Zoek.exe v5.0.0.0 Updated 22-March-2015 Tool run by Jona on ma 23-03-2015 at 22:45:47,32. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jona\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 23-3-2015 22:48:22 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~3\Hitman Pro deleted successfully C:\Users\Jona\AppData\Local\Bundled software uninstaller deleted successfully C:\Users\Jona\AppData\Local\DassaultSystemes deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat 5.0 Adobe Flash Player 16 NPAPI Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Age of Mythology - The Titans Expansion Age of Mythology Akamai NetSession Interface Aloha TriPeaks AMD Accelerated Video Transcoding AMD APP SDK Runtime AMD Catalyst Install Manager Amnesia - The Dark Descent Battle.net Bejeweled 3 BitComet 1.35 64-bit Borderlands 2 Burnout Paradise: The Ultimate Box Catalyst Control Center - Branding Catalyst Control Center Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe COMSOL 4.4 Counter-Strike: Source Curse DAEMON Tools Lite DARK SOULST II Dota 2 Dropbox Empress of the Deep - The Darkest Secret Fontys Wifi Connection Manager GameSpy Arcade Garry's Mod Google Chrome Google Update Helper Half-Life 2 Hearthstone Hi-Rez Studios Authenticate and Update Service HI-TECH C51-lite V9.60PL0 HI-TECH PICC lite V9.60PL0 HitmanPro 3.7 Intel AppUp(SM) center Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel© Trusted Connect Service Client Island Tribe Java 8 Update 40 Java Auto Updater Jewel Quest Solitaire 2 Killing Floor League of Legends Left 4 Dead 2 LibUSB-Win32-0.1.10.1 LOLReplay Magic Academy Magicka Math Kernel Libraries Math Kernel Libraries (64-bit) Mathcad 15 M020 Mathcad PDSi viewable support MATLAB R2013b Microsoft Office Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft Silverlight 5.1 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Refresh More Games - WildTangent MotioninJoy Gamepad tool 0.7.0000 Mousotron 8.2 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MSXML4 Parser National Instruments Software NaturalMotion endorphin 2.7.1 Nero 12 Essentials Toshiba Nero BackItUp Nero BackItUp Help (CHM) Nero Blu-ray Player Nero Blu-ray Player Help (CHM) Nero BurnRights Nero BurnRights Help (CHM) Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Express Nero Express Help (CHM) Nero Kwik Media Nero Kwik Media Help (CHM) Nero Kwik Themes Basic Nero Launcher Nero RescueAgent Nero RescueAgent Help (CHM) Nero SharedVideoCodecs Nero Update NI-DAQmx/LabVIEW shared documentation 14.0.0 NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 14.0.0 NI-Mesa NI-RPC 14.0.0f0 NI-RPC 14.0.0f0 for 64 Bit Windows NI-RPC 14.0.0f0 for Phar Lap ETS NI .NET Framework 4.0 NI ActiveX Container NI ActiveX Container (64-bit) NI Assistant Framework NI Assistant Framework 64-bit NI Assistant Framework LabVIEW 2014 Support NI Assistant Framework LabVIEW Code Generator 2014 NI Authentication 2014 NI Authentication 2014 (64-bit) NI Circuit Design Suite 11.0.1 Core NI Circuit Design Suite 11.0.1 Pro NI Circuit Design Suite 11.0.1 Pro Licenses NI CodeSignAPI NI Curl 14.0.0 (64-bit) NI Curl 2014 NI Customer Experience Improvement Program NI DataSocket 5.2 NI DataSocket 5.2 (64-bit) NI Distributed System Manager 2014 NI Error Reporting 2014 NI Error Reporting Interface 14.0 NI Error Reporting Interface 14.0 for Windows (64-bit) NI EulaDepot NI Example Finder 14.0 NI Help Assistant 2.0 NI Help Assistant 2.0 (64bit) NI Instrument IO Assistant for LabVIEW 2014 32-bit NI JSON Map Files NI LabVIEW 2009 SP1 Run-Time Engine Web Services NI LabVIEW 2012 Real-Time NBFifo NI LabVIEW 2012 Run-Time Engine Web Server NI LabVIEW 2012 SP1 Run-Time Engine Non-English Support. NI LabVIEW 2013 Real-Time Error Dialog NI LabVIEW 2013 Run-Time Engine Web Server NI LabVIEW 2013 SP1 Run-Time Engine Non-English Support. NI LabVIEW 2014 NI LabVIEW 2014 (32-bit) NI LabVIEW 2014 Compare Utility NI LabVIEW 2014 Database Connectivity Toolkit NI LabVIEW 2014 Database Connectivity Toolkit License NI LabVIEW 2014 Deployable License NI LabVIEW 2014 Deployment Framework NI LabVIEW 2014 Help NI LabVIEW 2014 Help File NI LabVIEW 2014 License NI LabVIEW 2014 License 64-bit NI LabVIEW 2014 Manuals NI LabVIEW 2014 MeasAppChm File NI LabVIEW 2014 Merge Utility NI LabVIEW 2014 Report Generation Toolkit for Microsoft Office NI LabVIEW 2014 Report Generation Toolkit License NI LabVIEW 2014 Run-Time Engine Web Server NI LabVIEW 2014 Scripting Code Generator NI LabVIEW 2014 Search NI LabVIEW 2014 Simulation NI LabVIEW 2014 Touch Panel NI LabVIEW 2014 Touch Panel for English NI LabVIEW 2014 Variable Web Service NI LabVIEW 2014 Web Server NI LabVIEW Broker NI LabVIEW Broker (64 bit) NI LabVIEW C Interface NI LabVIEW MAX XML NI LabVIEW Real-Time NBFifo NI LabVIEW Run-Time Engine 2009 SP1 NI LabVIEW Run-Time Engine 2012 SP1 f9 NI LabVIEW Run-Time Engine 2013 SP1 f2 NI LabVIEW Run-Time Engine 2014 NI LabVIEW Run-Time Engine 2014 Non-English Support. NI LabVIEW Run-Time Engine 8.6.1 NI LabVIEW Run-Time Engine Interop 2009 NI LabVIEW Run-Time Engine Interop 2012 SP1 NI LabVIEW Run-Time Engine Interop 2013 NI LabVIEW Run-Time Engine Interop 2014 NI LabVIEW Web Server for Run-Time Engine NI LabVIEW Web Services Runtime NI LabWindows/CVI 2010 SP1 Analysis Library NI LabWindows/CVI 2010 SP1 Analysis Library (64-bit) NI LabWindows/CVI 2010 SP1 Network Variable Library NI LabWindows/CVI 2010 SP1 Network Variable Library (64-bit) NI LabWindows/CVI 2010 SP1 Run-Time Engine (64-bit) NI LabWindows/CVI 2010 SP1 TDM Streaming Library NI LabWindows/CVI 2010 SP1 TDM Streaming Library (64-bit) NI LabWindows/CVI 2012 SP1 LabVIEW DLL Builder NI LabWindows/CVI 2013 SP1 Code Generator NI LabWindows/CVI 2013 SP1 Low-Level Driver (Original) NI LabWindows/CVI 2013 SP1 Low-Level Driver (Updated) NI LabWindows/CVI Run-Time Engine 2010 SP1 NI LabWindows/CVI Run-Time Engine 2010 SP1 (Updated) NI Launcher NI License Manager NI Logos 5.6 NI Logos 5.6 (64-bit) NI Logos LabVIEW 2014 Support NI Logos XT Support NI Logos64 XT Support NI Math Kernel Libraries NI Math Kernel Libraries (64-bit) NI MAX Remote Configuration 64-bit Installer 14.0 NI MAX Remote Configuration Installer 14.0 NI MAX Support for 64 Bit Windows NI MDF Support NI mDNS Responder 14.0 for Windows 64-bit NI mDNS Responder 14.0.0 NI Measurement & Automation Explorer 14.0.0 NI Measurement Studio ComponentWorks 3D Graph NI Measurement Studio ComponentWorks UI NI Measurement Studio Recipe Processor NI MetaSuite Installer NI MXS 14.0.0 NI MXS 14.0.0 for 64 Bit Windows NI Network Discovery 14.0 NI Network Discovery 14.0 for Windows 64-bit NI OPC Support NI OPCEnum Shared NI Portable Configuration 14.0.0 NI Portable Configuration for 64 Bit Windows 14.0.0 NI Registration Wizard NI Remote Provider for MAX 14.0.0 NI Remote PXI Provider for MAX 14.0.0 NI Search Shared NI Security Update (KB 67L8LCQW) NI Security Update (KB 67L8LCQW) (64-bit) NI Service Locator 2014 NI SLCP 2.1 NI Software Provider for MAX 14.0.0 NI SSL LabVIEW 2014 Support NI SSL LabVIEW RTE 2012 SP1 Support NI SSL LabVIEW RTE 2013 SP1 Support NI SSL LabVIEW RTE 2014 Support NI SSL Support NI SSL Support (64-bit) NI System API .NET 14.0.0 NI System API Client for WIF 14.0.0 NI System API Web-Service 32-bit 14.0.0 NI System API Windows 32-bit 14.0.0 NI System API Windows 64-bit 14.0.0 NI System Configuration 14.0.0 LabVIEW Support NI System Configuration LV2014 Support 14.0.0 NI System Configuration Runtime 14.0.0 NI System Configuration Runtime 14.0.0 for Windows 64-bit NI System State Publisher NI System State Publisher (64-bit) NI System Web Server 2014 NI System Web Server Base 2014 NI System Web Server Base 2014 (64-bit) NI TDM Excel Add-In 14.0 NI TDM Excel Add-In 14.0 64-bit NI TDM Streaming 14.0 NI TDM Streaming 14.0 (64-bit) NI Trace Engine NI Trace Engine (64-bit) NI Uninstaller NI Update Service 2014 NI Update Service 2014 (64-bit) NI USI 14.0.0 NI USI 14.0.0 64-bit NI Variable Engine (64-bit) NI Variable Engine 2.8.0 NI Variable Engine LabVIEW 2014 Support NI VC2005MSMs x64 NI VC2005MSMs x86 NI VC2008MSMs x64 NI VC2008MSMs x86 NI VC2010SP1MSMs x64 NI VC2010SP1MSMs x86 NI VIPM Helper 2014 NI Web-Based Configuration and Monitoring 14.0 NI Web Application Server 2014 NI Web Application Server 2014 (64-bit) NI Web Pipeline 2.0.1 NI Web Pipeline 2.0.1 64-bit support NI Web Pipeline 2014 NI Web Pipeline 2014 (64-bit) NI Xalan Delay Load 1.10.3 NI Xalan Delay Load 1.10.3 64-bit NI Xerces Delay Load 2.7.6 NI Xerces Delay Load 2.7.6 64-bit NullpoMino version 7.5 NVIDIA PhysX One Finger Death Punch Open Broadcaster Software OpenMG Secure Module 5.0.00 Orcs Must Die 2 osu Panda Internet Security 2014 Password Depot 6 - Panda Secure Vault Edition PCSX2 - Playstation 2 Emulator Peggle Nights Plants vs. Zombies - Game of the Year Polar Bowler Portal Premium Sound HD Prerequisite installer Project64 1.6 Quake Live Realtek Bluetooth Filter Driver Package Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Reset NI Config 14.0.0 Rise of Nations RollerCoaster Tycoon 2 RollerCoaster Tycoon 2: Time Twister Rusty Hearts PWE Serious Sam 3: BFE Shared C Run-time for x64 Sid Meier's Civilization V - Game of the Year Edition SkypeT 7.2 Smite Sniper Elite V2 SonicStage 4.3 StarCraft II Steam Synaptics Pointing Device Driver TeamSpeak 3 Client Terraria The Binding of Isaac The Binding of Isaac: Rebirth The Secret World ThreeShipsPluginSetup TOSHIBA Desktop Assist TOSHIBA eco Utility TOSHIBA Function Key TOSHIBA Manuals Toshiba Password Utility TOSHIBA PC Health Monitor Toshiba Places Icon Utility TOSHIBA Recovery Media Creator TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA System Driver TOSHIBA System Settings Toshiba TEMPRO TOSHIBA VIDEO PLAYER Unturned Update Installer for WildTangent Games App VI Package Manager 2014 Virtual Villagers 4 - The Tree of Life Visual Studio 2010 x64 Redistributables VLC media player 2.1.3 Welcome App (Start-up experience) WIF Core Dependencies Windows 14.0.0 WildTangent Games WildTangent Games App (Toshiba Games) Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) WinRAR 4.20 (64-bit) Worms Revolution ==== Running Processes ====================== C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PskSvc.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2014\WebProxy.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\WINDOWS\SysWOW64\lkads.exe C:\Program Files (x86)\National Instruments\MAX\nimxs.exe C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrls.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe c:\program files (x86)\panda security\panda internet security 2014\firewall\PSHOST.EXE C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\AVENGINE.EXE C:\WINDOWS\SysWOW64\lkcitdl.exe C:\WINDOWS\SysWOW64\lktsrv.exe C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe C:\Program Files (x86)\National Instruments\Shared\NI WebServer\NIWebServiceContainer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Jona\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\LOLReplay\LOLRecorder.exe C:\Users\Jona\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe C:\Users\Jona\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\ApVxdWin.exe C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\SRVLOAD.EXE C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavBckPT.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Steam\bin\steamwebhelper.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AGEIA Technologies not found C:\Users\Jona\AppData\Roaming\.minecraft deleted C:\PROGRA~3\Package Cache deleted C:\Users\Jona\AppData\Local\node-webkit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Jona\Downloads\iLividSetup-r1734-n-bc.exe deleted C:\Users\Jona\Downloads\avg_free_stb_all_2013_3345_cnet.exe deleted C:\end deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted "C:\windows\Installer\11a75.msi" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 8144 MB CPU Info: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz CPU Speed: 2494,8 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: AMD Radeon HD 7610M | AMD Radeon HD 7610M Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Realtek PCIe FE Family-controller | Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC CD / DVD Drives: 2x (D: | E: | ) D: DTSOFT BDROM | E: TSSTcorpCDDVDW SN-208AB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 585,2GB Hard Disks - Free: C: 109,5GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | TOSASU - 100 Time Zone: West-Europa (standaardtijd) Motherboard *: Intel PLCSF8 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Panda Internet Security 2014 On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Panda Internet Security 2014 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Panda Personal Firewall 2014 disabled Default Browser: Google Chrome 41.0.2272.101 Internet Explorer Version: 11.0.9600.17690 Google Chrome version: 41.0.2272.101 Adobe Reader version: 5.0.5.2001092400 Sun Java version: 1.8.0_40 (32-bit) Sun Java version: 1.8.0_40 (64-bit) Flash Player version: 16.0.0.305 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-03-11 10:41:30 C10A66189DC8C090E7C84873EDCEBC88 2501368 ----a-w- C:\WINDOWS\explorer.exe 2015-03-09 17:15:16 80E856B1AFAEB6195EADAAD65945147C 1001472 ----a-w- C:\WINDOWS\HelpPane.exe 2015-03-09 17:11:46 959A31D0CD013CEA0C66DB7C03BCBDDF 221184 ----a-w- C:\WINDOWS\notepad.exe 2015-03-09 16:56:14 B67DB709F5FDAA89CA6C2CB6C1E39B3B 154624 ----a-w- C:\WINDOWS\regedit.exe 2015-03-09 16:55:54 4D9DA155B7B449964E14FC32124CC601 128512 ----a-w- C:\WINDOWS\splwow64.exe 2015-03-09 16:55:44 727B4519FE9919447108CBEC4768F34A 54272 ----a-w- C:\WINDOWS\twain_32.dll 2015-03-09 16:52:12 B934411DFE7DEACFA95A1255A48133C9 17408 ----a-w- C:\WINDOWS\hh.exe 2015-03-09 16:52:08 335C38783B3F1B383ECAC17DB3705895 9728 ----a-w- C:\WINDOWS\winhlp32.exe 2015-03-09 16:52:03 73E19BE0E0ECD88616B5762F621B0226 11264 ----a-w- C:\WINDOWS\write.exe ====== C:\Users\Jona\AppData\Local\Temp ==== 2015-03-23 05:58:28 12C0789B30AD2425D9F5B63FFFAAEEA6 43008 ----a-w- C:\Users\Jona\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptg51pq.dll 2015-03-22 21:21:34 F3A1050BAC829EEBF38A553DB08C02E1 585073 ----a-w- C:\Users\Jona\AppData\Local\Temp\Rar$EXa0.380\RPGVXAce_RTP100\Setup.exe 2015-03-22 21:08:47 36F8490C3F03C168C251EFD0D510656A 25126501 ----a-w- C:\Users\Jona\AppData\Local\Temp\Rar$EXb0.937\?????????RAID.exe ====== Java Cache ===== 2015-03-23 21:43:25 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Jona\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-7014c48d 2015-03-23 21:43:22 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Jona\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-29bdc65a 2015-03-23 21:43:22 C5450E1B0270E47D382A378E44906CE9 424 ----a-w- C:\Users\Jona\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap 2015-03-23 21:43:21 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Jona\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-32ac6e33 2015-03-23 21:43:22 34FA8033B50A3F99D3AB8209C72C0ABA 6860 ----a-w- C:\Users\Jona\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-537a97de ====== C:\WINDOWS\SysWOW64 ===== 2015-03-23 21:40:12 7A76F83B4DCA86B5DB17D43A5820CF40 98216 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-03-22 11:54:09 3B26DCAB842C280FA7271FF2B58D3293 28352 ----a-w- C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-03-11 10:42:37 E26D49197CA9E38BCC6033DE53F720BD 816128 ----a-w- C:\WINDOWS\SysWOW64\calc.exe 2015-03-11 10:42:32 19920B416F3274640B3DE9A5248F0E74 560392 ----a-w- C:\WINDOWS\SysWOW64\SHCore.dll 2015-03-11 10:42:20 F8B2956CE0F98289F5A8D3FBF638D989 12800 ----a-w- C:\WINDOWS\SysWOW64\winshfhc.dll 2015-03-11 10:41:47 45804906FFF3DD025BC725BE0DC98797 290816 ----a-w- C:\WINDOWS\SysWOW64\photowiz.dll 2015-03-11 10:41:44 8F3E99586FDAD25BD0DA0C37C6DBE1EC 2484224 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2015-03-11 10:41:39 B004C599E9DFE8A4C4A7421E80B94FBD 1943040 ----a-w- C:\WINDOWS\SysWOW64\dwmcore.dll 2015-03-11 10:41:37 E094D21FE482A0DC59056B6B9D421B07 1230336 ----a-w- C:\WINDOWS\SysWOW64\mfc42u.dll 2015-03-11 10:41:37 5EB5142C178BED2C4372406203B9BC1D 1204224 ----a-w- C:\WINDOWS\SysWOW64\mfc42.dll 2015-03-11 10:41:36 FCF02D20B26118DD7E4E871323AAAB58 35840 ----a-w- C:\WINDOWS\SysWOW64\atlthunk.dll 2015-03-11 10:41:36 08B8F2E5FAAC73EF1AFD99B2AEC104FD 3551744 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_47.dll 2015-03-11 10:41:35 6A978C77BADD838D8A5347DBC06142A7 811008 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll 2015-03-11 10:41:34 C561022F4E2882B44BDB65AE2B0756C0 266752 ----a-w- C:\WINDOWS\SysWOW64\eapphost.dll 2015-03-11 10:41:34 C443536D9279B74A162E3C39A83CB226 60928 ----a-w- C:\WINDOWS\SysWOW64\StorageContextHandler.dll 2015-03-11 10:41:34 958A5388C05106844C80AEB95948A32B 91648 ----a-w- C:\WINDOWS\SysWOW64\eappgnui.dll 2015-03-11 10:41:34 4720D1AF566E7C2127B4EEDDD070CA87 278016 ----a-w- C:\WINDOWS\SysWOW64\eappcfg.dll 2015-03-11 10:41:34 20A130BE26CBB3B50C5B19B91BED669B 250880 ----a-w- C:\WINDOWS\SysWOW64\eapp3hst.dll 2015-03-11 10:41:34 154BC2F7D00DA9790A99787B6019535E 2459136 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2015-03-11 10:41:33 D5496CF5DF8921CFC1EF1770F98C2192 791040 ----a-w- C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-03-11 10:41:30 91E24273FCA076EA9E65DAFA98901225 2207488 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2015-03-11 08:42:51 9E39AC33607AAF228686FA15249E5C42 358912 ----a-w- C:\WINDOWS\SysWOW64\schannel.dll 2015-03-11 08:42:48 EB75202872E2A233CA0C4E84D122B266 35840 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2015-03-11 08:42:48 1E14074826BCDAC8764743D8F92E6CFE 301056 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2015-03-11 08:42:30 93F59EDC3602F47840631BB7F334B66C 1498360 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-03-11 08:42:24 95CB6079B3E62D4301958023C2070A48 19720192 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-03-11 08:42:20 E868396BC5F8957A9E39BD9A28EA814D 12827648 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-03-11 08:42:19 FC5FE9F2D140435FC95CB3EF6724EF0A 4300288 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-03-11 08:42:19 B35C35C55FED3DD7F995C77F63CBC29B 1311232 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-03-11 08:42:19 52B4DECDC70B8758380D37EA2CDD4254 2278400 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-03-11 08:42:18 EA6EA6912F27F05C61D8D747517EB47E 1888256 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-03-11 08:42:18 BC9CE46C3F05CCC40F8F1EFC7E4B41C7 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-03-11 08:42:18 1F53B89EDB383115B4DE44019CA6D2E1 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2015-03-11 08:42:17 AD1BA932AC31D2BC8C9105DA59BEA6BE 689152 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-03-11 08:42:17 AD13E719AE506AA0E0BB5D49E0D5B44A 285696 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2015-03-11 08:42:17 A34897A1A39316BDECCA3E61986F98F2 2052608 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-03-11 08:42:17 6458965ED7A412AA6B4A3C5197EEBBD7 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll 2015-03-11 08:42:17 6108ED659B5962DE73DACB3B04D86ED3 64000 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-03-11 08:42:17 00F39165D6D14302618C20CDD7BB213A 76288 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2015-03-11 08:42:16 CFAB72035AC43BE256A750D1C788D092 128000 ----a-w- C:\WINDOWS\SysWOW64\iepeers.dll 2015-03-11 08:42:16 B59AD24271B8CA366001B52243930E86 664064 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-03-11 08:42:16 A41C85FDB2275FA9AAA821A118807FDB 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-03-11 08:42:04 4B56EAB79339F37E0C5B325405C4FF95 1488040 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-03-11 08:42:02 64FDBD1F4955DA132578392754AA1A79 19731824 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2015-03-11 08:41:57 5BD6BE549A4C267D69E86160E3100C14 1123848 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll 2015-03-11 08:41:57 498D5BC0289F8DD995FEEE8E7CD906CA 357376 ----a-w- C:\WINDOWS\SysWOW64\WMPhoto.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-03-22 11:54:11 9BC00C5608BF75BEAE893814A3AEC2AD 29888 ----a-w- C:\WINDOWS\Sysnative\aspnet_counters.dll 2015-03-14 15:01:19 3A63B32C6A6A671ECFC94071C9943E0F 1232 ----a-w- C:\WINDOWS\Sysnative\.crusader 2015-03-11 10:42:37 D82C445E3D484F31CD2638A4338E5FD9 933888 ----a-w- C:\WINDOWS\Sysnative\calc.exe 2015-03-11 10:42:32 EEB76824DC14283A010CAE4E2B5AB852 723072 ----a-w- C:\WINDOWS\Sysnative\SHCore.dll 2015-03-11 10:42:20 72BEE6C5173218A8846D31DF68D2AE4F 14848 ----a-w- C:\WINDOWS\Sysnative\winshfhc.dll 2015-03-11 10:41:49 BDE6152B584ABDA7DA102B363E58354F 396419 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2015-03-11 10:41:47 DF55E2D7D045BA1A2C43029DEDF0B59D 347136 ----a-w- C:\WINDOWS\Sysnative\photowiz.dll 2015-03-11 10:41:47 2AE4D70A3657FA4FA734B370E79F83FF 1091072 ----a-w- C:\WINDOWS\Sysnative\localspl.dll 2015-03-11 10:41:46 7F586D08E965FA00EE085319EF5BBAF1 864256 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll 2015-03-11 10:41:45 C08E7F8AC41901403799B237DA7BA10E 3097600 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2015-03-11 10:41:39 77F28E71B2C0297AB67EA81878B1FA83 2257408 ----a-w- C:\WINDOWS\Sysnative\dwmcore.dll 2015-03-11 10:41:38 81CB7FF2FF19D639FD75B6B992BABC43 4298240 ----a-w- C:\WINDOWS\Sysnative\D3DCompiler_47.dll 2015-03-11 10:41:37 20433FD8C8F460567DE93F472A4D749F 1488896 ----a-w- C:\WINDOWS\Sysnative\mfc42u.dll 2015-03-11 10:41:36 60629FA01E0CAE23DA527DFA5ECAD5C7 1464832 ----a-w- C:\WINDOWS\Sysnative\mfc42.dll 2015-03-11 10:41:36 40CBEB7C0051036CBC1C243A025F206D 971776 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll 2015-03-11 10:41:34 992A0252586D9D946535DDBBEF9AB7D5 346112 ----a-w- C:\WINDOWS\Sysnative\eappcfg.dll 2015-03-11 10:41:34 68DF7D160987CF3E0A03A64E5A8F087D 2773504 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2015-03-11 10:41:34 62F00DA98A4ABDA58254DB936C1D2D73 339456 ----a-w- C:\WINDOWS\Sysnative\eapphost.dll 2015-03-11 10:41:34 613438C2C3D899F50719B6878579C66D 75264 ----a-w- C:\WINDOWS\Sysnative\StorageContextHandler.dll 2015-03-11 10:41:34 4E32C419A8B3CC19FCD2CACDEF1BD492 102912 ----a-w- C:\WINDOWS\Sysnative\eappgnui.dll 2015-03-11 10:41:34 4644F62E41B054A1787225D1210108B2 331776 ----a-w- C:\WINDOWS\Sysnative\eapp3hst.dll 2015-03-11 10:41:33 F91E83532107E8B0A1819DB2D96366CB 1090048 ----a-w- C:\WINDOWS\Sysnative\MrmCoreR.dll 2015-03-11 10:41:33 55E39907F34D14E0794DD17C915795E5 46456 ----a-w- C:\WINDOWS\Sysnative\LockScreenContentServer.exe 2015-03-11 08:42:52 35A579220C411DED00E0DA5AFB755178 4178944 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2015-03-11 08:42:51 E63FD4AED397626B314B96EA11341220 430080 ----a-w- C:\WINDOWS\Sysnative\schannel.dll 2015-03-11 08:42:48 BBBE2BA24785E3A7ED1FF706B01C7770 358912 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2015-03-11 08:42:48 85012538999DC5628E67B7579FF5034F 44032 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2015-03-11 08:42:46 EA10446D574CB8A20D913BF500E34192 3547648 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll 2015-03-11 08:42:45 66F962AE94FF268070ED2325DAEE88BA 131584 ----a-w- C:\WINDOWS\Sysnative\rdpudd.dll 2015-03-11 08:42:43 92360C5E0D86B027377381E867BD055A 203264 ----a-w- C:\WINDOWS\Sysnative\ubpm.dll 2015-03-11 08:42:32 9F2265288BCA4EF9B34FAD2D0078070E 7472960 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-03-11 08:42:31 44AA550C6B46C80E430A3D29820D629E 1733440 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-03-11 08:42:28 1193400D8E29A5A010135FB09A4EB1E8 25021440 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-03-11 08:42:22 40DF85D8B2B0171EF5F23AA1B5CD9A62 6035456 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-03-11 08:42:21 2335F6BF8A127E31EB0E2D9A82F188A0 14398976 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-03-11 08:42:19 62269DEFF17AB006217330A24EA8577B 2886144 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-03-11 08:42:19 36F99BD8A0F09BDBB7850A138845A014 2358784 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-03-11 08:42:18 A03AF8AD44CAE309908557F5724BC808 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-03-11 08:42:18 501A38B72FA264605123B4FACF53F057 1548288 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-03-11 08:42:17 DF9BF7D44E9EC59924B642AB478E72DA 374272 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-03-11 08:42:17 D373113A84C12BA7F07CE1E9CAF4747F 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2015-03-11 08:42:17 A9190899A35431CF8ABBEF5E1BB0C8F9 814080 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2015-03-11 08:42:17 80B3AD73027A2CCD42C47EBF5C89124F 316928 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2015-03-11 08:42:17 7E16095C0BEEF62D1A2674D6A232DEE1 145408 ----a-w- C:\WINDOWS\Sysnative\iepeers.dll 2015-03-11 08:42:17 687E11F36832BFF65EF0CD2FA3DB1966 584192 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-03-11 08:42:17 5443F21A33DB376734DBE47F7635542C 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-03-11 08:42:17 3DE5D78D843D3F44B5D9189D61C2725E 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2015-03-11 08:42:17 22C4867C690C38B18B2C1A0B072CD0C4 2125824 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-03-11 08:42:17 1C393E42928BF55B3796E732B678CD5B 88064 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll 2015-03-11 08:42:16 C010D371BC7FE8ECC01EFE5E92D8E996 2865152 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2015-03-11 08:42:16 9E9B757A677927110393A505822D9174 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-03-11 08:42:16 3541B433422C3FEEB8ABFC8386D95275 816128 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-03-11 08:42:04 B9109627AA19B15BA4BFA5255AAECBF2 22291584 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2015-03-11 08:42:04 5A1F895338418DF8C1D31E590DC1BAA5 1763352 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll 2015-03-11 08:41:57 D103F021B60F27DEBAEC4D316C7A0F42 1384712 ----a-w- C:\WINDOWS\Sysnative\msctf.dll 2015-03-11 08:41:57 6334135544739B49C776DFE0B6F0FA9F 402432 ----a-w- C:\WINDOWS\Sysnative\WMPhoto.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-03-14 18:17:28 C00C33ECF1273D50FA4468A4444DCEA2 43664 ----a-w- C:\WINDOWS\Sysnative\drivers\hitmanpro37.sys 2015-03-11 10:42:22 D296D0F0DB2CD1504F90405603664493 264000 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2015-03-11 10:42:22 1751F6B031ADAC34724511057D2E455D 44024 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2015-03-11 10:42:21 9F4DF0043965808973023A9B51A11136 114496 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2015-03-11 10:41:43 DC66AE45816614D2999DCD3834DCCC4E 167424 -c--a-w- C:\WINDOWS\Sysnative\drivers\rfcomm.sys 2015-03-11 10:41:43 6D3A2565E01B3E4B0F1BEDB0D4B00B3F 1113920 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2015-03-11 10:41:43 42F88B57CAE42FC10059C887B3FCFCEA 97792 -c--a-w- C:\WINDOWS\Sysnative\drivers\hidbth.sys 2015-03-09 17:18:31 65454187E0F8B6C0DCECB0287D06EC43 14144 -c--a-w- C:\WINDOWS\Sysnative\drivers\swenum.sys 2015-03-09 17:17:11 468273F7089A3A33D149955F0F203FA4 2485056 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2015-03-09 17:17:11 13EFD41E351F31E087283CF66C29A25E 373568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2015-03-09 17:17:11 00C594D5A1DBD22AD8B2902B9F6EFF94 14528 -c--a-w- C:\WINDOWS\Sysnative\drivers\drmkaud.sys 2015-03-09 17:17:07 7F68063A5A0461E02BC860CE0E6BFDDC 2025792 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2015-03-09 17:15:44 E1BB0B6F00F470B451AB45EA13EBA0B3 1552704 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2015-03-09 17:15:15 E796AE43DDD1844281DB4D57294D17C0 533824 -c--a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2015-03-09 17:15:15 982B9495F70FEEA269C48F18E960EFDE 389952 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2015-03-09 17:15:09 00D8AC8E3053290BDE6EA2FB6810D2FC 678400 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2015-03-09 17:14:44 31233271EDE50D1BBB220F78AFA60486 405504 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2015-03-09 17:14:21 C06E8481E068F170A258441639AC5792 551232 -c--a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2015-03-09 17:14:00 D24B1945ED1F9C96DA786DBBF1E983CE 415040 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2015-03-09 17:13:55 2787A73C848128C950385CB3A63A6B91 337728 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2015-03-09 17:13:42 6276AC2AA203CF47811F6EFBBD214FBF 202752 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2015-03-09 17:13:35 C1FB505A73FA2E9019D32444AB33B75A 354112 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys 2015-03-09 17:13:16 D7B4859227B02BCC1055B279A63C937F 226304 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFRd.sys 2015-03-09 17:13:07 FAA564A13576F9284546BF016D27B551 467776 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-03-09 17:12:22 C37F4930795B771400C63C3C87E7A6C2 1198080 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2015-03-09 17:11:44 481286719402E4BAEFEA0604AB1B5113 113664 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFPf.sys 2015-03-09 17:11:32 C76097CA941FA7CAFEDB1E557969025C 272384 -c--a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2015-03-09 17:11:32 BF8205666BA2F9C2ABFA821DB8230C12 428864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2015-03-09 17:10:58 4E829B18D5BAEC29893792A3C671A847 100672 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecdd.sys 2015-03-09 17:10:40 BAFF6122CFC9F95CA175AD8C348179A4 88896 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2015-03-09 16:56:57 BAB713B409258DB7B5D9F9693F802B0E 136512 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2015-03-09 16:56:49 E8FFD8BE3C50E7A71C5FBB87BDD1128E 96768 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys 2015-03-09 16:56:38 41F631007A158FEBB67F0E2AD1601BBA 93696 ----a-w- C:\WINDOWS\Sysnative\drivers\rassstp.sys 2015-03-09 16:56:30 FC0141B4A5AD6D637D883C1A89FC45C5 151040 ----a-w- C:\WINDOWS\Sysnative\drivers\pacer.sys 2015-03-09 16:56:28 008F7CED69FD5B30CBDE1E03C6F36A27 445440 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2015-03-09 16:56:27 D1D82F007A079A4D623DBD1F36EF30A1 102208 ----a-w- C:\WINDOWS\Sysnative\drivers\mountmgr.sys 2015-03-09 16:56:22 F00B189ECA74DDF408AD934ADDC72477 89088 -c--a-w- C:\WINDOWS\Sysnative\drivers\drmk.sys 2015-03-09 16:56:14 A7C31B168F371E8E6796219F23E354DB 61248 ----a-w- C:\WINDOWS\Sysnative\drivers\fsdepends.sys 2015-03-09 16:56:12 A1D4D34A56DF1D5122CDB265038A2E72 59712 -c--a-w- C:\WINDOWS\Sysnative\drivers\kbdclass.sys 2015-03-09 16:55:56 A53E798C06D729CCF8459968B4372F6E 89368 ----a-w- C:\WINDOWS\Sysnative\drivers\vmbkmcl.sys 2015-03-09 16:55:41 6505C9E72910F91D4C317EECF22D1DE6 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\wanarp.sys 2015-03-09 16:55:31 615DFD97DEA56CE1C3A52185A3038FF8 921920 ----a-w- C:\WINDOWS\Sysnative\drivers\refs.sys 2015-03-09 16:54:53 BC8A79C625568DDB7DCA49D0C2741A64 27456 ----a-w- C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys 2015-03-09 16:54:52 511AD3FF957A0127E6BD336FF6F89C38 97048 ----a-w- C:\WINDOWS\Sysnative\drivers\vmbus.sys 2015-03-09 16:54:48 EF31713EE4C7CCFE4049F7E7F15645A2 69952 ----a-w- C:\WINDOWS\Sysnative\drivers\vpci.sys 2015-03-09 16:54:48 8B9486B64E5FC17FB9CC04CA10B77A34 49944 ----a-w- C:\WINDOWS\Sysnative\drivers\vmstorfl.sys 2015-03-09 16:54:48 10A78656BF6126245631705E45F9B9CF 61208 ----a-w- C:\WINDOWS\Sysnative\drivers\winhv.sys 2015-03-09 16:54:44 269882812E9A68FFF1AFE1283D428322 126464 ----a-w- C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys 2015-03-09 16:54:30 6FC047578785B0435F4E2660946D1ADC 74240 ----a-w- C:\WINDOWS\Sysnative\drivers\mpsdrv.sys 2015-03-09 16:54:16 A2468CC3509394A33C4C32F99563D845 54784 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2015-03-09 16:54:16 1A20F03700D2B2ED775E38D751EF2F63 324928 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2015-03-09 16:54:13 F3C060444777A59FC63D920719E43CCD 115712 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2015-03-09 16:54:13 0E046FF5823B95326D10CF1B4AF23541 39424 ----a-w- C:\WINDOWS\Sysnative\drivers\nsiproxy.sys 2015-03-09 16:54:09 807F8CF3E973305FC435C61CBBEE2A49 189248 -c--a-w- C:\WINDOWS\Sysnative\drivers\UCX01000.SYS 2015-03-09 16:54:06 5F66B7BB330AA80067FC66149A692620 33600 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys 2015-03-09 16:54:06 2A2F8D5284E59815169A88F1FC9CEE28 51008 -c--a-w- C:\WINDOWS\Sysnative\drivers\mouclass.sys 2015-03-09 16:53:57 A57A897E3F87B8E9F30A627C42779A76 21824 ----a-w- C:\WINDOWS\Sysnative\drivers\tbs.sys 2015-03-09 16:53:39 5C8F604F6DC74177CDD8372D7B1ADFF0 212736 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbvideo.sys 2015-03-09 16:53:04 DDD7F92A83F74D1476B71FBA9530A8DC 72192 ----a-w- C:\WINDOWS\Sysnative\drivers\ndproxy.sys 2015-03-09 16:52:38 D4DCE03870314D3354F3501F9DDD4123 87040 ----a-w- C:\WINDOWS\Sysnative\drivers\netvsc63.sys 2015-03-09 16:52:35 415DD71628795197F7AFC176CBADC74E 82944 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2015-03-09 16:52:23 42FF4975D032CAE558AE4BB8448F6E5A 48128 ----a-w- C:\WINDOWS\Sysnative\drivers\netbios.sys 2015-03-09 16:51:53 13BEA6C882D4D877A5A85CA149C86BC1 40960 ----a-w- C:\WINDOWS\Sysnative\drivers\scfilter.sys 2015-03-09 16:51:45 91223A2AE2955B3E0DA3DB79C3A897A6 30208 -c--a-w- C:\WINDOWS\Sysnative\drivers\mouhid.sys 2015-03-09 16:51:45 4A34D7084B862A92F3ABC4969166B3D3 32256 -c--a-w- C:\WINDOWS\Sysnative\drivers\kbdhid.sys 2015-03-09 16:51:44 D887446F3F6051C60C26F4FD1FC8D43F 107520 -c--a-w- C:\WINDOWS\Sysnative\drivers\i8042prt.sys 2015-03-09 16:51:44 D7A41959BB3A8510F1BAC36F5CEC1874 144384 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2015-03-09 16:51:44 51B3AC0560848CD6D65AC2033E293113 66560 ----a-w- C:\WINDOWS\Sysnative\drivers\mslldp.sys 2015-03-09 16:51:44 1104A31260CCF4318C884E0AE6C513BF 53248 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2015-03-09 16:51:43 96B01F117057FB4DAE0FF919ACB55770 26112 -c--a-w- C:\WINDOWS\Sysnative\drivers\sermouse.sys 2015-03-09 16:51:43 8CECC8DA55F3274181FD1EA28AD76664 43008 ----a-w- C:\WINDOWS\Sysnative\drivers\ndiscap.sys 2015-03-09 16:51:43 83868EB2924E6BC21A54337C65D614D1 47104 ----a-w- C:\WINDOWS\Sysnative\drivers\qwavedrv.sys 2015-03-09 16:51:43 67343511D80BF3D6D9EEDB5BA8D0B06B 57856 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthhfenum.sys 2015-03-09 16:51:43 0F030491BA4A27BD46F8B8ACEEE83F1A 44544 ----a-w- C:\WINDOWS\Sysnative\drivers\usbscan.sys 2015-03-09 16:51:43 08EA90955AED2D959EE67DF6EDF0E2B6 81920 -c--a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2015-03-09 16:51:42 9746BA79DE0CA5EB5104406A9ED62D01 11776 ----a-w- C:\WINDOWS\Sysnative\drivers\rootmdm.sys 2015-03-09 16:51:42 82821F4EEC776B4CF11695A38F3ABA46 24576 ----a-w- C:\WINDOWS\Sysnative\drivers\ndistapi.sys 2015-03-09 16:51:42 3083926D1CC5B56EA0786527B557DD1B 103424 ----a-w- C:\WINDOWS\Sysnative\drivers\Ndu.sys 2015-03-09 16:51:42 20185BEB7512EDE4EFECDFA148AC9F99 29696 -c--a-w- C:\WINDOWS\Sysnative\drivers\TsUsbGD.sys 2015-03-09 16:51:42 0139248F6B95CF0D837B5B46A2722D40 98304 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbcir.sys 2015-03-09 16:51:41 B337B1F1E82A83E20A1743E008E25C0F 17408 ----a-w- C:\WINDOWS\Sysnative\drivers\rasacd.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-03-22 20:46:42 -------- d-----w- C:\Program Files\trend micro 2015-03-14 14:29:39 -------- d-----w- C:\Program Files\HitmanPro ======= C:\PROGRA~2 ===== 2015-03-23 21:40:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-03-23 21:39:23 -------- d-----w- C:\PROGRA~2\Java ======= C: ===== ====== C:\Users\Jona\AppData\Roaming ====== ====== C:\Users\Jona ====== 2015-03-23 21:39:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-23 21:35:33 49BF715D225A5D3FE9D2FA75967C1466 561064 ----a-w- C:\Users\Jona\Downloads\chromeinstall-8u40.exe 2015-03-23 19:02:19 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2015-03-11 11:27:12 -------- d-----w- C:\Users\Jona\Tracing 2015-03-07 15:09:38 -------- d-----w- C:\ProgramData\HitmanPro ====== C: exe-files == === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1489744776-661095421-454324320-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Akamai NetSession Interface"="C:\Users\Jona\AppData\Local\Akamai\netsession_win.exe" "NIRegistrationWizard"="C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1043" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Intel AppUp(SM) center"="C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4" "ToshibaDynamicIconUtility"="C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "TPUReg"="C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe /Retimes" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" "APVXDWIN"="C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE /s" "SCANINICIO"="C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "Akamai NetSession Interface"="C:\Users\Jona\AppData\Local\Akamai\netsession_win.exe" "NIRegistrationWizard"="C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1043" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "TODDMain"="C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "SRS Premium Sound HD"="C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f=C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip /h" "TCrdMain"="%ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe " "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2015-01-07 12:26:03 1194 ----a-w- C:\Users\Jona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-04-03 09:32:37 2004 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk 2014-09-01 14:09:18 1254 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04-02-2015 22:45] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-03-2013 20:03] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-03-2013 20:03] C:\WINDOWS\tasks\MATLAB R2013b Startup Accelerator.job --a-------- C:\Program Files\MATLAB\R2013b\bin\win64\MATLABStartupAccelerator.exe [05-08-2013 16:44] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\JKIUpdateTask" [C:\Program Files (x86)\JKI\VI Package Manager\support\JKIUpdate.exe] "C:\WINDOWS\SysNative\tasks\MATLAB R2013b Startup Accelerator" [C:\Program Files\MATLAB\R2013b\bin\win64\MATLABStartupAccelerator.exe] "C:\WINDOWS\SysNative\tasks\NIUpdateServiceStartupTask" [C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{D257ACA5-4CF2-4835-92DF-3934249BB9D0}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\WINDOWS\SysNative\tasks\Toshiba\CommonNotifier" [C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe] "C:\WINDOWS\SysNative\tasks\Toshiba\Service Station" ["C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe"] ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.101 (Latest Stable version: 41.0.2272.101) Google Docs - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AdBlock - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom A Crack in Time and Space - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmmpbeckibaikflbnegjemaegnpbgjol Google Wallet - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Hover Zoom - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl Gmail - Jona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.youtube.com/", "startup_urls": [ "http://www.youtube.com/feed/subscriptions/u", "http://www.facebook.com/", "https://mail.google.com/mail/u/1/?shva=1#inbox" ] ==== Chromium Fix ====================== C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyrics.wikia.com_0.localstorage deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyrics.wikia.com_0.localstorage-journal deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage-journal deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://youtube.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{96E56123-CDA7-4A92-A7A7-FCD1C27736A0}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://youtube.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {96E56123-CDA7-4A92-A7A7-FCD1C27736A0} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1489744776-661095421-454324320-1001\Software\Microsoft\Internet Explorer\SearchScopes\{96E56123-CDA7-4A92-A7A7-FCD1C27736A0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{96E56123-CDA7-4A92-A7A7-FCD1C27736A0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96E56123-CDA7-4A92-A7A7-FCD1C27736A0} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 O4 - HKLM\..\Run: [ToshibaDynamicIconUtility] "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\Inicio.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jona\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [NIRegistrationWizard] C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1043 O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - Startup: Dropbox.lnk = Jona\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: LOLRecorder.lnk = C:\Program Files (x86)\LOLReplay\LOLRecorder.exe O4 - Global Startup: NI Error Reporting.lnk = C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe O8 - Extra context menu item: &D&ownload &met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload alles met BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206 (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - www.BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NI Citadel 4 Service (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\SysWOW64\lkcitdl.exe O23 - Service: NI PSP Service Locator (lkClassAds) - National Instruments Corporation - C:\WINDOWS\SysWOW64\lkads.exe O23 - Service: NI Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\WINDOWS\SysWOW64\lktsrv.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: NI Configuration Manager (mxssvr) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NI Application Web Server (NIApplicationWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe O23 - Service: NI Authentication Service (niauth) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe O23 - Service: NI Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe O23 - Service: NI Network Discovery (NINetworkDiscovery) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe O23 - Service: NI System Web Server (NISystemWebServer) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe O23 - Service: NI Variable Engine (NITaggerService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\SysWOW64\Opcenum.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda On-Access Anti-Malware Service (PAVSRV) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\pavsrvx86.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files (x86)\panda security\panda internet security 2014\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PsImSvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\PskSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Internet Security 2014\TPSrvWow.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\4UPDC0HQ will be deleted at reboot C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\9KCQ6BRG will be deleted at reboot C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\GYH168TL will be deleted at reboot C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\NNQMHSQA will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Jona\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jona\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Jona\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\4UPDC0HQ" not found "C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\9KCQ6BRG" not found "C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\GYH168TL" not found "C:\Users\Jona\AppData\Local\Microsoft\Windows\INetCache\IE\NNQMHSQA" not found ==== EOF on ma 23-03-2015 at 23:19:46,41 ======================