proxy "C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe" "C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe" "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service "C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe" dashost.exe {15edd547-b7eb-4082-9d0adc2871ccb339} "C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe" "C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\SysWOW64\vmnat.exe C:\WINDOWS\SysWOW64\vmnetdhcp.exe "C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe" "C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe" "C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe" -u "C:\ProgramData\VMware\hostd\config.xml" C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\SearchIndexer.exe /Embedding C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\System32\vds.exe "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8b307d48-b54e-4a6f-817d-444317071f25 -SystemEventPortName:HostProcess-b040ca09-2cd9-4003-ade9-a11b0942dba7 -IoCancelEventPortName:HostProcess-16143885-74b3-432a-8801-0855e06e958b -NonStateChangingEventPortName:HostProcess-bf32fe25-d3b9-4d94-b6d8-11a0a40117cf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1ddc9439-69dd-4810-af77-7c45acfcf4a0 -DeviceGroupId:WudfDefaultDevicePool C:\WINDOWS\System32\WinLogon.exe -SpecialSession -hiberboot atieclxx taskhostex.exe C:\WINDOWS\Explorer.EXE C:\Windows\System32\skydrive.exe -Embedding /QuitInfo:0000000000001384;0000000000001100; /loadhooks /Parent:0000000000001d1c C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="9304.2.950281302\1869949761" /prefetch:673131151 "C:\Windows\System32\igfxtray.exe" "C:\WINDOWS\system32\igfxsrvc.exe" -Embedding "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot "C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe" "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" "C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe" "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan" "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe" "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="5628.1.263656677\906010418" /prefetch:673131151 "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="5628.2.1326275355\2131920555" /prefetch:673131151 "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="5628.3.875334122\737972472" /prefetch:673131151 "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=gpu-process --channel="5628.4.1260001791\666948966" --no-sandbox --lang=en-US --log-severity=disable --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3412 --lang=en-US --log-severity=disable /prefetch:822062411 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\locales" --log-severity=disable --channel="10820.0.1690347618\1355814625" /prefetch:673131151 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\locales" --log-severity=disable --channel="10820.1.247329448\1441739846" /prefetch:673131151 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe" --type=gpu-process --channel="10820.2.769331142\939206077" --no-sandbox --lang=en-US --locales-dir-path="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\locales" --log-severity=disable --supports-dual-gpus=false --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3412 --lang=en-US --locales-dir-path="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\locales" --log-severity=disable /prefetch:822062411 "C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="9304.6.1888095571\321530877" /prefetch:673131151 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="9304.10.1991491644\365241611" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38,41 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3412 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="9304.13.409059681\1800505776" /prefetch:673131151 "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="5628.5.743215043\980975415" /prefetch:673131151 "C:\WINDOWS\system32\SnippingTool.exe" .\SystemFiles\FrontEnd\Binaries\Windows-x86-64\Mathematica.exe MathKernel -sandbox -noinit -pwfile "C:\Program Files\Wolfram Research\Mathematica\10.0\Configuration\Licensing\playerpass" -mathlink -noicon -linkprotocol "SharedMemory" -linkmode connect -linkname "smjrn_shm" MathKernel -mathlink -noicon -linkprotocol "SharedMemory" -linkmode connect -linkname "vzsgw_shm" "C:\Program Files\Wolfram Research\Mathematica\10.0\SystemFiles\Converters\Binaries\Windows-x86-64\XML.exe" -mathlink -linkprotocol "SharedMemory" -linkmode connect -linkname "imkec_shm" "C:\WINDOWS\system32\calc.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/Warning/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="9304.31.833141708\214508628" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="9304.32.1687068128\1816379830" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 "C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Data\SpotifyHelper.exe" --type=renderer --js-flags=--harmony-proxies --no-sandbox --lang=en-US --lang=en-US --log-severity=disable --product-version=Spotify/0.9.15.27.g87efe634 --channel="5628.7.1065816872\409756715" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/Hivemind_A3_Stable_R7_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderDisabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJanuary2017/Warning/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-1-Percent/group_06/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="9304.37.747012615\419343555" /prefetch:673131151 "C:\Users\Stephane Delhove\Downloads\RSITx64.exe" C:\WINDOWS\System32\svchost.exe -k WerSvcGroup ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\Root\Office15\OCHelper.dll [2014-12-30 218784] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL [2014-12-30 2334928] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2014-12-30 153248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{432dd630-7e03-4c97-9d62-b99f52df4fc2}] Microsoft Web Test Recorder 12.0 Helper - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2013-10-05 71520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2014-12-30 1729744] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-03-03 391152] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-03-03 771568] "Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-03-03 770544] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-09-11 2810608] "AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14 557768] "BullGuard"=C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2014-12-22 1357648] "BullGuardUpdate2"=c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2014-12-22 2933072] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"=C:\Users\Stephane Delhove\AppData\Roaming\Spotify\Spotify.exe [2014-12-16 6737976] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2014-10-15 2694320] "vmware-tray.exe"=C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [2014-10-29 112856] "EaseUS TB Tray Agent"=C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [2014-12-15 253992] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2014-01-22 624640] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsMain] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsUpdate] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - .js - open - C:\Program Files (x86)\JetBrains\PhpStorm 8.0.1\bin\PhpStorm.exe "%1" ======List of files/folders created in the last 1 month====== 2015-01-03 14:15:45 ----D---- C:\Program Files\trend micro 2015-01-03 14:15:44 ----D---- C:\rsit 2014-12-31 16:22:13 ----D---- C:\Program Files\MSBuild 2014-12-31 16:16:47 ----D---- C:\ProgramData\NuGet 2014-12-31 16:16:47 ----D---- C:\Program Files (x86)\NuGet 2014-12-31 15:57:38 ----SHD---- C:\Config.Msi 2014-12-30 14:32:18 ----D---- C:\ubuntu 2014-12-30 09:58:57 ----D---- C:\Program Files\Microsoft Office 15 2014-12-22 11:22:10 ----A---- C:\WINDOWS\SYSWOW64\BgGamingMonitor.dll 2014-12-22 11:22:10 ----A---- C:\WINDOWS\system32\BgGamingMonitor.dll 2014-12-22 11:22:09 ----A---- C:\WINDOWS\SYSWOW64\BGLsp.dll 2014-12-22 11:22:09 ----A---- C:\WINDOWS\system32\BGLsp.dll 2014-12-22 11:15:04 ----D---- C:\Program Files\BullGuard Ltd 2014-12-22 11:08:58 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\BullGuard 2014-12-22 11:08:44 ----D---- C:\Program Files\Common Files\BullGuard Ltd 2014-12-22 11:08:25 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\QuickScan 2014-12-22 11:07:52 ----D---- C:\ProgramData\BullGuard 2014-12-18 17:18:51 ----A---- C:\WINDOWS\system32\fbnative.exe 2014-12-18 17:17:21 ----SHD---- C:\BOOT 2014-12-17 16:20:03 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\Papercut 2014-12-16 18:56:09 ----D---- C:\AdwCleaner 2014-12-16 16:14:52 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\Spotify 2014-12-14 22:20:34 ----D---- C:\ProgramData\Brother 2014-12-14 22:20:34 ----A---- C:\WINDOWS\BRWMARK.INI 2014-12-11 20:24:18 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\VMware 2014-12-11 19:12:09 ----A---- C:\WINDOWS\SYSWOW64\vsocklib.dll 2014-12-11 19:12:09 ----A---- C:\WINDOWS\system32\vsocklib.dll 2014-12-11 19:12:09 ----A---- C:\WINDOWS\system32\drivers\vsock.sys 2014-12-11 19:12:09 ----A---- C:\WINDOWS\system32\drivers\vmx86.sys 2014-12-11 19:11:46 ----A---- C:\WINDOWS\SYSWOW64\vmnetdhcp.exe 2014-12-11 19:11:43 ----A---- C:\WINDOWS\SYSWOW64\vmnat.exe 2014-12-11 19:11:43 ----A---- C:\WINDOWS\system32\drivers\vmnetuserif.sys 2014-12-11 19:11:41 ----A---- C:\WINDOWS\system32\vnetlib64.dll 2014-12-11 19:11:40 ----A---- C:\WINDOWS\system32\drivers\hcmon.sys 2014-12-11 19:11:36 ----D---- C:\Program Files\Common Files\VMware 2014-12-11 19:11:36 ----A---- C:\WINDOWS\SYSWOW64\PerfStringBackup.INI 2014-12-11 19:11:13 ----D---- C:\ProgramData\VMware 2014-12-11 19:11:13 ----D---- C:\Program Files (x86)\VMware 2014-12-10 19:31:05 ----D---- C:\WINDOWS\system32\appraiser 2014-12-10 10:48:34 ----D---- C:\ProgramData\Microsoft Team Foundation Local Workspaces 2014-12-10 05:55:30 ----A---- C:\WINDOWS\SYSWOW64\DeviceSetupStatusProvider.dll 2014-12-10 05:55:30 ----A---- C:\WINDOWS\system32\DeviceSetupStatusProvider.dll 2014-12-10 05:55:22 ----A---- C:\WINDOWS\system32\crypt32.dll 2014-12-10 05:55:21 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll 2014-12-10 05:53:04 ----A---- C:\WINDOWS\system32\mshtml.dll 2014-12-10 05:53:03 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2014-12-10 05:53:02 ----A---- C:\WINDOWS\system32\ieframe.dll 2014-12-10 05:53:01 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2014-12-10 05:53:01 ----A---- C:\WINDOWS\system32\wininet.dll 2014-12-10 05:53:01 ----A---- C:\WINDOWS\system32\jscript9.dll 2014-12-10 05:53:00 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll 2014-12-10 05:53:00 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll 2014-12-10 05:53:00 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll 2014-12-10 05:53:00 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll 2014-12-10 05:53:00 ----A---- C:\WINDOWS\system32\urlmon.dll 2014-12-10 05:53:00 ----A---- C:\WINDOWS\system32\iertutil.dll 2014-12-10 05:52:59 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll 2014-12-10 05:52:59 ----A---- C:\WINDOWS\system32\ieapfltr.dll 2014-12-10 05:52:58 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll 2014-12-10 05:52:58 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll 2014-12-10 05:52:58 ----A---- C:\WINDOWS\system32\msfeeds.dll 2014-12-10 05:52:57 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll 2014-12-10 05:52:57 ----A---- C:\WINDOWS\system32\vbscript.dll 2014-12-10 05:52:57 ----A---- C:\WINDOWS\system32\iedkcs32.dll 2014-12-10 05:52:57 ----A---- C:\WINDOWS\system32\ie4uinit.exe 2014-12-10 05:52:56 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll 2014-12-10 05:52:56 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll 2014-12-10 05:52:56 ----A---- C:\WINDOWS\system32\webcheck.dll 2014-12-10 05:52:56 ----A---- C:\WINDOWS\system32\MshtmlDac.dll 2014-12-10 05:52:56 ----A---- C:\WINDOWS\system32\iepeers.dll 2014-12-10 05:52:56 ----A---- C:\WINDOWS\system32\dxtrans.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\system32\mshtmled.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\system32\jscript.dll 2014-12-10 05:52:55 ----A---- C:\WINDOWS\system32\inetcomm.dll 2014-12-10 05:52:09 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll 2014-12-10 05:52:09 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll 2014-12-10 05:52:05 ----A---- C:\WINDOWS\system32\invagent.dll 2014-12-10 05:52:05 ----A---- C:\WINDOWS\system32\generaltel.dll 2014-12-10 05:52:05 ----A---- C:\WINDOWS\system32\appraiser.dll 2014-12-10 05:52:05 ----A---- C:\WINDOWS\system32\aepic.dll 2014-12-10 05:52:05 ----A---- C:\WINDOWS\system32\aeinv.dll 2014-12-10 05:52:04 ----A---- C:\WINDOWS\system32\devinv.dll 2014-12-10 05:52:04 ----A---- C:\WINDOWS\system32\aepdu.dll 2014-12-10 05:52:02 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll 2014-12-10 05:52:02 ----A---- C:\WINDOWS\system32\MrmCoreR.dll 2014-12-10 05:51:41 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys 2014-12-10 05:51:41 ----AC---- C:\WINDOWS\system32\drivers\intelpep.sys 2014-12-10 05:51:41 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys 2014-12-10 05:51:41 ----A---- C:\WINDOWS\system32\drivers\pdc.sys 2014-12-10 05:51:32 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe 2014-12-10 05:51:32 ----A---- C:\WINDOWS\system32\poqexec.exe 2014-12-09 08:56:28 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\com.adobe.dmp.contentviewer 2014-12-09 08:56:26 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2014-12-07 13:46:03 ----D---- C:\Program Files\Speccy 2014-12-05 13:22:38 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\Pencil 2014-12-05 13:22:38 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\Mozilla 2014-12-05 13:20:01 ----D---- C:\Program Files (x86)\Evolus 2014-12-04 08:03:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-12-04 08:03:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll 2014-12-04 08:03:21 ----A---- C:\WINDOWS\system32\mfcore.dll 2014-12-04 08:03:20 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll 2014-12-04 08:03:20 ----A---- C:\WINDOWS\system32\gpsvc.dll 2014-12-04 08:03:19 ----A---- C:\WINDOWS\system32\wlansvc.dll 2014-12-04 08:03:19 ----A---- C:\WINDOWS\system32\d3d10warp.dll 2014-12-04 08:03:18 ----A---- C:\WINDOWS\system32\workfolderssvc.dll 2014-12-04 08:03:18 ----A---- C:\WINDOWS\system32\Windows.Media.dll 2014-12-04 08:03:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll 2014-12-04 08:03:16 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL 2014-12-04 08:03:15 ----A---- C:\WINDOWS\system32\SRH.dll 2014-12-04 08:03:15 ----A---- C:\WINDOWS\system32\printui.dll 2014-12-04 08:03:15 ----A---- C:\WINDOWS\system32\drivers\srv.sys 2014-12-04 08:03:15 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys 2014-12-04 08:03:14 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL 2014-12-04 08:03:14 ----A---- C:\WINDOWS\system32\drivers\srv2.sys 2014-12-04 08:03:13 ----A---- C:\WINDOWS\system32\XpsPrint.dll 2014-12-04 08:03:13 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll 2014-12-04 08:03:12 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll 2014-12-04 08:03:12 ----A---- C:\WINDOWS\SYSWOW64\printui.dll 2014-12-04 08:03:12 ----A---- C:\WINDOWS\system32\wlanmsm.dll 2014-12-04 08:03:11 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll 2014-12-04 08:03:11 ----A---- C:\WINDOWS\system32\srvsvc.dll 2014-12-04 08:03:11 ----A---- C:\WINDOWS\system32\spoolsv.exe 2014-12-04 08:03:10 ----AC---- C:\WINDOWS\system32\drivers\usbccgp.sys 2014-12-04 08:03:10 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll 2014-12-04 08:03:10 ----A---- C:\WINDOWS\system32\SHCore.dll 2014-12-04 08:03:09 ----A---- C:\WINDOWS\SYSWOW64\mftranscode.dll 2014-12-04 08:03:09 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll 2014-12-04 08:03:09 ----A---- C:\WINDOWS\system32\storagewmi.dll 2014-12-04 08:03:08 ----AC---- C:\WINDOWS\system32\drivers\spaceport.sys 2014-12-04 08:03:08 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll 2014-12-04 08:03:08 ----A---- C:\WINDOWS\system32\mftranscode.dll 2014-12-04 08:03:08 ----A---- C:\WINDOWS\system32\mfplat.dll 2014-12-04 08:03:08 ----A---- C:\WINDOWS\system32\comdlg32.dll 2014-12-04 08:03:08 ----A---- C:\WINDOWS\system32\AppxPackaging.dll 2014-12-04 08:03:07 ----A---- C:\WINDOWS\system32\winload.exe 2014-12-04 08:03:07 ----A---- C:\WINDOWS\system32\usbmon.dll 2014-12-04 08:03:07 ----A---- C:\WINDOWS\system32\netcfgx.dll 2014-12-04 08:03:06 ----AC---- C:\WINDOWS\system32\drivers\volsnap.sys 2014-12-04 08:03:06 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll 2014-12-04 08:03:06 ----A---- C:\WINDOWS\system32\wisp.dll 2014-12-04 08:03:06 ----A---- C:\WINDOWS\system32\defragsvc.dll 2014-12-04 08:03:06 ----A---- C:\WINDOWS\system32\aclui.dll 2014-12-04 08:03:05 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll 2014-12-04 08:03:05 ----A---- C:\WINDOWS\system32\wsecedit.dll 2014-12-04 08:03:05 ----A---- C:\WINDOWS\system32\winresume.exe 2014-12-04 08:03:04 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll 2014-12-04 08:03:04 ----A---- C:\WINDOWS\system32\wpdbusenum.dll 2014-12-04 08:03:04 ----A---- C:\WINDOWS\system32\winmmbase.dll 2014-12-04 08:03:04 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll 2014-12-04 08:03:04 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys 2014-12-04 08:03:04 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys 2014-12-04 08:03:04 ----A---- C:\WINDOWS\system32\drivers\ks.sys 2014-12-04 08:03:03 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys 2014-12-04 08:03:03 ----A---- C:\WINDOWS\SYSWOW64\mfreadwrite.dll 2014-12-04 08:03:03 ----A---- C:\WINDOWS\system32\mfreadwrite.dll 2014-12-04 08:03:03 ----A---- C:\WINDOWS\system32\conhost.exe 2014-12-04 08:03:02 ----A---- C:\WINDOWS\SYSWOW64\winmmbase.dll 2014-12-04 08:03:02 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll 2014-12-04 08:03:02 ----A---- C:\WINDOWS\system32\WorkFoldersGPExt.dll 2014-12-04 08:03:02 ----A---- C:\WINDOWS\system32\VAN.dll 2014-12-04 08:03:02 ----A---- C:\WINDOWS\system32\SettingSync.dll 2014-12-04 08:03:02 ----A---- C:\WINDOWS\system32\clusapi.dll 2014-12-04 08:03:02 ----A---- C:\WINDOWS\system32\AppxSip.dll 2014-12-04 08:03:01 ----A---- C:\WINDOWS\SYSWOW64\wisp.dll 2014-12-04 08:03:01 ----A---- C:\WINDOWS\SYSWOW64\aclui.dll 2014-12-04 08:03:01 ----A---- C:\WINDOWS\system32\SndVol.exe 2014-12-04 08:03:01 ----A---- C:\WINDOWS\system32\osk.exe 2014-12-04 08:03:00 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll 2014-12-04 08:03:00 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll 2014-12-04 08:02:59 ----AC---- C:\WINDOWS\system32\drivers\hdaudbus.sys 2014-12-04 08:02:59 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll 2014-12-04 08:02:59 ----A---- C:\WINDOWS\system32\winmm.dll 2014-12-04 08:02:59 ----A---- C:\WINDOWS\system32\Windows.Networking.dll 2014-12-04 08:02:59 ----A---- C:\WINDOWS\system32\mfps.dll 2014-12-04 08:02:59 ----A---- C:\WINDOWS\system32\drivers\NdisImPlatform.sys 2014-12-04 08:02:59 ----A---- C:\WINDOWS\system32\drivers\ndis.sys 2014-12-04 08:02:59 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys 2014-12-04 08:02:58 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll 2014-12-04 08:02:58 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll 2014-12-04 08:02:58 ----A---- C:\WINDOWS\system32\twinapi.dll 2014-12-04 08:02:58 ----A---- C:\WINDOWS\system32\GdiPlus.dll 2014-12-04 08:02:58 ----A---- C:\WINDOWS\system32\dwmapi.dll 2014-12-04 08:02:57 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll 2014-12-04 08:02:57 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll 2014-12-04 08:02:57 ----A---- C:\WINDOWS\system32\gpedit.dll 2014-12-04 08:02:57 ----A---- C:\WINDOWS\system32\Display.dll 2014-12-04 08:02:56 ----A---- C:\WINDOWS\SYSWOW64\winmm.dll 2014-12-04 08:02:56 ----A---- C:\WINDOWS\system32\profsvc.dll 2014-12-04 08:02:56 ----A---- C:\WINDOWS\system32\iasnap.dll 2014-12-04 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll 2014-12-04 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\VAN.dll 2014-12-04 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\SndVol.exe 2014-12-04 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll 2014-12-04 08:02:55 ----A---- C:\WINDOWS\SYSWOW64\Display.dll 2014-12-04 08:02:55 ----A---- C:\WINDOWS\system32\WebClnt.dll 2014-12-04 08:02:54 ----AC---- C:\WINDOWS\system32\drivers\pci.sys 2014-12-04 08:02:54 ----A---- C:\WINDOWS\system32\mispace.dll 2014-12-04 08:02:53 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll 2014-12-04 08:02:53 ----A---- C:\WINDOWS\system32\wcmcsp.dll 2014-12-04 08:02:53 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2014-12-04 08:02:53 ----A---- C:\WINDOWS\system32\stobject.dll 2014-12-04 08:02:53 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys 2014-12-04 08:02:53 ----A---- C:\WINDOWS\system32\dab.dll 2014-12-04 08:02:53 ----A---- C:\WINDOWS\system32\AppxSysprep.dll 2014-12-04 08:02:52 ----A---- C:\WINDOWS\SYSWOW64\iasnap.dll 2014-12-04 08:02:52 ----A---- C:\WINDOWS\system32\wwanconn.dll 2014-12-04 08:02:51 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll 2014-12-04 08:02:51 ----A---- C:\WINDOWS\SYSWOW64\gpedit.dll 2014-12-04 08:02:51 ----A---- C:\WINDOWS\system32\wlanapi.dll 2014-12-04 08:02:51 ----A---- C:\WINDOWS\system32\rsaenh.dll 2014-12-04 08:02:51 ----A---- C:\WINDOWS\system32\ActionCenter.dll 2014-12-04 08:02:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.dll 2014-12-04 08:02:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll 2014-12-04 08:02:50 ----A---- C:\WINDOWS\SYSWOW64\osk.exe 2014-12-04 08:02:50 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll 2014-12-04 08:02:50 ----A---- C:\WINDOWS\system32\wshbth.dll 2014-12-04 08:02:49 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll 2014-12-04 08:02:49 ----A---- C:\WINDOWS\system32\wlansvcpal.dll 2014-12-04 08:02:49 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2014-12-04 08:02:49 ----A---- C:\WINDOWS\system32\PrintDialogs.dll 2014-12-04 08:02:49 ----A---- C:\WINDOWS\system32\browser.dll 2014-12-04 08:02:48 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll 2014-12-04 08:02:48 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll 2014-12-04 08:02:48 ----A---- C:\WINDOWS\SYSWOW64\KBDRUM.DLL 2014-12-04 08:02:48 ----A---- C:\WINDOWS\SYSWOW64\ActionCenter.dll 2014-12-04 08:02:48 ----A---- C:\WINDOWS\system32\KBDRUM.DLL 2014-12-04 08:02:48 ----A---- C:\WINDOWS\system32\Defrag.exe 2014-12-04 08:02:47 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll 2014-12-04 08:02:47 ----A---- C:\WINDOWS\system32\KBDYAK.DLL 2014-12-04 08:02:47 ----A---- C:\WINDOWS\system32\KBDRU1.DLL 2014-12-04 08:02:47 ----A---- C:\WINDOWS\system32\KBDRU.DLL 2014-12-04 08:02:47 ----A---- C:\WINDOWS\system32\KBDBASH.DLL 2014-12-04 08:02:46 ----A---- C:\WINDOWS\SYSWOW64\KBDYAK.DLL 2014-12-04 08:02:46 ----A---- C:\WINDOWS\SYSWOW64\KBDRU1.DLL 2014-12-04 08:02:46 ----A---- C:\WINDOWS\SYSWOW64\KBDRU.DLL 2014-12-04 08:02:46 ----A---- C:\WINDOWS\SYSWOW64\KBDBASH.DLL 2014-12-04 08:02:46 ----A---- C:\WINDOWS\system32\BluetoothApis.dll 2014-12-04 08:02:44 ----AC---- C:\WINDOWS\system32\drivers\bthpan.sys 2014-12-04 08:02:44 ----A---- C:\WINDOWS\SYSWOW64\PrintDialogs.dll 2014-12-04 08:02:44 ----A---- C:\WINDOWS\SYSWOW64\KBDTAT.DLL 2014-12-04 08:02:44 ----A---- C:\WINDOWS\system32\wwanmm.dll 2014-12-04 08:02:44 ----A---- C:\WINDOWS\system32\SndVolSSO.dll 2014-12-04 08:02:44 ----A---- C:\WINDOWS\system32\KBDTAT.DLL 2014-12-04 08:02:43 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll 2014-12-04 08:02:43 ----A---- C:\WINDOWS\system32\wlansec.dll 2014-12-04 08:02:42 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2014-12-04 08:02:41 ----A---- C:\WINDOWS\SYSWOW64\KBDTT102.DLL 2014-12-04 08:02:41 ----A---- C:\WINDOWS\system32\KBDTT102.DLL ======List of files/folders modified in the last 1 month====== 2015-01-03 14:15:47 ----D---- C:\WINDOWS\Temp 2015-01-03 14:15:45 ----RD---- C:\Program Files 2015-01-03 14:15:40 ----D---- C:\WINDOWS\Prefetch 2015-01-03 13:00:00 ----D---- C:\WINDOWS\system32\sru 2015-01-03 12:07:13 ----D---- C:\WINDOWS\Microsoft.NET 2015-01-03 08:27:15 ----D---- C:\WINDOWS\AppReadiness 2015-01-02 16:54:19 ----RD---- C:\WINDOWS\System32 2015-01-02 15:01:36 ----D---- C:\WINDOWS\Inf 2015-01-02 07:33:51 ----D---- C:\WINDOWS\system32\wdi 2014-12-31 23:04:51 ----D---- C:\WINDOWS\rescache 2014-12-31 16:56:29 ----D---- C:\WINDOWS\system32\config 2014-12-31 16:55:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-31 16:42:12 ----SHD---- C:\WINDOWS\Installer 2014-12-31 16:42:12 ----D---- C:\ProgramData\Package Cache 2014-12-31 16:36:39 ----RSD---- C:\WINDOWS\Fonts 2014-12-31 16:36:38 ----D---- C:\Program Files (x86)\MSBuild 2014-12-31 16:30:10 ----D---- C:\Program Files\SharePoint Client Components 2014-12-31 16:30:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft 2014-12-31 16:30:05 ----D---- C:\WINDOWS\CbsTemp 2014-12-31 16:29:45 ----D---- C:\Program Files\Microsoft SQL Server 2014-12-31 16:29:42 ----D---- C:\WINDOWS\SysWOW64 2014-12-31 16:29:42 ----D---- C:\Program Files (x86)\Microsoft SQL Server 2014-12-31 16:29:32 ----D---- C:\Program Files\Common Files\microsoft shared 2014-12-31 16:28:46 ----D---- C:\Program Files (x86)\Application Verifier 2014-12-31 16:28:45 ----D---- C:\Program Files\Application Verifier 2014-12-31 16:28:39 ----D---- C:\ProgramData\Windows App Certification Kit 2014-12-31 16:19:16 ----D---- C:\Program Files (x86)\Microsoft Web Tools 2014-12-31 16:17:20 ----D---- C:\Program Files (x86)\IIS Express 2014-12-31 16:17:16 ----D---- C:\Program Files\IIS Express 2014-12-31 16:16:47 ----RD---- C:\Program Files (x86) 2014-12-31 16:16:47 ----HD---- C:\ProgramData 2014-12-31 16:16:42 ----RD---- C:\WINDOWS\assembly 2014-12-31 16:08:21 ----D---- C:\WINDOWS\SYSWOW64\1033 2014-12-31 16:05:51 ----D---- C:\Program Files (x86)\HTML Help Workshop 2014-12-31 16:05:49 ----D---- C:\Program Files (x86)\Common Files 2014-12-31 16:04:49 ----D---- C:\WINDOWS\system32\1033 2014-12-31 16:04:42 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 12.0 2014-12-31 15:58:35 ----D---- C:\Windows 2014-12-31 15:57:33 ----SHD---- C:\System Volume Information 2014-12-30 22:03:38 ----D---- C:\WINDOWS\WinSxS 2014-12-30 21:47:17 ----D---- C:\WINDOWS\system32\wbem 2014-12-30 21:47:17 ----D---- C:\WINDOWS\system32\nl-NL 2014-12-30 21:47:17 ----D---- C:\WINDOWS\system32\migration 2014-12-30 21:47:17 ----D---- C:\WINDOWS\system32\drivers\nl-NL 2014-12-30 21:47:17 ----D---- C:\WINDOWS\system32\drivers\en-US 2014-12-30 21:47:17 ----D---- C:\WINDOWS\system32\drivers 2014-12-30 21:47:16 ----D---- C:\WINDOWS\schemas 2014-12-30 18:48:15 ----D---- C:\WINDOWS\system32\Tasks 2014-12-30 11:43:35 ----D---- C:\WINDOWS\system32\DriverStore 2014-12-30 10:24:34 ----SD---- C:\Users\Stephane Delhove\AppData\Roaming\Microsoft 2014-12-30 10:24:34 ----SD---- C:\ProgramData\Microsoft 2014-12-30 10:16:53 ----D---- C:\ProgramData\Microsoft Help 2014-12-29 17:27:34 ----D---- C:\WINDOWS\system32\NDF 2014-12-29 13:30:54 ----D---- C:\WINDOWS\debug 2014-12-22 12:55:39 ----DC---- C:\WINDOWS\Panther 2014-12-22 12:55:37 ----D---- C:\WINDOWS\Logs 2014-12-22 11:08:58 ----HD---- C:\WINDOWS\system32\GroupPolicy 2014-12-22 11:08:44 ----D---- C:\Program Files\Common Files 2014-12-18 08:05:12 ----HD---- C:\Program Files\WindowsApps 2014-12-14 11:45:17 ----D---- C:\Program Files\Microsoft Silverlight 2014-12-14 11:45:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-12-13 12:13:02 ----SHD---- C:\$Recycle.Bin 2014-12-11 19:11:33 ----D---- C:\WINDOWS\SYSWOW64\drivers 2014-12-11 00:05:37 ----D---- C:\WINDOWS\system32\catroot 2014-12-10 19:31:05 ----SD---- C:\WINDOWS\system32\CompatTel 2014-12-10 19:31:05 ----D---- C:\WINDOWS\SYSWOW64\nl-NL 2014-12-10 19:31:05 ----D---- C:\WINDOWS\PolicyDefinitions 2014-12-10 19:31:05 ----D---- C:\Program Files\Internet Explorer 2014-12-10 19:31:05 ----D---- C:\Program Files (x86)\Internet Explorer 2014-12-10 06:53:19 ----D---- C:\WINDOWS\system32\sr-Latn-RS 2014-12-10 06:53:19 ----D---- C:\WINDOWS\system32\sr-Latn-CS 2014-12-10 06:52:02 ----D---- C:\WINDOWS\system32\MRT 2014-12-10 06:51:17 ----A---- C:\WINDOWS\system32\MRT.exe 2014-12-10 05:48:36 ----D---- C:\WINDOWS\system32\catroot2 2014-12-06 11:29:07 ----RD---- C:\WINDOWS\ToastData 2014-12-06 11:29:06 ----D---- C:\WINDOWS\SYSWOW64\wbem 2014-12-06 11:29:06 ----D---- C:\WINDOWS\SYSWOW64\setup 2014-12-06 11:29:06 ----D---- C:\Program Files\Windows Journal 2014-12-06 11:29:05 ----RD---- C:\WINDOWS\ImmersiveControlPanel 2014-12-06 11:29:05 ----D---- C:\WINDOWS\system32\setup 2014-12-06 11:29:05 ----D---- C:\WINDOWS\system32\oobe 2014-12-06 11:29:05 ----D---- C:\WINDOWS\system32\Boot 2014-12-06 11:29:04 ----D---- C:\WINDOWS\SYSWOW64\InputMethod 2014-12-06 11:29:04 ----D---- C:\WINDOWS\apppatch 2014-12-06 11:29:03 ----D---- C:\Program Files\Windows Defender 2014-12-06 11:29:03 ----D---- C:\Program Files (x86)\Windows Defender 2014-12-04 17:23:25 ----D---- C:\Users\Stephane Delhove\AppData\Roaming\Adobe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2014-12-15 60968] R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2014-12-15 48168] R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-11-21 632168] R0 Thpevm;@oem22.inf,%Thpevm.SvcDesc%;TOSHIBA HDD Protection - Shock Sensor Driver; C:\WINDOWS\System32\drivers\Thpevm.SYS [2012-06-25 18304] R0 TVALZ;@oem11.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [2013-08-15 32832] R0 vmci;@oem32.inf,%vmci.Service.DispName%;VMware VMCI Bus Driver; C:\WINDOWS\System32\drivers\vmci.sys [2013-10-08 85584] R0 vsock;vSockets Driver; C:\WINDOWS\system32\drivers\vsock.sys [2013-10-08 73296] R1 AFW;@oem47.inf,%AfwDescriptionFree%;Agnitum Firewall Driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2014-10-28 41680] R1 BdAgent;BullGuard Security Agent; C:\WINDOWS\system32\DRIVERS\BdAgent.sys [2014-10-28 117184] R1 BdSpy;BdSpy; C:\WINDOWS\system32\drivers\BdSpy.sys [2014-10-28 67680] R1 EUDSKACS;EUDSKACS; \??\C:\WINDOWS\system32\drivers\eudskacs.sys [2014-12-15 18472] R1 EUFDDISK;EUFDDISK; \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys [2014-12-15 192040] R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\WINDOWS\system32\DRIVERS\NSKernel.sys [2014-10-28 260336] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680] R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys [2014-02-27 54464] R2 VMnetBridge;@oem30.inf,%VMware_Desc%;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2014-10-29 46160] R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys [2014-10-29 31448] R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\drivers\vmx86.sys [2014-10-29 64728] R2 vstor2-mntapi20-shared;Vstor2 MntApi 2.0 Driver (shared); C:\WINDOWS\SysWOW64\drivers\vstor2-mntapi20-shared.sys [2013-02-22 33872] R3 afwcore;afwcore; C:\WINDOWS\system32\DRIVERS\afwcore.sys [2014-10-28 469712] R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2014-04-05 13938688] R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2014-04-05 628224] R3 BdNet;BdNet; C:\WINDOWS\system32\DRIVERS\BdNet.sys [2014-10-28 34384] R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248] R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304] R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920] R3 ibtusb;@oem18.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2013-10-18 142280] R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-22 4221440] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-02-11 3864152] R3 iwdbus;@oem44.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032] R3 MEIx64;@oem40.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-09 100312] R3 NdisImPlatformMp;@%SystemRoot%\System32\drivers\ndisimplatform.sys,-531; C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys [2014-07-24 126464] R3 NETwNb64;@oem14.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless adapter stuurprogramma onder Windows 8.1 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwbw02.sys [2013-12-24 3609568] R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424] R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-11-26 838872] R3 RTSPER;@oem21.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2014-02-21 466648] R3 SensorsSimulatorDriver;@oem35.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840] R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2014-01-23 31472] R3 SynTP;@oem26.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2014-09-11 541424] R3 Thotkey;@oem8.inf,%Thotkey%;Toshiba Hotkey Driver; C:\WINDOWS\System32\drivers\Thotkey.sys [2013-10-10 33168] R3 tosrfec;@oem25.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\WINDOWS\System32\drivers\tosrfec.sys [2013-11-01 27032] R3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2014-10-28 350160] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224] R3 VMnetAdapter;@oem31.inf,%VMnetAdapter.Service.DispName%;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2014-10-29 20560] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-07-24 1200640] S3 cpuz136;cpuz136; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [2013-08-24 25320] S3 DrvAgent64;DrvAgent64; \??\C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS [2014-12-03 21712] S3 intaud_WaveExtensible;@oem43.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296] S3 IntcDAud;@oem41.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-01-22 450520] S3 VMSMP;VMSMP; C:\WINDOWS\system32\DRIVERS\vmswitch.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2014-04-05 240128] R2 BsBackup;BullGuard backup service; C:\WINDOWS\System32\SvcHost.exe [2013-08-22 37768] R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [2014-12-22 601424] R2 BsCache;BullGuard cache service; C:\WINDOWS\System32\SvcHost.exe [2013-08-22 37768] R2 BsFileScan;BullGuard on-access service; C:\WINDOWS\System32\SvcHost.exe [2013-08-22 37768] R2 BsFire;BullGuard firewall service; C:\WINDOWS\System32\SvcHost.exe [2013-08-22 37768] R2 BsMailProxy;BullGuard e-mail monitoring service; C:\WINDOWS\System32\SvcHost.exe [2013-08-22 37768] R2 BsMain;BullGuard Main Service; C:\WINDOWS\System32\SvcHost.exe [2013-08-22 37768] R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2014-12-22 280912] R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2014-12-22 384336] R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-11-12 2449592] R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2014-12-15 37416] R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc); C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [2013-01-01 14760] R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024] R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [2014-10-29 86744] R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\syswow64\vmnetdhcp.exe [2014-10-29 359128] R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2014-02-27 906432] R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\syswow64\vmnat.exe [2014-10-29 437976] R2 VMwareHostd;VMware Workstation Server; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2014-10-29 14407384] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30 107912] S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784] S3 c2wts;@%ProgramFiles%\Windows Identity Foundation\v3.5\c2wtsres.dll,-1000; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2014-11-30 5632] S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-03-03 279024] S3 fussvc;Windows App Certification Kit Fast User Switching Utility Service; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [2013-08-22 142336] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-30 107912] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760] S3 Te.Service;Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [2013-08-22 119808] S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-04 87728] -----------------EOF-----------------