
Zoek.exe v5.0.0.0 Updated 15-March-2015
Tool run by Merino on ma 16-03-2015 at 15:55:14,24.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Merino\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-03-15-205458.log	72488 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2896240718-758397467-3794550951-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\Merino\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\Merino\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Microsoft Office\Office15\WINWORD.EXE

==== Deleting Services ======================


==== System Specs ======================

Operating System: Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 64-bits
Manufacturer: Hewlett-Packard - Model: HP Pavilion dv6 Notebook PC
Install Date: 25-10-2014 20:53:40
Last Boot: 16-3-2015 13:43:46
Processor: Intel(R) Pentium(R) CPU        P6000  @ 1.87GHz
Number of Processors: 2
Work Station
Bootmode: Normal boot
Total RAM: 2933 MB (free 1587 MB - 54)
Computername: MERINO666
Domain: WORKGROUP
User: Merino (Administrator account)
Local Disk:        C:\ - NTFS - 276 GB (free 140 GB)
Local Disk:        D:\ - NTFS - 21 GB (free 3 GB)
Local Disk:        E:\ - FAT32 - 0 GB (free 0 GB)
CD \ DVD Drive:    F:\ 
Bootdevice: \Device\HarddiskVolume1
Windows update: 
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2015 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2015 disabled (Outdated)
Default Browser: Google Chrome	41.0.2272.89
Internet Explorer Version: 11.0.9600.17691 
Google Chrome version: 41.0.2272.89
Adobe Reader version: 9.1.0.2009022700
Sun Java version: 1.8.0_40 (32-bit) 
Sun Java version: 1.8.0_40 (64-bit) 
Flash Player version: 16.0.0.305
Shockwave Player version: 12.1.3r153

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-03-11 19:27:40	E185BDA84E5F03F4E1D8DCA30E209277	1912	----a-w-	C:\Windows\epplauncher.mif
2015-03-09 20:00:58	E1F7FF4B6267FD7D0386CFF23FC8EA35	268196896	----a-w-	C:\Windows\MEMORY.DMP
====== C:\Users\Merino\AppData\Local\Temp ====
2015-03-15 20:55:34	12C0789B30AD2425D9F5B63FFFAAEEA6	43008	----a-w-	C:\Users\Merino\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6z_ygd.dll
====== Java Cache =====
2015-03-16 14:48:28	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Merino\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-37e4fa3f
2015-03-16 14:48:18	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Merino\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-5f849014
2015-03-16 14:48:18	8A55C63244D3516E9741BECBBE55B9EA	424	----a-w-	C:\Users\Merino\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-03-16 14:48:13	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Merino\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-532a3c72
2015-03-16 14:48:18	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Merino\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-30dc48fd
====== C:\Windows\SysWOW64 =====
2015-03-11 19:36:26	340EECB781E6C06A6171B3068DA208AD	12875264	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-03-11 19:36:23	965D6A2B30A95A9F7EF13653988D3D9F	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-03-11 19:36:22	ABB358777FDF4AF51B2FE26137D2B8D4	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-03-11 19:36:22	55273844B66D77A2F1A2213C17A9EA4A	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-03-11 19:36:22	274F0540FD4C88FC845C94CA1569688A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-03-11 19:36:22	01D9C9A70323BC7E5835B92442DD7EC2	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-03-11 19:36:03	003C51B9FE38287BA4E0E58D3AE080BD	744960	----a-w-	C:\Windows\SysWOW64\blackbox.dll
2015-03-11 19:36:02	DCC148408770F2D55B201F8FC26438A1	988160	----a-w-	C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 19:35:58	833FCABCB5D95B1911BA6E62FC82AC04	617984	----a-w-	C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 19:35:58	5B0C6247027FCF5A2E2F150E298D2FFA	3209728	----a-w-	C:\Windows\SysWOW64\mf.dll
2015-03-11 19:35:57	B378B6A865C28CE5C1E23C35760A1199	11411968	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-03-11 19:35:53	BB73C907D1BD437B6C30F2C23BB089FC	406016	----a-w-	C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 19:35:53	74264B7F57A16D25CB581C07964D324A	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-03-11 19:35:51	49474B3E37969AF4B5C076F42B623AFF	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 19:35:50	6C2D4DC5D2E271F4AE4016FD4587B0B2	3973048	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 19:35:49	D5EC42139D6A6158CF188975C50B6A60	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-03-11 19:35:49	2CFE69A0A8AFDA8DB9A773D728000BB7	3917760	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 19:35:48	96DB6A923DEDB58FC7CBBF5CFF73314D	1329664	----a-w-	C:\Windows\SysWOW64\quartz.dll
2015-03-11 19:35:48	2D4814D567E5A85C473228BA772A7AFB	489984	----a-w-	C:\Windows\SysWOW64\evr.dll
2015-03-11 19:35:47	98C1191C862B44567FCF3C18BAEE859E	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2015-03-11 19:35:46	C5667EE72D7364BE81516C0707FEF724	354816	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2015-03-11 19:35:46	B7D2BB84C590F0AE9DA51DBB065A780E	1005056	----a-w-	C:\Windows\SysWOW64\cryptui.dll
2015-03-11 19:35:46	B54FD1991E659FD61EF1D34EC27AAECD	81408	----a-w-	C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 19:35:40	70E96EBE87A38857619671FCB9C8EC7B	265216	----a-w-	C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 19:35:40	3BAA4BAE71460C5CEB40D5E9339A61BC	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 19:35:40	320A8699369C43CF53B2DB4538D17C52	504320	----a-w-	C:\Windows\SysWOW64\msscp.dll
2015-03-11 19:35:39	AF47EAA4ADDA9AA221FB7647EE22BF53	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2015-03-11 19:35:39	2D21189858856316D55EAD55DF4964C2	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 19:35:39	08FF727297A97907AADED4BA86CF44E9	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 19:35:38	A56F4029FDCF4F817E78953CDA953E28	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 19:35:38	49F4EE8DF752CFA159B99046CD1FDD2B	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 19:35:37	E0AB9CA912398BE1AAD14FF7AD75C397	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2015-03-11 19:35:36	A4A2EFB40015B76467F09E6DC388BC26	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-03-11 19:35:36	50B8937A81360D16A5C772302BD32CFE	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 19:35:35	FCD5137A10C8943B34C9BE891C50159F	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 19:35:35	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 19:35:35	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 19:35:35	8B07DBA0D77346545C6359AC67DCB980	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-03-11 19:35:35	2F3CE58D8C276570EEB69C99CFBAFD58	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2015-03-11 19:35:34	7C1CADCA0E674212412559B0EAD0919A	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 19:34:13	B804EAA9E037580F96C22537C2ECB62A	171520	----a-w-	C:\Windows\SysWOW64\ubpm.dll
2015-03-11 19:34:05	D5063B86DC3F85B93D02AF68099F4C9A	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-03-11 19:34:05	69925A266D265DAD96C6FCBB861FA5CD	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-03-11 19:34:04	C7D334A01C66BF07B92D04CD7A981B7F	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 19:34:04	B06A4105DD22E91A1D922D7310803140	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 19:34:04	ACD0CA819E279E1C17BE5C8A077EF448	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-03-11 19:34:04	84974782ED5D108DA2EFAF3C6534A760	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-03-11 19:34:04	7A71DA6D6F75AB73475128F787DD8EAD	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 19:34:04	7407DDA27838C393DE67A0BDCDD044D0	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-03-11 19:34:04	5E76C26CAE2810EA71C161ED9A2CF0D1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-03-11 19:34:04	4E15E2D20AE755FDEACD96F359F732DB	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-03-11 19:34:04	30F5B3E28636009A0B194057AAE4392A	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-03-11 19:34:04	04934912B1317F2F8816208067A32B96	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-03-11 19:34:04	0485899A035E02C53014C0545D912405	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-03-11 19:33:47	84B460BB65567ED42DD605FA044DB370	828928	----a-w-	C:\Windows\SysWOW64\msctf.dll
2015-03-11 19:33:44	5F3628DCF926C4499BE1DC74431DFBC8	1230848	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 19:26:21	FDF0B4DC83627A859D18EE439B8E5A26	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 19:26:21	B8445B89D0EA5C2575C98EA7BD180C5C	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-03-11 19:26:21	6108ED659B5962DE73DACB3B04D86ED3	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 19:26:21	00F39165D6D14302618C20CDD7BB213A	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 19:26:19	B35C35C55FED3DD7F995C77F63CBC29B	1311232	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-03-11 19:26:19	AD1BA932AC31D2BC8C9105DA59BEA6BE	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 19:26:19	AD13E719AE506AA0E0BB5D49E0D5B44A	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 19:26:19	8FDE1162C9DCF7B180AA702DD9EB6071	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 19:26:19	29EDBC5C381F1406A5262351E69BC87A	342696	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 19:26:18	95CB6079B3E62D4301958023C2070A48	19720192	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-03-11 19:26:17	BD838E2129623E8311720AA86C5DFBBF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-03-11 19:26:17	A41C85FDB2275FA9AAA821A118807FDB	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 19:26:17	08B30EB9751858C1C369E8775492D732	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 19:26:16	F5F730ED126DCFBEBDB9BB629BD482C4	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 19:26:16	A34897A1A39316BDECCA3E61986F98F2	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 19:26:16	988AB676FBF4484508BA134CAAB711EB	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 19:26:16	756B4F77945C61ADBE68150D7D2EC7A6	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 19:26:16	52B4DECDC70B8758380D37EA2CDD4254	2278400	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-03-11 19:26:15	E868396BC5F8957A9E39BD9A28EA814D	12827648	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-03-11 19:26:15	BA10D970EB39913357B224F4473D535B	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 19:26:15	AC35DA94A14679E8E515A44A8CF90804	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-03-11 19:26:13	02C0770DA3BE9231EFAF7185EE51020C	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 19:26:12	FC5FE9F2D140435FC95CB3EF6724EF0A	4300288	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-03-11 19:26:12	EA6EA6912F27F05C61D8D747517EB47E	1888256	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-03-11 19:26:12	BC9CE46C3F05CCC40F8F1EFC7E4B41C7	503296	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-03-11 19:26:12	B0B83B31853E15C619FDB91B64F8349A	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-03-11 19:25:06	9566C8BBD2271A7962D4432A624762AD	417792	----a-w-	C:\Windows\SysWOW64\WMPhoto.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-11 19:36:27	01F9FEB7F0C84EA1AC6A9B4D7C6B0435	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-03-11 19:36:23	F351B0E520502552734BE70AA5940784	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-03-11 19:36:23	1307814243F21EB129852D59B5AB37FB	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-03-11 19:36:22	DB0BD8B8D68D8211CA23FBE52DACE549	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-03-11 19:36:22	85D3E918658C2766780F7DEE5F8FBE57	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-03-11 19:36:22	39A108604F51821F6F4E2001E9A1CB60	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-03-11 19:36:03	DF6104DCED89E13A78BA5539CEF5100A	1202176	----a-w-	C:\Windows\Sysnative\drmv2clt.dll
2015-03-11 19:36:03	A53A63831185FF5339E76221BE45E6B9	842240	----a-w-	C:\Windows\Sysnative\blackbox.dll
2015-03-11 19:36:01	BD311BB00DD0D656C091AC8888C2369D	14632960	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-03-11 19:35:59	7F4D59E70DD6E757E96B40570B498D5C	782848	----a-w-	C:\Windows\Sysnative\wmdrmsdk.dll
2015-03-11 19:35:59	29143C7827F9F2AC543E792A8C63FBB0	4121600	----a-w-	C:\Windows\Sysnative\mf.dll
2015-03-11 19:35:58	FDA5F186596288F0B9ECE9DC7A5AA868	5554104	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-03-11 19:35:56	B2F02AB28864B6D5B5B9BEDA565D41BB	497664	----a-w-	C:\Windows\Sysnative\drmmgrtn.dll
2015-03-11 19:35:56	3FECBED0EACABD22E024EF4E50CF987B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-03-11 19:35:52	8DFDB70E3E56C2F1AE09CB3C03E266E5	1574400	----a-w-	C:\Windows\Sysnative\quartz.dll
2015-03-11 19:35:52	1CD76A83B9E8E9A5A3519B39E28354D9	187904	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-03-11 19:35:51	5FFEE6CA63E27CBA1F32002743E58F3C	631808	----a-w-	C:\Windows\Sysnative\evr.dll
2015-03-11 19:35:51	577D0B947B49DB83E2054FA169B2ECBF	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-03-11 19:35:49	410F6B1BE785F3630B4782F8E3D85A24	1069056	----a-w-	C:\Windows\Sysnative\cryptui.dll
2015-03-11 19:35:48	6AEEC5677AD522786CED371A7BEE620C	616360	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-03-11 19:35:48	3029D8E78E4BF18A0551E22CD4CB892C	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
2015-03-11 19:35:48	0BC72EA80234382701EAFC1BE0ECD7E4	432128	----a-w-	C:\Windows\Sysnative\mfplat.dll
2015-03-11 19:35:47	73D81B5B4B2655CB1B5662E770F755D5	532176	----a-w-	C:\Windows\Sysnative\winresume.exe
2015-03-11 19:35:46	F88B4A9EA1A956F09D5001D08B546228	641024	----a-w-	C:\Windows\Sysnative\msscp.dll
2015-03-11 19:35:46	DB2D62AA2DF6B1F3D690A9EC9701AA2C	188416	----a-w-	C:\Windows\Sysnative\pcasvc.dll
2015-03-11 19:35:46	94BC902494AFC9F5EBC5FBB61445D73F	82432	----a-w-	C:\Windows\Sysnative\cryptsp.dll
2015-03-11 19:35:45	7A4064169FBA91F39DB1FDC094A18DA8	619056	----a-w-	C:\Windows\Sysnative\winload.exe
2015-03-11 19:35:44	B7E752FFD95DC61FCB7A6E70E37175E5	693176	----a-w-	C:\Windows\Sysnative\winload.efi
2015-03-11 19:35:44	AE66D26930CA536706078537CB5AC840	325632	----a-w-	C:\Windows\Sysnative\msnetobj.dll
2015-03-11 19:35:43	72D4757510FDA69D729169C00AFC211E	32256	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2015-03-11 19:35:42	999A7FD4D9F8B1656F1167D94743E50A	457400	----a-w-	C:\Windows\Sysnative\ci.dll
2015-03-11 19:35:41	1BE9877B199184D7657BC4CFCB7B4A99	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-03-11 19:35:40	C0AE7ABD87254B2789C8CB34AF274A65	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2015-03-11 19:35:40	93C7D1C3941086162B433107D9E8BCE3	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-03-11 19:35:40	7BC64DEEFD0E6812E21DE89F0CF50A49	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2015-03-11 19:35:40	6E974F1C384615DEB0710E44F4847351	126464	----a-w-	C:\Windows\Sysnative\audiodg.exe
2015-03-11 19:35:40	6968D02DC38757C3FBE7ED7C2F9670AA	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-03-11 19:35:40	483221CC1AAC288368292899E32B6B9B	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-03-11 19:35:39	CBE684883A45E5B047DA6B4AC46C2112	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2015-03-11 19:35:39	947938F265D7CB99653CDFF2B3C0468D	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2015-03-11 19:35:39	589852B65C91F574E980ABDB8205080A	146944	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2015-03-11 19:35:39	3A7BC2DC99D3C5B172465E890B3C3B14	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2015-03-11 19:35:39	27793FE3FF2D0123896D1A01A2D222C7	37376	----a-w-	C:\Windows\Sysnative\pcadm.dll
2015-03-11 19:35:38	63D3C30B497347495B8EA78A38188969	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-03-11 19:35:38	00EE5D3E16D42F25F7813ACFA10EC803	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2015-03-11 19:35:37	A84C94CF795E08BBB99E4E145F9E81A3	11264	----a-w-	C:\Windows\Sysnative\pcawrk.exe
2015-03-11 19:35:37	84DB8EB3C184BB549ED90A842020F278	58880	----a-w-	C:\Windows\Sysnative\appidapi.dll
2015-03-11 19:35:37	0F79883E27BB1AFE2D9BB4656A1CEFCD	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-03-11 19:35:36	ED6BF1E1C4F40F600DFEC0CB101A1789	9728	----a-w-	C:\Windows\Sysnative\pcalua.exe
2015-03-11 19:35:36	EA285B947EE48103697CDA53D76C9EEC	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2015-03-11 19:35:36	C4937B9D6EF4D309A60054D4D00EE9DB	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2015-03-11 19:35:36	BE7DA70C9F4A97CCA9ED78B70BCFC9AC	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-03-11 19:35:36	56FD1BC602EE0E7949F92EE2EE327B72	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2015-03-11 19:35:36	29088A5723C81BF75AD909AAB6A91610	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-03-11 19:35:35	FE03B35A22C3D2714B494FC2AB32AC5B	8704	----a-w-	C:\Windows\Sysnative\pcaevts.dll
2015-03-11 19:35:35	F43B09E257121ADC501ABE9367FAA850	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-03-11 19:35:35	DBCD54B841F2B216B2F0F86E18205C22	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-03-11 19:35:35	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-03-11 19:35:35	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-03-11 19:35:35	8364A0F7633414DC5C50A37295B1FAFF	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2015-03-11 19:35:33	77D49942BD5DC97723ABC8A6D2757B6E	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-03-11 19:34:14	1FB81632476857E8451DDA8A456EF3CE	215552	----a-w-	C:\Windows\Sysnative\ubpm.dll
2015-03-11 19:34:05	DB2904A4CEBC39DF8892A613BEC71512	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-03-11 19:34:05	3807605BDA83C0DA729A5219CEBB9041	341504	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-03-11 19:34:05	1DB278E5834B08F9A184F953F2D31FF7	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-03-11 19:34:04	FB95F6E11AAD62F24C2DB01E6E9D7BE7	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-03-11 19:34:04	E1404987DCD392AF9D67F6A26CE21175	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-03-11 19:34:04	B6C7729936AAF8E0697F0A7DCA82CED8	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-03-11 19:34:04	9B644AC070576AAE701910874C241DBD	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-03-11 19:34:04	92F920EE9EAF7306B4AB8124D474AB52	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-03-11 19:34:04	7BC39275661EA7DEE54135AA26DF733E	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-03-11 19:34:04	65CF54B1D8CB1B085B6D8BC210E2C45F	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-03-11 19:34:04	6536829F6EA1149527728A210F493B79	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-03-11 19:34:04	54CD467B3A6DA02E9449DB7FB1830612	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-03-11 19:34:04	543553AD3E30CB261C8B436DF644F23E	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-03-11 19:34:04	473BCBFFC55C9FE33D502035322E759D	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-03-11 19:34:04	378B175D0F0A1C38026F280BF6C8D0C6	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-03-11 19:34:04	28CC69865D5DC458EDDCEA35F01D71DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-03-11 19:33:48	E88A78273D429554B6B2D2BDA945ED9B	1067520	----a-w-	C:\Windows\Sysnative\msctf.dll
2015-03-11 19:33:45	0A4D03A4C0F908B15B8A4C48FB18F197	1424896	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2015-03-11 19:33:41	A0DEE06D68F210CA090FD4D9A33CDC12	3204096	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-03-11 19:26:21	2CA6A98547E799812489E5ADF2774D97	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-03-11 19:26:21	289581F0FDA6B93A0FAFE979486AD6FA	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-03-11 19:26:20	08892A4ED848386E6B901723C1EF611B	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-03-11 19:26:19	D3EA5B5E606EF17804B5BF565BEAD937	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-03-11 19:26:19	D2BF72C0A9E26BE91C1DEEACF7C430E0	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-03-11 19:26:19	7FA2B43D940DF41E46B8049B59AB6639	718848	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-03-11 19:26:17	585B29EFB4954902FD53C4F8F9A0D39F	389800	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-03-11 19:26:16	F5E5E96E188934BAB22C0916C91F46B3	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-03-11 19:26:16	501A38B72FA264605123B4FACF53F057	1548288	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-03-11 19:26:16	132862B0FC4A1B7CB45C274DE169DBB2	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-03-11 19:26:15	80B3AD73027A2CCD42C47EBF5C89124F	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-03-11 19:26:15	5443F21A33DB376734DBE47F7635542C	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-03-11 19:26:14	D0767EA3A59FA70C7ACF59EE0C8CD42A	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-03-11 19:26:14	9E9B757A677927110393A505822D9174	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-03-11 19:26:14	22C4867C690C38B18B2C1A0B072CD0C4	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-03-11 19:26:13	62269DEFF17AB006217330A24EA8577B	2886144	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-03-11 19:26:12	A1264D16AF506125C974775C833A063C	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-03-11 19:26:12	1EC0BF321D3B14D02B9A8BAC134570F4	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-03-11 19:26:11	FB8C4EE9889790466A0174923410649E	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-03-11 19:26:11	76B53D2150284E138B46410EA54967FA	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-03-11 19:26:10	D373113A84C12BA7F07CE1E9CAF4747F	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-03-11 19:26:10	2335F6BF8A127E31EB0E2D9A82F188A0	14398976	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-03-11 19:26:09	A9190899A35431CF8ABBEF5E1BB0C8F9	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-03-11 19:26:09	4870B24EA7D4EEF5E1C4675AC47796B8	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-03-11 19:26:09	40DF85D8B2B0171EF5F23AA1B5CD9A62	6035456	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-03-11 19:26:08	687E11F36832BFF65EF0CD2FA3DB1966	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-03-11 19:26:08	36F99BD8A0F09BDBB7850A138845A014	2358784	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-03-11 19:26:07	667229C8F194D619D12F05943D7F61F0	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-03-11 19:26:07	1C393E42928BF55B3796E732B678CD5B	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-03-11 19:26:07	1193400D8E29A5A010135FB09A4EB1E8	25021440	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-03-11 19:25:06	CBA2694BFC61F371181F2BE2BCD66C40	465920	----a-w-	C:\Windows\Sysnative\WMPhoto.dll
====== C:\Windows\Sysnative\drivers =====
2015-03-11 19:35:53	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-11 19:35:46	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-11 19:35:40	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-03-11 19:34:05	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-11 19:34:05	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-03-11 19:34:05	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-02-19 20:26:58	1B83A1187BA5B509EA9D55478014823E	270816	----a-w-	C:\Windows\Sysnative\drivers\avgidsdrivera.sys
====== C:\Windows\Tasks ======
2015-03-10 06:22:12	F1799667F2FEB2779335D8BC1750DEDF	4976	----a-w-	C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for Merino666-Merino Merino666
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-03-15 11:06:27	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-03-16 14:41:55	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Merino\AppData\Roaming ======
2015-03-15 20:50:05	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-03-15 20:50:05	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-03-15 20:50:05	--------	d-----w-	C:\Users\Merino\AppData\Local\Temp
2015-03-15 20:50:05	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-03-07 18:25:19	--------	d-----w-	C:\Users\Merino\AppData\Local\Steam
====== C:\Users\Merino ======
2015-03-16 14:36:35	49BF715D225A5D3FE9D2FA75967C1466	561064	----a-w-	C:\Users\Merino\Downloads\chromeinstall-8u40.exe
2015-03-15 11:03:21	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Merino\Downloads\RSITx64.exe
2015-03-12 20:12:23	596F915D9D12A1C2C7836EAAEBBB9CBC	1388333	----a-w-	C:\Users\Merino\Downloads\JRT.exe
2015-03-12 19:44:51	95300BA672A14E3AE6740CB3CB41DB7B	2171392	----a-w-	C:\Users\Merino\Downloads\AdwCleaner.exe
2015-03-11 19:23:42	E1ECA1CB80D3FC173F68B299A3AC503D	14176408	----a-w-	C:\Users\Merino\Downloads\mseinstall.exe

====== C: exe-files ==
2015-03-16 14:40:00	30E9397C2F0C8FF128219D6A25E172BB	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-03-16 14:39:04	F95C5163F6D8955BEF59A896C7F7112D	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe
2015-03-16 14:39:04	DFB1F31DD4A08FA5892886DC7117064A	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe
2015-03-16 14:39:04	A29B7A1BAD1A1EB608ACF7684F1F1E37	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe
2015-03-16 14:39:04	7833052815087E5BF9346AC78FDCED68	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe
2015-03-16 14:39:04	751E8649890CC42727D80F8D6DE1F1CB	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe
2015-03-16 14:39:04	7162180C98D1BE5D1315FC05B3C91E9D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe
2015-03-16 14:39:04	689916BDF4F58C7F7AD25F8B3ABB783A	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-03-16 14:39:04	0A9C7408BADBA5D2C841817C22ACBF07	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe
2015-03-16 14:39:04	08363434BEC1B0AE6420C77820BC12E9	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe
2015-03-16 14:39:03	AF28DAA2B4EB3AD87203202264A2491C	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe
2015-03-16 14:39:03	A07427A93E1133A7F0F4691CC54B9294	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe
2015-03-16 14:39:03	946FD6292EAE3FBB93CC3BB01BA8763D	76712	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-03-16 14:39:03	94017ABBDE345580542D8301793EFF7A	191400	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe
2015-03-16 14:39:03	79B6403F5BD398BB9880F00FAF7C69DA	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe
2015-03-16 14:39:03	6031BACB59D93E5ECB4ACDE6E12565EA	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe
2015-03-16 14:39:03	3DB4CD42B36FD2C98E9B51E3CBC1670E	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe
2015-03-16 14:39:03	32700B34EE49959FAF64EC46D96B3630	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe
2015-03-16 14:39:03	30E9397C2F0C8FF128219D6A25E172BB	190888	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe
2015-03-16 14:39:03	2794D464D89260B0316C16A9FE24C660	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe
2015-03-16 14:39:03	1FA2D0F07730F502A857BFC63DA6C193	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe
2015-03-16 14:39:03	042B789E469D238D5FA9DEC4241CE3FD	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe
2015-03-16 14:36:35	49BF715D225A5D3FE9D2FA75967C1466	561064	----a-w-	C:\Users\Merino\Downloads\chromeinstall-8u40.exe
2015-03-15 11:06:31	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Merino.exe
2015-03-15 11:03:21	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Merino\Downloads\RSITx64.exe
2015-03-14 01:06:52	4FFC1AF9DF477CA80A5639140C30720D	41466448	----a-w-	C:\Program Files (x86)\Google\Update\Install\{4716DEB2-E849-4ADE-916E-60A805B5CAB9}\41.0.2272.89_chrome_installer.exe
2015-03-14 01:06:48	4FFC1AF9DF477CA80A5639140C30720D	41466448	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_chrome_installer.exe
2015-03-12 20:12:23	596F915D9D12A1C2C7836EAAEBBB9CBC	1388333	----a-w-	C:\Users\Merino\Downloads\JRT.exe
2015-03-12 19:44:51	95300BA672A14E3AE6740CB3CB41DB7B	2171392	----a-w-	C:\Users\Merino\Downloads\AdwCleaner.exe
2015-03-12 19:13:11	7DF547F2E361A6ADC8DFAF9544C6A283	10033232	----a-w-	C:\Program Files (x86)\Google\Update\Install\{68D4A45C-0D74-4930-9DCD-6B5DBED01F26}\41.0.2272.89_40.0.2214.115_chrome_updater.exe
2015-03-12 19:13:10	7DF547F2E361A6ADC8DFAF9544C6A283	10033232	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.89\41.0.2272.89_40.0.2214.115_chrome_updater.exe
2015-03-11 19:35:37	D1D03ED0A40B9EA7D45CD09E585415ED	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2015-03-11 19:35:37	3CB513A4E2D3666282725B09FF66D2B1	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-03-11 19:35:36	FEB8566E798B2F6BA40AC39C90E354B3	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2015-03-11 19:35:36	733F15A545DCB45295EEB1E409F2D63A	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2015-03-11 19:35:35	E357783E1561251E25513247B534D423	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-03-11 19:35:35	201283E93160A0EBBA8CC9F3F2388FDA	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-03-11 19:26:19	B5F3C8A860C39AEC1356A708C2A701A1	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-03-11 19:26:17	9C7990C221DC5C283BFF5A05CF52D69B	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-03-11 19:26:17	5CC34CBBBD90696FD82DB670C38B13FD	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-03-11 19:26:16	E931C01E7DD7CEC0BD26CD1B9DA967A3	815272	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-03-11 19:26:14	EF3BE302619A2C85A1E33FBFAB4C60F8	484864	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-03-11 19:26:13	D3D00B950A174882DAC32F45AB589864	813736	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-03-11 19:23:42	E1ECA1CB80D3FC173F68B299A3AC503D	14176408	----a-w-	C:\Users\Merino\Downloads\mseinstall.exe
=== C: other files ==
2015-03-16 14:39:04	9DCBFF045A2A43212A4763C3461A50B9	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
2015-03-11 19:35:53	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\System32\drivers\PEAuth.sys
2015-03-11 19:35:46	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-03-11 19:35:40	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\System32\drivers\appid.sys
2015-03-11 19:34:05	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-03-11 19:34:05	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-03-11 19:34:05	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-03-11 19:33:41	A0DEE06D68F210CA090FD4D9A33CDC12	3204096	----a-w-	C:\Windows\System32\win32k.sys
2015-03-10 18:19:43	E34462F22EF7A939905F3C888A151B3A	34974	----a-w-	C:\Users\Merino\Documents\fonts\blackchancery.zip
2015-03-10 18:08:25	4AB9F418821E417BECFB97AA845D969C	27539	----a-w-	C:\Users\Merino\Documents\fonts\canterbury.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2896240718-758397467-3794550951-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"HP Quick Launch"="C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"
"HPToneControl"="C:\Program Files\Hewlett-Packard\HPToneControl\HPTonectl.exe"
"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Folders ======================

2015-02-05 11:57:24	1139	----a-w-	C:\Users\Merino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2010-07-29 00:16:10	848	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-2015 13:07]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-10-2014 20:12]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-10-2014 20:12]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Merino666-Merino" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe]
"C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================

Google Slides - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
AdBlock - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Merino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.uk.msn.com/HPCON/8"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://g.uk.msn.com/HPCON/8"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{5BF47D03-5295-420A-8229-394F0F4E602D} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Merino\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{86E1B67B-0D86-44F9-8FEC-2EF7A3B39ABF}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Unknown owner - C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Architect 2 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\ws.exe
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Merino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Merino\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=28 folders=30 40504824 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Merino\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Merino\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 16-03-2015 at 16:47:34,23 ======================