Logfile of random's system information tool 1.10 (written by random/random)
Run by Eigenaar at 2015-07-25 13:23:41
Microsoft Windows 8.1 Pro 
System drive C: has 305 GB (68%) free of 449 GB
Total RAM: 3893 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:23:57, on 25-7-2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Eigenaar\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
c:\programdata\{d3a672bb-cb1c-4671-d3a6-672bbcb1caef}\hqghumeaylnlf.exe
c:\programdata\{fd5226d2-9e7c-1b28-fd52-226d29e79b4a}\3339657186907870792e.exe
E:\Scan programma's\RSIT.exe
C:\Program Files (x86)\trend micro\Eigenaar.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1434230586&z=55ea36749ea68f49d546d8bg4z1c0z6o7c8e7w0m3q&from=wpc&uid=ST9500325AS_S2WRF8ATXXXXS2WRF8AT
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1434230586&z=55ea36749ea68f49d546d8bg4z1c0z6o7c8e7w0m3q&from=wpc&uid=ST9500325AS_S2WRF8ATXXXXS2WRF8AT&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1434230586&z=55ea36749ea68f49d546d8bg4z1c0z6o7c8e7w0m3q&from=wpc&uid=ST9500325AS_S2WRF8ATXXXXS2WRF8AT&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://nl.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_secureddownload_15_28&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dnl%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0Czz0FyBtAtA0AtDtByE0FtDtC0FyByCtN0D0Tzu0StCtBzztAtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyE0C0F0A0ByDzyyCtGtBtDtAyBtG0C0AyDtAtGtC0D0BtBtGtDyBzytDtBtD0EyE0AyB0DtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szyzzzz0A0A0B0E0DtG0EyEyEzztGyE0F0FzztG0AtA0A0CtGtD0E0CzyyEtAtCtAzy0C0AtC2QtN0A0LzuyE%26cr%3D1230480060%26a%3Dwncy_secureddownload_15_28%26os%3DWindows 8.1 Pro
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1434230586&z=55ea36749ea68f49d546d8bg4z1c0z6o7c8e7w0m3q&from=wpc&uid=ST9500325AS_S2WRF8ATXXXXS2WRF8AT
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1434230586&z=55ea36749ea68f49d546d8bg4z1c0z6o7c8e7w0m3q&from=wpc&uid=ST9500325AS_S2WRF8ATXXXXS2WRF8AT&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1434230586&z=55ea36749ea68f49d546d8bg4z1c0z6o7c8e7w0m3q&from=wpc&uid=ST9500325AS_S2WRF8ATXXXXS2WRF8AT&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1434230586&z=55ea36749ea68f49d546d8bg4z1c0z6o7c8e7w0m3q&from=wpc&uid=ST9500325AS_S2WRF8ATXXXXS2WRF8AT
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: cheap4uall - {C5BBFCDD-408C-4361-ABD8-4228610C45A8} - C:\Program Files (x86)\cheap4uall\U87bJ3yueXzA9s.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Eigenaar\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Eigenaar\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [HP Officejet 4630 series (NET)] "C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4CA594F705Y0:NW" -scfn "HP Officejet 4630 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [uTorrent] C:\Users\Ivar\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - Startup: Dropbox.lnk = Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Verzenden naar OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wodtomghc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wodtomghc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wodtomghc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wodtomghc.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wodtomghc.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: amhbiwtap - Unknown owner - C:\ProgramData\LogloUuoi\hepramuu.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Kaspersky Anti-Virus-service 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Flat Spread - Unknown owner - C:\Program Files (x86)\Flat Spread\Flat Spread.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) - The Privoxy team - www.privoxy.org - C:\Program Files (x86)\Techsmart Computer\privoxy.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\WINDOWS\SysWOW64\rpcnet.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14164 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-10_user.job - C:\Program Files (x86)\Cinem Plus 2.4cV12.06\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-10.exe  /rawdata=vfY9EYIKG7F8qcfa2lkjmvCsTKhali18trhfOYZMdbQxYcpq3EgZ3n5dRE+KT6bXl6VaKbtsxutJYfboyxu2uNGsLOccpo6TLY6t1+l9BDN1oD+MItmhVajyOQNdizHgxfcU0aTnCuQZ6yYfSe0KrE17VRJ+RvlMcOIHeMNf6pmK4c6iyARg7Ip2aLK/TzORehvZRhMQug6H6TotMa6dlOplYuf957gjKEdBb0h5/HiROS0ZDWbXXzCji/ytxXCGCo5hg2GG+zavvum+U6pcdLkzQ38d/N9/59h92CGsTbOwiNBgVY96C3TQaP6GoKUpP1sgr8XM5sD2bmdMTdkYnwV5a9RK8SeYB1tc388+sZVBXxkXEF4k/lKLKjhW5hLaGu4S9oiWRnVidlYM6tDvhQL/0OcaCpm+lDaIkrxV6q50Jy+ZvV6tSwJXcAUVnYY85ZWUc1hlPZy7V+7NQJ1u1AMmyT3rGKi85lzY889V59Cy619vmM40djYGAsZ5Di+raAXH0JRjTBzHxjZzp/wGhuUKxwi6Zv0QN8hCu9fpGIYQcAtnX354NldwJ0M646I4JFdKYjm1tKbwFJkaL9eZXjVkb0Fjam0dm1+y0yRZPfN23wblGm8517RflvdYGapZ6FFQ4ss7mjbStFEwnnDuoOEmu06MQnHf8B4aGbD6JzRrJXIEVq2rVRsqlS5GKzIywRSSxnBXzooxzISP/suBCs+CTCZ2YnJdRusK4Fni28XAw/haiLa9xhVqmLSGb6+w/dK7OkjMKPo28iYRaFixhyLAKtWXsY5+vUj7q/W+7imTp989TBB4BkjrjmkXrVjmEFpid7Zu3faxwr7FYV+fIg== 
C:\WINDOWS\tasks\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-3.job - C:\Program Files (x86)\Cinem Plus 2.4cV12.06\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-3.exe  /rawdata=HO9StMJzLQi+YG0BC0rR6xv8i6OHf3SZDM7DLsjVRmITl0p1VkUJc42zl++l4qV3HxNmOEUK7wRKVEhvj+VMrktLWiu3GlmYfHrOsSKicrKqRcbTyXG4Wpty3lBSfKtL2cGxVoJXxsOPCBHJgZLxJyunsgs1DYeCVMgaYGRDCBtcFmwMRQgKUdOiHDO5tMo2hs6mIQnKDtzh6OVZPqBPLqrs2d7lGhM2rESG3MrIjRZLKj5hbeLBdO6cWt/2wT20fmwB1VCz43HSoAMkItH2cyeofRBWn4EWVh2IwLTyGBa9YZ1DGe6ps03T5PE1Nj4wXjk9nWFF5YDNeeeu/6ns9EmAh/4nfuMaVwd7xylNqZApaFyCZw55MgDRlukWO2TVycirxfZpgbPNTxw4aL5+kjZ7Cus1gcEtQM1TZCwDG4e+qyCjE77Sh+E0oVBmdG0NY7QGI3shYBpo/aLZWSqsBFFw9kicO+l3C9Mx4rFXpX1fLIZsGQmOI5NPfmIdzW7Mfc2bY1JVtS5Rk70T8a+Uga/hw/+XnPWFxcdY/WDusYaZA7ll5wtrfZ8rm6lazmxKGSNbdvCDwJbP7YcE7UsBmB3lS7RM/ofEKn+L6K3S2Mrpzbk05rcccSHh/ktogC2uTdHjisp0ygTu1aPM+5lxWphERu4dQVQjRGha+fw0/PcVxPHwdqpuOQCLCfB01zgk5O/XhS7CaXNuR7yHh9Q/UwrruzW8aX6jYsWRsKw5+SdHLVr5SGny1xrERrPbt03ZISKiIgD1tf2WhrYZVkeZfztKuHoUIvQ5DIHI0EE8u6zotO15XbasclBwcZpXgK4/Dh3Dd7exrP+1kimZiACO+sYLG9OWwtorVen7YgXnwWb1mwQiNYFby8GIeyRJdJD5EYUbZ1HCVpPvQQyFCxqTPDHpC97uzsFonE9OLYQp+PiWAo1hZ/biVVvkb2TrERmoiMnoWFwoypBMG5zPRASOwLI4c5dx0U9w4jgTuNoPSMRNC02ZfuwBlbnA82LTs7T2SadJOfkqoctUbhSZNeKx0oljarhJfRHkVB97psqFq9mVH37moTRxrSbDfTDF7v/x4QqjwStpCTi56oOarFr//eYZWeRNBfD+IYPxb2cGVNeYy6ntMaYbgi+W1AttTLoB3wnm+h9GqRSy15mwoAyBRhAXyz9aFVqGG2BF2o6TGWRnkNrXTE9nNdgn6ozT6pWLFLAoaP24WvaGei5jqE2q5hq/nfxhYnC7Aaa+xyNN3kFia+cprX+Xi9rPO286KYBUWwQAf7TxID+XESo1GWfD8ATquX4DgO8Lr9szjAq+6I/7cWPktXm3Tug6Tj51VrvwgzuEfbxbdlC3x0Vgeys4jUWSsmVwZ4pxS3r6uHGHlxFKtXB5wGt0eheebk8Jax/3tWgX0090W2aixZ0JPZffjiCplRfp7i6vxkdOPC/y26vwYxJotwlnNnDqBhpwfhHTmrix7wVPZr6QWf6PwlwchVzbA0eQL/RLeE3VlFfKISGaiBawWkwsQVeGOvsrb5fBDNTSSHrT2ysD7a2/yG6dZ52btYWH+gzYZOoe6QZwCDIQ0syv5JAziPZ1ykEganPwZHM2uUkmgXDNArWYIuLETklzG5oMC9kVA4UhyHpXqh4CWUNT9rnwk2l/r4r9bzeABqNs/VZdGu4QP2VZSOS6vLo8KlAsAolm0Db3w4l0I8AZv36CWgaYtgA1SYTiRiKXd4rp8VN0IK6nZ02EYbga8x1q4o2tXYcVq639VPpQXRKKcn+9kpt048P7fMqy0aA8BSLR9YkP3UCPmRSNWlw3pm0+iBRRJnzH4gH0za/Ti9IyWOL5ra7oesA/MODZLnlHPSxdUX/8tvR9A1nZB61Y7A== 
C:\WINDOWS\tasks\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-6.job - C:\Program Files (x86)\Cinem Plus 2.4cV12.06\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-6.exe  /rawdata=uAGKqlAjUYDdMwbxcSn3ajPzNw5qkzp3xlSHN9vb5leLjE4acYto9ma8l0vAhAQzQrth2yeZ5DxMFPNQUtQzkKobPy7rGx4p8ee0ND4YI7fOLId9QKUMjI73x0pSA38y6L8frltImkie2kkQaSb4AlMnaT29sWbCvx2jPXEuky2rqvbGWXYFV4cD4FSPPx4lOG+mLYzh3b0p+lA5Ds7nOlE3WBIFumzByYfLJMKiawiNBvRLEvysVjMUo+ya/p/2MKaRzl2KTgwUh0NKvu+C4CHQ9OQ4CZzDVsahZlFE0SShrnb+hXzDzzEEOYL2tHdC/4LGgEmbR4nrDZKE20TLL1KD6SwSp5cS8CG9s36PyoCfq0P5atmV7v/yvWy60mBSo5raSQ54d+utP7q+c/n3Jp6HZ65xbVzfcNyOjN+7/3YSMvTwtHWXJxJtrjRjhdfJbXKHXXsQx/ik8TFHMEtorNzgMPZQeRmbIVYe4nyPBkvuijMCU9g0/8a+/s39ylkie9xmlRaS7t2OpPI+w0Reb7vfdhHhkUMON3BDrU8AbPnsp739iHhn2wHP8ygX0hC80ApB1BRFyt2HT/Oj4344OskBt8inGvzGV/t0ZsxTDllIaDQu9HO+8ogbGDr+0bBTcL12kPLTqoLQMqEwiQ6TC0NjAbslxrAvZ1V513p8HQR85qxUsjw09pIwEPmFfrhkVqmqBikywwNp/nKa/UCxptUGYcA/3mFsJyb8X+5/StfGCn3fssPUB73VxJY1CMYXSy+TJYlunMnjoRZBGYmYx6d/NBCps7Up085Tw91FFprfm4MArPrDU/64Vs8IckgUnglvoOYPl9AkrGpjEiR+OnvTnGOuFjNF3Xz8nYtpE6HRvEmXK4tJ3l0hkxe4lD5IAj7OdgBI4Llg4ICm/E0A+k4W4/uwSHg7qR1yQSeXMPhwLGvTWSFLbScbI5ZwMu/baDU5Ad8d++U7mxthlhiH2sJ2guDOSoo075AI9HmJiP4iI6UF9C7Y1+P/Qd2nTGCYl3PwNTS/s3PWvOQbqBoY0Dgje4IRhZz/I5YlAT+Nh2r9/mBhOmSK9X00nDHFculO97pwH+6zZyih3e9gdbirWr7AP73OSMoIizJ/gvrx4zE0tUrEMhx3H60w8PfZq0FVBA2fJ7Jbe3gLmAGlZS9GDjznuuU4eWLlb/QxL1SyV3Q8bY0ldTLfjl7u3VnQXJe3XTQY2RIvTE5/SdwkqlwqFSCFAqj3FHreKPtvyDdjjOZrdSniE95Eg0/f4g9TTSlWaw4hmM0AFoGre9yZ7G7l/ex6Ss8qgImngG1MCS74APahu0ig43aXBsAc9TWD8pSDGjp35Bq1iFGKS3JXRH9oEcEe9tT9MjlSn8EjpxvpOz3soC/zaTDz5irDLYYqS8oMtWeHN74+HQ85oGx2KWG8F1bmnbqefdcAkpTNgzjjM/jvPHwJYkLZ4iN047E4bvV3Nf4I95VYRamG4ewdgfhKn1LRZtb4zJd9QyPlPzfk8KoNthzv1O3nL2LCC7jgMl4Vdsl9HfLgWQV17mm1DskTitGyelkenADaPbnK/syZk6H375BDqNG+Qt0iEtAfu8epAr6fD1SJ1Rt008CFtdviW6KxRTmxSnrRcfta+xNmfXLq50MRuBLGNBq1zmriQ+ijyX3hHI2MQLM+X/HzUpE9F7azKaSSAxKIMGaqkSMsHzJZGrJT9G2FCPFqV9PIfAo9J4Ih0gO6kLVtlBU/KfOcse7wFK18qiRn8sjQqvYDZZn/6FGA3UydTKOK+SHlo+BZr/SY9BiM3jvDNDKJYxhtvZVgXiwgSNOZzqVcyl5FeWCpPrddiZSlzPDLJf9OhOzNCQXCOgm2de+CTz+zMgtTPW5gXJJMiguR4PD+pbKhJLtdT6cm0qurS21FAj6D5uBHYVt+jeza+FLyckKPR/1iOASbG+qkHO840qrg9+38l52akpMsXPz5dezj6C73tRNKCzlTQ7H+qcFMLydzg6eeN8OXRCZn27zD+UB9v+JfjfJ0CUABqg2a+rh8kYan4JzwDythFkN7Ou6RS9rYoISSYW90xzXWey6slZqxU6sASRNCfvIZ7hOqRF2YzdARSIqhj6tJ1UkGjjFQLgTJRzVBNW6s64QMYFoqxC2aPxt6fj7mkrTPbJHU0uOIFL/ySwongwYY8DZUrfWeX4VPg5oHUBrbzPb4YuFvDG19OnqHXd0CxHESoGdyTfWpvu8+25gZ4gXYV1pJONgrHshpSNuK9Ahjdfagdb7rfp+6WJHBaflHHNpuEslKLScoamkFoozGXo18VhZubfyeZ224ultyuq1uOD7Y6VrgBp7527WhTPBJPsjtc5XquAQcZS8vcebYl+JTSh+c2loR6/+ayXNm8cD7LOEnF5a8VUM9q01AxUL+MQeElPC5nWqs1IhwFQw7rMGPgYKh0HrG+q0FtSzuYUMLGtFojcGApbRmT1oEleu4IjPeDD0+nhcpMt3L6ho978hB0lc60qE3dMwW3MBaVobjseLUMS68FGWcFWnnoCMtJmQ2Zd42IvVLR8CLklZe 
C:\WINDOWS\tasks\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-7.job - C:\Program Files (x86)\Cinem Plus 2.4cV12.06\3f565ed8-ee47-4c4a-8ca3-ea7a595dab9c-7.exe  /rawdata=gsb0ccQCYe4gTr/7/ZdiqlMX/0Fdc7tKMUpwrTsYCD0gMJsZatMmqVnG6b2LsbKcae8U9qqnEw9Tg1GPCdO4kwllMyWHcSPNKyExtVWZV4B4LM8U7XeVhM+qx7BZISNJrLTJJAeJJjORjVj605oItPIHWzxdBogRswotuVLrIshToP/wG6LIX5sIMTetYurG2uE73gCR48msckurpF2exOjT7gCsukvi3e+v3Pxn7lXZEtuE2YOrRTyDRsAf7XeMf2kGzZm8RNuf/2XLw0Gdri3cCXQHCqOYE7gred1s4fcS3cKm2qXiPN1rdWjf7J64b+w2ymanKqz1yOq64bcmtz64poPXo4qczqRem7mGBQCnLDxuO0BYn5qc82tZ1fu4ewod1x03iBcVdxViF8yptE/4tkw4YGsk4MERQM2H1QPOZ9xuLsuq2QD3n9N+BnXcyu919QBvmRbIeIIrWVmBLkccqopSwVFBDPX3OjQGq2ZQeOowOLFGUsX+C7y81vWde274lcnflSUy+W5G6zE+1VVqqBFeIGspkicrNvC7EITi6vkGF3ispFzczpA28E+/KHyrkUmNXmwepi03T9WUHQHrTR2LJPAEb1YiknoU50aOjBpw27xe0PYjCj3Gg9Tpl+syXmSmPu6+rLF3HdNR332K7qj5jVJ5IcLncnq4F/MtN/uETvK/r2qZV5n8nLoJM5lrG4QLMHlrB8RpkUek5DEHfe01pa0Ce/8zf2xxeElpC0tHcLzsSnJPHmW4ZOzr1oXcA7H/DGXOm14XbNMO7BQmj0xSuXJcbw96xS3ljMtoXBs2OcGcRRjvC6PXzCRGV/ZktTndrMnI9EFmommi319Snnl7MwzMMeqV0K8l8e/0iqKo9ADYmXgc7x8zmt+SN0MfeeppQOSJDg36GDYB8jsAaBTVJdVNcgfiDXhHk/t3J947TpyKd9+H0yJv/7Pomfc1e0Zqqe7VDiYPvzHkzunCY+A9WY+Olg9XafJ49lxvGD+xdLV8F92Mc4JAyb+bj5ZSPrB0Kt0wV36kRDlgF8dw1kCv6kKSvsXlJWqmpA1hFfAzFeA4ZTQrC3MkcmDSk7MJuHbBSwp9eNoKJhX6T4nfKBXVEPD02HQ6IYILHc4loiiLlOS9URVg3mg03SoD6f8xRrYNPF6dKqnEz4H5Ix5SgkQLmcUwzICXraZZxslMunUAUuFIAmYAqfs92nnmPPJDh9qzRco1ARFYS5DVgFsTP7YWUAKXYvJxFx56Vunwh5cV7yYzC6SWVJM9sKdVDblsOn75ZRxLyuTa7lTxvBrXdUK7BWv3Yv7N/3rNNSW8HktQ35F5ke9o2oxUC1LRcz4ZkyKXvK9rnNCnOi9b2h76Cek5DbeuSC4dx8LppqLVhG13Kbi9mnYXy9eu1bMad8xL0ujxGZPVCIrWbs1q5jCu2pnNo0h7gwzpeaSOK0Jw/j7p12x3DIKtbNL5W84yjV3+kUlNgaHq03kCt30w+o19h+0CjIrM3UEeCjnJGWZwBu7EqiPA7i9tyVh31QIepFhFNffQ0GMc+NAMMOo98SztFH/WIFBaM8bgrD229Gs1vgKWwzEH1JrTuFO2oOZkkpflYW3ftNSFoZQNA8kmOemOTZW7s/HudkoAiEsHz8zRE/akI9y8Utbh/sDCdbx8g46pz+XU4kgNItu9rXJCyehAIkHxbIUTsqecRMYDvXEpAFor2eLXdRN7WLDyy+MLyYijtOWGLoDhEpmzgkyIVWk2iFcOegegxCU0sFc/EsfPqApkyPH6rQ1Zcs+d/7jwHV9JhsXZ3X6rpA1AlNUm8IxYmnavlP3t0SX+FPJaeL2mo1Rr7NZkTJi+/kZ7Y/klMY/nNZoEdF6Bp8lEJ7eZGiyqxm5+aF9vaVwME40PrLIy778zG3QVn7r8kEXu27O8jFs+6VxmMcm7h42z+K39K8CMBbkRCfTB/6A7KgKS6M11WPTxkbd+8YNH7DG7qdA+iwyRG1gQvwWqBiT3yeLG+LYWOxKHQ5zXhdpNyUjUTCJfTarRdFw2PkNvHf+RpnI4ZV7TWl3p2xr//g51G6NJiryMofFKzTqIYKt+sXxthgECteI6g11FRfGJdNaMQ/VZYTVx4LK8S+gY5xbRlTefzJPzop4tWJWiETNJnWMjrDWAY6699+y+ot396ZT8sFKt/6FPTL5FlIxcItnySalyCw2snh2D4u/yLkCmMb1uiwRyK2csgXn60HT/lXDyMvRWvHV3x/hz2Wyf1UU7BMF9pJNsJqBCkLZTwGScvZzn2TGJpEWh0fJD//R1jQ3B93oyFKHesTVz1u74ZKYgR8jxoYjhpkjDaPFabegsv2C4KQnlYtbDszFs9MTr4VhimjBdFcAJw9CKYpsaDpHMmsErtQ== 
C:\WINDOWS\tasks\Bidaily Synchronize Task[74c7].job - c:\programdata\{d3a672bb-cb1c-4671-d3a6-672bbcb1caef}\hqghumeaylnlf.exe  --startup=1 --single 
C:\WINDOWS\tasks\Bidaily Synchronize Task[973b].job - c:\programdata\{9a01433a-a62e-6d47-9a01-1433aa620cea}\download minecraft 1.7.2 cracked full game free for windows.exe  --startup=1 --single 
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3550189732-4237687313-608669744-1001Core.job - C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe  /c 
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3550189732-4237687313-608669744-1001UA.job - C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe  /c 
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3550189732-4237687313-608669744-1001Core.job - C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe  /c 
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3550189732-4237687313-608669744-1001UA.job - C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 
C:\WINDOWS\tasks\GreenLiving.job - c:\programdata\{2cfecf9e-661c-f95d-2cfe-ecf9e6613e79}\5842601748521804037e.exe  --startup=1 --single 
C:\WINDOWS\tasks\MemoryExpander.job - c:\programdata\{fd5226d2-9e7c-1b28-fd52-226d29e79b4a}\3339657186907870792e.exe  --startup=1 --single 
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe  

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5BBFCDD-408C-4361-ABD8-4228610C45A8}]
cheap4uall - C:\Program Files (x86)\cheap4uall\U87bJ3yueXzA9s.dll [2015-07-21 889344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LManager"= []
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2012-07-19 133440]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\Eigenaar\AppData\Local\Akamai\netsession_win.exe [2014-10-30 4673432]
"Google Update"=C:\Users\Eigenaar\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-29 116648]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-10-02 20473504]
"Spotify Web Helper"=C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2015-07-10 2008632]
"Spotify"=C:\Users\Eigenaar\AppData\Roaming\Spotify\Spotify.exe [2015-07-10 7334968]
"HP Officejet 4630 series (NET)"=C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [2014-07-21 3487240]
"uTorrent"=C:\Users\Ivar\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED []
"Dropbox Update"=C:\Users\Eigenaar\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 134512]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Eigenaar\AppData\Roaming\Dropbox\bin\Dropbox.exe
Verzenden naar OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wodtomghc]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"vidc.cvid"=iccvid.dll
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MKVC"=KMVIDC32.DLL
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-25 13:23:42 ----D---- C:\Program Files (x86)\trend micro
2015-07-25 13:23:41 ----D---- C:\rsit
2015-07-21 11:47:08 ----D---- C:\Program Files (x86)\Awesome  Widget ANTP
2015-07-21 11:46:03 ----D---- C:\Program Files (x86)\cheap4uall
2015-07-20 23:45:06 ----D---- C:\ProgramData\{fd5226d2-9e7c-1b28-fd52-226d29e79b4a}
2015-07-16 12:48:06 ----D---- C:\ProgramData\{2cfecf9e-661c-f95d-2cfe-ecf9e6613e79}
2015-07-15 22:15:50 ----A---- C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2015-07-15 22:15:47 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2015-07-15 22:15:46 ----A---- C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-07-15 22:15:40 ----A---- C:\WINDOWS\SysWOW64\WSShared.dll
2015-07-15 22:15:40 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 22:15:30 ----A---- C:\WINDOWS\SysWOW64\msi.dll
2015-07-15 22:15:30 ----A---- C:\WINDOWS\SysWOW64\authui.dll
2015-07-15 22:15:29 ----A---- C:\WINDOWS\SysWOW64\msiexec.exe
2015-07-15 22:15:25 ----A---- C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-07-15 22:15:25 ----A---- C:\WINDOWS\SysWOW64\msv1_0.dll
2015-07-15 22:15:25 ----A---- C:\WINDOWS\SysWOW64\kerberos.dll
2015-07-15 22:15:24 ----A---- C:\WINDOWS\SysWOW64\certcli.dll
2015-07-15 22:15:01 ----A---- C:\WINDOWS\SysWOW64\atmlib.dll
2015-07-15 22:15:01 ----A---- C:\WINDOWS\SysWOW64\atmfd.dll
2015-07-15 22:14:58 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2015-07-15 22:14:53 ----A---- C:\WINDOWS\SysWOW64\wups.dll
2015-07-15 22:14:53 ----A---- C:\WINDOWS\SysWOW64\wuapi.dll
2015-07-15 22:14:52 ----A---- C:\WINDOWS\SysWOW64\wuwebv.dll
2015-07-15 22:14:52 ----A---- C:\WINDOWS\SysWOW64\wudriver.dll
2015-07-15 22:14:52 ----A---- C:\WINDOWS\SysWOW64\wuapp.exe
2015-07-15 22:14:01 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2015-07-15 22:13:40 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2015-07-15 22:13:37 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2015-07-15 22:13:37 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2015-07-15 22:12:27 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2015-07-15 22:12:26 ----A---- C:\WINDOWS\SysWOW64\actxprxy.dll
2015-07-15 22:12:25 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2015-07-15 22:12:25 ----A---- C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-07-15 22:12:25 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2015-07-15 22:12:25 ----A---- C:\WINDOWS\SysWOW64\ieui.dll
2015-07-15 22:12:25 ----A---- C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-07-15 22:12:24 ----A---- C:\WINDOWS\SysWOW64\msrating.dll
2015-07-15 22:12:24 ----A---- C:\WINDOWS\SysWOW64\inetcomm.dll
2015-07-15 22:12:24 ----A---- C:\WINDOWS\SysWOW64\dxtrans.dll
2015-07-15 22:12:23 ----A---- C:\WINDOWS\SysWOW64\webcheck.dll
2015-07-15 22:12:23 ----A---- C:\WINDOWS\SysWOW64\mshtmled.dll
2015-07-15 22:12:23 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2015-07-15 22:12:23 ----A---- C:\WINDOWS\SysWOW64\iepeers.dll
2015-07-15 22:12:23 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-07-15 22:12:13 ----A---- C:\WINDOWS\SysWOW64\ole32.dll
2015-07-15 22:12:13 ----A---- C:\WINDOWS\SysWOW64\gdi32.dll
2015-07-15 22:12:12 ----A---- C:\WINDOWS\SysWOW64\msftedit.dll
2015-07-15 22:12:01 ----A---- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 20:46:00 ----D---- C:\Program Files (x86)\Flat Spread
2015-07-15 20:45:54 ----A---- C:\WINDOWS\SysWOW64\1.exe
2015-07-10 23:12:55 ----D---- C:\Program Files (x86)\Popcorn Time
2015-07-09 19:33:10 ----D---- C:\ProgramData\7caff85e00003fe9
2015-07-07 20:18:06 ----D---- C:\Users\Eigenaar\AppData\Roaming\Nico Mak Computing
2015-07-07 20:17:49 ----D---- C:\Program Files (x86)\WinZip Registry Optimizer
2015-07-07 20:17:34 ----D---- C:\Users\Eigenaar\AppData\Roaming\WarThunder
2015-07-05 01:53:33 ----D---- C:\Program Files (x86)\Topface Meeting is easy
2015-07-05 01:52:48 ----D---- C:\Program Files (x86)\browseaonndshhoPe
2015-07-05 01:52:42 ----D---- C:\Program Files (x86)\broWWseandshop
2015-07-05 01:52:34 ----D---- C:\Program Files (x86)\bruowseandshop

======List of files/folders modified in the last 1 month======

2015-07-25 13:23:57 ----D---- C:\WINDOWS\Prefetch
2015-07-25 13:23:55 ----D---- C:\WINDOWS\Temp
2015-07-25 13:23:42 ----RD---- C:\Program Files (x86)
2015-07-25 13:22:06 ----D---- C:\Users\Eigenaar\AppData\Roaming\Spotify
2015-07-23 13:33:10 ----A---- C:\WINDOWS\SysWOW64\log.txt
2015-07-21 15:17:46 ----D---- C:\ProgramData\Kaspersky Lab
2015-07-21 13:40:36 ----D---- C:\WINDOWS\WinSxS
2015-07-21 13:40:34 ----D---- C:\WINDOWS\CbsTemp
2015-07-21 11:47:08 ----D---- C:\ProgramData\12116137723814164622
2015-07-21 11:46:07 ----D---- C:\Program Files (x86)\DeaolExpress
2015-07-21 11:46:07 ----D---- C:\Program Files (x86)\DealExpreass
2015-07-21 04:37:51 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-20 23:45:06 ----HD---- C:\ProgramData
2015-07-20 23:45:06 ----D---- C:\WINDOWS\Tasks
2015-07-18 10:32:02 ----D---- C:\Users\Eigenaar\AppData\Roaming\Dropbox
2015-07-18 10:29:41 ----A---- C:\WINDOWS\SysWOW64\rpcnetp.dll
2015-07-18 10:29:39 ----A---- C:\WINDOWS\SysWOW64\rpcnet.dll
2015-07-18 10:29:15 ----SHD---- C:\System Volume Information
2015-07-18 10:28:47 ----A---- C:\WINDOWS\SysWOW64\rpcnetp.exe
2015-07-17 12:40:00 ----D---- C:\WINDOWS\SysWOW64
2015-07-17 12:37:55 ----SD---- C:\WINDOWS\SysWOW64\GWX
2015-07-16 16:17:23 ----D---- C:\WINDOWS\rescache
2015-07-16 14:51:34 ----D---- C:\WINDOWS\Inf
2015-07-16 14:44:57 ----D---- C:\WINDOWS\System32
2015-07-16 14:44:57 ----D---- C:\WINDOWS\PolicyDefinitions
2015-07-16 14:44:53 ----RD---- C:\WINDOWS\ToastData
2015-07-16 14:44:51 ----D---- C:\WINDOWS\WinStore
2015-07-16 14:44:51 ----D---- C:\WINDOWS\apppatch
2015-07-16 14:44:50 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-14 17:53:53 ----D---- C:\WINDOWS\AppReadiness
2015-07-13 23:10:13 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-13 21:51:02 ----D---- C:\Users\Eigenaar\AppData\Roaming\Skype
2015-07-09 20:43:12 ----A---- C:\WINDOWS\SysWOW64\identprv.dll
2015-07-09 19:39:35 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-07-09 19:38:14 ----D---- C:\ProgramData\Origin
2015-07-09 19:35:55 ----D---- C:\Program Files (x86)\Common Files
2015-07-09 19:35:12 ----D---- C:\Program Files (x86)\LightningDownloader
2015-07-09 16:25:58 ----A---- C:\WINDOWS\SysWOW64\WodtomghcOff.ini
2015-07-09 16:25:58 ----A---- C:\WINDOWS\SysWOW64\Wodtomghc.ini
2015-07-08 01:28:35 ----SD---- C:\Users\Eigenaar\AppData\Roaming\Microsoft
2015-07-05 20:50:06 ----D---- C:\Program Files (x86)\Windows Defender
2015-07-05 20:50:03 ----SD---- C:\ProgramData\Microsoft
2015-07-02 19:18:36 ----D---- C:\Program Files (x86)\ProcessRunner
2015-06-30 20:52:57 ----D---- C:\WINDOWS\Logs
2015-06-30 13:34:17 ----SHD---- C:\WINDOWS\Installer
2015-06-30 13:34:17 ----HD---- C:\Config.Msi
2015-06-30 13:33:48 ----RSD---- C:\WINDOWS\assembly
2015-06-30 13:33:44 ----D---- C:\ProgramData\regid.1991-06.com.microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys []
R1 klhk;klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys []
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys []
R1 KLIM6;@oem1.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys []
R1 klpd;klpd; C:\WINDOWS\system32\DRIVERS\klpd.sys []
R1 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys []
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys []
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys []
R3 AMPPAL;@oem3.inf,%AMPPAL.SVCDESC%;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter; C:\WINDOWS\System32\drivers\AMPPAL.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys []
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys []
R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys []
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys []
R3 IntcDAud;@oem16.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys []
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys []
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys []
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys []
R3 MEIx64;@oem19.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys []
R3 NETwNe64;@oem1.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 8 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew00.sys []
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []
R3 Ps2Kb2Hid;@oem20.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys []
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys []
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys []
R3 SynTP;@oem6.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys []
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys []
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys []
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\System32\drivers\BthLEEnum.sys []
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys []
S3 btmaux;@oem9.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\WINDOWS\system32\DRIVERS\btmaux.sys []
S3 dg_ssudbus;@oem23.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys []
S3 dtlitescsibus;@oem24.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
S3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS-minipoortstuurprogramma voor Qualcomm Atheros AR81xx PCI-E Ethernet-controller; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys []
S3 RSPCIESTOR;@oem2.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys []
S3 ssudmdm;@oem27.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys []
S3 ssudserd;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudserd.sys []
S3 USBAAPL64;@oem24.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-09-13 731688]
R2 AVP15.0.0;Kaspersky Anti-Virus-service 15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [2014-04-20 233552]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-08-26 1137016]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-08-26 1157496]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-08-16 135984]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-05-19 2739888]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-28 348784]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-28 626416]
R2 Flat Spread;Flat Spread; C:\Program Files (x86)\Flat Spread\Flat Spread.exe [2015-07-15 8016204]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\WINDOWS\system32\svchost.exe [2014-10-29 33088]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2014-10-29 33088]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-06-20 634632]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-09-18 157128]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-19 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-19 277824]
R2 PrivoxyService;Privoxy (PrivoxyService); C:\Program Files (x86)\Techsmart Computer\privoxy.exe [2015-06-13 371200]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-28 149744]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-01-19 93296]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-19 365376]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-07-06 335872]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2014-10-29 33088]
S2 amhbiwtap;amhbiwtap; C:\ProgramData\LogloUuoi\hepramuu.exe /ts2=1 []
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
S2 rpcnet;Remote Procedure Call (RPC) Net; C:\WINDOWS\SysWOW64\rpcnet.exe [2013-11-05 69792]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 33088]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-30 279000]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-01-19 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-28 273136]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-10-03 150600]

-----------------EOF-----------------