Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by annie on ma 24/08/2015 at 10:34:43,15.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\annie\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-08-24-083021.log	17154 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\NST.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\NAV.exe
C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\NF.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\TampMon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\NF.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\NAV.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\annie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\VTech\DownloadManager\System\AgentMonitor.exe
C:\Program Files (x86)\OLYMPUS\ib\olycamdetect.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Users\annie\Desktop\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5d79f641-c168-40df-a32f-bacea7509e75}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}] 
Objects\{cb41fc95-f1b3-4797-8bb6-1012ff62abba}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"TelevisionFanatic Search Scope Monitor"=- 
"TelevisionFanatic Browser Plugin Loader"=- 
"Allin1Convert Search Scope Monitor"=- 
"Allin1Convert_8h Browser Plugin Loader"=- 
"mobilegeni daemon"=- 
"ApnTBMon"=- 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"NextLive"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\TelevisionFanatic not found
C:\Program Files (x86)\AskPartnerNetwork not found
C:\Program Files (x86)\Allin1Convert_8h not found
C:\Users\annie\AppData\Roaming\newnext.me not found
C:\Program Files (x86)\BlockAndSurf-soft not found
C:\Program Files (x86)\Mobogenie not found
C:\Users\annie\AppData\Roaming\mediabarim not found
"C:\WINDOWS\tasks\BlockAndSurf Update.job" not found
"C:\WINDOWS\tasks\BlockAndSurf_wd.job" not found

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 8174 MB
CPU Info: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
CPU Speed: 2247,0 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Display Adapters: AMD Radeon 6600M and 6700M Series | AMD Radeon 6600M and 6700M Series
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Qualcomm Atheros AR5B97 Wireless Network Adapter | Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) | Microsoft Hosted Network Virtual Adapter
CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ8A0AS
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  682,5GB
Hard Disks - Free: C:  551,1GB
Manufacturer *: Acer
BIOS Info: AT/AT COMPATIBLE | 07/11/11 | InsydeH2O Version V1.12
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer JE70_HR
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Default Browser: Opera Internet Browser	31.0.1889.174
Internet Explorer Version: 11.0.10240.16431 
Google Chrome version: 44.0.2403.157
Adobe Reader version: 11.0.12.18
Sun Java version: 1.8.0_51 (32-bit) 
Sun Java version: 1.8.0_51 (64-bit) 
Flash Player version: 18.0.0.232
Shockwave Player version: 12.0.7r148

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-08-19 08:05:15	F1CBCB7FA6F3B309639AA2D4EF74469C	4532304	----a-w-	C:\WINDOWS\explorer.exe
2015-08-12 12:57:57	986BC1A9E29A9E35C1D10D874616ACBB	215040	----a-w-	C:\WINDOWS\notepad.exe
2015-08-01 10:16:24	692CA5EBC9E0CEF0A8D0BE4DF7400CEE	9528	----a-w-	C:\WINDOWS\diagwrn.xml
2015-08-01 10:16:24	5BB38BC893E43343D711AD6A1C60FC0A	10449	----a-w-	C:\WINDOWS\diagerr.xml
====== C:\Users\annie\AppData\Local\Temp ====
====== Java Cache =====
2015-08-15 11:05:20	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\annie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-4791a859
2015-08-15 11:05:25	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\annie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\47c58863-2e09f402
====== C:\WINDOWS\SysWOW64 =====
2015-08-19 08:05:21	A99C1929E71DDFD4258909BC735D0FD0	19323392	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 08:05:20	534D1504533D7B96D74F562DB232C264	13024768	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-19 08:05:18	5115AEECE3C854A51EDCB53225E0F8AB	18805760	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-19 08:05:14	B3F90790F991A5A21113B58EE50FA696	4048808	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2015-08-19 08:05:13	7446169BFAC42215DF9DADD52EBC2316	2151208	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-19 08:05:13	72262CB79DA833B4DCBFBCDD7C752B1A	1964544	----a-w-	C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-19 08:05:12	08ACE959D9152831EC3E48ABD3DF24C6	2880032	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-19 08:05:11	ACA6C8CC89A43F3BABF276662716023D	2748416	----a-w-	C:\WINDOWS\SysWOW64\tquery.dll
2015-08-19 08:05:11	2319148AD45E426D290DECEB71CB84FE	1916928	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-19 08:05:10	C38851FD023BAE3AE54D4A8DCC28914A	586752	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-19 08:05:10	A1B3D0C660DCD7C1D901DAE9A5F1710C	1593856	----a-w-	C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-19 08:05:09	D3F6EEB4FFCFB1A2EC86CCF08BF35A4D	5454848	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-19 08:05:09	51DDB23BEB935F57C49166DCFEE10206	243800	----a-w-	C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-19 08:05:08	F8EC9D17DB30C1D8B3B7CBFF31161452	918320	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-19 08:05:08	8228A523B9FF392936554EE5F223F05B	1823232	----a-w-	C:\WINDOWS\SysWOW64\InputService.dll
2015-08-19 08:05:07	D5B87565371F8BE13765F236ED366095	454000	----a-w-	C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-19 08:05:07	C5C9A28C664F16EF252FFC26AE6F7FCD	1112064	----a-w-	C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-19 08:05:05	E0BAA615AFD8783F7A3B02517118403F	448512	----a-w-	C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-19 08:05:05	404A006C387E4F19B4DAB664144B8520	671232	----a-w-	C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-19 08:05:04	A409DD1928743E5E7D3A796381B9BEAB	159744	----a-w-	C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-19 08:05:03	A88D4E2F968E444C40709082C579FEA3	311808	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-19 08:05:03	45C650F31088C2820304CFA4A3D4F5FA	845664	----a-w-	C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-19 08:05:02	9DFC5E350801E27392CE4E817C4CF990	372224	----a-w-	C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-19 08:05:02	951D71B5D602745997A6DCBA33FC5358	280576	----a-w-	C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-19 08:05:01	E8192A23618BCEDE02446F491CB70BDB	42496	----a-w-	C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-19 08:05:01	95A776B86DC5268EB06679351B5D2F7D	131584	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-19 08:05:01	435EE3E7A2EB0274E5C976A0B3773CA7	162304	----a-w-	C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-19 08:05:01	011A8CA5E2B3399EB0D893587B830C6B	420352	----a-w-	C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-15 11:05:00	37027850A9008DE507605036661F8D9F	97888	----a-w-	C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-15 09:17:14	1C2FEBCF880FA7B3EF16282B352B6726	83632	----a-w-	C:\WINDOWS\SysWOW64\SFCOM.dll
2015-08-12 12:58:26	35E89DA499A3A12E5ACB4A195BF289EC	6878256	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 12:58:10	2014B86D0FC0C2AAAACBD3E6CAEFDA8C	20857848	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2015-08-12 12:58:09	FFB18D34D8B9851A6E355BE1910DC201	11262464	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 12:58:03	1A52C84D2D831E73DEADE40EB6407FED	1162240	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 12:58:03	03A5DCD1D5046AA09295CF97B94389E9	898560	----a-w-	C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 12:58:02	50A3C0D8655F5ACFE4320FB207A098F1	1985024	----a-w-	C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 12:58:01	BE91839AB726C995AFF389AA298F9332	494592	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 12:58:01	B956B3ED0F23D368F64DD2BAA7D79C83	644128	----a-w-	C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 12:58:00	0450D47983B8F40B6628AF029F830B34	195072	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 12:57:59	981229E718319A9A01F7E740A8D855FD	700256	----a-w-	C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 12:57:59	51BA217CB0424E93C2353F0ACC9B3360	303104	----a-w-	C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 12:57:59	5036F8014556AAAA662A672F3D58F04C	261632	----a-w-	C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 12:57:58	9B6BB176E3FD34FEC781053AF5B139B6	539728	----a-w-	C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-12 12:57:58	7AF34E43DE496A316DD096AEBDE2492A	268800	----a-w-	C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 12:57:58	62C4E525EE16D6224D746A8488CD657E	752640	----a-w-	C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-12 12:57:57	9AA440F8F580C573D0F2732DA6ECB87A	207872	----a-w-	C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 12:57:57	1C33723A070D41AF85309681EEF63B58	1533496	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 12:57:49	40ABA8C4ACE20FA236C97725FD27D1C4	311808	----a-w-	C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-12 12:57:47	48F3E13B0A221DDEB4FCEDC0B5EE65EC	217088	----a-w-	C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 12:57:46	14B2B40AF5DAE0AD8057341F54FEF9EC	81920	----a-w-	C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-08-24 08:12:28	CB7C5F27212DAF75F423233EAA8F9149	16148	----a-w-	C:\WINDOWS\Sysnative\ANNIE-PC_annie_HistoryPrediction.bin
2015-08-19 08:05:27	45DCF48E0DFF6E0CFF89D3DDD6ACC567	24593408	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2015-08-19 08:05:26	2F4814B7776BCA279AA15A172FC50FAD	21875200	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2015-08-19 08:05:25	E425EF1812C8DB0EE3843CD32156A6FE	16706560	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2015-08-19 08:05:17	9ED18AA0A7F4DEC9779CE9059FE6D057	3527168	----a-w-	C:\WINDOWS\Sysnative\tquery.dll
2015-08-19 08:05:16	D1650F6BDDF820399421C2952675731A	2558976	----a-w-	C:\WINDOWS\Sysnative\mssrch.dll
2015-08-19 08:05:15	E05DCB3D08C95D0A02872F6CF99289D2	2416640	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2015-08-19 08:05:14	B9EB77A3CDC1B88D616B8EDCF2B2F380	7523328	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2015-08-19 08:05:14	802E5A0B96C1E9FCC0CBFD75F04CE7DF	2093056	----a-w-	C:\WINDOWS\Sysnative\wlidsvc.dll
2015-08-19 08:05:14	7775813F334A07EDC0C569CC0E180254	2224640	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2015-08-19 08:05:14	58395E37ED838B93A56F1D089C2F53CF	1643872	----a-w-	C:\WINDOWS\Sysnative\diagtrack.dll
2015-08-19 08:05:12	FBFD88423E5DCB87E711C4F7CB4FB24D	778752	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
2015-08-19 08:05:12	A70A997B88EAEE0E898DA5773045AFF1	2446336	----a-w-	C:\WINDOWS\Sysnative\InputService.dll
2015-08-19 08:05:12	9C8E36A3581BA65775F4C7773F8EE48A	3622256	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2015-08-19 08:05:11	589E946CAEC63987E4469E5C3270F50D	1890304	----a-w-	C:\WINDOWS\Sysnative\dwmcore.dll
2015-08-19 08:05:11	16018214C82C4AA1F58A037FC4601A04	996352	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2015-08-19 08:05:10	346437C06343AD9F49F37196494E0C8D	2178560	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2015-08-19 08:05:10	0E44F76619A9C77AFBFFA037B686AE5C	1795072	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2015-08-19 08:05:09	B02EA3A2E6BEDAB9C954AAC6BD887874	292856	----a-w-	C:\WINDOWS\Sysnative\LockAppHost.exe
2015-08-19 08:05:09	AF7D73AF34062757BFF95CFE33C50507	3588096	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2015-08-19 08:05:09	989EC133AD360CE71F85974B03143D97	1178112	----a-w-	C:\WINDOWS\Sysnative\wwansvc.dll
2015-08-19 08:05:09	5CBC31844EDC2197D735097CB16A96DB	1334784	----a-w-	C:\WINDOWS\Sysnative\UIAutomationCore.dll
2015-08-19 08:05:08	E283DE7B5BB438BE4CCD393DA582A5D2	404480	----a-w-	C:\WINDOWS\Sysnative\diagtrack_wininternal.dll
2015-08-19 08:05:08	0D54B6F4DFFC23E1B73C35A98DA14F49	554744	----a-w-	C:\WINDOWS\Sysnative\directmanipulation.dll
2015-08-19 08:05:08	0BC61871B9B1446C0B28CB5526DC171C	893440	----a-w-	C:\WINDOWS\Sysnative\MbaeApiPublic.dll
2015-08-19 08:05:07	BB87BF4D17EBB3C05236FDAA048EBE07	593920	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2015-08-19 08:05:07	B7200F60B3E4B0916F4A931BBC75049C	563200	----a-w-	C:\WINDOWS\Sysnative\MbaeApi.dll
2015-08-19 08:05:07	2C7B2FD825A8AF0A1338D86B5AFA4343	413184	----a-w-	C:\WINDOWS\Sysnative\diagtrack_win.dll
2015-08-19 08:05:06	EC2C108176F80A8D18618A6D0BA306BA	186368	----a-w-	C:\WINDOWS\Sysnative\cloudAP.dll
2015-08-19 08:05:06	CFFE537A11AE6C825F36240B96689886	993104	----a-w-	C:\WINDOWS\Sysnative\ReAgent.dll
2015-08-19 08:05:06	78FEDDED673167515E77B9BD35B13B3D	137216	----a-w-	C:\WINDOWS\Sysnative\LocationPermissions.dll
2015-08-19 08:05:06	5E8D09216315B063FD4AEAB9508F0776	1087296	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2015-08-19 08:05:06	0E585006B82E0566AE521641D827F852	235520	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_Notifications.dll
2015-08-19 08:05:05	F777FE6BA9C62A4D90BC7017C8FED35F	336384	----a-w-	C:\WINDOWS\Sysnative\SearchProtocolHost.exe
2015-08-19 08:05:05	9CD0ED32E28B9123DBB8B20AE62A68A4	235008	----a-w-	C:\WINDOWS\Sysnative\UserMgrProxy.dll
2015-08-19 08:05:05	7143FF944C20AB5C6D4485A0469F2797	115712	----a-w-	C:\WINDOWS\Sysnative\MbaeParserTask.exe
2015-08-19 08:05:05	501AEED29B30B32BB50416C1E04380E6	148992	----a-w-	C:\WINDOWS\Sysnative\tetheringservice.dll
2015-08-19 08:05:04	EF4EBEF8171480690853D853448DC078	342016	----a-w-	C:\WINDOWS\Sysnative\LocationGeofences.dll
2015-08-19 08:05:04	C96420A6DE22D19E40506DA8397D8108	8021840	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2015-08-19 08:05:04	901350B41D1262A95B5D907BD95A4145	642560	----a-w-	C:\WINDOWS\Sysnative\rdbui.dll
2015-08-19 08:05:03	D5B31B2F14848015C211F1D674A82F3A	1106432	----a-w-	C:\WINDOWS\Sysnative\sysmain.dll
2015-08-19 08:05:03	B2C2DB1FD34658D087AB065DD027C8F3	274432	----a-w-	C:\WINDOWS\Sysnative\syncutil.dll
2015-08-19 08:05:03	5D8B52B89A79503282E1C6E20464721A	414208	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2015-08-19 08:05:03	577E9A5CCFF75F4EBE5D3F84BE3E3F8D	483328	----a-w-	C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll
2015-08-19 08:05:02	8C7CCD8D67C1E4A3E5A5EEED3320AC08	32768	----a-w-	C:\WINDOWS\Sysnative\wuautoappupdate.dll
2015-08-19 08:05:02	513A8EF909DFCDD872E60A0EA03FEAAB	52224	----a-w-	C:\WINDOWS\Sysnative\tetheringclient.dll
2015-08-19 08:05:02	14B7BC31B956DEB1B1E2F76B5BE41E0F	2462648	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2015-08-19 08:05:01	F5839DD5FD73019B046ED7FD87AE6C71	123392	----a-w-	C:\WINDOWS\Sysnative\mssprxy.dll
2015-08-19 08:05:01	126DAFB266654F489B6692B6D5678B90	621056	----a-w-	C:\WINDOWS\Sysnative\enterprisecsps.dll
2015-08-19 08:05:01	124DC4FC14EEA95B8E05F139A57D5B91	553472	----a-w-	C:\WINDOWS\Sysnative\GamePanel.exe
2015-08-15 09:17:15	E6E4DA1464EC036AD110B7B6A2A54883	532384	----a-w-	C:\WINDOWS\Sysnative\SRSTSX64.dll
2015-08-15 09:17:15	D132E8F870919C8A4E6930866FD75C88	209536	----a-w-	C:\WINDOWS\Sysnative\SRSHP64.dll
2015-08-15 09:17:15	CB57496B1AF096B42D95B61632DD859D	221968	----a-w-	C:\WINDOWS\Sysnative\SRSTSH64.dll
2015-08-15 09:17:15	5C9047C159EE21D63893DC77EEB20F8E	166208	----a-w-	C:\WINDOWS\Sysnative\SRSWOW64.dll
2015-08-15 09:17:15	17415F158114776546A5FD7C325FE715	965032	----a-w-	C:\WINDOWS\Sysnative\SFSS_APO.dll
2015-08-15 09:17:14	F4887FACB185BA6472073E3775AB0164	2926848	----a-w-	C:\WINDOWS\Sysnative\RtPgEx64.dll
2015-08-15 09:17:14	C2828030E202E9693E3553C5F96EEE40	343712	----a-w-	C:\WINDOWS\Sysnative\RtlCPAPI64.dll
2015-08-15 09:17:14	9611C316D0E8F4AF379E6A0E50FB5716	2710784	----a-w-	C:\WINDOWS\Sysnative\RTSnMg64.cpl
2015-08-15 09:17:14	78FED04B040A101EB02CBA370CBDA14C	90920	----a-w-	C:\WINDOWS\Sysnative\SFCOM64.dll
2015-08-15 09:17:14	3D47D6EDBA872DF058AEBC33AA61AA64	231920	----a-w-	C:\WINDOWS\Sysnative\SFNHK64.dll
2015-08-15 09:17:14	2C3DCF25D5FE14B3B429F7888B8D5E21	88328	----a-w-	C:\WINDOWS\Sysnative\SFAPO64.dll
2015-08-15 09:17:13	E31F9FCB2537658F5ED1BE68D810B37F	88352	----a-w-	C:\WINDOWS\Sysnative\RTEEG64A.dll
2015-08-15 09:17:13	DEC8F124829E17CA3C05107D6DFF69FA	321720	----a-w-	C:\WINDOWS\Sysnative\RP3DAA64.dll
2015-08-15 09:17:13	A7B225BB9EB8B346BECA1B3B23775D33	321720	----a-w-	C:\WINDOWS\Sysnative\RP3DHT64.dll
2015-08-15 09:17:13	99C970DFDAC9B86AE7D1B58155F3C374	3271912	----a-w-	C:\WINDOWS\Sysnative\RtkApi64.dll
2015-08-15 09:17:13	7B11B26D04320C1E58022BDE30CA27CA	23696	----a-w-	C:\WINDOWS\Sysnative\RtkCoLDR64.dll
2015-08-15 09:17:13	65B6AA7CB7624C72B9FEF7E0A5B87421	645456	----a-w-	C:\WINDOWS\Sysnative\RtDataProc64.dll
2015-08-15 09:17:13	468233E194D4AAEC66714F65E622D488	176968	----a-w-	C:\WINDOWS\Sysnative\RtkCfg64.dll
2015-08-15 09:17:13	335B51E3F69B7F144B0AF7666E1702A7	1336528	----a-w-	C:\WINDOWS\Sysnative\RTCOM64.dll
2015-08-15 09:17:13	20EAD89E5044DE5A2941537DE359A7C7	214832	----a-w-	C:\WINDOWS\Sysnative\RTEED64A.dll
2015-08-15 09:17:13	207E597220E4E54D5E7B8A06F1607600	110984	----a-w-	C:\WINDOWS\Sysnative\RTEEL64A.dll
2015-08-15 09:17:13	0C22251BF39C141EB580A3D7E0486779	387320	----a-w-	C:\WINDOWS\Sysnative\RTEEP64A.dll
2015-08-15 09:17:12	C1A124D4C8FDE04A5BB51277FC4EF6CB	7172920	----a-w-	C:\WINDOWS\Sysnative\R4EEP64A.dll
2015-08-15 09:17:12	601C66012ABA69932AAF0D1BADBECEDE	72121872	----a-w-	C:\WINDOWS\Sysnative\RCoRes64.dat
2015-08-15 09:17:12	59E3488C0A1B2D5404DA7159616E7529	1756928	----a-w-	C:\WINDOWS\Sysnative\RCoInstII64.dll
2015-08-15 09:17:12	5578A467119491F95BC4AC7297959631	151792	----a-w-	C:\WINDOWS\Sysnative\R4EEL64A.dll
2015-08-15 09:17:11	C6F4FFC449F0E530310986ED903D7DEF	447720	----a-w-	C:\WINDOWS\Sysnative\R4EED64A.dll
2015-08-15 09:17:11	62560EB3B05AA687E4EAE3E4CEFEF019	84616	----a-w-	C:\WINDOWS\Sysnative\R4EEG64A.dll
2015-08-15 09:17:11	52FB52A981FE6F375160491C972712B7	134200	----a-w-	C:\WINDOWS\Sysnative\R4EEA64A.dll
2015-08-15 09:17:10	04234879F4A8F8B768A8D4DC0F444E0D	677672	----a-w-	C:\WINDOWS\Sysnative\MaxxVolumeSDAPO.dll
2015-08-15 09:17:09	98BA4461E962C9E8F00C5ABBC5867C79	330568	----a-w-	C:\WINDOWS\Sysnative\MaxxAudioAPO20.dll
2015-08-15 09:17:09	7B6B17826474CEF2E432A4BFBC809C4E	678184	----a-w-	C:\WINDOWS\Sysnative\MaxxAudioAPO30.dll
2015-08-15 09:17:09	1053E6C17DBD059422FEB4F967C9C297	2050184	----a-w-	C:\WINDOWS\Sysnative\MaxxAudioEQ64.dll
2015-08-15 09:17:06	AA425753D4AED461D0531256E0E927E0	441272	----a-w-	C:\WINDOWS\Sysnative\DTSGainCompensatorDLL64.dll
2015-08-15 09:17:06	AA1B3E531D519E5E777ED75834148BBC	504312	----a-w-	C:\WINDOWS\Sysnative\DTSNeoPCDLL64.dll
2015-08-15 09:17:06	8673B3A05AF693A96FE53DE9AFFB2656	1591064	----a-w-	C:\WINDOWS\Sysnative\DTSS2HeadphoneDLL64.dll
2015-08-15 09:17:06	7886E418D4D59F77182518D461EE3551	253864	----a-w-	C:\WINDOWS\Sysnative\DTSLFXAPO64.dll
2015-08-15 09:17:06	74B2540D82452F121FC632A1A5E76852	253904	----a-w-	C:\WINDOWS\Sysnative\DTSGFXAPO64.dll
2015-08-15 09:17:06	60BD7F70E54CACFDDE5E0F2890C2B3C5	445400	----a-w-	C:\WINDOWS\Sysnative\DTSLimiterDLL64.dll
2015-08-15 09:17:06	5450995EA8F0F4C6FCCFD2E6AF4B30A0	708312	----a-w-	C:\WINDOWS\Sysnative\DTSVoiceClarityDLL64.dll
2015-08-15 09:17:06	4DCA9E2DAD534B8B893152041181F00E	3232448	----a-w-	C:\WINDOWS\Sysnative\FMAPO64.dll
2015-08-15 09:17:06	26ED45050D54C30F84CFB4EBA14F0F61	252880	----a-w-	C:\WINDOWS\Sysnative\DTSGFXAPONS64.dll
2015-08-15 09:17:06	1B6AAB5812DAD434859DAC7824322C35	727440	----a-w-	C:\WINDOWS\Sysnative\DTSSymmetryDLL64.dll
2015-08-15 09:17:06	14E673E0E22A2407A439B55113F4C042	1780624	----a-w-	C:\WINDOWS\Sysnative\DTSS2SpeakerDLL64.dll
2015-08-15 09:17:05	F74D1D989528A9D2F8B62300375A665F	743968	----a-w-	C:\WINDOWS\Sysnative\DTSBassEnhancementDLL64.dll
2015-08-15 09:17:05	D9ED946E612914C67F530F469C582AB4	7096192	----a-w-	C:\WINDOWS\Sysnative\DDPP64A.dll
2015-08-15 09:17:05	704B9243673AD64719FE6FEF40896E13	6251328	----a-w-	C:\WINDOWS\Sysnative\DDPP64AF3.dll
2015-08-15 09:17:05	17E12A73A758FD6C164B559E661E86A9	1508936	----a-w-	C:\WINDOWS\Sysnative\DTSBoostDLL64.dll
2015-08-15 09:17:04	FC2C602B6CEDD85FDF0D6C5CBEE45EA3	122328	----a-w-	C:\WINDOWS\Sysnative\CONEQMSAPOGUILibrary.dll
2015-08-15 09:17:04	EAC2CDBDFBFF5D3E2083E77E6437D571	1959608	----a-w-	C:\WINDOWS\Sysnative\DDPD64AF3.dll
2015-08-15 09:17:04	A8735674D1A327ED0FA5125DD084EFD9	348088	----a-w-	C:\WINDOWS\Sysnative\DDPO64AF3.dll
2015-08-15 09:17:04	8B3D4E4327340C495A11F33FB4B97C88	574248	----a-w-	C:\WINDOWS\Sysnative\AERTAC64.dll
2015-08-15 09:17:04	7C4E338F6F57375F73CC985FAF150873	118600	----a-w-	C:\WINDOWS\Sysnative\AERTAR64.dll
2015-08-15 09:17:04	7319EAD10DD0640147F3F13E1430862B	296496	----a-w-	C:\WINDOWS\Sysnative\DDPA64F3.dll
2015-08-12 12:58:25	C397F52BD6B482E6E33B065267680A87	8613200	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll
2015-08-12 12:58:12	73D5E740C6A95EC210A8D7E6E6608FB8	22322624	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2015-08-12 12:58:11	68FA913A24F94C5D908959CC58EF1E87	12503552	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2015-08-12 12:58:08	3B1885355D9B776FF04A109044A4F906	3780096	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2015-08-12 12:58:04	F1404C842382FEF4F46FEABF2CBC1FFD	1212416	----a-w-	C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll
2015-08-12 12:58:03	69B076C9D3B75647EE1807E168F20F78	2415104	----a-w-	C:\WINDOWS\Sysnative\DWrite.dll
2015-08-12 12:58:03	5269F5C2B0F21725103FAB113B4CAF7F	1601536	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Speech.dll
2015-08-12 12:58:02	C197284A9D565A38497733AF2BDFA111	1679360	----a-w-	C:\WINDOWS\Sysnative\FntCache.dll
2015-08-12 12:58:02	BB59336AFCFE1EBBBC3BDE0FE68667A6	583128	----a-w-	C:\WINDOWS\Sysnative\mf.dll
2015-08-12 12:58:02	3DB6BAA19408895C9E0BB55084DD94F3	595456	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2015-08-12 12:58:02	2EA574C3DCFCD47502946B85B342AA0C	1008640	----a-w-	C:\WINDOWS\Sysnative\schedsvc.dll
2015-08-12 12:58:00	FC98CE6073D93E6038C7D6A28993B9EC	365056	----a-w-	C:\WINDOWS\Sysnative\atmfd.dll
2015-08-12 12:58:00	AD5EACF5ED458DD452C7CB4162C777D3	247808	----a-w-	C:\WINDOWS\Sysnative\facecredentialprovider.dll
2015-08-12 12:58:00	A1EFFF8EA50BE57AC38264541F1B88FD	801632	----a-w-	C:\WINDOWS\Sysnative\WWAHost.exe
2015-08-12 12:58:00	3FB396E72353F0907C7672FDF17535EF	1383424	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2015-08-12 12:58:00	377B0D82DBAED2C8260A41DD6E54F2D1	783112	----a-w-	C:\WINDOWS\Sysnative\mfsvr.dll
2015-08-12 12:58:00	359B9747F3D573EF3B14537AB6DAA745	273920	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll
2015-08-12 12:57:59	E4FEBAC5221A92C25734A9769B66A97D	310784	----a-w-	C:\WINDOWS\Sysnative\ActionCenter.dll
2015-08-12 12:57:59	919663D05E791FBC7A5766E150435279	120832	----a-w-	C:\WINDOWS\Sysnative\NetworkStatus.dll
2015-08-12 12:57:59	55CC9E5EA8F5700270FED0B8C72657DB	608936	----a-w-	C:\WINDOWS\Sysnative\fontdrvhost.exe
2015-08-12 12:57:59	256439DB8B3376FDEF76CB211936C709	162304	----a-w-	C:\WINDOWS\Sysnative\SubscriptionMgr.dll
2015-08-12 12:57:58	FBFC4EAC38BEC9515BBAC57D1F2288E6	573440	----a-w-	C:\WINDOWS\Sysnative\Windows.Cortana.Desktop.dll
2015-08-12 12:57:58	F3994884BE4F1019B4EC34F85A3397E7	171520	----a-w-	C:\WINDOWS\Sysnative\WinBioDataModel.dll
2015-08-12 12:57:58	E22030052530D1A6825C47B997EC0DD3	814080	----a-w-	C:\WINDOWS\Sysnative\msctfuimanager.dll
2015-08-12 12:57:58	AD742465B0808BFA5680E9AA776CC4CF	1274880	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2015-08-12 12:57:58	20436EF4CDBBC0B87464EE42D9D31C99	306688	----a-w-	C:\WINDOWS\Sysnative\NotificationObjFactory.dll
2015-08-12 12:57:57	986BC1A9E29A9E35C1D10D874616ACBB	215040	----a-w-	C:\WINDOWS\Sysnative\notepad.exe
2015-08-12 12:57:57	62821B34C9D94E7E58FD2D71F426F5C0	78848	----a-w-	C:\WINDOWS\Sysnative\VPNv2CSP.dll
2015-08-12 12:57:57	52F96A08076479231FFFB908073B1654	1822280	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2015-08-12 12:57:57	2E4FA4D0461BB78EC23E12404BED604E	179712	----a-w-	C:\WINDOWS\Sysnative\coredpus.dll
2015-08-12 12:57:57	17455BCDC07F2C12C560625DF0094FEA	317440	----a-w-	C:\WINDOWS\Sysnative\configmanager2.dll
2015-08-12 12:57:55	17A344D0A065883ABE6A9239093E7CA9	594472	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll
2015-08-12 12:57:53	D8BBDC20C9A4D7788557E7CCB65D954A	243248	----a-w-	C:\WINDOWS\Sysnative\mfps.dll
2015-08-12 12:57:49	B18470F8E5F68E586E4DA6716D2ECDB4	384000	----a-w-	C:\WINDOWS\Sysnative\LockAppBroker.dll
2015-08-12 12:57:49	54D78B8A26900F3E08191ABF0AD499A2	193536	----a-w-	C:\WINDOWS\Sysnative\SharedStartModelShim.dll
2015-08-12 12:57:48	8CCD8CE6D255188E30410989D6A0C29C	911360	----a-w-	C:\WINDOWS\Sysnative\SharedStartModel.dll
2015-08-12 12:57:48	79431E9EEAE85C3E579D28265D2E3F21	503808	----a-w-	C:\WINDOWS\Sysnative\tileobjserver.dll
2015-08-12 12:57:48	757E4DEB80CDC431C91319EAF2F222B7	1290752	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2015-08-12 12:57:47	BABB3A14002CE205616C9A10373AE040	253952	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_UserAccount.dll
2015-08-12 12:57:47	54490FB29B76473909C936E007297D9E	282112	----a-w-	C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2015-08-12 12:57:46	52ABEA8D9AF917CDFF22931595BDC64F	122880	----a-w-	C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-08-19 08:05:05	AE7B7E1E95BFB9340B1956C98CA52C81	80720	----a-w-	C:\WINDOWS\Sysnative\drivers\stornvme.sys
2015-08-19 08:05:02	7680537006A420D7488E5057A8149F86	442208	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2015-08-15 09:17:14	7D7FBC9504575D97885A858EA93684F5	5804772	----a-w-	C:\WINDOWS\Sysnative\drivers\rtvienna.dat
2015-08-15 09:17:14	622868E4BAE8FBCD22CB1A5901A2C824	4504320	----a-w-	C:\WINDOWS\Sysnative\drivers\RTKVHD64.sys
2015-08-15 09:17:13	308B5588224A6B4931F64B4164CE07BF	2813457	----a-w-	C:\WINDOWS\Sysnative\drivers\RTAIODAT.DAT
2015-08-12 12:58:04	310334DAF2C455744703E2D582942DF3	1983840	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2015-08-12 12:57:59	DAF957B25A35757E9D814611FAE8FE3B	237392	----a-w-	C:\WINDOWS\Sysnative\drivers\rdyboost.sys
2015-08-12 12:57:59	9B2039C5673EEBF1D4E34ABC0AFB88C7	685568	----a-w-	C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys
2015-08-12 12:57:59	024E17D876211501EEC41503A797BDCE	505696	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2015-08-12 12:57:58	D5EC9413527B286CFEEB0294C53ABB95	102752	----a-w-	C:\WINDOWS\Sysnative\drivers\mountmgr.sys
2015-08-12 12:57:58	7E51F2AD1D729F5CDBB6BE21CB58FEB7	516960	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2015-08-12 12:57:57	78CA1FF6FE37EEFAFF99DD1C956AF60A	200528	----a-w-	C:\WINDOWS\Sysnative\drivers\wof.sys
2015-08-12 12:57:56	388F2A3C771B8BEE76FD1AAF9614D08E	52264	----a-w-	C:\WINDOWS\Sysnative\drivers\wpcfltr.sys
2015-08-12 12:57:55	988588C16A53C2581488C15FF18934BF	46432	----a-w-	C:\WINDOWS\Sysnative\drivers\msgpiowin32.sys
2015-08-12 12:57:52	E1652E25178FB1D48A10DBF377F3A63D	393568	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2015-08-11 07:50:36	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-08-09 05:10:14	FAE275EAF88BF3932212DB0C7D202870	52248	----a-w-	C:\WINDOWS\Sysnative\drivers\ati2erec.dll
2015-08-09 05:10:10	3B3A9250EBC097B233168170547B5410	306424	----a-w-	C:\WINDOWS\Sysnative\drivers\amdacpksd.sys
2015-08-08 13:44:31	466EC5659C02ED53DBD47DC1BC2B8086	2116448	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2015-08-08 13:44:24	14B46248612DF1B1A695040FFFBCFAFC	155136	----a-w-	C:\WINDOWS\Sysnative\drivers\tunnel.sys
2015-08-08 13:44:23	647E2A425AD43637EAA01096A58B7089	65536	----a-w-	C:\WINDOWS\Sysnative\drivers\bthhfenum.sys
2015-08-02 11:09:05	EBEE2CD97C1CEBB8CA53FBFECFF328E9	8214	----a-w-	C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.CAT
2015-08-02 11:09:05	6DF8F618B93C821630C9BAA8DA3FAAAF	111344	----a-w-	C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.SYS
2015-08-02 11:09:05	43687EBC193F837182769BEA27427142	855	----a-w-	C:\WINDOWS\Sysnative\drivers\SYMEVENT64x86.INF
2015-08-01 12:02:06	F746E4699DA21460604479CB3B6D6EE9	428216	----a-w-	C:\WINDOWS\Sysnative\drivers\ETD.sys
2015-08-01 11:57:13	5BC406A4BBB2EF7FEFD990B4A48DE059	673816	----a-w-	C:\WINDOWS\Sysnative\drivers\atikmpag.sys
2015-08-01 11:57:13	1F7FD5F70520EE285E708DD7B8560A09	21631512	----a-w-	C:\WINDOWS\Sysnative\drivers\atikmdag.sys
2015-08-01 11:57:03	A6518DCC42F7A6E999BB3BEA8FD87567	56344	----a-w-	C:\WINDOWS\Sysnative\drivers\HECIx64.sys
2015-08-01 11:55:59	2C72E029C153D25325CA182A669E4ADE	934752	----a-w-	C:\WINDOWS\Sysnative\drivers\refsv1.sys
2015-08-01 11:55:59	2834089EA4E550FF3B96E61FB4AA34ED	325984	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2015-08-01 11:55:58	15FE07A404C8A0CD306661433027FFE4	498016	----a-w-	C:\WINDOWS\Sysnative\drivers\usbhub.sys
2015-08-01 11:55:55	D43EAFF4887321A07D9F9A9DD7225E07	1168736	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2015-08-01 11:55:52	F038EAF73AAB72A4A89185A5A7B9FD75	61280	----a-w-	C:\WINDOWS\Sysnative\drivers\dam.sys
2015-08-01 11:55:51	DE3EDAF609D00EA2E54986E6459796A6	46080	----a-w-	C:\WINDOWS\Sysnative\drivers\UcmUcsi.sys
2015-08-01 11:55:50	3B64DA873CEA5BEC42570BFF1054A014	601344	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2015-08-01 11:55:49	B87D3D07FE6F15328C6860D542F0E2BD	565088	----a-w-	C:\WINDOWS\Sysnative\drivers\acpi.sys
2015-08-01 11:55:48	1F72E1A7E1858B7B3FF81522FCEBDE95	67072	----a-w-	C:\WINDOWS\Sysnative\drivers\usbser.sys
2015-08-01 11:44:56	FD9A5BCC3AFB02E87668B749546B6229	102912	----a-w-	C:\WINDOWS\Sysnative\drivers\AtihdWT6.sys
====== C:\WINDOWS\Tasks ======
2015-08-14 09:47:23	B95FEAAF64FDBFF5BE8F93B8F7FBC0E4	2790	----a-w-	C:\WINDOWS\Sysnative\Tasks\DriverToolkit Autorun
2015-08-14 09:47:22	3617872CD302E757FA8F47DD6C07B38C	376	----a-w-	C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2015-08-01 12:38:09	BE01C0919450BE13C6B3A6FF0756484E	4148	----a-w-	C:\WINDOWS\Sysnative\Tasks\Opera scheduled Autoupdate 1438432675
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-08-23 11:00:49	--------	d-----w-	C:\Program Files\trend micro
2015-08-15 09:18:25	--------	d-----w-	C:\Program Files\Realtek
2015-08-13 09:24:48	--------	d-----w-	C:\Program Files\Speccy
2015-08-01 11:59:48	--------	d-----w-	C:\Program Files\Common Files\ATI Technologies
2015-08-01 11:59:23	--------	d-----w-	C:\Program Files\AMD
2015-08-01 11:42:01	--------	d-----w-	C:\Program Files\Reference Assemblies
2015-08-01 11:42:01	--------	d-----w-	C:\Program Files\MSBuild
2015-08-01 11:00:09	--------	d-----w-	C:\Program Files\Common Files\SpeechEngines
======= C:\PROGRA~2 =====
2015-08-23 11:05:01	--------	d-----w-	C:\PROGRA~2\trend micro
2015-08-15 11:05:03	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-08-15 11:04:25	--------	d-----w-	C:\PROGRA~2\Java
2015-08-15 09:55:06	--------	d-----w-	C:\PROGRA~2\COMMON~1\ATI Technologies
2015-08-15 09:55:05	--------	d-----w-	C:\PROGRA~2\AMD AVT
2015-08-15 09:55:02	--------	d-----w-	C:\PROGRA~2\AMD APP
2015-08-15 08:22:24	--------	d-----w-	C:\PROGRA~2\AMD
2015-08-14 09:46:29	--------	d-----w-	C:\PROGRA~2\DriverToolkit
2015-08-11 14:13:25	--------	d-----w-	C:\PROGRA~2\Raptr
2015-08-01 11:42:01	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2015-08-01 11:42:01	--------	d-----w-	C:\PROGRA~2\MSBuild
2015-08-01 11:00:18	--------	d-----w-	C:\PROGRA~2\COMMON~1\SpeechEngines
======= C: =====
====== C:\Users\annie\AppData\Roaming ======
2015-08-18 13:31:14	--------	d-s---r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Temp
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Microsoft
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-15 09:57:08	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps
2015-08-03 07:45:45	--------	d-----w-	C:\Users\annie\AppData\Local\Comms
2015-08-02 15:01:42	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2015-08-01 13:04:38	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Temp
2015-08-01 12:38:10	--------	d-----w-	C:\Users\annie\AppData\Local\Opera Software
2015-08-01 11:50:44	--------	d-----w-	C:\Users\annie\AppData\Local\MicrosoftEdge
2015-08-01 11:43:51	--------	d-----w-	C:\Users\annie\AppData\Local\Publishers
2015-08-01 11:41:09	--------	d-----w-	C:\Users\annie\AppData\Local\Packages
2015-08-01 11:41:07	--------	d-----w-	C:\Users\annie\AppData\Local\TileDataLayer
2015-08-01 11:26:05	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
2015-08-01 11:16:41	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OLYMPUS ib
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2015-08-01 11:07:38	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-01 10:56:30	--------	d-s---r-	C:\Users\annie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-01 10:56:30	--------	d-----w-	C:\Users\annie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-01 10:56:30	--------	d-----w-	C:\Users\annie\AppData\Roaming
2015-08-01 10:56:30	--------	d-----w-	C:\Users\annie\AppData\Local\Temp
2015-08-01 10:56:30	--------	d-----w-	C:\Users\annie\AppData\Local\Microsoft
2015-08-01 10:56:30	--------	d-----w-	C:\Users\annie\AppData\Local
2015-08-01 10:56:30	--------	d-----r-	C:\Users\annie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-01 10:56:30	--------	d-----r-	C:\Users\annie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-01 10:56:30	--------	d-----r-	C:\Users\annie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-01 10:56:30	--------	d-----r-	C:\Users\annie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
====== C:\Users\annie ======
2015-08-23 11:03:46	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\annie\Desktop\RSIT.exe
2015-08-18 13:31:15	6FC234AD3752E1267B34FB12BCD6718B	20	--sha-w-	C:\Users\DefaultAppPool\ntuser.ini
2015-08-18 13:31:14	--------	d--h--w-	C:\Users\DefaultAppPool\AppData
2015-08-18 13:31:14	--------	d-----w-	C:\Users\DefaultAppPool\Saved Games
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Videos
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Pictures
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Music
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Links
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Favorites
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Downloads
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Documents
2015-08-18 13:31:14	--------	d-----r-	C:\Users\DefaultAppPool\Desktop
2015-08-15 11:04:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-15 09:55:14	--------	d-----w-	C:\ProgramData\ATI
2015-08-15 09:55:11	--------	d-----w-	C:\ProgramData\AMD
2015-08-15 08:23:03	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-13 09:24:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-08-13 09:23:19	024542793EF5B061EA2AE16D991D2DD3	4845384	----a-w-	C:\Users\annie\Downloads\spsetup125.exe
2015-08-11 14:15:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-01 12:02:09	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\ProgramData\DP45977C.lfl
2015-08-01 12:00:41	--------	d-----w-	C:\ProgramData\Package Cache
2015-08-01 11:48:47	--------	d-----r-	C:\Users\annie\OneDrive
2015-08-01 11:46:13	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2015-08-01 11:41:18	--------	d--h--r-	C:\Users\Public\AccountPictures
2015-08-01 11:40:52	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\annie\ntuser.ini
2015-08-01 10:56:30	--------	d--h--w-	C:\Users\annie\AppData
2015-08-01 10:55:21	E6179D008BCFB6A3608B052E5644FEF0	4194304	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin
2015-08-01 10:55:21	A40C04B0420BC7B33469AE09E44D1DB7	196608	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak

====== C: exe-files ==
2015-08-24 08:13:48	22385EE33688B10B61DA1D8CA9549E4B	120192	----a-w-	C:\Users\annie\AppData\Local\Temp\clear.fiClient\cabarc.exe
2015-08-23 11:05:01	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files (x86)\trend micro\annie.exe
2015-08-23 11:00:49	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\annie.exe
2015-08-23 11:00:39	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\annie\AppData\Local\Microsoft\Windows\INetCache\IE\QZ3NGIHE\RSITx64.exe
2015-08-23 08:43:40	1B16795D3CB7A9FAA3FC41C56EF2966D	149184	----a-w-	C:\Users\annie\AppData\Local\Temp\3ECE89FF-CDE5-40B3-BAF9-5CC6D4C225F7\DismHost.exe
2015-08-22 09:59:52	E2AB465A4F48E9E64FE028374249B881	981584	----a-w-	C:\Program Files (x86)\Google\Update\Install\{12A3CA9F-5E14-4215-AC94-09D46A48D5CB}\44.0.2403.157_44.0.2403.155_chrome_updater.exe
2015-08-22 09:59:52	E2AB465A4F48E9E64FE028374249B881	981584	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.157\44.0.2403.157_44.0.2403.155_chrome_updater.exe
2015-08-20 10:32:03	440DC71975E19B441C1ACBAC5B26BDF1	7842376	----a-w-	C:\Users\annie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2015-08-20 10:32:03	440DC71975E19B441C1ACBAC5B26BDF1	7842376	----a-w-	C:\Users\annie\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\OneDriveSetup.exe
2015-08-20 10:31:55	919AB8AA7E0D8FBA098694A4691CF25E	147552	----a-w-	C:\Users\annie\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncConfig.exe
2015-08-19 08:48:10	E3928C1737A104B5583BCDD55DA9A436	73336	----a-w-	C:\Users\annie\AppData\Local\Programs\Opera\31.0.1889.174\wow_helper.exe
2015-08-19 08:48:10	948FA74B07C4E4DA03BD8272FA85286C	899704	----a-w-	C:\Users\annie\AppData\Local\Programs\Opera\31.0.1889.174\opera.exe
2015-08-19 08:48:10	520002C4A4737CDDD6B860E30ECD7C67	511608	----a-w-	C:\Users\annie\AppData\Local\Programs\Opera\31.0.1889.174\opera_crashreporter.exe
2015-08-19 08:48:10	502204336674EBC79860D2AE74CAC60E	3515000	----a-w-	C:\Users\annie\AppData\Local\Programs\Opera\31.0.1889.174\opera_autoupdate.exe
2015-08-19 08:48:10	0592A00BA269710A68ABC75B437FC206	1280120	----a-w-	C:\Users\annie\AppData\Local\Programs\Opera\31.0.1889.174\installer.exe
=== C: other files ==
2015-08-24 08:13:42	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\annie\AppData\Roaming\Raptr\data\raptrguestzbn22ckr\config\certificates\x509\tls_peers\xmpp-server2.raptr.com
2015-08-23 06:34:48	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\annie\AppData\Roaming\Raptr\data\raptrguestzbn22ckr\config\certificates\x509\tls_peers\xmpp-server6.raptr.com
2015-08-21 05:48:08	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\annie\AppData\Roaming\Raptr\data\raptrguestzbn22ckr\config\certificates\x509\tls_peers\xmpp-server5.raptr.com
2015-08-20 15:30:44	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\annie\AppData\Roaming\Raptr\data\raptrguestzbn22ckr\config\certificates\x509\tls_peers\xmpp-server7.raptr.com
2015-08-20 10:31:54	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\annie\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\CollectOneDriveLogs.bat
2015-08-19 08:05:09	AF7D73AF34062757BFF95CFE33C50507	3588096	----a-w-	C:\Windows\System32\win32kfull.sys
2015-08-19 08:05:05	AE7B7E1E95BFB9340B1956C98CA52C81	80720	----a-w-	C:\Windows\System32\drivers\stornvme.sys
2015-08-19 08:05:02	7680537006A420D7488E5057A8149F86	442208	----a-w-	C:\Windows\System32\drivers\storport.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-3859547078-303777454-2752158152-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\annie\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"AgentMonitor"="C:\VTech\DownloadManager\System\AgentMonitor.exe"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"Olympus ib"="C:\Program Files (x86)\Olympus\ib\olycamdetect.exe /Startup"
"MDS_Menu"="C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Olympus\ib UpdateWithCreateOnce Software\OLYMPUS\ib\1.0"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"TelevisionFanatic Search Scope Monitor"="C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe /m=2 /w /h"
"TelevisionFanatic Browser Plugin Loader"="C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe"
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"Allin1Convert Search Scope Monitor"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hsrchmn.exe /m=2 /w /h"
"Allin1Convert_8h Browser Plugin Loader"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon.exe"
"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"
"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE"
"mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"ApnTBMon"="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup"
"StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\annie\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
"Allin1Convert Home Page Guard 64 bit"="C:\PROGRA~2\ALLIN1~2\bar\1.bin\APPINT~1.EXE"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="    "

==== Startup Folders ======================

2013-07-11 18:49:32	1638	--sha-w-	C:\Users\annie\AppData\Roaming\Microsoft\LastFlashConfig.wfc
2015-08-01 11:36:59	1686	--sha-w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft\LastFlashConfig.wfc
2015-08-01 11:36:59	1686	--sha-w-	C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\Microsoft\LastFlashConfig.wfc

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/08/2015 14:35]
C:\WINDOWS\tasks\DriverToolkit Autorun.job --a-------- C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/10/2014 10:32]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/10/2014 10:32]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"]
"C:\WINDOWS\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\WINDOWS\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\WINDOWS\SysNative\tasks\DriverToolkit Autorun" [C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\WSCStub.exe"]
"C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1438432675" [C:\Users\annie\AppData\Local\Programs\Opera\launcher.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5B8C5F15-6AFB-4677-9FB8-C7CC81720D54}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\YourFile DownloaderUpdate" [C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe]
"C:\WINDOWS\SysNative\tasks\{739C4B3D-42E1-4F96-A2B1-8A7728FE58A9}" [C:\Program Files (x86)\Packard Bell Data Secure\PBDataSecure.exe]
"C:\WINDOWS\SysNative\tasks\{95EC3C4F-ADC6-400A-8049-8FCD1971067C}" [C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe]
"C:\WINDOWS\SysNative\tasks\{AD5698A3-8608-4CF7-BDE8-293804282BEC}" [C:\Program Files (x86)\Packard Bell Data Secure\PBDataSecure.exe]
"C:\WINDOWS\SysNative\tasks\{CE4A7F38-5EA8-4E4B-9B86-290FAE3EBB1D}" [C:\Program Files (x86)\Packard Bell Data Secure\PBDataSecure.exe]
"C:\WINDOWS\SysNative\tasks\{CF118F23-9C1C-4D19-97B6-50972DBF6162}" [C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe]
"C:\WINDOWS\SysNative\tasks\{D006E47C-8E4F-4CC0-A568-3819EA9065E7}" [C:\Program Files (x86)\Packard Bell Data Secure\PBDataSecure.exe]
"C:\WINDOWS\SysNative\tasks\{E14C1ED8-76EA-43C6-9C5E-D526AD34D8B3}" [C:\Program Files (x86)\Packard Bell Data Secure\PBDataSecure.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Norton AntiVirus\Norton Autofix" [C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Family\Norton Error Processor" [C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.2.15\coFFPlgn" [20/08/2015 15:28]

==== Chromium Look ======================

Google Chrome Version: 44.0.2403.157

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\Exts\Chrome.crx[10/07/2015 06:03]
iikflkcanblccfahdhdonehdalibjnif - No path found[]
napjheenlliimoedooldaalpjfidlidp - C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\Extensions\Chrome.crx[24/06/2015 14:33]

Norton Security Toolbar - annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Norton Identity Safe - annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Norton Safe Search as default for Chrome - annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl
Google Wallet - annie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\annie\AppData\Local\Google\Chrome\User Data\Default\Preferences
{"browser":{"last_known_google_url":"https://www.google.be/","window_placement":{"bottom":850,"left":10,"maximized":false,"right":1060,"top":10,"work_area_bottom":860,"work_area_left":0,"work_area_right":1600,"work_area_top":0}},"countryid_at_install":16965,"default_apps_install_state":2,"download":{"directory_upgrade":true},"extensions":{"alerts":{"initialized":true},"autoupdate":{"next_check":"13080431429007590"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"last_chrome_version":"43.0.2357.130","toolbar":["cjabmdjcfcfdmffimndhafhblfmpjdpe"]},"intl":{"accept_languages":"nl-NL,nl,en-US,en"},"invalidator":{"client_id":"BzVz653pg5MSa5Ylp5LSfg=="},"media":{"device_id_salt":"cusTunAHtJ1H3WCpLmGJ3w=="},"net":{"http_server_properties":{"servers":{"chrome.google.com:443":{"supports_spdy":true},"clients2.google.com:443":{"supports_spdy":true},"clients2.googleusercontent.com:443":{"supports_spdy":true},"lh3.googleusercontent.com:443":{"supports_spdy":true},"ssl.google-analytics.com:443":{"supports_spdy":true},"www.google.com:443":{"supports_spdy":true}},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13080412345401456"},"translate_blocked_languages":["nl"],"translate_whitelists":{}}
ags":9,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["searchProvider"],"manifest_permissions":[],"scriptable_host":["http://identitysafe.norton.com/*","https://identitysafe.norton.com/*"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13080412385330708","location":1,"manifest":{"chrome_settings_overrides":{"search_provider":{"encoding":"UTF-8","favicon_url":"http://nortonsafe.search.ask.com/assets/favicon_norton_v1.ico","is_default":true,"keyword":"NortonSafe","name":"Norton Safe","search_url":"http://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr","suggest_url":"http://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff"}},"content_scripts":[{"js":["content.js"],"matches":["https://identitysafe.norton.com/*","http://identitysafe.norton.com/*"],"run_at":"document_start"}],"description":"Search safely online by enabling Norton Safe Search as your default search provider for maximum protection on Chrome.","icons":{"48":"images/48_Norton_Ext_Icon.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZdDMV0IZ9Ph05p1XUp/GYnM04aL3KGDe164YzCZ48Kn++NCJ3/wby379gz2IrJYsoyZrWweJvwjdNjJpP8kIhRqXTO3q52GtSqMkeUC699TXQlXw3/l0t1AdbcMcqzBd1ogiFcWhbFLJYz4mIfmst1JdOEVT/5LDNA5XGGt8a1jKw6LFJ6h5pO+uWSaqg41WtjLbEPy9wsTQCI6pCo4JAUlf9qMFT2nN13ooUegATmsHg9AuRA2zwQYeFaafFl1f6X1WgPntqjXIYiFJ1x4zTcXJjUtd5P3aACi7V4pOZhTFkr+6v19M3OkrtFy1nITdllG1HPVN2+nT8t+qicaUQIDAQAB","manifest_version":2,"name":"Norton Safe Search as default for Chrome","update_url":"https://clients2.google.com/service/update2/crx","version":"1.0.9"},"path":"nmgcfemagnogdodbambjhdcmfcpicngl\\1.0.9_0","preferences":{"default_search_provider.enabled":true},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nmmhkkegccagdldgiimedpiccmgmieda":{"ack_external":true,"active_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":137,"events":["app.runtime.onLaunched","runtime.onConnectExternal"],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13080412349311593","lastpingday":"13080380399085262","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"nl","default_locale":"en","description":"Google Wallet voor digitale producten","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Google Wallet","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra","https://www.googleapis.com/auth/sierrasandbox","https://www.googleapis.com/auth/chromewebstore","https://www.googleapis.com/auth/chromewebstore.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wallet-web.sandbox.google.com/","https://www.google.com/","https://www.googleapis.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.1.1.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.1.1.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"1FA0FDEB63487B5227ECED5CDE8D94791106F96A8B8CF35B0EAD562753E8A402"},"default_search_provider":{"keyword":"D2D75AF38EC2B6E3B6E658D47FDA2C617189C62C3B232BF4CDD1035585B37B61","name":"9BE22DFD114BF7834416DA7E581014CE0EC07DE23295225DF173E2552276A590","search_url":"462DD6DCC3B37533DF1078F3662AF23809F7D8ED45066D38E679D858832E42D3"},"default_search_provider_data":{"template_url_data":"D06A12740D91ADA6C4E1A63925736FE97C6127E333BF45FE4B5944AC07181E48"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"8B2D5C613E559675FD640105E9286C628416F09F84A2A17D28F026B73F30ED5E","bepbmhgboaologfdajaanbcjmnhjmhfn":"7E194FA59858D38A3ACF40B02971246BEA27DC6E49BA10C59B725282848EB85B","cjabmdjcfcfdmffimndhafhblfmpjdpe":"21709A96B5B1522CBF54629092492D73EB173AE9B3201BED68CEB3C11A11B971","eemcgdkfndhakfknompkggombfjjjeno":"B96EBD0DD45FA7F06E2ED4F55293F6BF8793B6443B1DCCB9A19ABC4EE36680BF","ennkphjdgehloodpbhlhldgbnhmacadg":"2638259F726CC79B63123AD41D12C3898929B1BBFFBE35B008614033FA118E8F","gfdkimpbcpahaombhbimeihdjnejgicl":"8CC67E9A9D63537861686DD485F87A4E3400FFA8653F34737D1AF7959E8420AB","iikflkcanblccfahdhdonehdalibjnif":"E7E0646893FC70046CC107279EE2A806412D01C4CC9D5F2ADE62702EBE8D72F3","kmendfapggjehodndflmmgagdbamhnfd":"B4474001A97F4C0A3B4A6ED5BF746C7677C8CA6AE36F8261A8B4FBB2F7CB712F","mfehgcgbbipciphmccgaenjidiccnmng":"1E2EE0B3021FF7BF74C3F9D68C877613D56CD237D0AE5AC22535EF1A55C8A745","mgndgikekgjfcpckkfioiadnlibdjbkf":"CAC56A59EECEDCF43CCFE1BEEC09D64FE068DD45CC6132D4CE814E6F0B966683","mhjfbmdgcfjbbpaeojofohoefgiehjai":"788A41871E9E3BE4D078AEAF967ABEB4ABBC65AAE4B729FB989FC7768614EFC7","neajdppkdcdipfabeoofebfddakdcjhd":"E5794B8D55FD2D36FF922C1D23BCED09F8C00F79019B57F3E5B854FFB6AB04AF","nkeimhogjdpnpccoofpliimaahmaaome":"B0C202CDAD4E54F0BC3B984FB5F6F1813D56DFD803D7C15657CE363A659DE782","nmgcfemagnogdodbambjhdcmfcpicngl":"C7032E4C5B611494F963DF7671A18B2DE10EC72117387D2C3F38802338CBD6A7","nmmhkkegccagdldgiimedpiccmgmieda":"E047BCDFB54C5C56E17B2C6593EA3664C0B5ED82CFC854DC27F78CD50BFC1C3E"}},"google":{"services":{"last_username":"ECEE8AA9EDD5B6D418D9443ED5911BAC54E8E16465BF9E38B95E23C826EE05BB","username":"A188F291FC0C7C68C744BE93FBF3FECEEB7206DF565265180FF849E8AB854781"}},"homepage":"A22AEC657A33CE4C12A6DE2D92A93C80446B60B08197A53D1848EFEE40C042F5","homepage_is_newtabpage":"3F7F6B46C414ED7D1B7F5DBEDE6204A85815D2B0481E94662AAEEB4415DDD34D","pinned_tabs":"1EF36A60B2F304780E6F18F1C736FDD6750D42D63699961F77C93B02B347A5B6","prefs":{"preference_reset_time":"37A6DDAECE247B15D6B03F5C0A802906DF1067DE2B6092AFE3842D8F0AD0B233"},"profile":{"reset_prompt_memento":"E64F459CE320B4535051A187EF57E9A9203176079EC9D7F42B8735B4079F740D"},"safebrowsing":{"incidents_sent":"20D1E07E062001736E543036D043C829151C42DCBDD623E6B738EDE7E11C5EFA"},"search_provider_overrides":"F379BA5A11509D3496F3D55E7D8C996D718337D77AAA97A7260F5C5A96662B60","session":{"restore_on_startup":"428EF51A46405132DDA8B2A3F2FECAE4BD62546D50E7640CCD7CC9EC1A9D5723","startup_urls":"B1A45B1AA3BBEC95267B27957836C1A0C3CDA34051FDE90B7B56DF212E27A6ED"},"software_reporter":{"prompt_reason":"A06EB554AED94606E88D479E65947172508B25418A109F7863A4FCDB0AF21B40","prompt_seed":"1210F0F17000E6FD42F0C9D56418CCFE2AB6F0F22303D654C6028DCFD069389B","prompt_version":"65D33FA3A225F296A097246A8E20C356502A8F39411400A674C4F89DF5F93367"},"sync":{"remaining_rollback_tries":"FF99B2CC8F8342BD8160A4CA93C0B607C9719F961A8BB1A8DCE60A3FF18C3C86"}},"super_mac":"C1FBFA3E469C2EB9121984064374AAD924A6589A9A113741EF414FCC8B8D2D68"}}


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/nl-be?checklang=1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Ask Search Url="http://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EBE&gct=&itbv=12.12.2.83&apn_uid=1A3C6327-4299-4C0E-995B-6BEFEAA8CE8E&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EBE&apn_dbr=ie_11.0.9600.17126&doi=2014-06-26&trgb=IE&q={searchTerms}&psv=&pt=tb"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_nlBE467"
{7F38E991-9428-4460-A7C5-70E0C0589A64} Search the web (Softonic) Url="http://search.softonic.com/MON00087/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=44"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Search Results Url="http://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}"
{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Norton Safe Search Url="http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=BE&ver=2014&locale=nl_BE&gct=kwd&qsrc=2869"
{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} Ask Web Search Url="http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm255^YYA^be&si=CLqBwYqHq7wCFU7HtAodWUkAmA&ptb=EE85F6D1-A5C6-48FB-83FB-5CE773D8EE60&ind=2014020308&n=780b82d4&psa=&st=sb&searchfor={searchTerms}"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\coIEPlg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Norton Family BHO - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [AgentMonitor] C:\VTech\DownloadManager\System\AgentMonitor.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [TelevisionFanatic Search Scope Monitor] "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [TelevisionFanatic Browser Plugin Loader] C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Allin1Convert Search Scope Monitor] "C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [Allin1Convert_8h Browser Plugin Loader] C:\PROGRA~2\ALLIN1~2\bar\1.bin\8hbrmon.exe
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\annie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: LUMIX Simple Viewer.lnk = ?
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files (x86)\ScanWizard 5\ScannerFinder.exe
O4 - Global Startup: Ulead Photo Express 4.0 SE Calendar Checker .lnk = C:\Program Files (x86)\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: lxbc_device -   - C:\Windows\SysWOW64\lxbccoms.exe
O23 - Service: lxdu_device - Unknown owner - C:\Windows\system32\lxducoms.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\22.5.2.15\NAV.exe
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.47\NST.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Family (NSM) - Symantec Corporation - C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\NF.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Norton Family Tamper Monitoring (TampMon) - Symantec Corporation - C:\Program Files (x86)\Norton Family\Engine\3.2.1.34\TampMon.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=124 folders=46 27813350 bytes)

==== EOF on ma 24/08/2015 at 10:44:25,17 ======================