
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Michel en Ankie on za 13-06-2015 at 19:40:02,34.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michel en Ankie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZFWQL2A\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

13-6-2015 19:43:09 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\Windows Live deleted successfully
C:\Program Files\Wondershare deleted successfully
C:\Users\Michel en Ankie\AppData\Roaming\redsn0w deleted successfully
C:\Users\Michel en Ankie\AppData\Roaming\TP deleted successfully
C:\Users\Michel en Ankie\AppData\Roaming\Vso deleted successfully
C:\Users\Michel en Ankie\AppData\Local\MigWiz deleted successfully
C:\Users\Michel en Ankie\AppData\Local\ms-drivers deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1105678457-3491208763-4098284264-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Aangifte inkomstenbelasting 2012  
Aangifte inkomstenbelasting 2013  
Adblock Plus voor IE (32-bit en 64-bit)  
Adobe Acrobat Reader DC - Nederlands  
Adobe Flash Player 18 ActiveX  
Alcor Micro USB Card Reader  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ASUS AI Recovery  
ASUS FancyStart  
ASUS Live Update  
ASUS Power4Gear Hybrid  
ASUS Splendid Video Enhancement Technology  
ASUS Virtual Camera  
AsusScr_K3 Series_ENG_Basic  
AsusVibe2.0  
ATK Package  
Avast Free Antivirus  
AVG PC TuneUp 2015 (nl-NL)  
Bonjour  
CCleaner  
Cisco EAP-FAST Module  
Cisco LEAP Module  
Cisco PEAP Module  
Citrix Authentication Manager  
Citrix Receiver  
Citrix Receiver (HDX Flash Redirection)  
Citrix Receiver Inside  
Citrix Receiver(Aero)  
Citrix Receiver(DV)  
Citrix Receiver(USB)  
Compatibiliteitspakket voor het 2007 Microsoft Office system  
D3DX10  
Definition Update for Microsoft Office 2010 (KB3054883) 32-Bit Edition  
Emsisoft Anti-Malware  
ETDWare PS/2-X64 8.0.5.0_WHQL  
FP1213  
Google Earth  
Google Toolbar for Internet Explorer  
Google Update Helper  
HP Deskjet 3070 B611 series Basissoftware van het apparaat  
HP Deskjet 3070 B611 series Haelp  
HP Deskjet 3070 B611 series Productverbeteringsonderzoek  
HP ePrint  
HP Photo Creations  
HP Postscript Converter  
HP Unified IO  
HP Update  
HPDiagnosticAlert  
Huur- en zorgtoeslag 2011  
iCloud  
iExplorer 3.2.1.4  
inSSIDer 3  
Intel(R) Control Center  
Intel(R) Management Engine Components  
Intel(R) Processor Graphics  
Intel(R) Turbo Boost Technology Monitor 2.0  
iOSinstaller  
iTunes  
Java 7 Update 60  
Java 8 Update 31  
Java 8 Update 40  
Java 8 Update 45  
Java Auto Updater  
Kinderopvangtoeslag 2011  
Microsoft .NET Framework 4.5.1 (Nederlands)  
Microsoft .NET Framework 4.5.1 (NLD)  
Microsoft .NET Framework 4.5.2  
Microsoft Application Error Reporting  
Microsoft Office Access MUI (Dutch) 2010  
Microsoft Office Excel MUI (Dutch) 2010  
Microsoft Office Groove MUI (Dutch) 2010  
Microsoft Office InfoPath MUI (Dutch) 2010  
Microsoft Office Office 64-bit Components 2010  
Microsoft Office OneNote MUI (Dutch) 2010  
Microsoft Office Outlook MUI (Dutch) 2010  
Microsoft Office PowerPoint MUI (Dutch) 2010  
Microsoft Office Professional Plus 2010  
Microsoft Office Proof (Dutch) 2010  
Microsoft Office Proof (English) 2010  
Microsoft Office Proof (French) 2010  
Microsoft Office Proof (German) 2010  
Microsoft Office Proofing (Dutch) 2010  
Microsoft Office Publisher MUI (Dutch) 2010  
Microsoft Office Shared 64-bit MUI (Dutch) 2010  
Microsoft Office Shared MUI (Dutch) 2010  
Microsoft Office Word MUI (Dutch) 2010  
Microsoft Office Word Viewer 2003  
Microsoft Silverlight  
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
neroxml  
NVIDIA Control Panel 266.86  
NVIDIA Graphics Driver 266.86  
NVIDIA Install Application  
NVIDIA Optimus 1.0.18  
NVIDIA Update Components  
Online Plug-in  
Picasa 3  
Popcorn Time  
QNAP NetBak Replicator  
QNAP Qfinder  
QNAP Qsync  
QuickPar 0.9  
QuickTime 7  
Ralink RT2860 Wireless LAN Card  
Realtek High Definition Audio Driver  
Samsung AllShare  
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)  
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)  
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)  
Security Update for Microsoft Excel 2010 (KB3054845) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2863817) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB3054834) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition  
Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition  
Security Update for Microsoft PowerPoint 2010 (KB3054835) 32-Bit Edition  
Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition  
Security Update for Microsoft Word 2010 (KB3054842) 32-Bit Edition  
Self-service Plug-in  
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition  
Skype Click to Call  
SkypeT 7.0  
Spotnet  
Static Outlook Backup Free 2.9  
syncables desktop SE  
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD  
TEASI tool version 3.2.5.0  
Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition  
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition  
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition  
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition  
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2494150)  
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2965291) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2965296) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition  
Update for Microsoft Office 2010 (KB3054875) 32-Bit Edition  
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition  
Update for Microsoft OneNote 2010 (KB2965297) 32-Bit Edition  
Update for Microsoft Outlook 2010 (KB3054881) 32-Bit Edition  
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition  
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition  
Update for Microsoft Visio 2010 (KB2965292) 32-Bit Edition  
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
VLC media player  
VS10Runtimex64  
WinFlash  
WinRAR 5.11 (64-bit)  
Wireless Console 3  

==== Running Processes ======================

C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\QNAP\NetBak\Enclosure.exe
C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\QNAP\Qsync\Qsync.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Users\Michel en Ankie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZFWQL2A\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\Users\Michel en Ankie\AppData\Roaming\pcouffin.log deleted
C:\Users\Michel en Ankie\AppData\Local\Wondershare deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 6057 MB
CPU Info: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
CPU Speed: 2322,8 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000 | NVIDIA GeForce GT 540M     | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | 802.11n Wireless LAN Card | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (E: | ) E: SlimtypeDVD A  DS8A5SH
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  113,1GB | D:  254,5GB | F:  73,2GB
Hard Disks - Free: C:  6,6GB | D:  35,8GB | F:  69,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 04/01/11 | _ASUS_ - 6222004
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK Computer Inc. K73SV
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Internet Explorer Version: 10.0.9200.17377 
Adobe Reader version: 15.7.20033.133275
Sun Java version: 1.8.0_45 (32-bit) 
Sun Java version: 1.8.0_45 (64-bit) 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\MICHEL~1\AppData\Local\Temp ====
2015-06-09 19:18:46	FD5CABBE52272BD76007B68186EBAF00	455328	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\msvcp120.dll
2015-06-09 19:18:46	C7755E0E67AD505442C9F7D27F5DF845	1884168	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\FileExtractor.exe
2015-06-09 19:18:46	B1749993470EB06B439C172C4CDA5279	287752	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\libcurl.dll
2015-06-09 19:18:46	98ABCBD70CDA02B76E1A1E46C16192FA	35176	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\hpodss01.dll
2015-06-09 19:18:46	89A676645DF50B8D8D4EF39743E93F5A	2573832	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\DeviceManager\DeviceManager.exe
2015-06-09 19:18:46	7F8B61113EB88DDEF959A274572D8069	5306376	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\HPDiagnosticCoreUI.exe
2015-06-09 19:18:46	6CC6F3A54BBB52CB9F69AA5E778BD602	58688	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\OESISCore.dll
2015-06-09 19:18:46	2E7BC291FEB101F11F4986DA07803594	178696	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\zlibwapi.dll
2015-06-09 19:18:46	149A04A6ED3D6D21B14842046DCFC358	75584	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\Impl_SoftwareProductLib.dll
2015-06-09 19:18:46	0B1070EF49F3740334F2B158F8A99183	58688	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\Impl_FirewallLib.dll
2015-06-09 19:18:46	034CCADC1C073E4216E9466B720F9849	970912	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\msvcr120.dll
2015-06-09 19:18:45	D199B1ADFFB14070E8C4DA9E879EDBEE	309760	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\DIFxAPI.dll
2015-06-09 19:18:45	A22498AF4AF7F2A2455F5F3093A5D94E	525120	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\CoreUtils.dll
2015-06-09 19:18:45	6D3C6073D23E8C34827838BB54E72850	2900488	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\HPDiagnosticCore.dll
2015-06-09 19:18:45	585D2EB9FBED6B7B9D0107BFB5C94043	531512	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\DeviceManager\DIFxAPI.dll
2015-06-09 19:18:45	25AA41A0F7B96795B803F010C0955324	213312	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\FWManager.dll
2015-06-09 19:18:35	DC223E08726F4C8DA60F2803944628A8	7067824	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\HPPSdr.exe
2015-06-09 19:18:27	DEB2CF25CD89A0D132EB230299770872	5152776	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\HPDiagnosticCoreUI.exe
2015-06-09 19:18:27	B20F4DCD6C7CF97664A6BF46FE0B157D	1884168	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\FileExtractor.exe
2015-06-09 19:18:26	FD5CABBE52272BD76007B68186EBAF00	455328	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\msvcp120.dll
2015-06-09 19:18:26	D199B1ADFFB14070E8C4DA9E879EDBEE	309760	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\DIFxAPI.dll
2015-06-09 19:18:26	A9AD32E0B327C06A90A6C18F4A08BFDE	178696	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\zlibwapi.dll
2015-06-09 19:18:26	A22498AF4AF7F2A2455F5F3093A5D94E	525120	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\CoreUtils.dll
2015-06-09 19:18:26	98ABCBD70CDA02B76E1A1E46C16192FA	35176	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\hpodss01.dll
2015-06-09 19:18:26	8FA84E9EAC8B141D18A793DFDF8CB246	2573832	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\DeviceManager\DeviceManager.exe
2015-06-09 19:18:26	6CC6F3A54BBB52CB9F69AA5E778BD602	58688	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\OESISCore.dll
2015-06-09 19:18:26	585D2EB9FBED6B7B9D0107BFB5C94043	531512	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\DeviceManager\DIFxAPI.dll
2015-06-09 19:18:26	3ADD748384E166E16E3492745C22DD6A	3349512	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\HPDiagnosticCore.dll
2015-06-09 19:18:26	25AA41A0F7B96795B803F010C0955324	213312	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\FWManager.dll
2015-06-09 19:18:26	149A04A6ED3D6D21B14842046DCFC358	75584	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\Impl_SoftwareProductLib.dll
2015-06-09 19:18:26	0B1070EF49F3740334F2B158F8A99183	58688	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\Impl_FirewallLib.dll
2015-06-09 19:18:26	034CCADC1C073E4216E9466B720F9849	970912	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\msvcr120.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-12 20:00:35	A98E8F79C738CAF23C152DBCABD978FE	11411456	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-06-12 20:00:34	DA27A4EA7B7C77FAFDB3F94D83E310C1	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-06-12 20:00:34	605E9B2CFA3445ED7716D0B345EE21EC	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-06-12 20:00:34	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-06-12 20:00:34	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2015-06-12 20:00:09	2CA16814DA3C5B2D8C7E70DC47A45ED1	551424	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-06-12 20:00:07	9E68E1BDEBD85FC8803707370BE0FC6E	641536	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2015-06-12 20:00:07	641A14E6AC492ED45BC68815E2E2F566	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-12 20:00:06	EA141596564AE0C670EDD0F2636EC29C	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-06-12 20:00:06	BBABC6702529CFADAC0EC2B28168A288	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-06-12 20:00:06	8C7635292CFF4901F058269454A1D64E	1310744	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-06-12 20:00:06	583FFF12D2F0D6E1A8746462C433895F	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-12 20:00:06	3C1BE79C3CE6EB378108B11D94CA1072	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-06-12 20:00:05	9A50B2567918BF7DDD600ECE5DB5ED76	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-06-12 20:00:05	4238391DE3E3FDCD2C731C1E4E0F402C	635392	----a-w-	C:\Windows\SysWOW64\tdh.dll
2015-06-12 20:00:05	3B5DA649BF7B7D07510C06DE0AEEB4EB	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-06-12 20:00:04	FCA6EFFEE6D7D42E794F0E538297026C	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-06-12 20:00:04	FB224B0A63B8F58E91FE8A314AD295AD	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-06-12 20:00:04	F85FA29340A536C8E0A16151B9B03923	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-06-12 20:00:04	A9E8F961F7FE1EDEEF8F46EEB800F2D8	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-06-12 20:00:04	6C06D2B1CF88AB83F1CFB24928F63107	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-12 20:00:04	65A5E27C2217D606E212B6088CCD6104	92160	----a-w-	C:\Windows\SysWOW64\sechost.dll
2015-06-12 20:00:04	629AD3FDA168D82D459164044A29F9BB	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-06-12 20:00:04	5643A88C6DA8AAEC9CE2845431942650	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-06-12 20:00:04	558227F567E977D71B9182013EF03E9C	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-06-12 20:00:04	3E6731BF36A7D6C62D09671B427B6B67	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-06-12 20:00:03	F81920ADB15012CF4E9FF8238C85686A	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-06-12 20:00:03	F72A9953199EF5807D595AE3694B5D01	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-06-12 20:00:03	D877133532CE090502B1166B360E9516	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-06-12 20:00:03	7A9F94E0F53C8F6E09405351AC104A3C	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-06-12 20:00:03	2D23A10FBFA09DC1B61799128BBA91A2	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-06-12 20:00:02	6C730482615C97B923B88C648FF554A3	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-06-12 20:00:00	EEA17E843EE2EE50D623BEACF50BD815	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-12 20:00:00	52C869A640B8169D7C8460FB1646ABF5	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-06-12 19:59:59	EC6E5AE2ECFE7A335B370865A1158EF8	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-12 19:59:58	2E65BF3D85BB2C831669FBCBDE6C9879	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-06-12 19:59:57	7E7933E63BBE2BE71CC908EF140458EF	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-06-12 19:59:57	619D5101114C71E1A4A585C5E68301B7	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-06-12 19:59:42	58788565442368B0615DDAF1D452B843	530432	----a-w-	C:\Windows\SysWOW64\comctl32.dll
2015-06-12 19:59:33	95F6425D6B46B18A83D4864F65B5AA2E	14383104	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-06-12 19:59:27	F57B72979002A47C22B41B8C46E46C64	13771776	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-06-12 19:59:25	72130B2BDB938AA562101551CC3844E7	2865152	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-06-12 19:59:24	9B00129EADD3E88FE14465DCAF534D7D	361984	----a-w-	C:\Windows\SysWOW64\html.iec
2015-06-12 19:59:24	45F75B268F9E47E5DC99BFDB7C27E0A9	1181696	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-06-12 19:59:23	B35C734515AA416DA9DDA96082694B00	1763328	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-06-12 19:59:23	9FF2A27E41D56ABBE8C727F4A949924E	226816	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-06-12 19:59:23	8DDC14C8745957C8224BE4FBDA8917DE	357888	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-06-12 19:59:23	844997BFD2543E05E6A8FDC0F449FD75	1441280	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-06-12 19:59:21	B3C346AA4F0EA3234250692AE9F0A70C	493056	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-06-12 19:59:21	9E53DFCBDE9DAA4A94F2FFB87A302FA7	109056	----a-w-	C:\Windows\SysWOW64\iesysprep.dll
2015-06-12 19:59:20	326071A6AB7DA7FC416E26DFAC7FF023	226816	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-06-12 19:59:19	F1BA5486482D7465E05B18E9AA9BED1D	2055680	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-06-12 19:59:18	DCC2A62F0D7BECC2E7A251528121C27C	163840	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-06-12 19:59:18	396B31D25D76D3C4E7ADE41CE9384A8F	391168	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-06-12 19:59:17	DFD9A022896EE048067C3890D820015C	524288	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-06-12 19:59:16	1525EDEA9AF95514D91C0645AEE46C00	690176	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-06-12 19:59:15	4F8881A26D3BB203F042D77A2875C5C2	80384	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-06-12 19:59:14	36EE002AF74F2EAF0726A74A7969519D	33280	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-06-12 19:59:13	FB4EC37E673B3C5D55818C1451690C0F	39936	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-06-12 19:59:13	DA2EFFF59D680EDC38A860E5BF2E3F49	71680	----a-w-	C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-12 19:59:13	7FC30055B9E5A3BDEDFB5BF676B3191F	61440	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-06-12 19:59:12	48B560FC28D674AFCA7D10382CEFB29C	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-12 20:00:36	9D80A82B0BB77AC3EF6A87FA0C534E20	14635008	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-06-12 20:00:34	834FD7C31EA16D59CC3B2DC60F2F2620	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-06-12 20:00:34	51ECEE70F33601310DDEF3EEE39550D3	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-06-12 20:00:34	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-06-12 20:00:34	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-06-12 20:00:31	CFF429F2234C1D1A5993E80F46C37CFB	1119232	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-06-12 20:00:31	52DEF4C743C2EABD6BD3EDC790A0E778	1021440	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-06-12 20:00:31	2DCA988113A02EB9BCB98A5DC2D34E57	700416	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-06-12 20:00:30	E87D4371B24BC9E5BAE95AEA60FFD959	193536	----a-w-	C:\Windows\Sysnative\aepic.dll
2015-06-12 20:00:30	B23AB4C401E2DE02C47B7497D41E2318	757248	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-06-12 20:00:30	6F07FC190DBCB42C8A5319235F72F906	423424	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-06-12 20:00:30	6E2EB5A36C3CCD917F7FF9BED7C1390E	45568	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-06-12 20:00:29	587BBA3B3959144334700EC48232712F	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-06-12 20:00:28	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-06-12 20:00:12	AA5319FA8602676B5D3A2B4A1355896D	1255424	----a-w-	C:\Windows\Sysnative\diagtrack.dll
2015-06-12 20:00:10	8DCA1C70AF170C3FBCE47A4F49BFC887	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-06-12 20:00:10	6ECD6D92F43C2DC55099F892978D5BE7	728576	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-06-12 20:00:09	6FDF03A3B110C5264F52F979335AE301	1162752	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-06-12 20:00:08	93A05407F8E53BC731C42AAD56163F80	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-06-12 20:00:08	4FFD08A01047EF6B58F6EB4E6D001A8D	879104	----a-w-	C:\Windows\Sysnative\advapi32.dll
2015-06-12 20:00:07	9E2A2028228645DD57EF45A02CAC0CCE	5569984	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-06-12 20:00:06	FF9BBFAE899091C1FF0D1A3F2C587911	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-06-12 20:00:06	CCB352B939B77B38983DD878C547451F	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-06-12 20:00:06	6703266C1E56157B5965F9AC868A20AC	404992	----a-w-	C:\Windows\Sysnative\tracerpt.exe
2015-06-12 20:00:06	53042708C242959B3924242FBBE297B1	1728960	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-06-12 20:00:06	48C30C54194142910FB6B86D308220ED	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-06-12 20:00:06	37DFCC91E419952772E02F2B3BBB2E2B	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-06-12 20:00:06	2313AF8D5A9CEB4A55400A01DD311A95	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-06-12 20:00:06	16154A6682B1552DEAB953BFA4B8E955	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-06-12 20:00:05	AD54856A16B635720B0BE5FAF44526FC	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-06-12 20:00:05	996EE6571ADB880A60846DD02C8D5869	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-06-12 20:00:05	7C5E375F20F639607376351A8BCC0647	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-06-12 20:00:05	66DF73B202105406602941778792FE3D	879104	----a-w-	C:\Windows\Sysnative\tdh.dll
2015-06-12 20:00:05	4F90A7A0FCBC0ED18E573917860062FF	113664	----a-w-	C:\Windows\Sysnative\sechost.dll
2015-06-12 20:00:05	210E7D1EA34369194BE09493784E27BE	104448	----a-w-	C:\Windows\Sysnative\logman.exe
2015-06-12 20:00:04	E20BF3FA89DE67B00ED713B5254C0BF0	47104	----a-w-	C:\Windows\Sysnative\typeperf.exe
2015-06-12 20:00:04	D68690450978D127E030FB14E9B2023B	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-06-12 20:00:04	A929B9ABA1083AF35ECE7BD63AF3E42F	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-06-12 20:00:04	A5F57F4866C2DC7F8215058D7D56BD21	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-06-12 20:00:04	9BBEA639884C0338DD78654277BD188A	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-06-12 20:00:04	858F04B3C39239972959E9EE97CACAE4	43008	----a-w-	C:\Windows\Sysnative\relog.exe
2015-06-12 20:00:04	5EC57AC6DC16CB8A058CA019AA2C188D	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-06-12 20:00:04	1B93381366141875D8EE7EC1085236B9	19456	----a-w-	C:\Windows\Sysnative\diskperf.exe
2015-06-12 20:00:04	17A6A9AAD04CCC6EE53290585BFC43AF	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-06-12 20:00:04	13DE715D959DD502CFD52DC920408B33	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-06-12 20:00:04	11D5815F0DC571CE3C72213B375860B1	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-06-12 20:00:04	03BA5D20751137F3A705B389C52DB8D6	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-06-12 20:00:03	6ACD3C75BE449F039E1A4E43424D5B6F	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-06-12 20:00:03	5A17FF38EDE95B2313E428BF444126D7	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-06-12 20:00:03	289D99B0879C6ED5C6D1B3A856CA6DA3	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-06-12 20:00:03	20BD408AC3F8576997D6A47F48A1C5B2	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-06-12 20:00:00	AF557D115972A73964FC8F209300948A	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-06-12 19:59:58	6ACFCC28E4D60B5A931D8749332A14E2	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-06-12 19:59:57	8A4EB32C7C948F70EAC6F85063596A39	36864	----a-w-	C:\Windows\Sysnative\UtcResources.dll
2015-06-12 19:59:57	837BBE4170D5A75F293BD6F294A8FE34	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-06-12 19:59:57	6E882D7CA34073890107559B5A515A24	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-06-12 19:59:42	51F89CE2D0FEC66070354504E6C4C3E4	633856	----a-w-	C:\Windows\Sysnative\comctl32.dll
2015-06-12 19:59:36	22B8CF55E467457EA40D4AC4D13CA5D0	19291136	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-06-12 19:59:29	EEB488EA8A726FCDA6212F6A88582116	15415808	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-06-12 19:59:27	DD6794DD36868F991DA2F93AC66DA12C	3959296	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-06-12 19:59:24	95D387BC0F6E771971DDCB176F74A4EC	281600	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-06-12 19:59:24	58AA76F081E6854681EEE9360FA243DD	1409024	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-06-12 19:59:24	2AAAF0FF367559570C9150F3E39610AD	441856	----a-w-	C:\Windows\Sysnative\html.iec
2015-06-12 19:59:23	D1C50DF12F1CD57E3851DE203367DCBD	1509376	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-06-12 19:59:21	5F448285F3C91222B670D4130A101B08	2237440	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-06-12 19:59:20	4661AA820B77CC3DE68011778B08D20E	136704	----a-w-	C:\Windows\Sysnative\iesysprep.dll
2015-06-12 19:59:20	0038173DE4C3A8D57084A063ACF6E5A5	603136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-06-12 19:59:19	FFBB9A92B252A44CE64D78646D422E62	2656768	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-06-12 19:59:18	B4D2280CC4DB32384128327B249DBBEE	255488	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-06-12 19:59:18	7E2615637D518584562A669D15D7B208	526336	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-06-12 19:59:17	8C86E16794ACEF21251719E5D3D272AF	197120	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-06-12 19:59:15	C53E6FD6DE6D0FB93734CB0257607285	601600	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-06-12 19:59:15	A2E600F47767C3734398BFAEB9759DB0	856064	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-06-12 19:59:15	5F658C55AB3A04AC24AEA4AF54617173	97280	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-06-12 19:59:15	36B1F738CABF5DFBA6A5DDC9A4BB0D46	51712	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-06-12 19:59:14	E3AE01F1580D7F4E75A51E30570BD886	451584	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-06-12 19:59:14	09EBCBF266385C92D97B492A0BE47173	39936	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-06-12 19:59:13	DE075C8DB914CC47D8B9E7DB2CF9A4DE	53760	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-06-12 19:59:13	B4CD08CFF3253F916DB05F7693415E91	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-06-12 19:59:13	4AD36785E6696D6F0AA448F5C41E82DF	67072	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-06-12 19:59:13	2B15EE35BBB7D1198F88808CA7088E47	89600	----a-w-	C:\Windows\Sysnative\RegisterIEPKEYs.exe
====== C:\Windows\Sysnative\drivers =====
2015-06-12 20:07:48	36E0DDD19038C92B7C7709BFA03F813F	69888	----a-w-	C:\Windows\Sysnative\drivers\stream.sys
2015-06-12 20:00:06	272C27711C8AA6E7815EE33F8ACA9C66	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-06-12 20:00:05	BF69D973523D539A35807946C6DA7E16	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2015-05-21 19:52:15	B63AD96D5AB77552EFDB7D2277C3B0CB	3886	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-05-21 19:33:16	--------	d-----w-	C:\PROGRA~2\PDF Architect
======= C: =====
====== C:\Users\Michel en Ankie\AppData\Roaming ======
2015-06-02 18:14:06	--------	d-----w-	C:\Users\Michel en Ankie\AppData\Local\GWX
2015-05-21 20:30:28	AF7CE12C4F3DC8CB2B07685C916BBCFE	82816	----a-w-	C:\Users\Michel en Ankie\AppData\Roaming\pcouffin.sys
2015-05-21 20:30:28	7F13C6D2AE5F9D8B41E9D7D6CAD16EAA	1167	----a-w-	C:\Users\Michel en Ankie\AppData\Roaming\pcouffin.inf
2015-05-21 20:30:28	1E7BDB2AC98BCE13AE85C0F6DB1ECCB8	7859	----a-w-	C:\Users\Michel en Ankie\AppData\Roaming\pcouffin.cat
2015-05-21 20:30:28	16E53BFC96CE14021C0E07EB1C198478	99384	----a-w-	C:\Users\Michel en Ankie\AppData\Roaming\inst.exe
====== C:\Users\Michel en Ankie ======

====== C: exe-files ==
2015-06-13 06:30:07	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Michel en Ankie.exe
2015-06-13 06:29:52	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JM60P7F4\RSITx64.exe
2015-06-12 20:01:12	78206B34BD050DB564BF5B4B8C697925	1617224	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_6F4EEAE8D7FCDAD8.exe
2015-06-12 20:01:07	211F96EB417FF837A70F5130E63A1A45	400840	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_4D9709C1FA1422BA.exe
2015-06-12 20:01:05	E8B7FD67DA14A7BE57A5CB80E3139E60	309704	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_52E818EF81C83A9B.exe
2015-06-12 20:01:03	327C893AA5966AC436CA275F8D64C8C0	1072072	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_BA9226F4C70BECC2.exe
2015-06-12 20:00:34	E39D7E7FCC5D4B77B8CBA52FEF8753DE	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2015-06-12 20:00:34	8D3316795ACCC0EC0DD6A844E046DA68	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2015-06-12 20:00:34	6F139F39295000E6301C0D08F7493CC6	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-06-12 20:00:34	5F7B628B5F10531E8DE3E711ED73AAD7	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-06-12 20:00:34	44854DDB738BF2C507FC2162245361D6	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2015-06-12 20:00:34	3505E5A7664FD84AC8AE51FE3B545AE1	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-06-12 20:00:07	9E2A2028228645DD57EF45A02CAC0CCE	5569984	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-06-12 20:00:07	641A14E6AC492ED45BC68815E2E2F566	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-12 20:00:06	6703266C1E56157B5965F9AC868A20AC	404992	----a-w-	C:\Windows\System32\tracerpt.exe
2015-06-12 20:00:06	583FFF12D2F0D6E1A8746462C433895F	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-12 20:00:06	48C30C54194142910FB6B86D308220ED	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-06-12 20:00:06	3C1BE79C3CE6EB378108B11D94CA1072	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-06-12 20:00:06	16154A6682B1552DEAB953BFA4B8E955	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-06-12 20:00:05	3B5DA649BF7B7D07510C06DE0AEEB4EB	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-06-12 20:00:05	210E7D1EA34369194BE09493784E27BE	104448	----a-w-	C:\Windows\System32\logman.exe
2015-06-12 20:00:04	FB224B0A63B8F58E91FE8A314AD295AD	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-06-12 20:00:04	F85FA29340A536C8E0A16151B9B03923	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-06-12 20:00:04	E20BF3FA89DE67B00ED713B5254C0BF0	47104	----a-w-	C:\Windows\System32\typeperf.exe
2015-06-12 20:00:04	9BBEA639884C0338DD78654277BD188A	112640	----a-w-	C:\Windows\System32\smss.exe
2015-06-12 20:00:04	858F04B3C39239972959E9EE97CACAE4	43008	----a-w-	C:\Windows\System32\relog.exe
2015-06-12 20:00:04	6C06D2B1CF88AB83F1CFB24928F63107	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-12 20:00:04	629AD3FDA168D82D459164044A29F9BB	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-06-12 20:00:04	3E6731BF36A7D6C62D09671B427B6B67	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-06-12 20:00:04	1B93381366141875D8EE7EC1085236B9	19456	----a-w-	C:\Windows\System32\diskperf.exe
2015-06-12 20:00:04	17A6A9AAD04CCC6EE53290585BFC43AF	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-06-12 20:00:04	03BA5D20751137F3A705B389C52DB8D6	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-06-12 20:00:00	EEA17E843EE2EE50D623BEACF50BD815	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-12 19:59:59	EC6E5AE2ECFE7A335B370865A1158EF8	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-12 19:59:24	84936DD30BF4E8B039092CA43EAD8DCF	477184	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-06-12 19:59:24	596E2269685841E9A6807C41C00AC9B9	492032	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-06-12 19:59:23	E7309FC67733872DD7E965965C4563D3	775344	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-06-12 19:59:23	C20CCEA4A17D83AF336A4E3095D3D05A	770736	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-06-12 19:59:15	36B1F738CABF5DFBA6A5DDC9A4BB0D46	51712	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-06-12 19:59:13	EACC37D6768AD3A506E519E3E8795769	223744	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-06-12 19:59:13	DA2EFFF59D680EDC38A860E5BF2E3F49	71680	----a-w-	C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-12 19:59:13	49D91D1CA28209E954C0379611F95229	222208	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-06-12 19:59:13	2B15EE35BBB7D1198F88808CA7088E47	89600	----a-w-	C:\Windows\System32\RegisterIEPKEYs.exe
2015-06-12 19:44:05	D15EE16B871FE911D8D7C91FD5F57EBA	532312	----a-w-	C:\Program Files (x86)\Google\Update\Install\{224C7281-990A-4BE3-B6D0-D349C6EF90DC}\GoogleToolbarInstaller_updater_signed.exe
2015-06-09 19:18:46	C7755E0E67AD505442C9F7D27F5DF845	1884168	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\FileExtractor.exe
2015-06-09 19:18:46	89A676645DF50B8D8D4EF39743E93F5A	2573832	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\DeviceManager\DeviceManager.exe
2015-06-09 19:18:46	7F8B61113EB88DDEF959A274572D8069	5306376	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FF5\HPDiagnosticCoreUI.exe
2015-06-09 19:18:35	DC223E08726F4C8DA60F2803944628A8	7067824	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\HPPSdr.exe
2015-06-09 19:18:27	DEB2CF25CD89A0D132EB230299770872	5152776	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\HPDiagnosticCoreUI.exe
2015-06-09 19:18:27	B20F4DCD6C7CF97664A6BF46FE0B157D	1884168	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\FileExtractor.exe
2015-06-09 19:18:26	8FA84E9EAC8B141D18A793DFDF8CB246	2573832	----a-w-	C:\Users\Michel en Ankie\AppData\Local\Temp\7zS5FB7\DeviceManager\DeviceManager.exe
2015-06-09 18:48:21	3AF5806AAB54D86CDA7AAA034FD2C35E	38382160	----atw-	C:\Program Files (x86)\Google\Update\Install\{1F9A73CD-508D-4CFE-AF5A-E8DF4AC5756D}\chrome_installer.exe
2015-06-09 18:48:20	3AF5806AAB54D86CDA7AAA034FD2C35E	38382160	----atw-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\35.0.1916.114\chrome_installer.exe
2015-06-09 18:47:59	5D61BE7DB55B026A5D61A3EED09D0EAD	39408	----a-w-	C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2015-06-09 18:47:47	E8B7FD67DA14A7BE57A5CB80E3139E60	309704	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
2015-06-09 18:47:47	211F96EB417FF837A70F5130E63A1A45	400840	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_64.exe
2015-06-09 18:47:45	4BEAF576CB43358C4DB9F45AC7C09CDB	194032	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe
2015-06-09 18:47:45	1F2AFAB903C0D48480561F3BBD4539C2	739640	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdateSetup_5CC4B0F53D73AD88.exe
2015-06-09 18:47:40	2040B57C08F7A97E4E44ACB324647CF2	6110688	----atw-	C:\Program Files (x86)\Google\Update\Install\{68EF7460-69BA-4FDD-BEEC-80E6D993E3A0}\googletoolbarinstaller_full_signed.exe
2015-06-09 18:47:37	2040B57C08F7A97E4E44ACB324647CF2	6110688	----atw-	C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_full_signed.exe
2015-06-09 11:58:17	8B303EBBC88D0BB795557DA659EE7F92	453720	----a-r-	C:\ProgramData\NVIDIA\Updatus\Download\77EB\updatus.19655412_RUNASUSER.exe
=== C: other files ==
2015-06-12 20:07:48	36E0DDD19038C92B7C7709BFA03F813F	69888	----a-w-	C:\Windows\System32\drivers\stream.sys
2015-06-12 20:00:28	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\System32\win32k.sys
2015-06-12 20:00:06	272C27711C8AA6E7815EE33F8ACA9C66	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-06-12 20:00:05	BF69D973523D539A35807946C6DA7E16	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1105678457-3491208763-4098284264-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1105678457-3491208763-4098284264-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN173366GW05MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-1105678457-3491208763-4098284264-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Qsync"="C:\Program Files (x86)\QNAP\Qsync\Qsync.exe /launch_qsync"
"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"
"ASUS Screen Saver Protector"="C:\Windows\AsScrPro.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN173366GW05MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll, C:\\PROGRA~2\\Citrix\\ICACLI~1\\RSHook.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AllShareAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AllShareAgent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Samsung\\AllShare\\AllShareAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleIEDAV]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AppleIEDAV"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSPRP]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSPRP"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ASUS\\APRP\\APRP.EXE\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSWebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.84.161\\AsusWSPanel.exe /S"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKMEDIA]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ATKMEDIA"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Media\\DMedia.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKOSD2]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ATKOSD2"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATKOSD2\\ATKOSD2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlueStacks Agent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BlueStacks Agent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\BlueStacks\\HD-Agent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ConnectionCenter]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ConnectionCenter"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Citrix\\ICA Client\\concentr.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDCtrl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ETDCtrl"
"hkey"="HKLM"
"command"="%ProgramFiles%\\Elantech\\ETDCtrl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HControlUser]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HControlUser"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Hotkey\\HControlUser.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Deskjet 3070 B611 series (NET)]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Deskjet 3070 B611 series (NET)"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\HP\\HP Deskjet 3070 B611 series\\Bin\\ScanToPCActivationApp.exe\" -deviceID \"CN173366GW05MQ:NW\" -scfn \"HP Deskjet 3070 B611 series (NET)\" -AutoStart 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HP Software Update"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PMBVolumeWatcher]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PMBVolumeWatcher"
"hkey"="HKLM"
"command"="F:\\sony cybershot\\PMBVolumeWatcher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVBg"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /SF3 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Syncables]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Syncables"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\syncables\\syncables desktop\\Syncables.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateLBPShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateP2GoShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Wireless Console 3]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Wireless Console 3"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\Wireless Console 3\\wcourier.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AsusVibeLauncher.lnk"
"backup"="C:\\Windows\\pss\\AsusVibeLauncher.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\ASUS\\AsusVibe\\ASUSVI~2.EXE /start"
"item"="AsusVibeLauncher"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\FancyStart daemon.lnk"
"backup"="C:\\Windows\\pss\\FancyStart daemon.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Windows\\Installer\\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\\_94E3CE3704FE82FBF49A6A.exe -d"
"item"="FancyStart daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Michel en Ankie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Michel en Ankie\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\MICHEL~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Michel en Ankie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Inktwaarschuwingen controleren - .lnk]
"path"="C:\\Users\\Michel en Ankie\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Inktwaarschuwingen controleren - .lnk"
"backup"="C:\\Windows\\pss\\Inktwaarschuwingen controleren - .lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Windows\\system32\\RunDll32.exe \"C:\\Program Files\\HP\\HP Deskjet 3070 B611 series\\bin\\HPStatusBL.dll\",RunDLLEntry SERIALNUMBER=CN173366GW05MQ;CONNECTION=NW;MONITOR=1;"
"item"="Inktwaarschuwingen controleren - "


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ASLDRService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ATKGFNEXSrv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdAndroidSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdLogRotatorSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdUpdaterSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iOSinstallerUpdater]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NBService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NMIndexingService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PMBDeviceInfoProvider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-06-2015 20:47]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-10-2014 11:28]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-10-2014 11:28]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3070 B611 series" ["C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\HpWebReg.exe" [C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HpWebReg.exe]
"C:\Windows\SysNative\tasks\iSCSIAgentAutoStartup" ["C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe"]
"C:\Windows\SysNative\tasks\NetBak-LAPTOP-Michel en Ankie-AutoStartup" ["C:\Program Files\QNAP\NetBak\NetBak.exe"]
"C:\Windows\SysNative\tasks\NetBakAutoStartup" ["C:\Program Files\QNAP\NetBak\Enclosure.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{16E51038-8D93-4AAF-A90A-2A8EE821BE22}" [C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe]
"C:\Windows\SysNative\tasks\{3CFE6E63-E34C-49A0-96D3-6D37B738B837}" [C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE]
"C:\Windows\SysNative\tasks\{5EA072A4-5725-4A33-B5AB-1270DFC9C09D}" [C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe]
"C:\Windows\SysNative\tasks\{70AE6B22-4B56-4B85-9ABB-A4E965C13BE4}" [C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe]
"C:\Windows\SysNative\tasks\{EC83D568-2BE0-43B8-AFDF-5BEB2262F399}" [C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [23-04-2015 09:59]

==== Firefox Extensions ======================

ProfilePath: C:\Users\MICHEL~1\AppData\Roaming\TomTom\HOME\Profiles\izxgql3t.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.205.547817@tomtom.com

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17-03-2015 15:08]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="https://www.google.com/search?q={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Qsync] "C:\Program Files (x86)\QNAP\Qsync\Qsync.exe" /launch_qsync
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN173366GW05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1105678457-3491208763-4098284264-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1105678457-3491208763-4098284264-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://verkopen.marktplaats.nl/js/widgets/imageUploader/aurigma/5_7_24_0/ImageUploader5.cab
O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll, C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll
O23 - Service: Emsisoft Protection Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QNAP Vss Service (QVssService) - QNAP Systems, Inc. - C:\Program Files\QNAP\NetBak\QVssService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michel en Ankie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michel en Ankie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZFWQL2A will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=49 folders=22 7112097 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Michel en Ankie\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MICHEL~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Michel en Ankie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZFWQL2A" not found

==== EOF on za 13-06-2015 at 20:57:57,11 ======================