Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by PC on zo 17-05-2015 at 11:53:18,44. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\PC\Desktop\scans\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-05-14-113437.log 93334 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3094540836-2284055214-2461212460-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat X Pro - Italiano, Espa¤ol, Nederlands, Portuguˆs Adobe AIR Adobe Creative Suite 6 Master Collection Adobe Flash Player 17 ActiveX Adobe Help Manager Adobe Reader XI (11.0.11) - Nederlands Adobe Refresh Manager Adobe Widget Browser Alien Skin Exposure Alien Skin Eye Candy 5 Impact Alien Skin Eye Candy 5 Nature Alien Skin Eye Candy 5 Textures Alien Skin Snap Art Alien Skin Xenofex 2.0 AnyMP4 DVD Toolkit 6.0.38 AOMEI Partition Assistant Standard Edition 5.5 Apple Application Support Apple Software Update AVI to DVD Converter bl Boris Graffiti CCleaner CloneDVD 4.1.0.23 Color Efex Pro 3.0 Complete Contents Corel PaintShop Photo Pro X3 CyberLink PowerDVD 15 D3DX10 Definition Update for Microsoft Office 2010 (KB3015642) 64-Bit Edition DeviceIO Digimax Master Dropbox EPSON Attach To Email EPSON Copy Utility 3 Epson Event Manager EPSON File Manager Epson Gebruikershandleiding XP-600 Series Epson Netwerkhandleiding XP-600 Series EPSON Scan EPSON Scan Assistant EPSON XP-600 Series Printer Uninstall EpsonNet Print Eye Candy 4000 FilesFrog Update Checker FileZilla Client 3.9.0.2 FM Patcher 1.01 GetSmile v1.901 Google Chrome Google Update Helper Handleiding Epson Connect Hauppauge WinTV 7 HTML-Kit ICA ImgBurn ImTOO DVD to AVI Converter Incomedia WebSite X5 v10 - Evolution Internet Veiligheidspakket IPM_PSP_Pro Jasc Animation Shop 3 Junk Mail filter update KPN Back-up Online KQEMU virtualisation module for QEMU Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft Outlook 2010 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MLE MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec namesuppressed Softener Nero 7 Essentials Notepad++ Paint Shop Pro 7 Try And Buy PDF Settings CS6 PerfV10_V100 Gebr. handl. ph Photo Common Pinnacle Instant DVD Recorder Pinnacle Studio 12 Pinnacle Studio 12 Ultimate Plugins Pinnacle videodriver PowerDVD proDAD Vitascene 1.0 PSP Thumbnail Handler PSPH10Pro PSPPContent PSPPRO_DCRAW PureHD QuickTime Samsung Kies3 SAMSUNG Mobile Composite Device Software SAMSUNG Mobile Modem Driver Set Samsung Mobile phone USB driver Drive Software SAMSUNG Mobile USB Modem 1.0 Software SAMSUNG Mobile USB Modem Software Samsung USB Driver SAMSUNG USB Driver for Mobile Phones Search App by Ask Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.1 (KB3023224) Security Update for Microsoft .NET Framework 4.5.1 (KB3035490) Security Update for Microsoft .NET Framework 4.5.1 (KB3037581) Security Update for Microsoft Excel 2010 (KB2965240) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2965242) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2999412) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2999420) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2553428) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2965237) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition SES Driver Setup Share Share64 Skype Click to Call SkypeT 7.3 Speccy Spotify Sqirlz Water Reflections Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 10 Total Commander (Remove or Repair) Ulead GIF Animator 5 Update for Microsoft Access 2010 (KB2837601) 64-Bit Edition Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB2956141) 64-Bit Edition Update for Microsoft Office 2010 (KB2965291) 64-Bit Edition Update for Microsoft Office 2010 (KB2965301) 64-Bit Edition Update for Microsoft Office 2010 (KB2999439) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2965295) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3015585) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio 2010 (KB2965292) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition USB Mass Storage Reader VIO Vizros Plug-ins Vizros Plug-ins 4.1 VLC media player 2.0.5 WD Quick View WD SmartWare WD SmartWare Installer Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series WinRAR 5.10 beta 2 (64-bit) Xenofex 1.0 ==== Running Processes ====================== C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\fsgk32st.exe C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSMA32.EXE C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\FSGK32.EXE C:\PROGRA~2\Wintv\Extend\WINTVE~1.EXE C:\PROGRA~2\Wintv\TVServer\HAUPPA~1.EXE c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\PROGRA~2\Wintv\TVServer\CAPTUR~3.EXE C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\fssm32.exe C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Wintv\WinTV7\WinTVTray.exe C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\PC\AppData\Local\FilesFrog Update Checker\update_checker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe C:\Windows\sysWOW64\wbem\wmiprvse.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSLAUNCH.EXE C:\Users\PC\Desktop\scans\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622 deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\PC\AppData\Roaming\systweak deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Browse and Search the Internet.lnk deleted C:\PROGRA~3\Wincert deleted C:\PROGRA~3\Package Cache deleted C:\Users\PC\AppData\Local\Bundled software uninstaller deleted C:\Users\PC\AppData\Local\AskPartnerNetwork deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3 deleted C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\SomotoUpdateCheckerAutoStart deleted C:\Windows\Wininit.ini deleted C:\Users\PC\gosetup.exe deleted "C:\Windows\Installer\32e51b.msi" deleted "C:\Users\PC\AppData\Local\FilesFrog Update Checker\update_checker.exe" deleted "C:\Users\PC\AppData\Local\FilesFrog Update Checker\update_checker.exe" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\PROGRA~2\AskPartnerNetwork" deleted "C:\Users\PC\AppData\Local\FilesFrog Update Checker" deleted "C:\Users\PC\AppData\Local\FilesFrog Update Checker" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4095 MB CPU Info: Intel(R) Core(TM)2 Duo CPU E7400 @ 2.80GHz CPU Speed: 2871,4 MHz Sound Card: Luidsprekers (High Definition A | Digitale audio (S/PDIF) (High D | Display Adapters: NVIDIA GeForce 9500 GT (Microsoft Corporation - WDDM v1.1) | NVIDIA GeForce 9500 GT (Microsoft Corporation - WDDM v1.1) | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) CD / DVD Drives: 2x (Y: | Z: | ) Y: Optiarc DVD RW AD-5260S | Z: Optiarc DVD RW AD-5260S Ports: COM1 LPT1 Mouse: 4 Button Wheel Mouse Present Hard Disks: C: 319,3GB | D: 146,5GB | E: 97,7GB | F: 100,7GB | G: 135,2GB | H: 97,7GB | M: 931,5GB | R: 99,7GB Hard Disks - Free: C: 190,3GB | D: 113,0GB | E: 68,7GB | F: 100,2GB | G: 41,6GB | H: 89,3GB | M: 823,5GB | R: 99,5GB Manufacturer *: Award Software International, Inc. BIOS Info: AT/AT COMPATIBLE | 09/16/08 | GBT - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: Gigabyte Technology Co., Ltd. EP31-DS3L Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Internet Veiligheidspakket 10.00 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Internet Veiligheidspakket 10.00 disabled (Outdated) Firewall: Internet Veiligheidspakket 10.00 disabled Internet Explorer Version: 11.0.9600.17801 Google Chrome version: 42.0.2311.152 Adobe Reader version: 11.0.11.18 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\PC\AppData\Local\Temp ==== 2015-05-17 09:47:58 0CFC0308F76EC217C457F54DDFCB3077 43008 ----a-w- C:\Users\PC\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpivppy5.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-05-12 20:03:12 858EB73F68B20A2A5C66B6C000D1C0DD 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-12 18:18:45 C22AB1781BC6F0BB1C9B352CF66DBFFC 1250816 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-05-12 18:18:31 D0CA74BE380498A0111A73EB9C76CF8F 342016 ----a-w- C:\Windows\SysWOW64\certcli.dll 2015-05-12 18:18:31 2665A3D34D1C62DF303723422215B001 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-05-12 18:17:49 CFCB89C0FE8EF502A7934C0D20E5DBD6 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-05-12 18:17:49 C3120D99E6DA7878A1DD2D88138AC60A 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-05-12 18:17:49 9025CA7BCD6B7956366FC90B3D6E3933 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-12 18:17:49 8C00AB01B1BC1E2F69765776BBC5A5D1 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-12 18:17:48 C1A32612710492D0C3339E46EC15E333 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-05-12 18:17:48 AA2F2D55DEF98007839D0189D721D70B 1310208 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-05-12 18:17:48 7B4FA4B41FBDBB12C5038FCB6E6652AA 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-05-12 18:17:48 746BBC86351D07859D8B40056447F7B2 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-12 18:17:48 6388FC82897DDDA607BBE3580D75AE15 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-05-12 18:17:47 C2EB0AA5570CF8BC881B36EE55A59337 688640 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-05-12 18:17:40 D74445161E58644309F858342F5E265C 19691008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-05-12 18:17:39 E993B5E929F46A52E9F4EB68A7855CDF 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-05-12 18:17:39 63A2E3E9C771B1D4D7D84942D6FCB661 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-05-12 18:17:39 28313FF0DE83EAD8F5EF1B963D9078C3 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-05-12 18:17:38 C525258A00ECFB4CE089F54C163268C3 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-05-12 18:17:38 136687227F11CE928CB05F4FD90319AC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-05-12 18:17:37 F2DB87F164BC13AB8EF90FBF5D866B65 664576 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-05-12 18:17:37 CC4974FCF9387F32A0FF87BCE093A5AD 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-05-12 18:17:37 BCFA71A878903B5F92A7AFEFCCC5CA97 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-05-12 18:17:37 5AAC24BF6C4A54DA526CC6244DEBE227 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-05-12 18:17:37 3CE5DE0730C22A54FE783DB8A989E8BD 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-05-12 18:17:37 1BBC9CFD29A62D80FB77BB69BFF7513C 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-05-12 18:17:35 0E22CD36FC3292CB812CC46CBCFD8444 12828672 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-05-12 18:17:31 1C5C5B5EF9CFDFC897D4549A2385DB3A 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-12 18:17:30 6E2B4875B968324E5844F35A37A79260 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-05-12 18:17:29 CB5F450D21B9D76B7F01D006E4AEDB40 1882112 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-05-12 18:17:29 07E82A31808C8BC053D1DE547082C58F 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-05-12 18:17:28 37625FC1DAF886F1980E2D8F315B93AC 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-05-12 18:16:51 8D50ED3F0FBE3590AB0D43BF7B60E57A 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-12 18:16:50 D0F574320615303ADECDCB452EBB8930 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll 2015-05-12 18:16:50 0A66C88B087249742381924AB8F9EFCC 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-12 18:16:48 A44680B810977EA64E280523E96F2EA9 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-05-12 18:16:47 7A5824DC9A85FCE4334F57FF0795853E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2015-05-12 18:16:47 1569F20BB9DB9FDC87A6D3C8A3726ABF 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2015-05-12 18:16:46 EB058143B57ED460AC4F2DFBA104BBFF 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe 2015-05-12 18:16:45 C6D2D384B6232B0B800234C03C50979F 82944 ----a-w- C:\Windows\SysWOW64\logman.exe 2015-05-12 18:16:45 8C45A65ED20B487085B79EEFCC08D160 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll 2015-05-12 18:16:45 66D6A06936088E412E29A182679F0D71 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-05-12 18:16:45 54A01CC4BC47B31C5CD082D064AB37BC 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-05-12 18:16:44 850F756363237A2EB069B9B25EF8BEC3 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-05-12 18:16:44 7F99900705E249E9D5C55E490B7D076E 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2015-05-12 18:16:44 74C0EC1257698176E288DA282F318E1C 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe 2015-05-12 18:16:44 0B6E937863837BA3383E9CE9200DDF1E 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-05-12 18:16:43 FCB1C8345C794FE89ABA03B4CA3131BB 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-05-12 18:16:43 97B30711DC6CA0EA4EACEDCE8080A3B4 37888 ----a-w- C:\Windows\SysWOW64\relog.exe 2015-05-12 18:16:42 D9E25B4BD2120CC5183CCCE9421C7AFE 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-05-12 18:16:42 AFFE5747054D03F8CEE18A8518A9AA34 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-05-12 18:16:41 F286528898342F0F1EB402606750C391 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe 2015-05-12 18:16:41 ABA025664F9F42C568B2C022AADCB18F 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-05-12 18:16:41 3346701038E55BD366F3D5CE31F55483 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-05-12 18:16:40 99A508910BB06DFBE99D9AF7D6B4E950 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-05-12 18:16:40 79AF005633B7E41B7A194A7E7B9D3D93 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-05-12 18:16:40 741DB93796E7D4F3F804C13537FB40F4 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-05-12 18:16:39 6BB13D5E12C5C4D829C1D640DF269EA0 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-05-12 18:16:36 F43CB86F9536B17E5C7CFCFB48ACBE54 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-05-12 18:16:35 D9716B488CC27652C12B1B5E0944987E 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-05-12 18:16:35 9638DA21E965E23C85C4319F3F66D824 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-05-12 18:16:35 86B2AC15999BB4F8B5C84AB6154A1783 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-05-12 18:16:34 D079A408CC3E22A09D1260A6F18FC0FD 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-05-12 18:16:34 BF9BB4113E9FCDABD4C703DDD06293F3 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-05-12 18:15:56 744AB3C1A73A57DEED49D631F1BDEA1D 2311168 ----a-w- C:\Windows\SysWOW64\wpdshext.dll 2015-05-12 18:15:36 C489D8B4D8C64F20CC75A93F541F7D91 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2015-05-12 18:07:26 418AEC0CE89A13200F2820079B9CDFD9 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll 2015-05-12 18:07:15 D3E8C7FADB758E5D222C639CC65790AD 295936 ----a-w- C:\Windows\SysWOW64\apphelp.dll 2015-05-12 18:07:15 715C060150D969B0DE5DD5B365A712AF 20992 ----a-w- C:\Windows\SysWOW64\sdbinst.exe 2015-05-12 18:07:14 DCA2C6E7990771209CDD8E9DA90ED0E2 5120 ----a-w- C:\Windows\SysWOW64\shimeng.dll 2015-05-05 08:43:30 8CEFAAAFDF6F95C1978B3CCA737000C3 8192 ----a-w- C:\Windows\SysWOW64\WDPABKP.dat ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-05-12 20:03:12 189FB45D7442083AE8A2E4E612233EF7 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2015-05-12 18:18:50 E612E86FA15EA1EF9A52433A2743C447 1179136 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-05-12 18:18:49 490505F6E53EF046EC70A353BC9CD615 1647104 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-05-12 18:18:48 D858C33B133740D5F1F1CF71C33F6355 3204608 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-05-12 18:18:31 ED4B980701D081AC42F7B121C1E42149 460800 ----a-w- C:\Windows\Sysnative\certcli.dll 2015-05-12 18:18:31 8AD8D17425C75D2621B2CDFE0DEABD21 342016 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-05-12 18:17:49 E802824B9B4A16355A5233A7B8215ECE 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-05-12 18:17:49 9DCD15027A13195ABA68B40A5EB26691 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-05-12 18:17:49 70EDB996FE1BCB699232A15CB0D0FA32 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-05-12 18:17:48 6D2787CD32595A91969502A399E7BA48 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-05-12 18:17:48 5EDC6AF7589B65C89CB1154B3377D0C4 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-05-12 18:17:48 1122DD841CCB7E07EF41039CBD66A29E 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-05-12 18:17:38 ED4EB5A0CDD251A17B946C515CB94D70 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-05-12 18:17:38 D7B9EEF960F68DC18724BB5F89A464DD 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-05-12 18:17:38 010F562B961AB8CAEC7A0C72F8FDD690 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-05-12 18:17:37 EB9FCD39D65E23380CB2C2F0E6F2ED53 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-05-12 18:17:37 E20B5098C8707B2CF0858024568234FF 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-05-12 18:17:37 2A2CDE78F9E9019AD0E4D804A02688A3 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-05-12 18:17:35 F28577138120BA7E5423820D4B4C4727 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-05-12 18:17:35 49B1935F131A44CD29857D6900CB643F 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-05-12 18:17:34 F918BE3C5ACA0B6485D725CC1A5348DC 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-05-12 18:17:33 843D063E75B19188759CBEC82828BCB1 2885120 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-05-12 18:17:31 B85ECB91C88F6E74045061B7F7DDEFA2 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-05-12 18:17:29 29BBA65402DD568F49C837533F269482 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-05-12 18:17:29 0B4E78E6E65D1FD2CE55C93CF1EFD623 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-05-12 18:17:27 CA0369799519F33DDE8FD26F5D87D014 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-05-12 18:17:27 1D610F215769E4FF56C7B1847DE4B86D 633856 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-05-12 18:17:26 FFC30231459FC44FD73E07532C707791 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-05-12 18:17:26 E061B5A1D0F9BBACA41149201ADF4A3B 14401536 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-05-12 18:17:26 1921A72BF1273BED72E569EF1F1A0611 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-05-12 18:17:25 DC1200D3C3AC1E69A4DAD053BC26BF0D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-05-12 18:17:25 63061A0826839DE8F5B4713976C99F1B 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-05-12 18:17:22 79A4C71CD8B610DE9F66B72B5654C450 6025728 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-05-12 18:17:21 F0289B3A341429117696F0279DA977B6 2352128 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-05-12 18:17:20 C1D6BD834E69E8F77C8B4DDFCEE073F6 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-05-12 18:17:19 F2A1718334172C0F4E231E998F6CB8AB 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-05-12 18:17:19 5A18ACE782C215300BE1C82D9EDC565B 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-05-12 18:17:18 C31D57F7A58FACDA2671075CEBA75199 24971776 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-05-12 18:17:11 71C85477DF9347FE8E7BC55768473FCA 328704 ----a-w- C:\Windows\Sysnative\services.exe 2015-05-12 18:16:59 EA8A3E8C674B03CB4AFA1D344DBD7BC1 1254400 ----a-w- C:\Windows\Sysnative\diagtrack.dll 2015-05-12 18:16:59 D449C36379EBEFD3CCDAEC328002BB5B 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll 2015-05-12 18:16:55 A985325F4FE72FB003749A2FBBA9952E 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-05-12 18:16:54 8453010B6512DAEAFC61CC0836FA137E 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-05-12 18:16:50 10D39E74B0D5011A8C199B9646579C3F 879104 ----a-w- C:\Windows\Sysnative\tdh.dll 2015-05-12 18:16:49 B01B21E15671ACD3F0AD131DC4CABFC7 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll 2015-05-12 18:16:48 1C9F2F4A2C603739BD8CC8C64310AFD7 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll 2015-05-12 18:16:47 FDF1E0FD74DED0034BA6FFB665E0641E 424448 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2015-05-12 18:16:47 DA8B541825991F6699790E617FF0FF60 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-05-12 18:16:47 A0BCD6A64281492EFAE02AC144A335F1 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-05-12 18:16:47 408A8232E84515E4AA819E0C95E65257 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-05-12 18:16:46 EE27E1D639E3807229C15AF94320CF0A 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe 2015-05-12 18:16:46 9C5DBA74D0C641C2A4ABDC79969B7BEF 104448 ----a-w- C:\Windows\Sysnative\logman.exe 2015-05-12 18:16:46 52146DBFE253B83FAB1980AA704C7974 113664 ----a-w- C:\Windows\Sysnative\sechost.dll 2015-05-12 18:16:46 0CD609B1143961F5C3BA691729A6A5DA 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-05-12 18:16:45 E55A72876BC5E244D0A8F7F07862A939 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2015-05-12 18:16:45 D17DD01601460F5899E5C154B3FD0BFA 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2015-05-12 18:16:45 CCAB9BE9C9100C5F54A5A8F355730841 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-05-12 18:16:45 52935C072F8D5A92508AA3A3CC9133C7 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-05-12 18:16:44 FE60A67032A5C94F6ACE483C8FE84105 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe 2015-05-12 18:16:44 DA5EF2CC0764BE7097BAFA9CAF903FE8 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-05-12 18:16:44 CD3770C78AFFC223A3B9D38F27B7A309 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-05-12 18:16:44 ACE24D86D2714FCC1639F890DF54951B 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-05-12 18:16:44 40C5EA47D4AEC96249B09BF0C076A60C 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-05-12 18:16:44 2292CD8500725B94B7D2E3C0C84F2D19 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-05-12 18:16:43 9262D6E2C239EDD6D87B080F2BCCEC9F 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-05-12 18:16:43 79F036EB691ABBA84E8EB1715E5F2B17 43008 ----a-w- C:\Windows\Sysnative\relog.exe 2015-05-12 18:16:43 4DD0098FFAB4664DB979537C48AE055F 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-05-12 18:16:42 BB7BAF9532DBA5AB4009E981687D1EA6 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe 2015-05-12 18:16:42 A3DCC3D8BB57E31EA07949313CC3A3CF 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-05-12 18:16:41 E1B0C7042BA7B8903D60DF3885F2DFE7 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-05-12 18:16:41 D2602AC48B38FA10956E32D18E7143B0 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2015-05-12 18:16:41 8C711AF30BE3991050D0D011D92CFBE0 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-05-12 18:16:41 0D9BDBE780DD81757AC5AF87E8B1EBEC 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-05-12 18:16:40 D205305FB0E352A9D4CF922D6A016BF4 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-05-12 18:16:40 ADC2D7B5BFF277E5A9FACE6A21A24ABC 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-05-12 18:16:40 50EBA6640805F6D5EF4A0DCEF2D180AB 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-05-12 18:16:35 AF278DB00C43E925E58C8CA2C0CF4C71 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-05-12 18:16:35 90293AAC2AB0908BFF98ADB89CEBC931 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-05-12 18:16:35 7A448B8CED7F7348C36159D5CC8E19ED 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-05-12 18:16:34 90DC7B112F946B412C9CDC6F459F4053 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-05-12 18:15:58 E5404072A5A9E0B452ADDF1D1339176C 2543104 ----a-w- C:\Windows\Sysnative\wpdshext.dll 2015-05-12 18:15:35 C7E50B04623FC6FF54EAF88938A8936E 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe 2015-05-12 18:07:26 2B36E0C5C262437E1B098344DEFA55F8 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll 2015-05-12 18:07:24 6B0F962B1EE486FFE7BCABBC9C736976 24576 ----a-w- C:\Windows\Sysnative\jnwmon.dll 2015-05-12 18:07:15 F55F287810AAF708618793764AF7D1BB 23552 ----a-w- C:\Windows\Sysnative\sdbinst.exe 2015-05-12 18:07:15 83BFCCAC53795E8A5055A93672D0C46C 72192 ----a-w- C:\Windows\Sysnative\aelupsvc.dll 2015-05-12 18:07:15 7E21D3072EB20D5400919D435D549A9B 6656 ----a-w- C:\Windows\Sysnative\shimeng.dll 2015-05-12 18:07:15 31D260ADAF1CCFEFC49DB9FBCE9986DA 342016 ----a-w- C:\Windows\Sysnative\apphelp.dll ====== C:\Windows\Sysnative\drivers ===== 2015-05-12 18:16:46 F7DFAE6040AC910B7C64EE208A34157D 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-05-12 18:16:46 8FE94F2EF9BF444E93E35D87E210D02F 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys ====== C:\Windows\Tasks ====== 2015-05-16 17:43:18 51D421096255EE28A1E47DAF1D3D0562 2930 ----a-w- C:\Windows\Sysnative\Tasks\{148072ED-6D2A-4AFB-9F02-CF357D1A3A63} 2015-05-16 17:42:28 51D421096255EE28A1E47DAF1D3D0562 2930 ----a-w- C:\Windows\Sysnative\Tasks\{3B1FB4A4-C1B7-4D79-A6DB-122074A8C12A} 2015-05-16 15:26:33 DEFF598713F3F4885FA35C3643BFD156 1048 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-16 15:26:33 4E931C2F50A9004BF9D332A1B75CA401 4044 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-05-16 15:26:32 C7066E6B07EF77AD78EA85B9D4D7B5B4 3792 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-05-16 15:26:32 9C8F5A0513816DE722A96D1A1C025E3F 1044 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-16 14:38:26 930A6E9F96525624397DD6A13FDE4D74 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2015-05-16 14:38:26 49BBDEFBD35B09E57A622284957EDA8B 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-12 17:36:51 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task 2015-05-10 11:46:16 A99732AE2C2F8901A9D9A2682C615706 2962 ----a-w- C:\Windows\Sysnative\Tasks\{902338F5-0C94-4E39-A166-A025F413F2F8} 2015-05-10 11:44:34 A99732AE2C2F8901A9D9A2682C615706 2962 ----a-w- C:\Windows\Sysnative\Tasks\{ACEE937E-81DD-497A-A0EC-F8808BA5A347} 2015-05-10 11:43:13 A99732AE2C2F8901A9D9A2682C615706 2962 ----a-w- C:\Windows\Sysnative\Tasks\{A6714799-6816-49BC-9CCF-BC134729386A} 2015-05-05 17:51:56 6DE39F1A2239A2A4180BA515EBF68565 2966 ----a-w- C:\Windows\Sysnative\Tasks\{71916FA2-3FD7-4D04-9902-9D4463B1A84D} 2015-05-05 17:51:02 6DE39F1A2239A2A4180BA515EBF68565 2966 ----a-w- C:\Windows\Sysnative\Tasks\{6B441D7D-81F3-44D8-B8B7-1EEDFFA58D90} 2015-05-05 17:49:50 6DE39F1A2239A2A4180BA515EBF68565 2966 ----a-w- C:\Windows\Sysnative\Tasks\{8A807A79-E986-4A90-B6D9-BBFBA6C55250} 2015-05-05 17:18:15 96EF85F3D3E97D0D40406A93A18DE414 3310 ----a-w- C:\Windows\Sysnative\Tasks\{1D04FD87-7ADE-4C8E-87A1-CF9F5BDAC896} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-05-14 08:43:43 -------- d-----w- C:\Program Files\trend micro 2015-05-13 18:45:48 -------- d-----w- C:\Program Files\Speccy ======= C:\PROGRA~2 ===== 2015-05-10 12:12:19 -------- d-----w- C:\PROGRA~2\NSIS Uninstall Information ======= C: ===== ====== C:\Users\PC\AppData\Roaming ====== 2015-05-17 09:48:32 -------- d-----w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 2015-05-16 11:51:14 -------- d-sh--w- C:\Users\PC\AppData\Local\EmieBrowserModeList 2015-05-16 11:51:10 -------- d-sh--w- C:\Users\PC\AppData\Locallow\EmieBrowserModeList 2015-05-14 11:20:27 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-05-14 11:20:27 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-05-14 11:20:27 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-05-13 19:58:49 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2015-05-13 18:46:07 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2015-05-10 12:12:38 -------- d-----w- C:\Users\PC\AppData\Local\CyberLink 2015-05-02 14:04:15 -------- d-----w- C:\Users\PC\AppData\Local\Pinnacle 2015-04-29 16:31:49 -------- d-----w- C:\Users\PC\AppData\Roaming\MPEG Streamclip ====== C:\Users\PC ====== 2015-05-16 15:27:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-05-16 15:18:47 8BB05E4C7C942B9E1A5086E3953C1DA9 197632 ----a-w- C:\Users\PC\Downloads\OldChromeRemover-0.5.exe 2015-05-14 10:47:59 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\PC\Downloads\chromeinstall-8u45.exe 2015-05-14 08:42:55 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\PC\Downloads\RSITx64.exe 2015-05-13 18:43:34 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\PC\Downloads\specy.exe 2015-05-10 12:16:00 -------- d-----w- C:\Users\Public\Documents\CyberLink 2015-05-10 12:15:53 -------- d-----w- C:\Users\Public\CyberLink 2015-05-10 12:12:25 -------- d-----w- C:\ProgramData\PDVD 2015-05-10 12:12:23 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 15 2015-05-10 12:07:43 -------- d-----w- C:\ProgramData\SUPPORTDIR 2015-05-10 12:07:43 -------- d-----w- C:\ProgramData\install_clap 2015-05-10 12:03:16 B262E94ABA4587B642E2D4DE466CBD71 1033176 ----a-w- C:\Users\PC\Downloads\CyberLink_PowerDVD_Downloader.exe ====== C: exe-files == 2015-05-16 17:37:03 BE591CA8EC7C5CD453A23AEBF0252810 2861 ----a-w- C:\Users\PC\Desktop\Ulead Particle 1.0\Crack Particle.PlugIn 1.0\PZ_UPP10.EXE 2015-05-16 17:37:03 0AAB0D833D7578A1CF12313349BADC3B 2296832 ----a-w- C:\Users\PC\Desktop\Ulead Particle 1.0\PP10F.EXE 2015-05-16 15:33:55 EB81815F1628247337DCF5C44A137366 869192 ----a-w- C:\Users\PC\AppData\Local\Google\Chrome\User Data\SwReporter\3.20.1\software_reporter_tool.exe 2015-05-16 15:27:07 D114497B17F8118E6AAD27735B467D3A 41774672 ----a-w- C:\Program Files (x86)\Google\Update\Install\{8ACCADC7-4416-4637-B346-E4617A01B245}\42.0.2311.152_chrome_installer.exe 2015-05-16 15:27:05 D114497B17F8118E6AAD27735B467D3A 41774672 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\42.0.2311.152\42.0.2311.152_chrome_installer.exe 2015-05-16 15:26:30 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe 2015-05-16 15:26:30 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe 2015-05-16 15:26:30 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2015-05-16 15:26:30 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe 2015-05-16 15:26:30 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe 2015-05-16 15:26:30 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe 2015-05-16 15:26:30 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe 2015-05-16 15:26:30 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe 2015-05-16 15:26:30 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe 2015-05-16 15:26:25 F6414DD3B23979312F8EBB91DE794178 11080 ------w- C:\Users\PC\AppData\Local\Apps\2.0\PKPON7T4.5H4\RRA701EM.4RO\inst...app_86fd5b6b43e66935_0001.0003_8cc1e8369c183a46\clickonce_bootstrap.exe 2015-05-16 15:26:25 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\PC\AppData\Local\Apps\2.0\PKPON7T4.5H4\RRA701EM.4RO\inst...app_86fd5b6b43e66935_0001.0003_8cc1e8369c183a46\GoogleUpdateSetup.exe 2015-05-16 15:26:25 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\PC\AppData\Local\Apps\2.0\PKPON7T4.5H4\RRA701EM.4RO\clic...exe_86fd5b6b43e66935_0001.0003_none_f263691f58f224f9\GoogleUpdateSetup.exe 2015-05-16 15:18:47 8BB05E4C7C942B9E1A5086E3953C1DA9 197632 ----a-w- C:\Users\PC\Downloads\OldChromeRemover-0.5.exe 2015-05-14 10:47:59 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\PC\Downloads\chromeinstall-8u45.exe 2015-05-14 08:43:44 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\PC.exe 2015-05-14 08:42:55 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\PC\Downloads\RSITx64.exe 2015-05-13 18:43:34 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\Users\PC\Downloads\specy.exe 2015-05-13 17:32:56 2C82F8728CEBAF45F8D31983A43B2B32 7668424 ----a-w- C:\Users\PC\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2015-05-13 17:32:56 2C82F8728CEBAF45F8D31983A43B2B32 7668424 ----a-w- C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\OneDriveSetup.exe 2015-05-13 17:32:35 470F38CEE0842E1F5FE579C30D717A0E 149704 ----a-w- C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\FileSyncConfig.exe 2015-05-12 18:17:49 9DCD15027A13195ABA68B40A5EB26691 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-05-12 18:17:48 5EDC6AF7589B65C89CB1154B3377D0C4 720384 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-05-12 18:17:48 4B3D652AACEE4FE636F74CB8015BF00E 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2015-05-12 18:17:39 2AA6685FC67CDD231BA0345112DFEE89 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2015-05-12 18:17:38 EC75F14CC85659C780A0DC575F7B1242 815304 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2015-05-12 18:17:38 A2A98DBD9E13B81AB68FB6A699A157CB 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2015-05-12 18:17:37 2A2CDE78F9E9019AD0E4D804A02688A3 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-05-12 18:17:37 1BBC9CFD29A62D80FB77BB69BFF7513C 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-05-12 18:17:34 CDBB6EFC96D0567951A13A6ABDCA1FDE 484864 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2015-05-12 18:17:32 ABE6FDB01D22FD63BB190BF95F5BC9B6 813776 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-05-12 18:17:29 29BBA65402DD568F49C837533F269482 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-05-12 18:17:11 71C85477DF9347FE8E7BC55768473FCA 328704 ----a-w- C:\Windows\System32\services.exe 2015-05-12 18:16:55 A985325F4FE72FB003749A2FBBA9952E 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-05-12 18:16:51 8D50ED3F0FBE3590AB0D43BF7B60E57A 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-12 18:16:50 0A66C88B087249742381924AB8F9EFCC 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-12 18:16:46 EE27E1D639E3807229C15AF94320CF0A 404992 ----a-w- C:\Windows\System32\tracerpt.exe 2015-05-12 18:16:46 EB058143B57ED460AC4F2DFBA104BBFF 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe 2015-05-12 18:16:46 9C5DBA74D0C641C2A4ABDC79969B7BEF 104448 ----a-w- C:\Windows\System32\logman.exe 2015-05-12 18:16:45 E55A72876BC5E244D0A8F7F07862A939 338432 ----a-w- C:\Windows\System32\conhost.exe 2015-05-12 18:16:45 C6D2D384B6232B0B800234C03C50979F 82944 ----a-w- C:\Windows\SysWOW64\logman.exe 2015-05-12 18:16:45 52935C072F8D5A92508AA3A3CC9133C7 296960 ----a-w- C:\Windows\System32\rstrui.exe 2015-05-12 18:16:44 FE60A67032A5C94F6ACE483C8FE84105 47104 ----a-w- C:\Windows\System32\typeperf.exe 2015-05-12 18:16:44 DA5EF2CC0764BE7097BAFA9CAF903FE8 112640 ----a-w- C:\Windows\System32\smss.exe 2015-05-12 18:16:44 74C0EC1257698176E288DA282F318E1C 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe 2015-05-12 18:16:43 97B30711DC6CA0EA4EACEDCE8080A3B4 37888 ----a-w- C:\Windows\SysWOW64\relog.exe 2015-05-12 18:16:43 9262D6E2C239EDD6D87B080F2BCCEC9F 31232 ----a-w- C:\Windows\System32\lsass.exe 2015-05-12 18:16:43 79F036EB691ABBA84E8EB1715E5F2B17 43008 ----a-w- C:\Windows\System32\relog.exe 2015-05-12 18:16:43 4DD0098FFAB4664DB979537C48AE055F 64000 ----a-w- C:\Windows\System32\auditpol.exe 2015-05-12 18:16:42 D9E25B4BD2120CC5183CCCE9421C7AFE 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-05-12 18:16:42 BB7BAF9532DBA5AB4009E981687D1EA6 19456 ----a-w- C:\Windows\System32\diskperf.exe 2015-05-12 18:16:42 AFFE5747054D03F8CEE18A8518A9AA34 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-05-12 18:16:41 F286528898342F0F1EB402606750C391 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe 2015-05-12 18:16:36 F43CB86F9536B17E5C7CFCFB48ACBE54 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-05-12 18:16:35 D9716B488CC27652C12B1B5E0944987E 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-05-12 18:15:36 C489D8B4D8C64F20CC75A93F541F7D91 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2015-05-12 18:15:35 C7E50B04623FC6FF54EAF88938A8936E 142336 ----a-w- C:\Windows\System32\poqexec.exe 2015-05-12 18:07:30 D5E35700566B225CBF8ECD7F92C460C8 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe 2015-05-12 18:07:25 0DBC9BB05703CA0D8792E2075D62B3C3 51200 ----a-w- C:\Program Files\Windows Journal\PDIALOG.exe 2015-05-12 18:07:15 F55F287810AAF708618793764AF7D1BB 23552 ----a-w- C:\Windows\System32\sdbinst.exe 2015-05-12 18:07:15 715C060150D969B0DE5DD5B365A712AF 20992 ----a-w- C:\Windows\SysWOW64\sdbinst.exe 2015-05-12 17:35:19 516C021FEBEDE2962C9252DF85606C76 382168 ----a-w- C:\ProgramData\Adobe\ARM\S\1298\AdobeARMHelper.exe 2015-05-12 17:34:45 D5442B620D7B10F19BC8AC2318C84ECA 297056 ----a-w- C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8I33W2H4\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate[1].exe 2015-05-10 12:12:23 7717BD4A56D6F86F808E704FA71E163D 187904 ----a-w- C:\Program Files (x86)\NSIS Uninstall Information\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}\7z.exe 2015-05-10 12:12:23 7717BD4A56D6F86F808E704FA71E163D 187904 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}\7z.exe 2015-05-10 12:12:23 45AFE49C0BE30DA8F88A3E89DF8AD70B 60024 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}\Setup.exe 2015-05-10 12:12:21 9D687DC970D92D21EC52CEDDF82174F6 497813 ----a-w- C:\Program Files (x86)\NSIS Uninstall Information\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}\Setup.exe 2015-05-10 12:12:21 9D687DC970D92D21EC52CEDDF82174F6 497813 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}\IKernel.exe 2015-05-10 12:11:48 803A56D2502433E73891D3D962F7A01E 96520 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\CLVirtualDriver\Drivers\CLDrvInst.exe 2015-05-10 12:11:46 4F1F236E89AC647783D8C60F2B202438 238688 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\CLHelper.exe 2015-05-10 12:10:53 F1CC70DD5ED51AAAC30D8B13F92A7180 321496 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\MCEPacifier\x64\MCEPacifier.exe 2015-05-10 12:10:53 E51A7CB9A9501AA0E9A5551C22301984 106248 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\OLRSubmission\OLRStateCheck.exe 2015-05-10 12:10:53 DE33175413BAA392CB70F5C93F8C90BC 950296 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15ML.exe 2015-05-10 12:10:53 DAC7859ECAB15523C3CA309F30AC151A 290368 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\MediaEspresso\MediaEspresso.exe 2015-05-10 12:10:53 D335E990178EF4EA4D1104945D137FA6 950296 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe 2015-05-10 12:10:53 B7DF1076B591F6D336A462079F45B8B0 89864 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\Install.exe 2015-05-10 12:10:53 B5996A8D4CA3013E3900B5D2CD1976A6 89864 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\CLVirtualDriver\Drivers\DriverInstaller.exe 2015-05-10 12:10:53 9F808C70030C20E47EF7CD94BE562E3E 33208 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMP\FiltHookInstaller.exe 2015-05-10 12:10:53 9E591E65ED0161FBB5E6FDA564A8DB6A 179976 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\OLRSubmission\OLRSubmission.exe 2015-05-10 12:10:53 9E17F12EC60D7A73613E57EBCC73F149 32520 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMP\PSUtil.exe 2015-05-10 12:10:53 9D0A659F431A893A960752C4DC506F08 81472 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\MediaEspresso\vthum.exe 2015-05-10 12:10:53 9604EBCCAA1C4D1B9041470EF711F5CF 230664 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\subsys\BigBang\Runtime\RatingDlg.exe 2015-05-10 12:10:53 8587B9EC835AF86386D77281CE2FFFAC 406792 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\subsys\BigBang\Runtime\CLUpdater.exe 2015-05-10 12:10:53 6D4FAB82327F4692FC596C0A10E5A046 33208 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMP\FiltHookUnInstaller.exe 2015-05-10 12:10:53 697119B65BC5B14F7812C9C71E8D64E3 340232 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe 2015-05-10 12:10:53 6947B886797635EB45F23F2858BACD80 65288 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\Uninstall.exe 2015-05-10 12:10:53 592211267C70FCDE841471F1712B83B8 474888 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\PDVDLP.exe 2015-05-10 12:10:53 3E8CBD05CB038916E3F29D3269DD6B2B 3793160 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe 2015-05-10 12:10:53 1DEC8136AAB275676C35F461E06F61C6 950296 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe 2015-05-10 12:10:53 094A8FF28998CBF45FEBEEB07D561CED 316680 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\MCEPacifier\x86\MCEPacifier.exe 2015-05-10 12:10:52 F80261753F4ED40CDA4A8669EF8384A2 791304 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\CLMPInst.exe 2015-05-10 12:10:52 C0168E94B6A1EBE772B62AEA0C72ADC8 77576 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSMonitorServicePDVD15.exe 2015-05-10 12:10:52 AEBEE78945C07FC99991E8629302571A 75528 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\CLMPUninst.exe 2015-05-10 12:10:52 9FCA2B99E452BAEFFDC25185B9551642 7543560 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\clmediaparsersb.exe 2015-05-10 12:10:52 8625D6C9E80E1E5DEAD8462E2F40537D 830728 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\CLMPSvc.exe 2015-05-10 12:10:52 6F412270FBBBD7033F684FE239069E36 323336 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe 2015-05-10 12:10:52 5FBC00C0AB304E536C894ACAE73BE249 662792 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Activate.exe 2015-05-10 12:10:52 323906C3D5549474EF128E224598C1CA 77576 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMP\CLHNServiceForPowerDVD15.exe 2015-05-10 12:10:52 1A30891C2353748C2B80C38090CED05A 2255624 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Boomerang\Module\Boomerang.exe 2015-05-10 12:03:16 B262E94ABA4587B642E2D4DE466CBD71 1033176 ----a-w- C:\Users\PC\Downloads\CyberLink_PowerDVD_Downloader.exe === C: other files == 2015-05-14 17:22:50 FF86136CFF51A054FF81148BEC56C5A3 4015124 ----a-w- C:\Users\PC\Downloads\Andromeda_perspective_filter11.zip 2015-05-13 17:32:34 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\CollectOneDriveLogs.bat 2015-05-12 18:18:48 D858C33B133740D5F1F1CF71C33F6355 3204608 ----a-w- C:\Windows\System32\win32k.sys 2015-05-12 18:16:46 F7DFAE6040AC910B7C64EE208A34157D 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-05-12 18:16:46 8FE94F2EF9BF444E93E35D87E210D02F 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-05-10 12:11:48 063A4BBB95F17393FE576496781E14A5 95496 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\CLVirtualDriver\Drivers\CLVirtualBus02.sys 2015-05-10 12:11:44 17D5A1EB0A3F9991A7EFFF193E8B6F2D 2253191 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\btclasses.zip 2015-05-10 12:11:26 91CD4B5A0813BEE54F0DF42AFE6BCDD5 73416 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMP\ntk_PowerDVD15.sys 2015-05-10 12:11:26 0DD20AE5D07539FB3E583A386680A828 77000 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMP\ntk_PowerDVD15_64.sys 2015-05-10 12:08:59 A9A1DBE0A3A171528A0D790E55BD7934 1216496 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\Customizations\Cyberlink\Style\Intel\Media\Standard.zip 2015-05-10 12:08:59 676D6DF613ACB98061164DEBC9D3E64A 2745850 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\Customizations\Cyberlink\Style\Standard\Media\Standard.zip 2015-05-10 12:08:59 0A149AE71D261732728CE08792CF7BDA 3156025 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Common\Koan\python27.zip 2015-05-10 12:08:59 05D0F50A5D5DCB722C1C74CFC2E18655 7804 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\Customizations\Cyberlink\Style\MCE\Media\Standard.zip 2015-05-10 12:08:57 FC7C8365658EF6498B050AB744FE2986 140319 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Custom\Skin\Standard\Common.zip 2015-05-10 12:08:57 A24C8E527D5590710C800D822D191C61 19539040 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Custom\Skin\Standard\Photo\Media.zip 2015-05-10 12:08:57 9F8B5C45523373B6570B5FFCB88D53F8 2157831 ----a-w- C:\Program Files (x86)\CyberLink\PowerDVD15\Custom\Skin\Standard\Photo\Layout.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3094540836-2284055214-2461212460-1000\Software\Microsoft\Windows\CurrentVersion\Run] "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" "Spotify Web Helper"="C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "OneDrive"="C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F-Secure Manager"="C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSM32.EXE /splash" "F-Secure TNB"="C:\Program Files (x86)\KPN\Internetveiligheidspakket\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW" "Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" "WD Quick View"="C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" "RemoteControl"="C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" "LanguageShortcut"="C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Standby"="c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe -START" "ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "PowerDVD15Agent"="C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "KPNBackupOnline"="C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe minimized" "Spotify Web Helper"="C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "OneDrive"="C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Acrobat Assistant 8.0] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Acrobat Assistant 8.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrotray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Acrobat Speed Launcher] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Acrobat Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Acrobat 10.0\\Acrobat\\Acrobat_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS6ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CloneCDElbyCDFL] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CloneCDElbyCDFL" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Elaborate Bytes\\CloneCD\\ElbyCheck.exe\" /L ElbyCDFL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CloneCDTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CloneCDTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Elaborate Bytes\\CloneCD\\CloneCDTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Corel File Shell Monitor] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Corel File Shell Monitor" "hkey"="HKLM" "command"="c:\\Program Files (x86)\\Corel\\Corel PaintShop Photo Pro\\X3\\PSPClassic\\CorelIOMonitor.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EEventManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EEventManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LanguageShortcut" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\CyberLink\\PowerDVD\\PDVDServ.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\PC\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\PC\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" ==== Startup Folders ====================== 2015-05-12 17:41:03 1096 ----a-w- C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2014-03-05 19:33:32 1134 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16-05-2015 16:38] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-05-2015 17:26] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-05-2015 17:26] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{005B0C4A-27FC-475C-A754-B2E39A73BB75}" [E:\Filters\Eyecandy 3.1\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{148072ED-6D2A-4AFB-9F02-CF357D1A3A63}" [E:\Filters\Ulead-particle\PZ_UPP10.EXE] "C:\Windows\SysNative\tasks\{3B1FB4A4-C1B7-4D79-A6DB-122074A8C12A}" [E:\Filters\Ulead-particle\PZ_UPP10.EXE] "C:\Windows\SysNative\tasks\{3CD44FBB-5070-41A8-8B58-3A5A8DAA52F8}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{4B07D754-258C-4C8C-89BA-C68E3636E826}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\Windows\SysNative\tasks\{50C0ABDB-7966-47B8-A4C1-CB822B526DE4}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{52FA563E-C529-4244-84D3-17BDC5F36070}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\Windows\SysNative\tasks\{6B441D7D-81F3-44D8-B8B7-1EEDFFA58D90}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\Windows\SysNative\tasks\{6C3A7380-6549-4341-812B-87545B6F090C}" [E:\Filters\attack\filterattacks.exe] "C:\Windows\SysNative\tasks\{6FD16348-D423-49C5-B7CB-55ABC504011F}" [E:\Filters\Ulead Particle 1.0\PP10F.EXE] "C:\Windows\SysNative\tasks\{71916FA2-3FD7-4D04-9902-9D4463B1A84D}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\Windows\SysNative\tasks\{73B2713D-97F6-47DE-B0DE-4735B598F45F}" [C:\Users\PC\Downloads\SETUPfilter attack.EXE] "C:\Windows\SysNative\tasks\{7AEFB087-A434-458F-A7D4-267E8E13B91D}" [D:\zip filters\e filters\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{7E0664E6-219E-4340-A477-C1B6C17E879C}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\Windows\SysNative\tasks\{8070ACD9-F73B-4DB5-9F08-F564867DE40D}" [E:\Filters\attack\filterattacks.exe] "C:\Windows\SysNative\tasks\{8622EF81-467D-46F7-A158-BE9EB30EAD0C}" [C:\Users\PC\Desktop\filterattacks.exe] "C:\Windows\SysNative\tasks\{872BCD0D-5CCE-4B0E-B558-8EB02D251E18}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\Windows\SysNative\tasks\{8A807A79-E986-4A90-B6D9-BBFBA6C55250}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\Windows\SysNative\tasks\{8BCB3D88-730D-4181-8751-13B5A2923AEF}" [C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe] "C:\Windows\SysNative\tasks\{8D03F80F-03D8-47C0-A08E-B13E87503424}" [E:\Filters\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{8DD62AD8-1916-4BFD-B1D9-1C8EAFC9357D}" [E:\Filters\Eyecandy 3.1\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{902338F5-0C94-4E39-A166-A025F413F2F8}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\Windows\SysNative\tasks\{93DAD3B1-AE94-42A2-B541-3B0BE77280F4}" [C:\Users\PC\Desktop\fo-ugfx2.exe] "C:\Windows\SysNative\tasks\{A50D69D5-4E63-4BB9-89E9-63A4ACC2874A}" [C:\Windows\twain_32\escndv\escndv.exe] "C:\Windows\SysNative\tasks\{A6714799-6816-49BC-9CCF-BC134729386A}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\Windows\SysNative\tasks\{A81806E5-BB0E-43BE-82E2-0EE761278281}" [E:\Filters\Andromeda\Andromeda_Cutline\Install Cutline.exe] "C:\Windows\SysNative\tasks\{ACEE937E-81DD-497A-A0EC-F8808BA5A347}" [C:\Program Files (x86)\CyberLink\PowerDVD\PowerDVD.exe] "C:\Windows\SysNative\tasks\{ADE84AE8-26A4-4CEA-835B-69933F02BD75}" [D:\zip filters\e filters\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{B4CD1BB3-A428-4730-84EC-714CA29DA5B2}" [E:\Filters\Andromeda_perspective_filter11\fo-apf11.exe] "C:\Windows\SysNative\tasks\{B5DF8E16-D05E-41B7-B5FE-5AD3D0F19B33}" [E:\Filters\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{B8B247F6-9CF4-40EF-83AF-2D7E1F7B645D}" [E:\Filters\Andromeda_perspective_filter11\fo-apf11.exe] "C:\Windows\SysNative\tasks\{BBCEA556-62D9-414B-970E-EC7E6A605483}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{CFEF041E-2083-4E06-93C2-2BACCD1CED3D}" [E:\Filters\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{D01A96EE-9416-4F55-BD3C-FED7B53125AA}" [R:\Clone dvd\CLONE CD & CLONE DVD 4\CLONE CD 4.exe] "C:\Windows\SysNative\tasks\{D118B977-FD47-47A7-8D06-02CE8B3604BB}" [E:\Filters\Name supressed Softener 1.21\Name supressed Softener 1.21\App\nssoftener.exe] "C:\Windows\SysNative\tasks\{D2CE7F96-4DBF-4617-B9F5-1FF0DE14A27E}" [C:\Users\PC\Desktop\Eyecandy 3.1\SETUP.EXE] "C:\Windows\SysNative\tasks\{D5D09FF4-0F82-4E4D-84E3-166C602BDB9F}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\Windows\SysNative\tasks\{DC79EFEE-9AF5-42FB-95C9-745AE27B9964}" [E:\Filters\Ulead Particle 1.0\PP10F.EXE] "C:\Windows\SysNative\tasks\{E00D7D32-52B5-4633-B604-221AD55F8E5D}" [E:\Filters\Andromeda\Andromeda_Cutline\Install Cutline.exe] "C:\Windows\SysNative\tasks\{E1E52733-6BB8-4B05-A364-F3022F54E683}" [M:\Mijn programma's\coverXP\coverxp.exe] "C:\Windows\SysNative\tasks\{E9591206-F9ED-443D-8AD1-6C5B60CD358B}" [E:\Filters\Gif Animator 2.0\ulead_gix_x_plugin\Ugp2t.exe] "C:\Windows\SysNative\tasks\{E986A3C6-EF01-4F25-AEC4-797648FB820A}" [Z:\Pinnacle Ultimate 12 NL\Pinnacle 12\Welcome.exe] "C:\Windows\SysNative\tasks\{EABABF6C-C7BE-40CD-B0B4-3D02664CB244}" [C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe] "C:\Windows\SysNative\tasks\{EB6D32EE-CD30-438C-AD4C-15E76E7150CC}" [E:\Filters\attack\filterattacks.exe] "C:\Windows\SysNative\tasks\{EBC421BE-2534-4A1C-8B12-80DAA4AFCA95}" [C:\Users\PC\Desktop\filterattacks.exe] "C:\Windows\SysNative\tasks\{F5F54576-BC2F-4BF2-A268-4549C037D3E2}" [C:\Program Files (x86)\Elaborate Bytes\CloneCD\CloneCD.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [12-05-2015 19:53] ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.152 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaaiabcopkplhgaedhbloeejhhankf - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 19:22] Google Drive - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Bookmark Manager - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Google Wallet - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.search.ask.com/?gct=hp", "homepage": "https://www.google.nl/", "startup_urls": [ "http://www.google.com/" ] ==== Chromium Fix ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D2A425F405350054677A7A857BC0C110 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1C01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D2A425F405350054677A7A857BC0C110 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDElbyCDFL deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\KPN\Internetveiligheidspakket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [PowerDVD15Agent] "C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [OneDrive] "C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [KPNBackupOnline] "C:\Program Files\KPN Back-up Online\KPNBackupOnline.exe" minimized (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\PC\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: WinTV Recording Status..lnk = C:\Program Files (x86)\Wintv\WinTV7\WinTVTray.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O21 - SSODL: EldosMountNotificator-cbfs4 - {4E0C162F-8CA6-449A-A33B-54B88930729F} - C:\Windows\SysWOW64\cbfsMntNtf4.dll O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {4E0C162F-8CA6-449A-A33B-54B88930729F} - C:\Windows\SysWOW64\cbfsMntNtf4.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing) O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\KPN\Internetveiligheidspakket\Anti-Virus\fsgk32st.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\KPN\Internetveiligheidspakket\ORSP Client\fsorsp.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hauppauge WinTV Extender - Hauppauge Computer Works, Inc - C:\PROGRA~2\Wintv\Extend\WINTVE~1.EXE O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~2\Wintv\TVServer\HAUPPA~1.EXE O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KPN Back-up Online SC - KPN - C:\Program Files\KPN Back-up Online\BackupSC.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: Systemk Service (SystemkService) - Unknown owner - C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe (file missing) O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=130 folders=109 67448715 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\PC\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\PC\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 17-05-2015 at 12:17:26,92 ======================