Zoek.exe v5.0.0.1 Updated 31-October-2015 Tool run by GEAtje on zo 01-11-2015 at 17:52:19,75. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\GEAtje\Desktop\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 1-11-2015 17:53:35 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\be3c4786-834f-4330-88da-6f9473809b1f deleted successfully C:\PROGRA~3\PCSettings deleted successfully C:\Users\GEAtje\AppData\Roaming\hpqLog deleted successfully C:\Users\GEAtje\AppData\Roaming\HpUpdate deleted successfully C:\Users\GEAtje\AppData\Local\gmsd_nl_005010126 deleted successfully C:\Users\GEAtje\AppData\Local\PDFC deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0292C2A6-C28E-4F1A-A2CC-57B7DDA727C6} deleted successfully HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{83C25742-A9F7-49FB-9138-434302C88D07} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{42089D2D-912D-4018-9087-2B87803E93FB} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5504BE45-A83B-4808-900A-3A5C36E7F77A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0292C2A6-C28E-4F1A-A2CC-57B7DDA727C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0292C2A6-C28E-4F1A-A2CC-57B7DDA727C6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 11 ActiveX (x64) AVG PC TuneUp 2015 AVG PC TuneUp 2015 (nl-NL) Bejeweled 3 Blackhawk Striker 2 Bonjour Brother MFL-Pro Suite DCP-J552DW Chuzzle Deluxe Compaq Setup Manager Cradle of Rome 2 D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB3085607) 64-Bit Edition DirectX for Managed Code Update (Summer 2004) Dora's World Adventure Dropbox DYMO Label v.8 Facebook Farm Frenzy Farmscapes FATE Final Drive Fury Gizmo Central Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 Hoyle Card Games HP Auto HP Calendar HP Client Services HP Clock HP Customer Experience Enhancements HP Games HP LinkUp HP Magic Canvas HP Magic Canvas Tutorials HP Notes HP Odometer HP RSS HP Setup HP Support Assistant HP Support Information HP TouchSmart RecipeBox HP Update HP Vision Hardware Diagnostics Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Processor Graphics Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update KMSpico LabelPrint Letters from Nowhere 2 Luxor HD Magic Desktop MagicDisc 2.7.106 Mah Jong Medley Microsoft .NET Framework 4.5.2 Microsoft Access MUI (Dutch) 2013 Microsoft Application Error Reporting Microsoft DCF MUI (Dutch) 2013 Microsoft Excel MUI (Dutch) 2013 Microsoft Groove MUI (Dutch) 2013 Microsoft InfoPath MUI (Dutch) 2013 Microsoft Lync MUI (Dutch) 2013 Microsoft Mathematics Microsoft Office 32-bit Components 2013 Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Korrekturhilfen 2013 - Deutsch Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office OSM MUI (Dutch) 2013 Microsoft Office OSM UX MUI (Dutch) 2013 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Professional Plus 2013 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing (Dutch) 2013 Microsoft Office Proofing Tools 2013 - English Microsoft Office Proofing Tools 2013 - Nederlands Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2013 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2013 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft OneNote MUI (Dutch) 2013 Microsoft Outlook MUI (Dutch) 2013 Microsoft PowerPoint MUI (Dutch) 2013 Microsoft Publisher MUI (Dutch) 2013 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft Word MUI (Dutch) 2013 More Games from HP Games Movie Maker MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MyFreeCodec Norton Internet Security Norton Online Backup Office 16 Click-to-Run Extensibility Component Office 16 Click-to-Run Licensing Component Office 16 Click-to-Run Localization Component opensource Outils de v‚rification linguistique 2013 de Microsoft Office˙- Fran‡ais PDF Complete Special Edition Penguins Photo Common Photo Gallery Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 Poker Superstars III Polar Bowler Polar Golfer Power2Go Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver RollerCoaster Tycoon 3: Platinum Samsung Kies Samsung USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4.5.2 (KB2972107) Security Update for Microsoft .NET Framework 4.5.2 (KB2972216) Security Update for Microsoft .NET Framework 4.5.2 (KB2978128) Security Update for Microsoft .NET Framework 4.5.2 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.2 (KB3023224) Security Update for Microsoft .NET Framework 4.5.2 (KB3035490) Security Update for Microsoft .NET Framework 4.5.2 (KB3037581) Security Update for Microsoft .NET Framework 4.5.2 (KB3074230) Security Update for Microsoft .NET Framework 4.5.2 (KB3074550) Security Update for Microsoft Office 2013 (KB3054932) 64-Bit Edition Security Update for Microsoft Word 2013 (KB2956163) 64-Bit Edition Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition SkypeT 7.0 Smart Switch Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD The Treasures of Mystery Island: The Ghost Ship TomTom HOME TomTom HOME Visual Studio Merge Modules Torchlight TSHostedAppLauncher Update for Microsoft Access 2013 (KB2956176) 64-Bit Edition Update for Microsoft Excel 2013 (KB2956145) 64-Bit Edition Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition Update for Microsoft Office 2013 (KB2899498) 64-Bit Edition Update for Microsoft Office 2013 (KB2956168) 64-Bit Edition Update for Microsoft Office 2013 (KB2975869) 64-Bit Edition Update for Microsoft Office 2013 (KB3023052) 64-Bit Edition Update for Microsoft Office 2013 (KB3039720) 64-Bit Edition Update for Microsoft Office 2013 (KB3055011) 64-Bit Edition Update for Microsoft Office 2013 (KB3085480) 64-Bit Edition Update for Microsoft Office 2013 (KB3085576) 64-Bit Edition Update for Microsoft OneDrive for Business (KB2920746) 64-Bit Edition Update for Microsoft OneNote 2013 (KB2956165) 64-Bit Edition Update for Microsoft Outlook 2013 (KB2956170) 64-Bit Edition Update for Microsoft Outlook Social Connector 2013 (KB2737996) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB2965206) 64-Bit Edition Update for Microsoft Project 2013 (KB2956187) 64-Bit Edition Update for Microsoft Publisher 2013 (KB2883048) 64-Bit Edition Update for Skype for Business 2015 (KB2889853) 64-Bit Edition Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life WildTangent Games App (HP Games) WinArchiver Virtual Drive Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 5.00 (64-bit) Zuma's Revenge ==== Running Processes ====================== C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Gizmo\gizmo.exe C:\Program Files (x86)\MagicDisc\MagicDisc.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Gizmo\gservice.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\GEAtje\Desktop\zoek (1).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\be3c4786-834f-4330-88da-6f9473809b1f not found C:\PROGRA~2\gmsd_nl_005010126 deleted C:\PROGRA~3\19a87fa1ec024bbcbb41931263354405 deleted C:\PROGRA~3\28341ff220e0446c9fff27c4493d622e deleted C:\PROGRA~2\DriverFinder deleted C:\PROGRA~2\BF325000-1446057396-1017-82AA-95287A2FF6F4 deleted C:\PROGRA~2\WinZip Registry Optimizer deleted C:\PROGRA~2\RayDld deleted C:\PROGRA~2\globalUpdate deleted C:\Users\GEAtje\AppData\Roaming\Nico Mak Computing deleted C:\Users\GEAtje\AppData\Roaming\DriverFinder deleted C:\Users\GEAtje\AppData\Roaming\mystartsearch deleted C:\Users\GEAtje\AppData\Roaming\RHEng deleted C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted C:\PROGRA~3\FlashBeat deleted C:\PROGRA~3\DWMiniProD deleted C:\Users\GEAtje\AppData\Local\MyBrowser deleted C:\Users\GEAtje\AppData\Local\{000C3650-24A4-5AE8-493C-7F006D548398} deleted C:\Users\GEAtje\AppData\Local\BF325000-1446061039-1017-82AA-95287A2FF6F4 deleted C:\Users\GEAtje\AppData\Local\SearchProtect deleted C:\Users\GEAtje\AppData\Local\globalUpdate deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNetEnhancer deleted C:\Users\GEAtje\AppData\LocalLow\SmartWeb deleted C:\END deleted C:\windows\SysNative\GroupPolicy\User deleted "C:\Users\GEAtje\AppData\Roaming\mXaByIDfNTePfEL24" deleted "C:\PROGRA~2\MyBrowser" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4003 MB CPU Info: Intel(R) Celeron(R) CPU G530T @ 2.00GHz CPU Speed: 2043,7 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) CD / DVD Drives: 3x (E: | G: | H: | ) E: hp CDDVDW SH-216ALN | G: MagicISOVirtual DVD-ROM | H: Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 448,3GB | D: 17,4GB Hard Disks - Free: C: 341,4GB | D: 2,2GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | 11/18/11 | HPQOEM - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: PEGATRON CORPORATION 2AD4 Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: Norton Internet Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Internet Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0} Default Browser: Google Chrome 46.0.2490.80 Internet Explorer Version: 11.0.9600.18059 Google Chrome version: 46.0.2490.80 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-10-24 19:17:49 127AA81343A7C6F665C22CB1293B0A90 67072 ----a-w- C:\Windows\splwow64.exe 2015-10-15 08:35:56 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\notepad.exe 2015-10-14 14:22:59 677B7A478C237940CB3136864BC8AB47 37 ----a-w- C:\Windows\iltwain.ini 2015-10-14 11:18:18 738657D69A0C166BFAFF600ABDC7C18D 7911 ----a-w- C:\Windows\BRRBCOM.INI 2015-10-14 11:18:18 05AEF0BCAD3DA3A4D6F343B870A7BA2C 7819 ----a-w- C:\Windows\BROPJ552DW.INI ====== C:\Users\GEAtje\AppData\Local\Temp ==== 2015-11-01 10:28:13 A560DBA4BC0D93CE2CB25FD68C5D191E 71168 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprkcgax.dll 2015-10-30 20:46:57 825654DE400DE4AB8D2BD76DE3A62B1F 120736 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\Gizmo\gdirector.exe 2015-10-30 20:15:09 C1CADC30016BA3F1B52F2D9E4AA74F3D 871032 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\ICReinstall_downloader_for_Alcohol120_FE_2.exe 2015-10-30 09:29:51 1924E73E1731D99E4A4FD4CA34EE47F7 1713976 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\UpdateWizard_101384\tulic.dll 2015-10-26 21:11:51 AE6CEB0B4E75705C9E00737C4FE78F91 226976 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\Setup00000ad4\OSETUPUI.DLL 2015-10-26 21:11:46 740CF9AEF66BFBCE34844A82AE376334 8991856 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\Setup00000ad4\OSETUP.DLL 2015-10-26 20:58:11 B9C125314A025127FE562C116D614AA3 178824 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\ose00000.exe 2015-10-25 07:25:38 41CB698F967B4D9F2580EA2A21A5A710 107320 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\{C81956B2-2F83-4448-8FF6-8EA3B917B346}\ISBEW64.exe 2015-10-25 07:22:51 8725ED11EF032D408C109DF0816D33BA 123192 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\UninstallHPSA.exe 2015-10-25 07:22:28 086BFA63E65558BCDA2EB1F430758288 44799704 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\sp64126.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-10-28 19:53:38 77D3721F5A0887156D210C0E32551BB8 25912 ----a-w- C:\Windows\SysWOW64\authuitu.dll 2015-10-24 20:13:51 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll 2015-10-24 19:19:52 908BBA41A5B57DDB126B85EC14DD58EF 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-10-24 19:19:52 0E036A353DB9D8F4F642AC0F9412F09E 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-10-24 19:19:52 04BB7AF8E0DAE83982155F0752308666 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-10-24 19:19:51 C89372B642726F1CF3EB479397976DA3 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-10-24 19:19:51 C848E013BB85C48C787001E1EA36905F 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-10-24 19:19:51 A7028D5D5E3DCF820B3C0AFE0137A87E 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2015-10-24 19:19:51 9F36964CDB9A920779314395E3911503 504832 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-10-24 19:19:51 098F6097F919EE77EA490E16D11E427A 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-10-24 19:19:51 00FBEDF0E74AD8815469A95271C0E562 345688 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-10-24 19:19:50 D586CB95B4EADC0525E8929A241898F5 20357632 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-10-24 19:19:50 060409834CC8FAC3F1231DA3F0648CC5 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-10-24 19:19:49 B87A11C95703AB19ACB43993DDA0F1A3 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-10-24 19:19:49 7E8EABA6A2B10FE11E2381378A57322B 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-10-24 19:19:49 12DCE9300FF5B74DC2F7DBAC96B0614E 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-10-24 19:19:48 F274AF14C7DB6C52C023BCBDA4197D17 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-10-24 19:19:48 9F4234838400CC3A964AF53DE4410A50 2279936 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-10-24 19:19:48 8C9BCE16E894D4FBCE151F4A5FE05F55 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-10-24 19:19:48 816B489E2BBFE2479C844AAD486ABB42 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-10-24 19:19:48 73189A2739491ABB556872737C501F8E 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-10-24 19:19:48 584E6632F1F4027AB64DEB0F4139E7D7 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-10-24 19:19:47 BE1263EE0CB8CF942FC35CC86E0C3941 12853760 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-10-24 19:19:47 AFC4F34507B555D1C9C4F049CCA1475F 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-10-24 19:19:47 4A3CA2C73C4D66A90C63E9E532746020 480256 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-10-24 19:19:45 DE53F76D63CA64E172B336BC7CFF6EDA 4527616 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-10-24 19:19:45 CEDBC9DBD9800E0EE81B0840EBC2BAC5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-10-24 19:19:45 A25C9DD040CA9799C2A7E41732D0752A 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2015-10-24 19:19:45 17B66052348D3A3681A9411EDD839E18 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-10-24 19:19:44 E401E66CCB2AE219CF41F7F901C410C1 2011136 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-10-24 19:19:44 A7012A7032207D1C16B7236EDF91F4BB 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-10-24 19:19:44 5EE17D52CAF79663211C01C614594620 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-10-24 19:19:29 C7673B3F8BB35221B42D67BF7ADAFDFD 7168 ----a-w- C:\Windows\SysWOW64\KBDYAK.DLL 2015-10-24 19:19:29 730B7C639957EA0BF37C1459831A1E19 6656 ----a-w- C:\Windows\SysWOW64\KBDRU1.DLL 2015-10-24 19:19:29 72222991598E173BBE1429426926C020 7168 ----a-w- C:\Windows\SysWOW64\KBDTAT.DLL 2015-10-24 19:19:29 45B308F20FEF040BD7321E85F69DF5E2 6656 ----a-w- C:\Windows\SysWOW64\KBDRU.DLL 2015-10-24 19:19:28 2BD0519015E899A2FF52210CC5875F88 6656 ----a-w- C:\Windows\SysWOW64\KBDBASH.DLL 2015-10-24 19:19:20 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2015-10-24 19:00:07 CE21524C53E9671A7108B28FB9B4E474 1251328 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2015-10-24 19:00:07 965CFC7687F0D188F215DC142FC8F6A1 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2015-10-24 19:00:03 5F3628DCF926C4499BE1DC74431DFBC8 1230848 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2015-10-24 18:59:54 9566C8BBD2271A7962D4432A624762AD 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll ====== C:\Windows\SysWOW64\drivers ===== 2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\SysWOW64\drivers\mcdbus.sys 2015-10-14 10:22:47 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\Windows\SysWOW64\drivers\103C_HP_cPC_CQ2700ED_Y53316J_0U_QCZC213_E12CE1PRW602_4A_I2AD4_SPEGATRON CORPORATION_V1.02_B7.09_T111125_W73-1_L413_M4003_J500_7Intel_86A7_92.00_#120530_N19692062_Z_G80860102_Ohp CDDVDW SH-216ALN_DMED3673.MRK ====== C:\Windows\Sysnative ===== 2015-10-28 19:53:42 5A7EDC9524E48F0D38F2F5FFA4419B40 41784 ----a-w- C:\Windows\Sysnative\TURegOpt.exe 2015-10-28 19:53:39 5363674C15FBEF7529DF5DE8340BC68C 30520 ----a-w- C:\Windows\Sysnative\authuitu.dll 2015-10-28 19:31:39 3D733144477CADCF77009EF614413630 90112 ----a-w- C:\Windows\Sysnative\Vestris.ResourceLib.dll 2015-10-24 20:13:51 3469B9FAE899139FEE7356E91693376A 2777088 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll 2015-10-24 19:19:52 9AEE2A881FD10E6A463588303D8027AD 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-10-24 19:19:52 3A0773E21355B41176ACAD8BB099D9B3 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-10-24 19:19:51 BF8A5B4E696F4E8F3B2B5E9902467418 720896 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-10-24 19:19:51 9E0D0522908C1106E0D77708CB9926FE 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-10-24 19:19:51 80E9DF296F127B3BC965EBC5A2C8F044 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-10-24 19:19:51 521E1A87D4F750FD9694DBF3AB37B38F 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-10-24 19:19:49 3295B811A0260C0A5B346ECB73C5FCF0 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2015-10-24 19:19:48 8A2A46DD0C51E5D2D0A2EF2AA289DA4D 1546752 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-10-24 19:19:48 4AEB3F2FB0CC23A18ED997F6C0476819 391784 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-10-24 19:19:48 12C1DECE9502828C0A5ADB50AB1673A0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-10-24 19:19:47 D661A17B4634171C58373699CBD6455B 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-10-24 19:19:47 6E1EEB1CE2F9F3AB14A9E8A6B1E82455 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-10-24 19:19:47 2A898891EB7FBCF0774F0B96AAD05561 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-10-24 19:19:46 F6F91F217D760981017E4AA4F1C7E633 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-10-24 19:19:46 7C3050383491011FEDD40961A37A2D99 2126336 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-10-24 19:19:46 0FA614470B3A78FC5B8F3F3F742B9837 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-10-24 19:19:45 E91FD3ACC10C971CBA991FCD058ABB58 2886656 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-10-24 19:19:45 A865136AC6436533E0A4A3C67F259401 585728 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-10-24 19:19:44 88D3F690043A1AA43F33DEC6DDA82178 616960 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-10-24 19:19:44 84C63F3D2D488A918A947E06BD1105EF 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-10-24 19:19:44 45A56A2CC2D6A4B649B7DC3B5DF259FF 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-10-24 19:19:43 BC92D9D88959542FBAF1F8CF21F86B38 14458368 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-10-24 19:19:43 4A9FFAC9325EFFDEFD7E8C0830B0ABEC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-10-24 19:19:42 B0917E6238C1675E48CFE64947DD9FD9 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-10-24 19:19:42 5175A9C2C71D49394424C07CA856B803 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-10-24 19:19:42 454669BB12162610D93954BCC942A41C 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-10-24 19:19:42 373B3EFBBF1A2706F8660C4DE4202694 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-10-24 19:19:41 E36C7069B9C56DF9A53DD4FA5DCDDE72 5990912 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-10-24 19:19:41 BD06D875FB79E92DAF724C91DE743AFA 2487808 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-10-24 19:19:41 1DE918244ED8AB9D3F2C4B9A1F91A24D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-10-24 19:19:40 BEA081F4F2D507D6461B142AB11995B3 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-10-24 19:19:40 58DD42AC31D1F86D303BAAF5955A59BA 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-10-24 19:19:40 0783994A921469A6E97F3117AA0934DD 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-10-24 19:19:39 99BA96F5AC545D857E662A9FC576D919 25851904 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-10-24 19:19:29 BE67D99EDA34A68B827868371B5529AD 7168 ----a-w- C:\Windows\Sysnative\KBDTAT.DLL 2015-10-24 19:19:28 EA21295A386C6DB2A2A90E657B37C5F4 7168 ----a-w- C:\Windows\Sysnative\KBDYAK.DLL 2015-10-24 19:19:28 920B5C1CC0BAB6E574297BC3D945DA31 7168 ----a-w- C:\Windows\Sysnative\KBDBASH.DLL 2015-10-24 19:19:28 80EDA24B00478FA795F90DFA09C12E86 7168 ----a-w- C:\Windows\Sysnative\KBDRU1.DLL 2015-10-24 19:19:28 353C4A38042819CA83AEFC6F2E7051CD 6656 ----a-w- C:\Windows\Sysnative\KBDRU.DLL 2015-10-24 19:19:20 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll 2015-10-24 19:17:49 85DAA09A98C9286D4EA2BA8D0E644377 559104 ----a-w- C:\Windows\Sysnative\spoolsv.exe 2015-10-24 19:00:07 DB94C47BD7F2AD9C58DEC46026D5FD08 1648128 ----a-w- C:\Windows\Sysnative\DWrite.dll 2015-10-24 19:00:07 D5A775990A7C202A037378FDBCDB6141 1180160 ----a-w- C:\Windows\Sysnative\FntCache.dll 2015-10-24 19:00:07 D4FB2E00F49711C9DD3E2C2646D7C767 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2015-10-24 19:00:03 0A4D03A4C0F908B15B8A4C48FB18F197 1424896 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2015-10-24 18:59:54 CBA2694BFC61F371181F2BE2BCD66C40 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll ====== C:\Windows\Sysnative\drivers ===== 2015-10-30 20:47:16 4CF044DB46F79BFA47FBDFD35192D765 34704 ----a-w- C:\Windows\Sysnative\drivers\gizmodrv.sys 2015-10-30 20:42:19 7914A30A3849306FAE9F5DD9C3615F18 141368 ----a-w- C:\Windows\Sysnative\drivers\waemu.sys 2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\Sysnative\drivers\mcdbus.sys 2015-10-28 19:50:17 496C3C6BC3D930D0960C9E75AA30F4A7 30264 ----a-w- C:\Windows\Sysnative\drivers\dtlitescsibus.sys 2015-10-16 07:29:49 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2015-10-16 07:29:49 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2015-10-16 07:29:49 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2015-10-15 08:44:48 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-10-15 08:42:51 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys 2015-10-15 08:41:52 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys 2015-10-15 08:41:51 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2015-10-15 08:41:50 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2015-10-15 08:41:49 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2015-10-15 08:41:08 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys 2015-10-15 08:41:08 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys 2015-10-15 08:40:49 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2015-10-15 08:40:49 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2015-10-15 08:40:49 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2015-10-15 08:40:49 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2015-10-15 08:40:49 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2015-10-15 08:40:44 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys 2015-10-15 08:40:03 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2015-10-15 08:40:00 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys 2015-10-15 08:39:13 C6330F7C2E92A00E6773E82F79078AFC 157016 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-10-15 08:39:13 ACB6782973BD93760D597FC7BB37E692 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-10-15 08:39:13 8C0376974AA28398FF501E78C04ACB30 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-10-15 08:39:13 3A8C03156C3E31E70EF84E48CA179B46 97112 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-10-15 08:39:13 262BF7BB7D0E44CFAA9B12A1E0A6EDF1 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-10-15 08:38:56 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2015-10-15 08:38:56 0E01641D96889BDEB22DE12D30575B08 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys 2015-10-15 08:38:32 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2015-10-15 08:38:31 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2015-10-15 08:38:31 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys 2015-10-15 08:38:31 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-10-15 08:38:10 27DABFB4A6B0140C34DBEC713469592B 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-10-15 08:37:50 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2015-10-15 08:37:48 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys 2015-10-15 08:37:43 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys 2015-10-15 08:37:42 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2015-10-15 08:37:42 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2015-10-15 08:36:23 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-10-15 08:35:52 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2015-10-15 08:35:52 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2015-10-15 08:35:01 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys 2015-10-15 08:34:08 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys 2015-10-15 08:34:07 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\Windows\Sysnative\drivers\http.sys 2015-10-15 08:34:04 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2015-10-15 08:34:04 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2015-10-15 08:34:04 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2015-10-15 08:32:05 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2015-10-15 08:32:05 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2015-10-15 08:31:53 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys 2015-10-15 08:31:50 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2015-10-15 08:31:02 6C02A83164F5CC0A262F4199F0871CF5 90624 ----a-w- C:\Windows\Sysnative\drivers\bowser.sys 2015-10-14 12:55:16 627FFBE52FEDF0460C3D7259FC0EDF50 206080 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys 2015-10-14 12:55:16 5492F6FB1F32E10AEF02679872AFD194 110720 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys 2015-10-14 12:43:55 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-10-14 12:40:33 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys 2015-10-14 10:22:46 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\Windows\Sysnative\drivers\103C_HP_cPC_CQ2700ED_Y53316J_0U_QCZC213_E12CE1PRW602_4A_I2AD4_SPEGATRON CORPORATION_V1.02_B7.09_T111125_W73-1_L413_M4003_J500_7Intel_86A7_92.00_#120530_N19692062_Z_G80860102_Ohp CDDVDW SH-216ALN_DMED3673.MRK ====== C:\Windows\Tasks ====== 2015-10-30 20:47:20 B9C35CD8BECCB1851EBA59046AAFCA7F 3998 ----a-w- C:\Windows\Sysnative\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} 2015-10-29 10:01:41 E7169BF52C33D1B083F40E7EF64C22EE 2762 ----a-w- C:\Windows\Sysnative\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2015-10-28 19:31:58 A813358FFDD4924DDD1DAEF84A3D1956 3366 ----a-w- C:\Windows\Sysnative\Tasks\AutoPico Daily Restart 2015-10-25 12:12:27 -------- d-----w- C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform 2015-10-25 07:33:36 -------- d-----w- C:\Windows\Sysnative\Tasks\Remediation 2015-10-14 12:48:48 62E08FECB03255FDF8C321341D256813 4010 ----a-w- C:\Windows\Sysnative\Tasks\DropboxUpdateTaskMachineUA 2015-10-14 12:48:48 5DCC4F01AAC51B30C9C91C53E47125CE 1014 ----a-w- C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2015-10-14 12:48:45 49E50DAE9325F36C78E80912A0F683B0 3758 ----a-w- C:\Windows\Sysnative\Tasks\DropboxUpdateTaskMachineCore 2015-10-14 12:48:44 8ED235AF804079868A775264033A3F6D 1010 ----a-w- C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2015-10-14 11:08:33 D64A741969CCE598B0BEB846FB3C5DAA 3220 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForGEATJE-HP$ 2015-10-14 11:08:33 6CA30DEADA79F6106F69065111AAF5F8 344 ----a-w- C:\Windows\Tasks\HPCeeScheduleForGEATJE-HP$.job 2015-10-14 10:48:17 CBE514366FAC06815ACE07BD67D51E21 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-14 10:48:17 83EBBD9F98AC98F38525EAF5774A5FB5 4052 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-10-14 10:48:17 69AB46E5DA7344D8AD588B620095AA74 3800 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-10-14 10:48:17 2267E98E783D64DAB7C13D31C0AEDCDB 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-14 10:31:23 7972EA61D6D8BB14A8B4DF8A31539478 3858 ----a-w- C:\Windows\Sysnative\Tasks\SetupManager 2015-10-14 10:31:05 1D79F00007E61DC346445844FCAAEAB4 3966 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{9FCDEE2B-079D-4B58-A8D3-BEFBACE2206F} 2015-10-14 10:30:39 34311CABD2C1201D2A2027BB13DB98A1 3192 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForGEAtje 2015-10-14 10:30:38 1A4943BC68E26AB9D1D4EC8D76E3A0CE 336 ----a-w- C:\Windows\Tasks\HPCeeScheduleForGEAtje.job 2015-10-14 10:22:28 591C9027A1A2C26CDBEE2A3B57DF062A 3290 ----a-w- C:\Windows\Sysnative\Tasks\RMCreator ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-10-30 21:48:55 -------- d-----w- C:\Program Files\Microsoft.NET 2015-10-30 21:14:16 -------- d-----w- C:\Program Files\Microsoft Synchronization Services 2015-10-30 21:13:54 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2015-10-30 20:58:22 -------- d-----w- C:\Program Files\trend micro 2015-10-30 19:50:42 -------- d-----w- C:\Program Files\PowerISO 2015-10-28 19:50:12 -------- d-----w- C:\Program Files\DAEMON Tools Lite 2015-10-28 19:31:36 -------- d-----w- C:\Program Files\KMSpico 2015-10-28 18:40:57 -------- d-----w- C:\Program Files\Concom 2015-10-26 21:04:23 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2015-10-26 21:03:14 -------- d-----w- C:\Program Files\Microsoft SQL Server 2015-10-26 20:59:53 -------- d-----w- C:\Program Files\Microsoft Analysis Services 2015-10-26 20:59:26 -------- d-----w- C:\Program Files\Microsoft Office 2015-10-25 07:33:25 -------- d-----w- C:\Program Files\Common Files\AV 2015-10-16 19:30:32 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-10-14 14:31:31 -------- d-----w- C:\Program Files\Bonjour 2015-10-14 11:39:44 -------- d-----w- C:\Program Files\WinRAR 2015-10-14 11:33:01 -------- d-----w- C:\Program Files\Windows Live ======= C:\PROGRA~2 ===== 2015-10-30 21:12:45 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 8 2015-10-30 20:47:15 -------- d-----w- C:\PROGRA~2\Gizmo 2015-10-30 20:42:18 -------- d-----w- C:\PROGRA~2\WinArchiver Virtual Drive 2015-10-30 20:16:27 -------- d-----w- C:\PROGRA~2\MagicDisc 2015-10-28 19:52:54 -------- d-----w- C:\PROGRA~2\AVG 2015-10-28 19:51:38 -------- d-----w- C:\PROGRA~2\Disc Soft 2015-10-28 18:47:27 -------- d-----w- C:\PROGRA~2\CinemaPlus-3.2cV23.10 2015-10-28 18:39:35 -------- d-----w- C:\PROGRA~2\CinemaPlus-3.2cV25.10 2015-10-28 18:37:38 -------- d-----w- C:\PROGRA~2\WNetEnhancer 2015-10-28 18:36:56 -------- d-----w- C:\PROGRA~2\Opera 2015-10-28 18:36:42 -------- d-----w- C:\PROGRA~2\Max Driver Updater 2015-10-28 18:36:40 -------- d-----w- C:\PROGRA~2\MaxDrivrUpdater_v71.6314 2015-10-28 18:36:40 -------- d-----w- C:\PROGRA~2\MaxDrivrUpdater 2015-10-26 21:03:58 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server 2015-10-26 20:59:52 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services 2015-10-25 12:20:13 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2015-10-25 10:47:49 -------- d-----w- C:\PROGRA~2\TomTom HOME 2 2015-10-25 10:39:48 -------- d-----w- C:\PROGRA~2\TomTom International B.V 2015-10-16 19:30:32 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2015-10-16 19:02:27 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-10-16 19:02:27 -------- d-----r- C:\PROGRA~2\Skype 2015-10-14 14:31:31 -------- d-----w- C:\PROGRA~2\Bonjour 2015-10-14 14:22:31 -------- d-----w- C:\PROGRA~2\DYMO 2015-10-14 12:53:10 -------- d-----w- C:\PROGRA~2\MyFree Codec 2015-10-14 12:51:01 -------- d-----w- C:\PROGRA~2\Samsung 2015-10-14 12:48:40 -------- d-----w- C:\PROGRA~2\Dropbox 2015-10-14 11:30:20 -------- d-----w- C:\PROGRA~2\Microsoft OneDrive 2015-10-14 11:26:55 -------- d-----w- C:\PROGRA~2\Browny02 2015-10-14 11:26:51 -------- d-----w- C:\PROGRA~2\ControlCenter4 2015-10-14 11:26:06 -------- d-----w- C:\PROGRA~2\Brother 2015-10-14 10:48:15 -------- d-----w- C:\PROGRA~2\Google 2015-10-14 10:22:32 -------- d-----w- C:\PROGRA~2\Microsoft Mathematics ======= C: ===== ====== C:\Users\GEAtje\AppData\Roaming ====== 2015-10-30 20:47:18 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Gizmo 2015-10-30 20:16:35 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc 2015-10-30 19:51:51 -------- d-----w- C:\Users\GEAtje\AppData\Local\Chromium 2015-10-29 21:55:37 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG 2015-10-28 20:32:40 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2015-10-28 20:32:40 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2015-10-28 19:58:41 -------- d-----w- C:\Users\GEAtje\AppData\Local\Disc_Soft_Ltd 2015-10-28 19:53:48 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg 2015-10-28 19:53:15 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\AVG 2015-10-28 19:52:59 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg 2015-10-28 19:52:41 -------- d-----w- C:\Users\GEAtje\AppData\Local\Avg 2015-10-28 19:50:15 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\DAEMON Tools Lite 2015-10-28 18:38:58 -------- d-----w- C:\Users\GEAtje\AppData\Local\bvxvexvbg 2015-10-28 18:37:20 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Opera Software 2015-10-28 18:37:20 -------- d-----w- C:\Users\GEAtje\AppData\Local\Opera Software 2015-10-28 18:35:38 -------- d-----w- C:\Users\GEAtje\AppData\Local\Programs 2015-10-27 18:45:59 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Elephant Games 2015-10-27 17:33:17 -------- d-----w- C:\Users\GEAtje\AppData\Local\GWX 2015-10-27 08:42:42 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\Brother 2015-10-27 08:42:42 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Brother 2015-10-26 21:21:52 -------- d-----w- C:\Users\GEAtje\AppData\Local\CrashDumps 2015-10-26 20:59:35 -------- d-----w- C:\Users\GEAtje\AppData\Local\Microsoft Help 2015-10-26 20:31:21 -------- d-----w- C:\Users\GEAtje\AppData\Local\MEGAsync 2015-10-25 14:35:54 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2015-10-25 10:49:52 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\TomTom 2015-10-25 10:49:52 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Mozilla 2015-10-25 10:49:52 -------- d-----w- C:\Users\GEAtje\AppData\Local\TomTom 2015-10-15 16:57:02 -------- d-----w- C:\Users\GEAtje\AppData\Local\DM 2015-10-15 10:26:34 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\HP Support Assistant 2015-10-14 19:19:32 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Hewlett-Packard_Company 2015-10-14 14:46:14 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Odian Games 2015-10-14 14:23:43 -------- d-----w- C:\Users\GEAtje\AppData\Local\Sanford,_L.P 2015-10-14 14:23:10 -------- d-----w- C:\Users\GEAtje\AppData\Local\DYMO 2015-10-14 13:46:45 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\TeamViewer 2015-10-14 12:58:43 -------- d-----w- C:\Users\GEAtje\AppData\Local\Samsung 2015-10-14 12:58:21 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Samsung 2015-10-14 12:49:53 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Dropbox 2015-10-14 12:48:33 -------- d-----w- C:\Users\GEAtje\AppData\Local\Dropbox 2015-10-14 12:45:08 -------- d-----w- C:\Users\GEAtje\AppData\Local\Downloaded Installations 2015-10-14 11:49:20 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Windows Live Writer 2015-10-14 11:49:20 -------- d-----w- C:\Users\GEAtje\AppData\Local\Windows Live Writer 2015-10-14 11:46:48 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\ControlCenter4 2015-10-14 11:44:55 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\CyberLink 2015-10-14 11:39:58 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\WinRAR 2015-10-14 11:39:44 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-14 11:28:09 -------- d-----w- C:\Users\GEAtje\AppData\Local\Windows Live 2015-10-14 11:24:02 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\InstallShield 2015-10-14 11:08:33 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Hewlett-Packard 2015-10-14 11:03:54 -------- d-----w- C:\Users\GEAtje\AppData\Local\ElevatedDiagnostics 2015-10-14 10:56:39 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2015-10-14 10:55:05 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2015-10-14 10:48:05 -------- d-----w- C:\Users\GEAtje\AppData\Local\Google 2015-10-14 10:47:38 1DB6D83A03AB8F76C4EAA0BA59191DDF 116336 ----a-w- C:\Users\GEAtje\AppData\Local\GDIPFONTCACHEV1.DAT 2015-10-14 10:47:35 -------- d-----w- C:\Users\GEAtje\AppData\Local\Apps 2015-10-14 10:47:34 -------- d-----w- C:\Users\GEAtje\AppData\Local\Deployment 2015-10-14 10:47:03 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Adobe 2015-10-14 10:31:05 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\Microsoft 2015-10-14 10:30:57 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2015-10-14 10:30:57 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2015-10-14 10:30:49 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Identities 2015-10-14 10:30:46 -------- d-----w- C:\Users\GEAtje\AppData\Local\VirtualStore 2015-10-14 10:30:11 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Hewlett-Packard 2015-10-14 10:24:05 -------- d-----w- C:\Users\GEAtje\AppData\Local\TouchSmartData 2015-10-14 10:23:10 -------- d-----w- C:\Users\GEAtje\AppData\Local\RemEngine 2015-10-14 10:23:07 -------- d-----w- C:\Users\GEAtje\AppData\Local\Hewlett-Packard_Company 2015-10-14 10:22:36 -------- d-s---w- C:\Users\GEAtje\AppData\Roaming\Microsoft 2015-10-14 10:22:36 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Media Center Programs 2015-10-14 10:22:36 -------- d-----w- C:\Users\GEAtje\AppData\Local\Temp 2015-10-14 10:22:36 -------- d-----w- C:\Users\GEAtje\AppData\Local\Microsoft 2015-10-14 10:22:36 -------- d-----w- C:\Users\GEAtje\AppData\Local\Hewlett-Packard 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-10-14 10:21:14 6E995087C9CD092ACE6339C43C08A497 1683648 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat ====== C:\Users\GEAtje ====== 2015-10-30 21:15:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-10-30 21:15:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-10-30 20:58:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\GEAtje\Downloads\RSITx64.exe 2015-10-30 20:47:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gizmo Central 2015-10-30 20:46:33 F146300FCFEB5E1729799FF31E1BCCA9 8095640 ----a-w- C:\Users\GEAtje\Downloads\gizmo-279-setup.exe 2015-10-30 20:42:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinArchiver Virtual Drive 2015-10-30 20:42:12 37346092E12CA41A4193D970950A0456 729262 ----a-w- C:\Users\GEAtje\Downloads\WADrive28.exe 2015-10-30 20:38:29 4AF0B87C01FA61690906D990387CD1B1 61064 ----a-w- C:\Users\GEAtje\Downloads\winxpvirtualcdcontrolpanel_21.exe 2015-10-30 20:37:23 4F4ABE635A57662510F55C3D65540A89 7321032 ----a-w- C:\Users\GEAtje\Downloads\Daemon-Tools-DukeN-NL.exe 2015-10-30 20:16:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc 2015-10-30 20:16:09 22EAB34E639CF9596F62CA063486CAEF 1352435 ----a-w- C:\Users\GEAtje\Downloads\setup_magicdisc.exe 2015-10-28 20:02:39 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller (1).exe 2015-10-28 19:56:00 8BE02B1C74164D70CBDE3CF8AFC460D8 134213272 ----a-w- C:\Users\GEAtje\Downloads\NIS-ESDDef-22.5.4.24-NL.exe 2015-10-28 19:53:33 -------- d-----w- C:\Users\Public\Documents\Daemon Tools Images 2015-10-28 19:53:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015 2015-10-28 19:52:01 -------- d--h--w- C:\ProgramData\Common Files 2015-10-28 19:51:57 -------- d-----w- C:\ProgramData\AVG 2015-10-28 19:49:43 -------- d-----w- C:\ProgramData\DAEMON Tools Lite 2015-10-28 19:47:16 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller.exe 2015-10-28 19:31:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2015-10-28 18:41:05 -------- d-----w- C:\ProgramData\SmartPurple 2015-10-27 18:45:59 -------- d-----w- C:\ProgramData\Elephant Games 2015-10-26 21:05:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-10-26 20:59:24 -------- d-----w- C:\ProgramData\Microsoft Help 2015-10-26 20:26:25 C334F68F3AAA17578887A0E47AA99A97 9989712 ----a-w- C:\Users\GEAtje\Downloads\MEGAsyncSetup.exe 2015-10-25 10:49:55 -------- d-----w- C:\ProgramData\TomTom 2015-10-25 10:47:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2015-10-25 10:37:26 5D4C0E1A15D3EFB767069F1BDA4D05F3 31109864 ----a-w- C:\Users\GEAtje\Downloads\TomTomHOME2winlatest.exe 2015-10-16 19:31:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-10-16 19:02:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-10-14 20:15:00 -------- d-----w- C:\ProgramData\Recovery 2015-10-14 14:46:14 -------- d-----w- C:\ProgramData\Odian Games 2015-10-14 14:31:30 -------- d-----w- C:\ProgramData\Apple 2015-10-14 14:23:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO 2015-10-14 14:22:28 -------- d-----w- C:\ProgramData\DYMO 2015-10-14 13:03:50 -------- d-----w- C:\Users\Public\Documents\NativeFus_Log 2015-10-14 12:53:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2015-10-14 12:52:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2015-10-14 12:52:06 -------- d-----r- C:\Users\GEAtje\Dropbox 2015-10-14 12:51:01 -------- d-----w- C:\ProgramData\Samsung 2015-10-14 12:50:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-10-14 12:48:33 -------- d-----w- C:\ProgramData\Dropbox 2015-10-14 11:44:55 -------- d-----w- C:\Users\Public\CyberLink 2015-10-14 11:39:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-10-14 11:35:32 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2015-10-14 11:30:19 -------- d-----r- C:\Users\GEAtje\OneDrive 2015-10-14 11:29:57 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2015-10-14 11:28:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2015-10-14 11:26:55 -------- d-----w- C:\ProgramData\ControlCenter4 2015-10-14 11:22:16 -------- d-----w- C:\ProgramData\boost_interprocess 2015-10-14 11:13:04 -------- d-----w- C:\ProgramData\Brother 2015-10-14 10:48:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-10-14 10:30:57 -------- d-----r- C:\Users\GEAtje\Searches 2015-10-14 10:30:48 -------- d-----r- C:\Users\GEAtje\Contacts 2015-10-14 10:23:11 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos 2015-10-14 10:22:37 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\GEAtje\ntuser.ini 2015-10-14 10:22:36 -------- d--h--w- C:\Users\GEAtje\AppData 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Videos 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Saved Games 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Pictures 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Music 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Links 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Favorites 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Downloads 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Documents 2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Desktop 2015-10-14 10:22:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics ====== C: exe-files == 2015-10-30 21:25:38 7411ADD09EB18DE64A41364CB1129DD8 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-115903190-4080511109-3081035828-1000\$IJOYQPI.exe 2015-10-30 21:25:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-115903190-4080511109-3081035828-1000\$RJOYQPI.exe 2015-10-30 20:58:22 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\GEAtje.exe 2015-10-30 20:58:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\GEAtje\Downloads\RSITx64.exe 2015-10-30 20:47:17 825654DE400DE4AB8D2BD76DE3A62B1F 120736 ----a-w- C:\Program Files (x86)\Gizmo\gdirector.exe 2015-10-30 20:47:15 B1C9B932F5A728800AB9C2C88C92594A 34728 ----a-w- C:\Program Files (x86)\Gizmo\gservice.exe 2015-10-30 20:47:15 43F95DBC466BA3F505C4256C29B2BA0F 17328 ----a-w- C:\Program Files (x86)\Gizmo\glauncher-x64.exe 2015-10-30 20:47:15 11E00E1BC0ABE850F0932B7FACB0F7F7 223640 ----a-w- C:\Program Files (x86)\Gizmo\gizmo.exe 2015-10-30 20:46:57 825654DE400DE4AB8D2BD76DE3A62B1F 120736 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\Gizmo\gdirector.exe 2015-10-30 20:46:33 F146300FCFEB5E1729799FF31E1BCCA9 8095640 ----a-w- C:\Users\GEAtje\Downloads\gizmo-279-setup.exe 2015-10-30 20:42:19 5BAC2A4F4B910A9ADABDECC21208CFA2 83205 ----a-w- C:\Program Files (x86)\WinArchiver Virtual Drive\uninstall.exe 2015-10-30 20:42:12 37346092E12CA41A4193D970950A0456 729262 ----a-w- C:\Users\GEAtje\Downloads\WADrive28.exe 2015-10-30 20:38:29 4AF0B87C01FA61690906D990387CD1B1 61064 ----a-w- C:\Users\GEAtje\Downloads\winxpvirtualcdcontrolpanel_21.exe 2015-10-30 20:37:23 4F4ABE635A57662510F55C3D65540A89 7321032 ----a-w- C:\Users\GEAtje\Downloads\Daemon-Tools-DukeN-NL.exe 2015-10-30 20:16:28 A03AE84660953220E522068DC5B486C2 9216 ----a-w- C:\Program Files (x86)\MagicDisc\mcdInst64.exe 2015-10-30 20:16:27 A16852B04C0A5654B0B8DFD5E1A25718 576000 ----a-w- C:\Program Files (x86)\MagicDisc\MagicDisc.exe 2015-10-30 20:16:27 973567B98CDFC147DF4E60471D9DF072 153088 ----a-w- C:\Program Files (x86)\MagicDisc\UNWISE.EXE 2015-10-30 20:16:27 3DCAD928C3BB2163F989110B4C9962A2 36864 ----a-w- C:\Program Files (x86)\MagicDisc\muninst.exe 2015-10-30 20:16:09 22EAB34E639CF9596F62CA063486CAEF 1352435 ----a-w- C:\Users\GEAtje\Downloads\setup_magicdisc.exe 2015-10-30 20:15:24 6337EDBF2B121F673433CA7DBE28810C 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-115903190-4080511109-3081035828-1000\$IQY4LQH.exe 2015-10-30 20:15:09 C1CADC30016BA3F1B52F2D9E4AA74F3D 871032 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\ICReinstall_downloader_for_Alcohol120_FE_2.exe 2015-10-30 20:14:08 C1CADC30016BA3F1B52F2D9E4AA74F3D 871032 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-115903190-4080511109-3081035828-1000\$RQY4LQH.exe 2015-10-29 18:55:50 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe 2015-10-29 18:55:50 F9EDD8A064F0FEDEAF812CF5B5EF5E9B 33496 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe 2015-10-29 18:55:50 F5D09A65FA57DD33E5B07CD552B459DD 141512 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe 2015-10-29 18:55:50 F57DB2F9AD648E513E97B5BCA2F14F46 44760 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe 2015-10-29 18:55:50 CF823937F3B1411B2D6D7BC044BB9AFE 37320 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDiscReminder_V2.exe 2015-10-29 18:55:50 C8D01F99A9FD0CD5BA662B3AB16D8D84 38416 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWindows10.exe 2015-10-29 18:55:50 C23490916152CA356B4BDA4A87974B45 35032 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe 2015-10-29 18:55:50 BF0DA3811D534A11752124919E3AE3CF 32968 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_InWarrantyCarePack.exe 2015-10-29 18:55:50 B026AFD260A4058CF37B6A6A5B15C3EA 33296 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_PostWarrantyCarePack.exe 2015-10-29 18:55:50 AF0D919701B5BE372A276800084E6661 30936 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder.exe 2015-10-29 18:55:50 AA58AA4652230F9C9C2F55C35E8B5A7B 34320 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe 2015-10-29 18:55:50 A6E7EB515A4497AAD84054ACDCEFE5DF 40464 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderA.exe 2015-10-29 18:55:50 9D50510E34D6B6B7FE0724FDB60A23E9 40648 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderB.exe 2015-10-29 18:55:50 9A8C02B240274DC9D76429ABEBC3061C 36552 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SystemRestoreCheck_V2.exe 2015-10-29 18:55:50 7A1DC920D662880F6EF8A34E21E010B0 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_US.exe 2015-10-29 18:55:50 6A6983390656B73226571BF79A1214AB 37176 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe 2015-10-29 18:55:50 698BA1D64B2C178B7069B2D1E0F35A7D 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe 2015-10-29 18:55:50 58D87CD3D31B52C204A40F19FEF6BF3D 27352 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe 2015-10-29 18:55:50 5606EFA83C850AB210C38A1C3AE886AE 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe 2015-10-29 18:55:50 5288FEC36ADB27C8A24623F6DB8858B8 72920 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe 2015-10-29 18:55:50 443A4F21DB659C5798FBA66A63186A82 40464 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_B.exe 2015-10-29 18:55:50 43AA6EF12B473723F8A3F4791EE6121E 36040 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWindows10.exe 2015-10-29 18:55:50 2D892F35618E5761D746ACA179C63096 138256 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtilDT.exe 2015-10-29 18:55:50 2CA4A36D13732E1135C48F0F6F6C6844 35528 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_GuestAccount_V2.exe 2015-10-29 18:55:50 1059C375192D53514933CBE87E79BA64 21304 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe 2015-10-29 18:55:50 0FFD3D454111B4D398EE2B6FC469C3B4 40648 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_A.exe 2015-10-29 18:55:50 0B74BF0280E062CD69B2A13B6A1F8C5D 84280 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\InterfaceValidator.exe 2015-10-29 18:55:50 074611CDD124C5FF763246B4BD37F887 97296 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe 2015-10-29 18:55:50 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe 2015-10-28 20:02:39 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller (1).exe 2015-10-28 19:56:00 8BE02B1C74164D70CBDE3CF8AFC460D8 134213272 ----a-w- C:\Users\GEAtje\Downloads\NIS-ESDDef-22.5.4.24-NL.exe 2015-10-28 19:53:42 5A7EDC9524E48F0D38F2F5FFA4419B40 41784 ----a-w- C:\Windows\System32\TURegOpt.exe 2015-10-28 19:47:16 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller.exe 2015-10-28 19:39:01 30C7E8E918403B9247315249A8842CE5 731809 ----a-w- C:\Program Files\KMSpico\unins000.exe 2015-10-28 19:31:39 245824502AEFE21B01E42F61955AA7F4 30208 ----a-w- C:\Program Files\KMSpico\UninsHs.exe 2015-10-28 19:31:37 05230AFDEEB13718E926FD654DE63F12 225448 ----a-w- C:\Program Files\KMSpico\driver\tap-windows-9.21.0.exe 2015-10-28 18:48:31 E43C2D7972A669A89E526CAE9E4017AE 1316984 ----a-w- C:\Windows\Temp\opera autoupdate\installer.exe 2015-10-28 18:37:13 ED646176126E7FE3B037076DE3B05D86 948856 ----a-w- C:\Program Files (x86)\Opera\launcher.exe 2015-10-28 18:37:12 E43C2D7972A669A89E526CAE9E4017AE 1316984 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\installer.exe 2015-10-28 18:36:53 7F794A15286D0F8E1797397620907BDE 274436 ----a-w- C:\Program Files (x86)\MaxDrivrUpdater\uninstall.exe 2015-10-26 21:26:27 B9C125314A025127FE562C116D614AA3 178824 ----a-w- C:\office\proplus.ww\ose.exe 2015-10-26 21:26:08 EACDC9474A4A6D872EDBF6A286BD0322 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-115903190-4080511109-3081035828-1000\$ICZVTD6.exe 2015-10-26 20:58:11 B9C125314A025127FE562C116D614AA3 178824 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\ose00000.exe 2015-10-26 20:55:08 B9C125314A025127FE562C116D614AA3 178824 ----a-w- C:\office\proplusr.ww\ose.exe 2015-10-26 20:54:27 B9C125314A025127FE562C116D614AA3 178824 ----a-w- C:\MSOCache\All Users\{90150000-0011-0000-1000-0000000FF1CE}-C\ose.exe 2015-10-26 20:53:29 2C430C0A60E3B669D37B25B09F4BE8EF 214664 ----a-w- C:\office\setup.exe 2015-10-26 20:53:29 2C430C0A60E3B669D37B25B09F4BE8EF 214664 ----a-w- C:\MSOCache\All Users\{90150000-0011-0000-1000-0000000FF1CE}-C\setup.exe 2015-10-26 20:31:54 CEDE02D7AF62449A2C38C49ABECC0CD3 4995416 ----a-w- C:\Users\GEAtje\AppData\Local\MEGAsync\vcredist_x86.exe 2015-10-26 20:27:11 17EC1E08C4804E5689A91178674C19A0 309511064 ----a-w- C:\Users\GEAtje\Dropbox\Microsoft Office 2007 Enterprise NL\Microsoft Office 2007 Service Pack 2\Microsoft Office 2007 Service Pack 2.exe 2015-10-26 20:26:25 C334F68F3AAA17578887A0E47AA99A97 9989712 ----a-w- C:\Users\GEAtje\Downloads\MEGAsyncSetup.exe 2015-10-26 20:17:49 29E177C7BB7343F365F12AD9A8AF4C48 434528 ----a-w- C:\Users\GEAtje\Dropbox\Microsoft Office 2007 Enterprise NL\Microsoft Office 2007 Enterprise\Office.nl-nl\dwtrig20.exe 2015-10-26 20:17:26 C6D0721E9156EB2A40A04BB38BE0B2A5 813384 ----a-w- C:\Users\GEAtje\Dropbox\Microsoft Office 2007 Enterprise NL\Microsoft Office 2007 Enterprise\Office.nl-nl\DW20.EXE 2015-10-26 20:17:26 5A432A042DAE460ABE7199B758E8606C 145184 ----a-w- C:\Users\GEAtje\Dropbox\Microsoft Office 2007 Enterprise NL\Microsoft Office 2007 Enterprise\Enterprise.WW\ose.exe 2015-10-26 17:54:15 0E84D08A5C8A3291F9A65422A4E8D44D 939088 ----a-w- C:\Program Files (x86)\Google\Update\Install\{7B249B39-4BD3-4ACB-9242-E0BB79443C4B}\46.0.2490.80_46.0.2490.71_chrome_updater.exe 2015-10-26 17:54:15 0E84D08A5C8A3291F9A65422A4E8D44D 939088 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.80\46.0.2490.80_46.0.2490.71_chrome_updater.exe === C: other files == 2015-10-30 20:47:16 4CF044DB46F79BFA47FBDFD35192D765 34704 ----a-w- C:\Windows\System32\drivers\gizmodrv.sys 2015-10-30 20:42:19 7914A30A3849306FAE9F5DD9C3615F18 141368 ----a-w- C:\Windows\System32\drivers\waemu.sys 2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\SysWOW64\drivers\mcdbus.sys 2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys 2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Program Files (x86)\MagicDisc\mcdbus.sys 2015-10-30 09:29:48 BA9109371B155F95CAB764703425133B 15782224 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\UpdateWizard_101384\package_15.0.1001.604_to_15.0.1001.638.zip 2015-10-30 09:29:45 88287B3FC9D54B65096F2A48361D564E 16761168 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\UpdateWizard_101384\package_15.0.1001.518_to_15.0.1001.604.zip 2015-10-29 18:56:04 E29B8EC86DEFC2E58EBCCD8C6C92E430 66862 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\nl-NL\hcsolutions.zip 2015-10-29 18:56:00 87BA9F7E340A1F11734496353CBBBD39 1427288 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip 2015-10-29 18:55:54 01980D1004FF6EFFB5D079C434BF7725 2347374 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guid.zip 2015-10-28 19:50:17 496C3C6BC3D930D0960C9E75AA30F4A7 30264 ----a-w- C:\Windows\System32\drivers\dtlitescsibus.sys 2015-10-28 19:50:17 496C3C6BC3D930D0960C9E75AA30F4A7 30264 ----a-w- C:\Program Files\DAEMON Tools Lite\dtlitescsibus.sys 2015-10-28 18:49:02 FEBFD8FF60806AA58AEF51BF5F00F0BB 400561 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV23.10\efba7dd2-bf83-415d-83c6-4595239075a3.crx 2015-10-28 18:48:17 FEBFD8FF60806AA58AEF51BF5F00F0BB 400561 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV23.10\3de63afe-ab19-4ae7-b115-55811384475e.crx 2015-10-28 18:47:46 A451C2BEE4A1A815C60616C7C1BB9194 432169 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\scoped_dir_3216_19086\Chrome.crx 2015-10-28 18:39:54 796DD9CB1C07363188C19BB55788C425 400937 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV25.10\08d47c20-5df0-42b6-a3b0-f77cb968d1a2.crx 2015-10-28 18:39:45 796DD9CB1C07363188C19BB55788C425 400937 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV25.10\718b4ab0-8822-4561-854a-32abfa881416.crx 2015-10-28 18:37:13 F6B685306C89EE40A4B687A1F0758DCA 218650 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\default_theme.zip 2015-10-28 18:37:13 B9E7A356DBFD03D6EC62607A3F7A267B 53056 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\reine.zip 2015-10-28 18:37:13 9BB699BFD48DC443711F1BE8077B5677 289 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\grey.zip 2015-10-28 18:37:13 57BD727A9E6668CEA21EA9A52CA65767 243193 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\darkbreeze.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe " "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun " "GizmoDriveDelegate"="C:\Program Files (x86)\Gizmo\gizmo.exe /RemountStartupImages" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "BrHelp"="C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "DLSService"="C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" "WAHELPER.EXE"="C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe " "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun " "GizmoDriveDelegate"="C:\Program Files (x86)\Gizmo\gizmo.exe /RemountStartupImages" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "Tiny download manager"="\"C:\\Users\\GEAtje\\AppData\\Local\\DM\\TinyDM.exe\" /M" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "HP Software Update"="c:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" ==== Startup Folders ====================== 2015-10-30 20:16:35 991 ----a-w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk 2015-10-30 20:47:16 1083 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gizmo.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [14-10-2015 13:48] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [14-10-2015 13:48] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-10-2015 11:48] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\HPCeeScheduleForGEATJE-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15-07-2011 12:43] C:\Windows\tasks\HPCeeScheduleForGEAtje.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForGEAtje" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForGEATJE-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe"] "C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe] "C:\Windows\SysNative\tasks\SetupManager" ["C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe"] "C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{9FCDEE2B-079D-4B58-A8D3-BEFBACE2206F}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B}" [C:\Program Files (x86)\Gizmo\gizmo.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Remediation\AntimalwareMigrationTask" ["C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn" [30-10-2015 21:05] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEAtje\AppData\Roaming\TomTom\HOME\Profiles\hgx0e9gi.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx[] Chrome Web Store Payments - GEAtje\AppData\Local\Chromium\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Slides - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Dropbox for Gmail - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec Google Sheets - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap CinemaPlus-3.2cV25.10 - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh Google Docs Offline - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Pin It Button - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic AVG Secure Search - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Chrome Web Store Payments - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda CinemaPlus-3.2cV23.10 - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp Gmail - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia CinemaPlus-3.2cV25.10 - GEAtje\AppData\Roaming\Opera Software\Opera Stable\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh CinemaPlus-3.2cV23.10 - GEAtje\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp ==== Chromium Fix ====================== C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\https_zynga2-a.akamaihd.net_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\https_zynga2-a.akamaihd.net_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_zynga2-a.akamaihd.net_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_zynga2-a.akamaihd.net_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.myhomeshopping.nl_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.myhomeshopping.nl_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.myhomeshopping.nl_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.myhomeshopping.nl_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_driver-finder.en.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_driver-finder.en.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_driver-finder.nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_driver-finder.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driver-finder.en.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driver-finder.en.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driver-finder.nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driver-finder.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_daemon-tools.nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_daemon-tools.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_libreoffice.nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_libreoffice.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_daemon-tools.nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_daemon-tools.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_libreoffice.nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_libreoffice.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NIS&pvid=19.9.1.14" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NIS&pvid=19.9.1.14" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NIS&pvid=19.9.1.14" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NIS&pvid=19.9.1.14" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox" {d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dtagent.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tomtomhome.exe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe" O4 - HKLM\..\Run: [WAHELPER.EXE] "C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun O4 - HKCU\..\Run: [GizmoDriveDelegate] "C:\Program Files (x86)\Gizmo\gizmo.exe" /RemountStartupImages O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe O4 - Global Startup: Gizmo.lnk = C:\Program Files (x86)\Gizmo\gizmo.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - (no file) O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - (no file) O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - (no file) O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - (no file) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Gizmo Central - Arainia Solutions - C:\Program Files (x86)\Gizmo\gservice.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\GEAtje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\GEAtje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\GEAtje\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Cache emptied successfully C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=296 folders=78 262633396 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\GEAtje\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEAtje\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 01-11-2015 at 18:38:54,39 ======================