Zoek.exe v5.0.0.1 Updated 01-November-2015
Tool run by GEAtje on di 03-11-2015 at 19:13:20,52.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\GEAtje\Desktop\zoek (1).exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-11-01-173854.log 102533 bytes
C:\zoek-results2015-11-02-173219.log 137471 bytes
==== Empty Folders Check ======================
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Symantec deleted successfully
C:\Users\GEAtje\AppData\Local\PDFC deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe
C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\GEAtje\Desktop\zoek (1).exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-minsb-roaming.16]
"CLSID"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-minsb.16]
"CLSID"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf-roaming.16]
"CLSID"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf.16]
"CLSID"=-
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\mso-minsb-roaming.16]
"CLSID"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\mso-minsb.16]
"CLSID"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\osf-roaming.16]
"CLSID"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\osf.16]
"CLSID"=-
==== Deleting Files \ Folders ======================
==== Folders Found ======================
2015-10-28 19:51:57 2015-10-30 08:50:36 -------- d-----w- C:\Users\GEAtje\AppData\Local\VirtualStore\ProgramData\AVG
2015-11-02 16:00:05 2015-11-02 16:00:05 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_AVG
2015-11-02 16:00:05 2015-11-02 16:00:05 -------- d---a-w- C:\zoek_backup\C_ProgramData_AVG
2015-11-02 16:00:04 2015-11-02 16:00:04 -------- d---a-w- C:\zoek_backup\C_Users_GEAtje_AppData_Local_Avg
2015-11-02 16:00:04 2015-11-02 16:00:04 -------- d---a-w- C:\zoek_backup\C_Users_GEAtje_AppData_Roaming_AVG
2015-11-02 16:00:03 2015-11-02 16:00:04 -------- d---a-w- C:\zoek_backup\C_Windows_SysNative_config_systemprofile_AppData_Local_Avg
2015-11-02 16:00:04 2015-11-02 16:00:04 -------- d---a-w- C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_Local_Avg
2015-11-02 16:00:03 2015-11-02 16:00:03 -------- d---a-w- C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_Roaming_AVG
2015-11-02 16:00:05 2015-11-02 16:00:05 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_AVG\AVG PC TuneUp
2015-10-28 18:38:58 2015-10-28 18:39:09 -------- d-----w- C:\Users\GEAtje\AppData\Local\bvxvexvbg
==== Files Found ======================
--- C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.avg.com_0.localstorage ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3072
Created time: 2015-10-30 19:52:31
Modified time: 2015-10-28 19:54:06
MD5: AADA73DCF0058F2D3BE237968CD53398
SHA1: 4042CCC65C46FD9DCCCCDE61D10CCDFA2BBDCF29
--- C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.avg.com_0.localstorage-journal ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 0
Created time: 2015-10-30 19:52:31
Modified time: 2015-10-28 19:54:06
MD5: D41D8CD98F00B204E9800998ECF8427E
SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
--- C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.avg.com_0.localstorage ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 3072
Created time: 2015-10-28 19:54:06
Modified time: 2015-10-30 20:55:11
MD5: 529511A8C781178078701F31F8A3782B
SHA1: 7C8DBE6F13389FD3FFEAFB10200D9E77BFF40C86
--- C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.avg.com_0.localstorage-journal ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 0
Created time: 2015-10-28 19:54:06
Modified time: 2015-10-30 20:55:11
MD5: D41D8CD98F00B204E9800998ECF8427E
SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
--- C:\zoek_backup\C_ProgramData_AVG\AWL\AvgRep.xml ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 514
Created time: 2015-11-02 16:00:05
Modified time: 2015-11-02 07:56:52
MD5: BD55705580914D4A528E1F911A99F50B
SHA1: D0C9C210F8A33964AFA301D22477E4E43B597DCF
--- C:\zoek_backup\C_Users_GEAtje_AppData_Local_Avg\AWL2015\log\avglng.log ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 124627
Created time: 2015-11-02 16:00:04
Modified time: 2015-11-02 07:56:52
MD5: 959C7A36272AA4578D331BDA752FBBBA
SHA1: 928BBD3AD24B31135147386574D264F23767F707
--- C:\zoek_backup\C_Users_GEAtje_AppData_Local_Avg\AWL2015\log\avglng.log.lock ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 0
Created time: 2015-11-02 16:00:04
Modified time: 2015-10-28 19:53:15
MD5: D41D8CD98F00B204E9800998ECF8427E
SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
--- C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_Local_Avg\AWL2015\log\avglng.log ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1771
Created time: 2015-11-02 16:00:04
Modified time: 2015-11-01 10:29:23
MD5: C7891659C3B995A2CADEFF33216CC45E
SHA1: C017F62546F25A192797A05FEBE00CB6ACF23E52
--- C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_Local_Avg\AWL2015\log\avglng.log.lock ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 0
Created time: 2015-11-02 16:00:04
Modified time: 2015-10-30 20:09:05
MD5: D41D8CD98F00B204E9800998ECF8427E
SHA1: DA39A3EE5E6B4B0D3255BFEF95601890AFD80709
--- C:\zoek_backup\C_Users_GEAtje_Downloads_gizmo-279-setup.exe.vir ---
Company: Arainia Solutions
File Description: Gizmo Setup
File Version: v2.7.9
Product Name: Gizmo Setup
Copyright: © 2003-2011 Arainia Solutions LLC
Original Filename: gsetup.exe
File type: ----a-w-
File size: 8095640
Created time: 2015-11-02 16:00:05
Modified time: 2015-10-30 20:46:41
MD5: F146300FCFEB5E1729799FF31E1BCCA9
SHA1: 77340932AD940C1C5C4F0155E0AB24ECF10969E8
--- C:\zoek_backup\C_windows_SysNative_drivers_gizmodrv.sys.vir ---
Company: Arainia Solutions LLC
File Description: Gizmo Drive, kernel-mode device driver
File Version: 2.7.8.0
Product Name: Gizmo Drive, kernel-mode device driver
Copyright: © 2003-2011 Arainia Solutions LLC
Original Filename: GizmoDrv.sys
File type: ----a-w-
File size: 34704
Created time: 2015-11-02 16:00:06
Modified time: 2015-10-30 20:47:16
MD5: 4CF044DB46F79BFA47FBDFD35192D765
SHA1: 5A4A29EABFCBAC3E9C2EF6AFF6F044321D2CA419
==== Registry Search Results for "avg" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL\ProgramDeactivator]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL\SIDData]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL\SIDData\2200636]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Dashboard]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\DuplicateFileFinder]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution\BrowserCleaner]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution\Defrag]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution\DiskCleaner]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution\RegDefrag]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution\RegistryCleaner]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution\ShortcutCleaner]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Maintenance\Execution\System]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Nag]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Nag\Default]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\OneClick]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\PerformanceOptimizer]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\ProgramDeactivator]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Protection]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"PinWandIntegrator"="AVG PC TuneUp 2015|Start AVG PC TuneUp 2015.|Integrator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"FolderName"="AVG PC TuneUp 2015"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"MenuIntegratorProgramsRoot"="AVG PC TuneUp 2015|Start AVG PC TuneUp 2015.|Integrator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"MenuIntegratorSub"="AVG PC TuneUp 2015|Start AVG PC TuneUp 2015.|Integrator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"WebsiteSub"="AVG Software Website|http://www.avg.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"MenuHelpSub"="Help AVG PC TuneUp|Toont het help-bestand van AVG PC TuneUp.|main_vista_7.chm"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"OCMSub"="AVG 1-klik Onderhoud|Voert de AVG 1-klik Onderhoud uit.|OneClick.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"BrowserCleanerSub"="AVG Browser Cleaner|Biedt mogelijkheden voor het opruimen van geïnstalleerde browsers.|BrowserCleaner.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"DiskCleanerSub"="AVG Disk Cleaner|Biedt mogelijkheden voor geheugenbesparing.|DiskCleaner.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"DiskDoctorSub"="AVG Disk Doctor|Controleert het bestandssysteem en de sectoren van de harde schijven.|DiskDoctor.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"DiscspaceExplorerSub"="AVG Disk Space Explorer|Toont het geheugengebruik van bestanden, mappen en harde schijven.|DiskExplorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"DriveDefragSub"="AVG Drive Defrag|Analyseert en defragmenteert uw harde schijven|DriveDefrag.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"DuplicateFinderSub"="AVG Duplicate Finder|Verwijdert dubbele bestanden die kostbare ruimte in beslag nemen op uw harde schijf|DuplicateFinder.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"EnergyOptimizerSub"="AVG Economy-modus|Maakt het optimale gebruik van het energiebesparingspotentieel mogelijk.|EnergyOptimizer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"LiveOptimizerSub"="AVG Live-optimalisatie|Zorgt voor optimale prestaties in elke situatie.|SettingCenter.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"ProcessManagerSub"="AVG Process Manager|Gebruikt de momenteel op uw systeem lopende programma's.|ProcessManager.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"ProgManSub"="AVG Program Deactivator|Ontlast uw systeem door het uitschakelen van programma's die zelden gebruikt worden of niet nodig zijn.|ProgramDeactivator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"RegCleanerSub"="AVG Registry Cleaner|Maakt het register schoon door ongeldige verwijzingen en regels te verwijderen.|RegistryCleaner.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"RegDefragSub"="AVG Registry Defrag|Defragmenteert en verkleint het register.|RegistryDefrag.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"RegEditSub"="AVG Registry Editor|Helpt u bij het bewerken en doorzoeken van het register.|RegistryEditor.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"RepairWizardSub"="AVG Repair Wizard|Lost typische computer- en weergaveproblemen op.|RepairWizard.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"RescueCenterSub"="AVG Rescue Center|Biedt de mogelijkheid om veranderingen aan uw systeem ongedaan te maken.|RescueCenter.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"SettingCenterSub"="AVG Setting Center|Biedt een centrale locatie voor het wijzigen van alle instellingen van AVG PC TuneUp.|SettingCenter.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"ShortCutCleanerSub"="AVG Shortcut Cleaner|Lost defecte koppelingen op.|ShortcutCleaner.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"ShredderSub"="AVG Shredder|Wist bestanden en mappen met het hoogste veiligheidsniveau.|Shredder.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"StartUpManagerSub"="AVG StartUp Manager|Biedt de mogelijkheid om de systeemstart te configureren.|StartUpManager.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"StartUpOptimizerSub"="AVG StartUp Optimizer|Optimaliseert het starten en afsluiten van het systeem.|StartupOptimizer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"StylerSub"="AVG Styler|Biedt de mogelijkheid om het Windows-Design te veranderen.|Styler.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"SystemControlSub"="AVG System Control|Biedt de mogelijkheid om Windows-instellingen te veranderen.|SystemControl.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"SystemInfoSub"="AVG System Information|Toont uitgebreide informatie over uw systeem.|SystemInformation.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"UndeleteSub"="AVG Undelete|Haalt de al uit de prullenbak verwijderde bestanden weer terug.|Undelete.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"UninstallManagerSub"="AVG Uninstall Manager|Toont alle geïnstalleerde programma's en geeft de mogelijkheid programma's te deïnstalleren.|UninstallManager.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"UpdateWizardSub"="AVG Update Wizard|Houdt uw versie van AVG PC TuneUp alltijd op de nieuwste stand.|UpdateWizard.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"ReportCenterSub"="AVG-optimalisatierapport|Toont het AVG optimalisatiebericht.|Report.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"IOSCleanerSub"="AVG Cleaner for iOS|Scant uw iPhone, iPad of iPod touch op overbodige cache- en ongewenste bestanden en maakt op veilige wijze ruimte vrij op uw apparaat.|iOSCleaner.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"DesktopIntegrator"="AVG PC TuneUp 2015|Start AVG PC TuneUp 2015.|Integrator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\Shortcuts]
"DesktopOCM"="AVG 1-klik Onderhoud|Voert de AVG 1-klik Onderhoud uit.|OneClick.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\TuningDefinition]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\UpdateWizard]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\UtilitiesSvc]
[HKEY_LOCAL_MACHINE\SOFTWARE\AVG\AWL2015\WelcomeScreen]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
"DllName"="avgssie.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CMF\SqmData]
"AvgFileCount"=dword:00000183
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\CMF\SqmData]
"AvgCountDiff"=dword:000000a0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\CMF\SqmData]
"AvgFileCount"=dword:00000183
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\CMF\SqmData]
"AvgCountDiff"=dword:000000a0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CMF\SqmData]
"AvgFileCount"=dword:00000183
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CMF\SqmData]
"AvgCountDiff"=dword:000000a0
[HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\PhysicalDeviceID\01bGLoruNiH4wKXcJciMz5MQ]
"DeviceId"="PABDAGUAcgB0AEkAbgBmAG8APgA8AEsAZQB5AHAAYQBpAHIAPgBBAFEAQQBBAEEATgBDAE0AbgBkADgAQgBGAGQARQBSAGoASABvAEEAdwBFAC8AQwBsACsAcwBCAEEAQQBBAEEATwBoAHEATAA3AFcAZwBpADIAVQBXADQAdgBYAFUAcwBLAEUAZgBPAEsAdwBRAEEAQQBBAEEAQwBBAEEAQQBBAEEAQQBBAFEAWgBnAEEAQQBBAEEARQBBAEEAQwBBAEEAQQBBAEEANwBjAFAAcABnAGoASwBnADMAKwAzAEMASABLAHIAcgBMAFkAZQBYAHoAYwBHAFkATgBHADIAeQA3AE8AMQA1AHkANwBZAGwAQQBKAHQAbQBuADUAZwBBAEEAQQBBAEEATwBnAEEAQQBBAEEAQQBJAEEAQQBDAEEAQQBBAEEARABRADEATQBrAEQAKwAxAEUAVQBXAGYARwBxAEUAOAB0ADEAOQAyAEYAQgBnAFMARgBqADEAQQBoAFMAWgBRAEEAcwBFADYAVQB4AEMAZgB2AEoAeABXAEEAQwBBAEEAQgBxAHAAbgA3AGUAdgBCAFEARgA3AHEANwBTAEcAbQB5AEwAagBTAEgAZQBDADIASQBqAHgANgBpAFIAbQBIAHIAOQB5AHYANQBIADgAVQB5AEUAWQBCAHUAZwB3AFIASwBqAE4AOABCAHQANgBwAE4AdABpAFIAMABFAGwAdQA1AGkAUAAwAGwAbwB1AGgAMQBUAFQAZAA2AGUAMgBqAG8AZwBCAGcAeABiAGsAQgBWAGwANQBqAGgAYgA3AGQARABsAGMARAAwAHgAZQBlAHQAagByADEAZQBKAGcAWQBkAFUAUgBxAFgARABLADAAOAB1AHEAMwBsAEYATwB4AFgAUgBDAGkAVwBBAHEASwB5AEsARABjAGUAagBYADMAegBvAGMAcAAvAFcASQBFAHoARQBnAEQAagAzAFkAYwA0AE4AVwBIAEQARQBJAHMARQBxAFYAcwBtADkAeQAxAEYAZABhAGEAZwBWAGQAegBVADAARwBzAGYARAAyADIAUQBKAFUATABDAFAAUgB6ADMAUQB3ADkATABaAHkAaQBSAEYAZgBMAE0AeABKAEQAZQBuAHEAYQBTADYASQA0AHMATABIAGUAUABRAEYAKwBwAFYAOQBrAHMAZQBFAEoAUQBPAFoAaABVADEAcgBHAEkAcgBBAG0AbgB1ADAAMAByAFMAUQBjAFMAeQBxAHgAMQBwAFYAcQAxAFMALwArAHkARABBACsAMgBTAHcAeQA1AE8AMABoAGYATQBjAHkATwBXAEMAcABJADgANQBBADMAVABsAGIAYwBaAFcAUQB4AGgAbwA2AGQAbwBVADMAcAB2ADAARQArAGYAVABUACsAZgBNAEQAcgBwAE0AdgByAEYARQBUAE0AbwBKAEkAWAAyAGQAdwA2ADEARgB5AHoAWABiAFEAaAA2ADEAMQBoAHkAagAxAFEARwB5AGwAWgBIAHUAbwBQAGIAZgBFAE4AZgBTAHIARAArAFoAcwA1AEQALwBxAFMARQA4AGcAZABjAFEAeABDAGgAdABaADQAVgBCAFcAZwBEAEEAMgBIAEsANwB4ADcAQwBXAEkAMABoAHYAOQBtAFoANgBYAGMAdQA2AGkATQBDAEMAdABoACsAcgBoADAAcABjAEoAaABsAHMASQBMAG4AWgBPAGMAaABEAFkANAA0AFQAcgBWAEUAMgAzADcATQBWAEcATABSAGIAegBDAGoAdQB5AFYAdABoAC8AdABwAE0AZQBsAHcAMQA3ADkAUABwAHYAdgBPAFcASABoAEcAbgBnAE8AVwByAFUASgAzAFAAUQBRAGoAVQA3AGMAeABMAG4AagAwAGkASwBoAHQAcwBuAHEAaABkADYASABWAHYAbQBBAEMAVABUAFAAegBLAE0AcwB3AFYANABTADMAcgA2AGQASAB2ACsASABiADIAZABOAEIAeQA5AHkANwBMADIAWgAvAEMAZgBJAHIAbgBSAEQAVQBCAFMAdwAzADkARwA4AEQAOABxADgAWQBKADMAMABoAFoARwBQAGgAcgBRAG4AKwBpAHcANwBVAFoASQAxAFcARwBFAHcAUgBmAFEAUwBVAGgAVwA3ADQAcwBWAHAAQgA3ADYAcQBCAC8AYQBRAHEASwBnAFEAdQBaAGQAUQBOADkAcwBoADIAVABKAHYANQA2AEoARwBoADkAbAA4AGQANAA2AFIANwBUADEASgBrAGwAaQBrAHMAQQBMAGcAcwBzAEMARgBFAHcAWgBwAGsALwA0AE0AdABQAFQAQgBxAEgAcgBFAHMAagBBADkAUwA3AHkAUABLAC8AaAB0AFMAdgBwAFYAQgBQAGUAYQBpAFMAYwBpAHgAQwBZAFAAUQA2AEsARgB1AGMAbQBHAGIAMgBaAEEAbwBjAG4AOQB1AHMASQA1AEsANABhAFIAdABEAEsARQBOAHEAMABnAHEASgBIAFcAMABIAHEAbQBPAC8ASwByAGsAeQBvAHQARQBYAEwAKwA3AEsARwBGAFQARwByAHYARgBOAFcAMABhAHAATgA5AGEAZABSAHAAeQBIADIAZQArAEwARQBNAFYARgBxAFoAcgBoAGgAaQA2ADMAdABVAHEAbgBGAHEAWABvAHgAZQBMADMAWQBkAGYAbAAwAEEAQQBBAEEARAA2AEgAWABWAEgATABPAGMAcgBkAGQAaABqAEsALwAxAFkAbABYAEEAMAB5ACsARgAxAFYAaQBKAFkAUwBVAE8AOQBLAHYAYgBEAEwASQBUAGYAcQAwAEwAQgB6AGEAawBRAGwAZQBvAFkAQQBIAEwAdgB0AEEAMgB3AFYAcgBEAE0ATwB2ADUAUQBxAGgAbQBJAEIASwBpAFIAZQA4AEsAQwA5AE0AWQBkADwALwBLAGUAeQBwAGEAaQByAD4APABLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA4ADwALwBLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA8AEMAZQByAHQAPgBNAEkASQBFAEkAVABDAEMAQQArAEMAZwBBAHcASQBCAEEAZwBJAFUAWgBtAGcAZgBHAHgAQwBHAFMAbQBvAGQASQBLAEUAVwBYAFoAUAB5ADIAeQBQAHoAdQBGADgAdwBDAFEAWQBIAEsAbwBaAEkAegBqAGcARQBBAHoAQQBqAE0AUwBFAHcASAB3AFkARABWAFEAUQBEAEUAeABoAFUAYgAyAHQAbABiAGkAQgBUAGEAVwBkAHUAYQBXADUAbgBJAEYAQgAxAFkAbQB4AHAAWQB5AEIATABaAFgAawB3AEgAaABjAE4ATQBUAFUAeABNAEQARQAwAE0AVABBADAATQBEAFUAdwBXAGgAYwBOAE0AVABZAHcATgBEAEUAeABNAFQAQQAwAE0ARABVAHcAVwBqAEEAdABNAFMAcwB3AEsAUQBZAEQAVgBRAFEARABIAGkASQBBAE0AQQBBAHcAQQBEAEUAQQBPAEEAQQAzAEEARQBZAEEAUgBnAEIARgBBAEUARQBBAE8AUQBBAHgAQQBFAFUAQQBRAGcAQQAwAEEARQBRAEEATgBnAEEAQQBNAEkARwBmAE0AQQAwAEcAQwBTAHEARwBTAEkAYgAzAEQAUQBFAEIAQQBRAFUAQQBBADQARwBOAEEARABDAEIAaQBRAEsAQgBnAFEAQwB6AGMAYwBMAGoARABBAGgAbwBCAFUAOQBKAFMAdwBTAHoAVABrADgAZQBTAGYATwBzAGEAegBFAFAAcgBrAC8ASABGAFkAWQB3AFgASQBOAG4AeABIAGEAKwBWADgANgByAG4ASwAyAFQAUwBKAEcARQBDAGQATwA0AHYAaQBEAC8AVQBQAFgAQQA1AFQAagBFADQAbABFAFoAbABFAFEAWgBOAG8AZAA3AGYAVgA0AFEAMgB5AFIARQA4ADEAeQBKAFoANwBRAFkANwAzAEsAZwBkAGwAVABqAEQAUwBZAGIAQgBMAGoAeABJAGEALwB0AFYALwBmAFAAMwBQAFoAdABWAEkAMwBiADIAVgBOAGgARAB6AEUASgBnAGEAZgBoAEcARwBXAFcAcABKAGIAMwBHAHEASABvAHgAagA2ADYAVQA3AEQAWQBGAG0AOAB4AFUAUQBJAEQAQQBRAEEAQgBvADQASQBDAG8ARABDAEMAQQBwAHcAdwBEAGcAWQBEAFYAUgAwAFAAQQBRAEgALwBCAEEAUQBEAEEAZwBXAGcATQBCAE0ARwBBADEAVQBkAEoAUQBRAE0ATQBBAG8ARwBDAEMAcwBHAEEAUQBVAEYAQgB3AE0AQwBNAEkASQBCAC8AdwBZAEQAVgBSADAAZwBCAEkASQBCADkAagBDAEMAQQBmAEkAdwBnAGcASAB1AEIAZwBvAHIAQgBnAEUARQBBAFkASQAzAE0AdwBNAEMATQBJAEkAQgAzAGoAQwBDAEEAZABvAEcAQwBDAHMARwBBAFEAVQBGAEIAdwBJAEMATQBJAEkAQgB6AEIANgBDAEEAYwBnAEEAVABRAEIAcABBAEcATQBBAGMAZwBCAHYAQQBIAE0AQQBiAHcAQgBtAEEASABRAEEASQBBAEIAawBBAEcAOABBAFoAUQBCAHoAQQBDAEEAQQBiAGcAQgB2AEEASABRAEEASQBBAEIAMwBBAEcARQBBAGMAZwBCAHkAQQBHAEUAQQBiAGcAQgAwAEEAQwBBAEEAYgB3AEIAeQBBAEMAQQBBAFkAdwBCAHMAQQBHAEUAQQBhAFEAQgB0AEEAQwBBAEEAZABBAEIAbwBBAEcARQBBAGQAQQBBAGcAQQBIAFEAQQBhAEEAQgBsAEEAQwBBAEEAYQBRAEIAdQBBAEcAWQBBAGIAdwBCAHkAQQBHADAAQQBZAFEAQgAwAEEARwBrAEEAYgB3AEIAdQBBAEMAQQBBAFoAQQBCAHAAQQBIAE0AQQBjAEEAQgBzAEEARwBFAEEAZQBRAEIAbABBAEcAUQBBAEkAQQBCAHAAQQBHADQAQQBJAEEAQgAwAEEARwBnAEEAYQBRAEIAegBBAEMAQQBBAFkAdwBCAGwAQQBIAEkAQQBkAEEAQgBwAEEARwBZAEEAYQBRAEIAagBBAEcARQBBAGQAQQBCAGwAQQBDAEEAQQBhAFEAQgB6AEEAQwBBAEEAWQB3AEIAMQBBAEgASQBBAGMAZwBCAGwAQQBHADQAQQBkAEEAQQBnAEEARwA4AEEAYwBnAEEAZwBBAEcARQBBAFkAdwBCAGoAQQBIAFUAQQBjAGcAQgBoAEEASABRAEEAWgBRAEEAcwBBAEMAQQBBAGIAZwBCAHYAQQBIAEkAQQBJAEEAQgBrAEEARwA4AEEAWgBRAEIAegBBAEMAQQBBAGEAUQBCADAAQQBDAEEAQQBiAFEAQgBoAEEARwBzAEEAWgBRAEEAZwBBAEcARQBBAGIAZwBCADUAQQBDAEEAQQBaAGcAQgB2AEEASABJAEEAYgBRAEIAaABBAEcAdwBBAEkAQQBCAHoAQQBIAFEAQQBZAFEAQgAwAEEARwBVAEEAYgBRAEIAbABBAEcANABBAGQAQQBCAHoAQQBDAEEAQQBZAFEAQgBpAEEARwA4AEEAZABRAEIAMABBAEMAQQBBAGQAQQBCAG8AQQBHAFUAQQBJAEEAQgB4AEEASABVAEEAWQBRAEIAcwBBAEcAawBBAGQAQQBCADUAQQBDAEEAQQBiAHcAQgB5AEEAQwBBAEEAYwB3AEIAaABBAEcAWQBBAFoAUQBCADAAQQBIAGsAQQBJAEEAQgB2AEEARwBZAEEASQBBAEIAawBBAEcARQBBAGQAQQBCAGgAQQBDAEEAQQBjAHcAQgBwAEEARwBjAEEAYgBnAEIAbABBAEcAUQBBAEkAQQBCADMAQQBHAGsAQQBkAEEAQgBvAEEAQwBBAEEAZABBAEIAbwBBAEcAVQBBAEkAQQBCAGoAQQBHADgAQQBjAGcAQgB5AEEARwBVAEEAYwB3AEIAdwBBAEcAOABBAGIAZwBCAGsAQQBHAGsAQQBiAGcAQgBuAEEAQwBBAEEAYwBBAEIAeQBBAEcAawBBAGQAZwBCAGgAQQBIAFEAQQBaAFEAQQBnAEEARwBzAEEAWgBRAEIANQBBAEMANAB3AFUAdwBZAEQAVgBSADAAagBCAEUAdwB3AFMAbwBBAFUAYQBJAFMAbwBsAG8AVgBsAGsAVgAvAFAANABKAEcAawBnAFUARwBqAGcAegBqAHIAVgBTAEMAaABKADYAUQBsAE0AQwBNAHgASQBUAEEAZgBCAGcATgBWAEIAQQBNAFQARwBGAFIAdgBhADIAVgB1AEkARgBOAHAAWgAyADUAcABiAG0AYwBnAFUASABWAGkAYgBHAGwAagBJAEUAdABsAGUAWQBJAEoAQQBLAHMAKwBGAFMAdwBrAHkAZQBjAGgATQBCADAARwBBADEAVQBkAEQAZwBRAFcAQgBCAFQAeQBjAGYAcgBhAGsATABxAGkAVgAxADQAbABVACsAMgAxAFcARwBWAHQAcQB2AGgAagArAFQAQQBKAEIAZwBjAHEAaABrAGoATwBPAEEAUQBEAEEAegBBAEEATQBDADAAQwBGAEcAegB5AGgAZQB2AHgAYgBNAEoAZQBHADgANwByAFcAZABaAFkAagBuAHQAMwA0AG0AZwBwAEEAaABVAEEAdQByAGkAMQAyAHMAUQBqAFcATwBuAHEASQBxAG8AUABoAHEAcgBWAGMAMABqAGQAQgBIAEEAMQA8AC8AQwBlAHIAdAA+ADwARQB4AHAAaQByAGUAZABUAGkAbQBlAD4AMgAwADEANgAtADAANAAtADEAMQBUADEAMAA6ADQANQA6ADUAMAA8AC8ARQB4AHAAaQByAGUAZABUAGkAbQBlAD4APAAvAEMAZQByAHQASQBuAGYAbwA+AA==AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAOhqL7Wgi2UW4vXUsKEfOKwQAAAACAAAAAAAQZgAAAAEAACAAAAAm/VdzmYB5/EnWsbjAjZV11GsmgVzICRrmxLLHhYzgbgAAAAAOgAAAAAIAACAAAAA3A3nD3FFnIpzY+i6Zi1inAkR70cSeO/zUTGDSyVYNC0AAAAAp3zdUqked6ag31/V0aQpEikh1z7TOa8I/5iYCETC32be0VxE9lk83i5DMsycpBaKy/zh0EptWTmggwIdRLQtQQAAAALMG8mUNNBz8dFGrIHq89p0I9knqmraLqjGiWW5zx9gQ/WL3XPM1IvYw6t5Ln1WL5aoiZMIOJtAsjgeOwWmv6RA=
[HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-115903190-4080511109-3081035828-1000\02srxlojikzr]
"DeviceId"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAOhqL7Wgi2UW4vXUsKEfOKwQAAAACAAAAAAAQZgAAAAEAACAAAACR4Zn1qiEXYMW3gyROD+UGlAZy8CIxXEgAscZgkf+0HQAAAAAOgAAAAAIAACAAAAAMwW/rx7LIk6ORdSk0HwWhDpzme5AbCUgScWp3xjrDPzAAAAARFrNwDIXLtcJyR5cG8yryAk5EC03AdawGYuahid36mjCplYdWPQk+kV4pZdMsi8pAAAAAtsx3q6bmlxY8mlRI7FsoqVoKx/tWoOo8uDj9NoBkJpl2Q/9jMq0awTAFWXP+oSiymCBJCX4hO6Qe9BIDRckljw==PABDAGUAcgB0AEkAbgBmAG8APgA8AEsAZQB5AHAAYQBpAHIAPgBBAFEAQQBBAEEATgBDAE0AbgBkADgAQgBGAGQARQBSAGoASABvAEEAdwBFAC8AQwBsACsAcwBCAEEAQQBBAEEATwBoAHEATAA3AFcAZwBpADIAVQBXADQAdgBYAFUAcwBLAEUAZgBPAEsAdwBRAEEAQQBBAEEAQwBBAEEAQQBBAEEAQQBBAFEAWgBnAEEAQQBBAEEARQBBAEEAQwBBAEEAQQBBAEEAOAAzAHEARQBUAG0ALwBrAHEANQBsAFkARABHADQAWQBrAHQAeQB6AHMAZwB0AGsAVgBVAHcASQBOAHYANwBIAGEAbwBSAEYAaQBSADEAWQBCAFYAUQBBAEEAQQBBAEEATwBnAEEAQQBBAEEAQQBJAEEAQQBDAEEAQQBBAEEARABUAFoAWgBhAEcAegBDAEkAWQA5AEkANwB0AG8ANQBVADMAegBwAGYAQwAyAGwAQwBLAEcAbABFAEkAcQBUAEcARQAzAGwANwBzAFcATAB6AFEAKwBHAEEAQwBBAEEAQwBUAHEAawBoAGEAagBFAHEATwBjAE8AawBoAFgAUABKAE4AWgBvAFQAZABiAFcAbgBMAFYAdABHADEANAByAFAAMQBRAEwARgBrAGkAVwAzAGQANgBlAEQAWQBwAE0AUABNADEAVABPAFoATQB4AHEAUwB4AHUAagA0AG0AYgBuADIARABJAFgAVAArAEkAVwBrAGkAOQBmAHAATgBiAGMAeQA1AGkAUQBpAE0AVwBaAE4ARABRADUAUQBBAFkATwBHAFAAcQBOAHMATQBlAEoAcABzADQAcABSAE8AZgBPAFYAbwBJAG8AUABvAGsALwBsAGwAQwBUAGwAVgA5ADMAKwBIADIAaQBRAEgATABXAHoASQA1AGMAZQBCAG8ANQBNAGEAUABmAEQAegB0AGgASABzAFMAQwBGAFUAZgAzAEgANgBmAHYATQBNAFIAegB3AFIAcQBYAHIAQgBWAHkAMwB0AFgALwBaAE0AZABjAFYAaQAvAFUAWgBtAEUAZwBTAEEARABKAHkAVwBEAGYAYQBSAHcAcABMADYAcABFAG4AQQArAFMAdQBYAG4ARQBaAFkAcgB5AFkAMQBKAGIAMgBLAGIAVABhAGkAOQBDAHQANwBrAFYANABaAEYAdwBpAGwAcQBwAEMAZgAwAHEAMgBaAE8ARQBPAFIAdwBhAGcANABMAEkAMQBXAEwAZQAwADQASgBOAGkAOQBlAEcALwBLAGoATwBLADkAQQBIAEUAYQArAEYAQgBKAHMAbQB3AGwAQQBsAEQAYwBkAHQAZABmAGEAQgBSAHIARgBuAGIAbgBrAHAAZABFAE4ANQBsAEEAWQBhAEYALwBPAGEARABnAEIALwBQAGkAWAAyAGsAQgBnAEoAWgB6AHAAbwBQAGMAaQBPAGMAMABhADYAaAA3ACsAYwBOAGQAaQBxAFQAagBVAEMAYwB0AFMAbAB1AFkAdQBKAG0AZwA0AEsARgBYAHEAVAAyAEQAcgB1AFcAKwBWAEgAQwBPAC8AOQBOAGgANQB1AHQATAB4AHQAMQBoAGkAcABoAFgAYQBvAHkAcwBsAFMATwBPAG8ARAAyADUAUQBxAE0AUABsAHQAKwAzADIANgBnAEwAaABaAEEAKwBvAFoARwBwAGUARABqAHcAMQA2AC8ANQAvADkAMQBEAHgAUQBpADAAbABLAGUANgBpAEsAQgAxAHAAeABGAEcAUwAxAE0AYQBqAEYAdQBQAFoARwB2AHAAVABwAEQANABkAFYAUgA3AGsAcwBRAEQAMQBLAGgANQBkAGcAWgBzADIASwBXAEgAcwBVAHkAbAA1AHEAMgA3AEEANQBiAGoANABlAG8AbwBUAFgAcwBVADQAaABvAEEARABwAEkAaQBGAGEAWQAzAEIAWgBXAEQATQBZAFoASQBZAGYAcgA4AHYATABQAHEANQBnAE0AaAAvAGEAcgA5AHcAMwBpAGsAMQBWAC8AVABWADAANgBIAHUAeAB0AGkARwBHAFUAMABLADAAZwA3AFEAZgBPAFUAVABGAE0ARQAyAFcARgBaAHEAYQBsAGEAZwBHADgAVAA0AEIAMABMAEUASABTAHUAdABNAFUAagA5AFAAbwBnAEcASgBDACsAcQBOADkAUABkADIANABOAHoAMQBjAEsAOQBrAFgAUQB6AEIASgAyAGoATwB1ADgAaABBADcAVgByAEEAagBLADkAMwBtAFUAVwBTADUAcwBCADIAcABHAE8AaQAyAHEASwBXAEgASwBhAGsAYwBKAGgAMwBKADgARABhAGQAaQAvAGcAZQBOAHoARgBDAHEAeQByAE4AZABtAGYAVAAxADQAYQBpADkAUgBXAHMAdQBkAHMAdABTAFAARwA5AHkAWQB4AEkAUwA0AHQAMQBvAGwAVgBxAGEASQBDAGUALwB0AGwAQwA2AGoARwBkAE4AYgBmAEIAaABMAHAAYgBnAE0AbgBZAHoAZQBFAEUAbABWAFYANABkAFkANQA1AEQAMgBhADQAcwAzADgANQAyAE4AYgBaAGEARQBxAEUAZwAzAHAAVwBHADUAcgBZAHoAbQA3ADIAKwBzADQAWgB0AFkARAB0AGUAeAB1AEgASQB3AFgAWAB2ADEASABpADgAZwBUAGQAVwBFAEEAQQBBAEEARABCAGcAMABrAHMANwBJADkAaAAzAFcAOABiAGgATABZAGIAdwBwAE8AegBDAHcASwA4AFYAZQBJAHAAeQBYAG4ANQBqAHYAcgBnAHYAZwBjAFMAbwBoAEUAUQBxADYAWgBwAHgALwBYAGEAQgBoAEYAQwBxAE8ASgBJAFQAMQAvAGYAVwA0AFIAYgBIAEcAagBnAEUAQgBYAHQAegBHAGUAUQBsAGMAVQBXADwALwBLAGUAeQBwAGEAaQByAD4APABLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA4ADwALwBLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA8AEMAZQByAHQAPgBNAEkASQBFAEkARABDAEMAQQArAEMAZwBBAHcASQBCAEEAZwBJAFUAMABSAHcAVQBzAGIAdwBNAEEAUgBpAE4AWABPAG0AcQA5AEEATQBhAGwAcQBUAFoATABOAGsAdwBDAFEAWQBIAEsAbwBaAEkAegBqAGcARQBBAHoAQQBqAE0AUwBFAHcASAB3AFkARABWAFEAUQBEAEUAeABoAFUAYgAyAHQAbABiAGkAQgBUAGEAVwBkAHUAYQBXADUAbgBJAEYAQgAxAFkAbQB4AHAAWQB5AEIATABaAFgAawB3AEgAaABjAE4ATQBUAFUAeABNAEQARQAwAE0AVABFAHcATQB6AEkAeQBXAGgAYwBOAE0AVABZAHcATgBEAEUAeABNAFQARQB3AE0AegBJAHkAVwBqAEEAdABNAFMAcwB3AEsAUQBZAEQAVgBRAFEARABIAGkASQBBAE0AQQBBAHcAQQBEAEUAQQBPAEEAQQB3AEEARABBAEEATQBBAEEAdwBBAEQAYwBBAE0AZwBBADEAQQBFAFEAQQBRAHcAQQB5AEEARABnAEEAUgBnAEEAQQBNAEkARwBmAE0AQQAwAEcAQwBTAHEARwBTAEkAYgAzAEQAUQBFAEIAQQBRAFUAQQBBADQARwBOAEEARABDAEIAaQBRAEsAQgBnAFEARABTADMASABoAEsAOQAzAEYAQwBlAFoAQQArAEYATABvADUAUgB3ADQASABFAEwAMAAyAFcARgBYADgAbABsAHgAYgB3AGcASgAvAEMAcwBvAEMAcwB0AHIAZABmAEkAbgAzAEUARABUAFIAUQBSAGEANgBBADgAUABlADgAUABrAEIASABUAGYAbgBpAGEAOQBqAFgAQgBCAHAAVgBWAHAARgB3ADMAMgBVAEwAUQBJAE0AdABLAE0AMwB4AEYAWgA2AHkAeABLAEMANwBaAEYAbABOAEUAcgBZAGMASQBFAGoARgA2ADUANABaAEgAYwByADYAdwB3AFgAWAArADkAbgA3ADEAOQBTADUAMwBXAEwAZgB3AEEAdABvAEsAZABWAEUAOQAzAHEARQBJAHUAeABTADQAVgBzAE0ATgBYADIARgBLACsAegA0AFIAdQB2ADMAUQBJAEQAQQBRAEEAQgBvADQASQBDAG8ARABDAEMAQQBwAHcAdwBEAGcAWQBEAFYAUgAwAFAAQQBRAEgALwBCAEEAUQBEAEEAZwBXAGcATQBCAE0ARwBBADEAVQBkAEoAUQBRAE0ATQBBAG8ARwBDAEMAcwBHAEEAUQBVAEYAQgB3AE0AQwBNAEkASQBCAC8AdwBZAEQAVgBSADAAZwBCAEkASQBCADkAagBDAEMAQQBmAEkAdwBnAGcASAB1AEIAZwBvAHIAQgBnAEUARQBBAFkASQAzAE0AdwBNAEMATQBJAEkAQgAzAGoAQwBDAEEAZABvAEcAQwBDAHMARwBBAFEAVQBGAEIAdwBJAEMATQBJAEkAQgB6AEIANgBDAEEAYwBnAEEAVABRAEIAcABBAEcATQBBAGMAZwBCAHYAQQBIAE0AQQBiAHcAQgBtAEEASABRAEEASQBBAEIAawBBAEcAOABBAFoAUQBCAHoAQQBDAEEAQQBiAGcAQgB2AEEASABRAEEASQBBAEIAMwBBAEcARQBBAGMAZwBCAHkAQQBHAEUAQQBiAGcAQgAwAEEAQwBBAEEAYgB3AEIAeQBBAEMAQQBBAFkAdwBCAHMAQQBHAEUAQQBhAFEAQgB0AEEAQwBBAEEAZABBAEIAbwBBAEcARQBBAGQAQQBBAGcAQQBIAFEAQQBhAEEAQgBsAEEAQwBBAEEAYQBRAEIAdQBBAEcAWQBBAGIAdwBCAHkAQQBHADAAQQBZAFEAQgAwAEEARwBrAEEAYgB3AEIAdQBBAEMAQQBBAFoAQQBCAHAAQQBIAE0AQQBjAEEAQgBzAEEARwBFAEEAZQBRAEIAbABBAEcAUQBBAEkAQQBCAHAAQQBHADQAQQBJAEEAQgAwAEEARwBnAEEAYQBRAEIAegBBAEMAQQBBAFkAdwBCAGwAQQBIAEkAQQBkAEEAQgBwAEEARwBZAEEAYQBRAEIAagBBAEcARQBBAGQAQQBCAGwAQQBDAEEAQQBhAFEAQgB6AEEAQwBBAEEAWQB3AEIAMQBBAEgASQBBAGMAZwBCAGwAQQBHADQAQQBkAEEAQQBnAEEARwA4AEEAYwBnAEEAZwBBAEcARQBBAFkAdwBCAGoAQQBIAFUAQQBjAGcAQgBoAEEASABRAEEAWgBRAEEAcwBBAEMAQQBBAGIAZwBCAHYAQQBIAEkAQQBJAEEAQgBrAEEARwA4AEEAWgBRAEIAegBBAEMAQQBBAGEAUQBCADAAQQBDAEEAQQBiAFEAQgBoAEEARwBzAEEAWgBRAEEAZwBBAEcARQBBAGIAZwBCADUAQQBDAEEAQQBaAGcAQgB2AEEASABJAEEAYgBRAEIAaABBAEcAdwBBAEkAQQBCAHoAQQBIAFEAQQBZAFEAQgAwAEEARwBVAEEAYgBRAEIAbABBAEcANABBAGQAQQBCAHoAQQBDAEEAQQBZAFEAQgBpAEEARwA4AEEAZABRAEIAMABBAEMAQQBBAGQAQQBCAG8AQQBHAFUAQQBJAEEAQgB4AEEASABVAEEAWQBRAEIAcwBBAEcAawBBAGQAQQBCADUAQQBDAEEAQQBiAHcAQgB5AEEAQwBBAEEAYwB3AEIAaABBAEcAWQBBAFoAUQBCADAAQQBIAGsAQQBJAEEAQgB2AEEARwBZAEEASQBBAEIAawBBAEcARQBBAGQAQQBCAGgAQQBDAEEAQQBjAHcAQgBwAEEARwBjAEEAYgBnAEIAbABBAEcAUQBBAEkAQQBCADMAQQBHAGsAQQBkAEEAQgBvAEEAQwBBAEEAZABBAEIAbwBBAEcAVQBBAEkAQQBCAGoAQQBHADgAQQBjAGcAQgB5AEEARwBVAEEAYwB3AEIAdwBBAEcAOABBAGIAZwBCAGsAQQBHAGsAQQBiAGcAQgBuAEEAQwBBAEEAYwBBAEIAeQBBAEcAawBBAGQAZwBCAGgAQQBIAFEAQQBaAFEAQQBnAEEARwBzAEEAWgBRAEIANQBBAEMANAB3AFUAdwBZAEQAVgBSADAAagBCAEUAdwB3AFMAbwBBAFUAYQBJAFMAbwBsAG8AVgBsAGsAVgAvAFAANABKAEcAawBnAFUARwBqAGcAegBqAHIAVgBTAEMAaABKADYAUQBsAE0AQwBNAHgASQBUAEEAZgBCAGcATgBWAEIAQQBNAFQARwBGAFIAdgBhADIAVgB1AEkARgBOAHAAWgAyADUAcABiAG0AYwBnAFUASABWAGkAYgBHAGwAagBJAEUAdABsAGUAWQBJAEoAQQBLAHMAKwBGAFMAdwBrAHkAZQBjAGgATQBCADAARwBBADEAVQBkAEQAZwBRAFcAQgBCAFEAdQBiAFUAagBHAHQAdgBzAEwAaQBPAEEAVgBkAHoAdgBNAHEAaQBIAEIARgBXADIAZQBXAGoAQQBKAEIAZwBjAHEAaABrAGoATwBPAEEAUQBEAEEAeQA4AEEATQBDAHcAQwBGAEcAbwBOAEgAagBZAE4ARQBXAHgAUABOAEkASABsAGIAUQA4AC8ARwBnAFEAdQAzADQAZgBaAEEAaABSAEkAdQBPAHAAMABiAEYAYQA2ADAANQBxAHUAbwBiAGQAUgBiAFkAaQBDAEcAbQA1AFcARgB6AFUAeQA8AC8AQwBlAHIAdAA+ADwARQB4AHAAaQByAGUAZABUAGkAbQBlAD4AMgAwADEANgAtADAANAAtADEAMQBUADEAMQA6ADAAOAA6ADIAMQA8AC8ARQB4AHAAaQByAGUAZABUAGkAbQBlAD4APAAvAEMAZQByAHQASQBuAGYAbwA+AA==
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Integrator]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Integrator\1920x1080x96]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Notifications]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\ProgramDeactivator]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\ProgramDeactivator\1920x1080]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\ProgramDeactivator\1920x1080\Grouping]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\ProgramDeactivator\1920x1080x96]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Setting Center]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Setting Center\1920x1080x96]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\ShortcutCleaner]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\ShortcutCleaner\1920x1080x96]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Statistics]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Statistics\OneClick]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\Statistics\Shortcut Cleaner]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\UpdateWizard]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\UtilitiesService]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\AVG\AWL2015\UtilitiesService\LiveOptimization]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\AVG\\AVG PC TuneUp\\Integrator.exe"="AVG PC TuneUp - Start Center"
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015\Dashboard]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015\OneClick]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015\PerformanceOptimizer]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\\Program Files (x86)\\AVG\\AVG PC TuneUp\\Integrator.exe"="AVG PC TuneUp - Start Center"
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015\Dashboard]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015\OneClick]
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\AVG\AWL2015\PerformanceOptimizer]
[HKEY_USERS\S-1-5-18\Software\Microsoft\IdentityCRL\DeviceIdentities\production\PhysicalDeviceID\01bGLoruNiH4wKXcJciMz5MQ]
"DeviceId"="PABDAGUAcgB0AEkAbgBmAG8APgA8AEsAZQB5AHAAYQBpAHIAPgBBAFEAQQBBAEEATgBDAE0AbgBkADgAQgBGAGQARQBSAGoASABvAEEAdwBFAC8AQwBsACsAcwBCAEEAQQBBAEEATwBoAHEATAA3AFcAZwBpADIAVQBXADQAdgBYAFUAcwBLAEUAZgBPAEsAdwBRAEEAQQBBAEEAQwBBAEEAQQBBAEEAQQBBAFEAWgBnAEEAQQBBAEEARQBBAEEAQwBBAEEAQQBBAEEANwBjAFAAcABnAGoASwBnADMAKwAzAEMASABLAHIAcgBMAFkAZQBYAHoAYwBHAFkATgBHADIAeQA3AE8AMQA1AHkANwBZAGwAQQBKAHQAbQBuADUAZwBBAEEAQQBBAEEATwBnAEEAQQBBAEEAQQBJAEEAQQBDAEEAQQBBAEEARABRADEATQBrAEQAKwAxAEUAVQBXAGYARwBxAEUAOAB0ADEAOQAyAEYAQgBnAFMARgBqADEAQQBoAFMAWgBRAEEAcwBFADYAVQB4AEMAZgB2AEoAeABXAEEAQwBBAEEAQgBxAHAAbgA3AGUAdgBCAFEARgA3AHEANwBTAEcAbQB5AEwAagBTAEgAZQBDADIASQBqAHgANgBpAFIAbQBIAHIAOQB5AHYANQBIADgAVQB5AEUAWQBCAHUAZwB3AFIASwBqAE4AOABCAHQANgBwAE4AdABpAFIAMABFAGwAdQA1AGkAUAAwAGwAbwB1AGgAMQBUAFQAZAA2AGUAMgBqAG8AZwBCAGcAeABiAGsAQgBWAGwANQBqAGgAYgA3AGQARABsAGMARAAwAHgAZQBlAHQAagByADEAZQBKAGcAWQBkAFUAUgBxAFgARABLADAAOAB1AHEAMwBsAEYATwB4AFgAUgBDAGkAVwBBAHEASwB5AEsARABjAGUAagBYADMAegBvAGMAcAAvAFcASQBFAHoARQBnAEQAagAzAFkAYwA0AE4AVwBIAEQARQBJAHMARQBxAFYAcwBtADkAeQAxAEYAZABhAGEAZwBWAGQAegBVADAARwBzAGYARAAyADIAUQBKAFUATABDAFAAUgB6ADMAUQB3ADkATABaAHkAaQBSAEYAZgBMAE0AeABKAEQAZQBuAHEAYQBTADYASQA0AHMATABIAGUAUABRAEYAKwBwAFYAOQBrAHMAZQBFAEoAUQBPAFoAaABVADEAcgBHAEkAcgBBAG0AbgB1ADAAMAByAFMAUQBjAFMAeQBxAHgAMQBwAFYAcQAxAFMALwArAHkARABBACsAMgBTAHcAeQA1AE8AMABoAGYATQBjAHkATwBXAEMAcABJADgANQBBADMAVABsAGIAYwBaAFcAUQB4AGgAbwA2AGQAbwBVADMAcAB2ADAARQArAGYAVABUACsAZgBNAEQAcgBwAE0AdgByAEYARQBUAE0AbwBKAEkAWAAyAGQAdwA2ADEARgB5AHoAWABiAFEAaAA2ADEAMQBoAHkAagAxAFEARwB5AGwAWgBIAHUAbwBQAGIAZgBFAE4AZgBTAHIARAArAFoAcwA1AEQALwBxAFMARQA4AGcAZABjAFEAeABDAGgAdABaADQAVgBCAFcAZwBEAEEAMgBIAEsANwB4ADcAQwBXAEkAMABoAHYAOQBtAFoANgBYAGMAdQA2AGkATQBDAEMAdABoACsAcgBoADAAcABjAEoAaABsAHMASQBMAG4AWgBPAGMAaABEAFkANAA0AFQAcgBWAEUAMgAzADcATQBWAEcATABSAGIAegBDAGoAdQB5AFYAdABoAC8AdABwAE0AZQBsAHcAMQA3ADkAUABwAHYAdgBPAFcASABoAEcAbgBnAE8AVwByAFUASgAzAFAAUQBRAGoAVQA3AGMAeABMAG4AagAwAGkASwBoAHQAcwBuAHEAaABkADYASABWAHYAbQBBAEMAVABUAFAAegBLAE0AcwB3AFYANABTADMAcgA2AGQASAB2ACsASABiADIAZABOAEIAeQA5AHkANwBMADIAWgAvAEMAZgBJAHIAbgBSAEQAVQBCAFMAdwAzADkARwA4AEQAOABxADgAWQBKADMAMABoAFoARwBQAGgAcgBRAG4AKwBpAHcANwBVAFoASQAxAFcARwBFAHcAUgBmAFEAUwBVAGgAVwA3ADQAcwBWAHAAQgA3ADYAcQBCAC8AYQBRAHEASwBnAFEAdQBaAGQAUQBOADkAcwBoADIAVABKAHYANQA2AEoARwBoADkAbAA4AGQANAA2AFIANwBUADEASgBrAGwAaQBrAHMAQQBMAGcAcwBzAEMARgBFAHcAWgBwAGsALwA0AE0AdABQAFQAQgBxAEgAcgBFAHMAagBBADkAUwA3AHkAUABLAC8AaAB0AFMAdgBwAFYAQgBQAGUAYQBpAFMAYwBpAHgAQwBZAFAAUQA2AEsARgB1AGMAbQBHAGIAMgBaAEEAbwBjAG4AOQB1AHMASQA1AEsANABhAFIAdABEAEsARQBOAHEAMABnAHEASgBIAFcAMABIAHEAbQBPAC8ASwByAGsAeQBvAHQARQBYAEwAKwA3AEsARwBGAFQARwByAHYARgBOAFcAMABhAHAATgA5AGEAZABSAHAAeQBIADIAZQArAEwARQBNAFYARgBxAFoAcgBoAGgAaQA2ADMAdABVAHEAbgBGAHEAWABvAHgAZQBMADMAWQBkAGYAbAAwAEEAQQBBAEEARAA2AEgAWABWAEgATABPAGMAcgBkAGQAaABqAEsALwAxAFkAbABYAEEAMAB5ACsARgAxAFYAaQBKAFkAUwBVAE8AOQBLAHYAYgBEAEwASQBUAGYAcQAwAEwAQgB6AGEAawBRAGwAZQBvAFkAQQBIAEwAdgB0AEEAMgB3AFYAcgBEAE0ATwB2ADUAUQBxAGgAbQBJAEIASwBpAFIAZQA4AEsAQwA5AE0AWQBkADwALwBLAGUAeQBwAGEAaQByAD4APABLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA4ADwALwBLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA8AEMAZQByAHQAPgBNAEkASQBFAEkAVABDAEMAQQArAEMAZwBBAHcASQBCAEEAZwBJAFUAWgBtAGcAZgBHAHgAQwBHAFMAbQBvAGQASQBLAEUAVwBYAFoAUAB5ADIAeQBQAHoAdQBGADgAdwBDAFEAWQBIAEsAbwBaAEkAegBqAGcARQBBAHoAQQBqAE0AUwBFAHcASAB3AFkARABWAFEAUQBEAEUAeABoAFUAYgAyAHQAbABiAGkAQgBUAGEAVwBkAHUAYQBXADUAbgBJAEYAQgAxAFkAbQB4AHAAWQB5AEIATABaAFgAawB3AEgAaABjAE4ATQBUAFUAeABNAEQARQAwAE0AVABBADAATQBEAFUAdwBXAGgAYwBOAE0AVABZAHcATgBEAEUAeABNAFQAQQAwAE0ARABVAHcAVwBqAEEAdABNAFMAcwB3AEsAUQBZAEQAVgBRAFEARABIAGkASQBBAE0AQQBBAHcAQQBEAEUAQQBPAEEAQQAzAEEARQBZAEEAUgBnAEIARgBBAEUARQBBAE8AUQBBAHgAQQBFAFUAQQBRAGcAQQAwAEEARQBRAEEATgBnAEEAQQBNAEkARwBmAE0AQQAwAEcAQwBTAHEARwBTAEkAYgAzAEQAUQBFAEIAQQBRAFUAQQBBADQARwBOAEEARABDAEIAaQBRAEsAQgBnAFEAQwB6AGMAYwBMAGoARABBAGgAbwBCAFUAOQBKAFMAdwBTAHoAVABrADgAZQBTAGYATwBzAGEAegBFAFAAcgBrAC8ASABGAFkAWQB3AFgASQBOAG4AeABIAGEAKwBWADgANgByAG4ASwAyAFQAUwBKAEcARQBDAGQATwA0AHYAaQBEAC8AVQBQAFgAQQA1AFQAagBFADQAbABFAFoAbABFAFEAWgBOAG8AZAA3AGYAVgA0AFEAMgB5AFIARQA4ADEAeQBKAFoANwBRAFkANwAzAEsAZwBkAGwAVABqAEQAUwBZAGIAQgBMAGoAeABJAGEALwB0AFYALwBmAFAAMwBQAFoAdABWAEkAMwBiADIAVgBOAGgARAB6AEUASgBnAGEAZgBoAEcARwBXAFcAcABKAGIAMwBHAHEASABvAHgAagA2ADYAVQA3AEQAWQBGAG0AOAB4AFUAUQBJAEQAQQBRAEEAQgBvADQASQBDAG8ARABDAEMAQQBwAHcAdwBEAGcAWQBEAFYAUgAwAFAAQQBRAEgALwBCAEEAUQBEAEEAZwBXAGcATQBCAE0ARwBBADEAVQBkAEoAUQBRAE0ATQBBAG8ARwBDAEMAcwBHAEEAUQBVAEYAQgB3AE0AQwBNAEkASQBCAC8AdwBZAEQAVgBSADAAZwBCAEkASQBCADkAagBDAEMAQQBmAEkAdwBnAGcASAB1AEIAZwBvAHIAQgBnAEUARQBBAFkASQAzAE0AdwBNAEMATQBJAEkAQgAzAGoAQwBDAEEAZABvAEcAQwBDAHMARwBBAFEAVQBGAEIAdwBJAEMATQBJAEkAQgB6AEIANgBDAEEAYwBnAEEAVABRAEIAcABBAEcATQBBAGMAZwBCAHYAQQBIAE0AQQBiAHcAQgBtAEEASABRAEEASQBBAEIAawBBAEcAOABBAFoAUQBCAHoAQQBDAEEAQQBiAGcAQgB2AEEASABRAEEASQBBAEIAMwBBAEcARQBBAGMAZwBCAHkAQQBHAEUAQQBiAGcAQgAwAEEAQwBBAEEAYgB3AEIAeQBBAEMAQQBBAFkAdwBCAHMAQQBHAEUAQQBhAFEAQgB0AEEAQwBBAEEAZABBAEIAbwBBAEcARQBBAGQAQQBBAGcAQQBIAFEAQQBhAEEAQgBsAEEAQwBBAEEAYQBRAEIAdQBBAEcAWQBBAGIAdwBCAHkAQQBHADAAQQBZAFEAQgAwAEEARwBrAEEAYgB3AEIAdQBBAEMAQQBBAFoAQQBCAHAAQQBIAE0AQQBjAEEAQgBzAEEARwBFAEEAZQBRAEIAbABBAEcAUQBBAEkAQQBCAHAAQQBHADQAQQBJAEEAQgAwAEEARwBnAEEAYQBRAEIAegBBAEMAQQBBAFkAdwBCAGwAQQBIAEkAQQBkAEEAQgBwAEEARwBZAEEAYQBRAEIAagBBAEcARQBBAGQAQQBCAGwAQQBDAEEAQQBhAFEAQgB6AEEAQwBBAEEAWQB3AEIAMQBBAEgASQBBAGMAZwBCAGwAQQBHADQAQQBkAEEAQQBnAEEARwA4AEEAYwBnAEEAZwBBAEcARQBBAFkAdwBCAGoAQQBIAFUAQQBjAGcAQgBoAEEASABRAEEAWgBRAEEAcwBBAEMAQQBBAGIAZwBCAHYAQQBIAEkAQQBJAEEAQgBrAEEARwA4AEEAWgBRAEIAegBBAEMAQQBBAGEAUQBCADAAQQBDAEEAQQBiAFEAQgBoAEEARwBzAEEAWgBRAEEAZwBBAEcARQBBAGIAZwBCADUAQQBDAEEAQQBaAGcAQgB2AEEASABJAEEAYgBRAEIAaABBAEcAdwBBAEkAQQBCAHoAQQBIAFEAQQBZAFEAQgAwAEEARwBVAEEAYgBRAEIAbABBAEcANABBAGQAQQBCAHoAQQBDAEEAQQBZAFEAQgBpAEEARwA4AEEAZABRAEIAMABBAEMAQQBBAGQAQQBCAG8AQQBHAFUAQQBJAEEAQgB4AEEASABVAEEAWQBRAEIAcwBBAEcAawBBAGQAQQBCADUAQQBDAEEAQQBiAHcAQgB5AEEAQwBBAEEAYwB3AEIAaABBAEcAWQBBAFoAUQBCADAAQQBIAGsAQQBJAEEAQgB2AEEARwBZAEEASQBBAEIAawBBAEcARQBBAGQAQQBCAGgAQQBDAEEAQQBjAHcAQgBwAEEARwBjAEEAYgBnAEIAbABBAEcAUQBBAEkAQQBCADMAQQBHAGsAQQBkAEEAQgBvAEEAQwBBAEEAZABBAEIAbwBBAEcAVQBBAEkAQQBCAGoAQQBHADgAQQBjAGcAQgB5AEEARwBVAEEAYwB3AEIAdwBBAEcAOABBAGIAZwBCAGsAQQBHAGsAQQBiAGcAQgBuAEEAQwBBAEEAYwBBAEIAeQBBAEcAawBBAGQAZwBCAGgAQQBIAFEAQQBaAFEAQQBnAEEARwBzAEEAWgBRAEIANQBBAEMANAB3AFUAdwBZAEQAVgBSADAAagBCAEUAdwB3AFMAbwBBAFUAYQBJAFMAbwBsAG8AVgBsAGsAVgAvAFAANABKAEcAawBnAFUARwBqAGcAegBqAHIAVgBTAEMAaABKADYAUQBsAE0AQwBNAHgASQBUAEEAZgBCAGcATgBWAEIAQQBNAFQARwBGAFIAdgBhADIAVgB1AEkARgBOAHAAWgAyADUAcABiAG0AYwBnAFUASABWAGkAYgBHAGwAagBJAEUAdABsAGUAWQBJAEoAQQBLAHMAKwBGAFMAdwBrAHkAZQBjAGgATQBCADAARwBBADEAVQBkAEQAZwBRAFcAQgBCAFQAeQBjAGYAcgBhAGsATABxAGkAVgAxADQAbABVACsAMgAxAFcARwBWAHQAcQB2AGgAagArAFQAQQBKAEIAZwBjAHEAaABrAGoATwBPAEEAUQBEAEEAegBBAEEATQBDADAAQwBGAEcAegB5AGgAZQB2AHgAYgBNAEoAZQBHADgANwByAFcAZABaAFkAagBuAHQAMwA0AG0AZwBwAEEAaABVAEEAdQByAGkAMQAyAHMAUQBqAFcATwBuAHEASQBxAG8AUABoAHEAcgBWAGMAMABqAGQAQgBIAEEAMQA8AC8AQwBlAHIAdAA+ADwARQB4AHAAaQByAGUAZABUAGkAbQBlAD4AMgAwADEANgAtADAANAAtADEAMQBUADEAMAA6ADQANQA6ADUAMAA8AC8ARQB4AHAAaQByAGUAZABUAGkAbQBlAD4APAAvAEMAZQByAHQASQBuAGYAbwA+AA==AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAOhqL7Wgi2UW4vXUsKEfOKwQAAAACAAAAAAAQZgAAAAEAACAAAAAm/VdzmYB5/EnWsbjAjZV11GsmgVzICRrmxLLHhYzgbgAAAAAOgAAAAAIAACAAAAA3A3nD3FFnIpzY+i6Zi1inAkR70cSeO/zUTGDSyVYNC0AAAAAp3zdUqked6ag31/V0aQpEikh1z7TOa8I/5iYCETC32be0VxE9lk83i5DMsycpBaKy/zh0EptWTmggwIdRLQtQQAAAALMG8mUNNBz8dFGrIHq89p0I9knqmraLqjGiWW5zx9gQ/WL3XPM1IvYw6t5Ln1WL5aoiZMIOJtAsjgeOwWmv6RA=
[HKEY_USERS\S-1-5-18\Software\Microsoft\IdentityCRL\DeviceIdentities\production\S-1-5-21-115903190-4080511109-3081035828-1000\02srxlojikzr]
"DeviceId"="AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAOhqL7Wgi2UW4vXUsKEfOKwQAAAACAAAAAAAQZgAAAAEAACAAAACR4Zn1qiEXYMW3gyROD+UGlAZy8CIxXEgAscZgkf+0HQAAAAAOgAAAAAIAACAAAAAMwW/rx7LIk6ORdSk0HwWhDpzme5AbCUgScWp3xjrDPzAAAAARFrNwDIXLtcJyR5cG8yryAk5EC03AdawGYuahid36mjCplYdWPQk+kV4pZdMsi8pAAAAAtsx3q6bmlxY8mlRI7FsoqVoKx/tWoOo8uDj9NoBkJpl2Q/9jMq0awTAFWXP+oSiymCBJCX4hO6Qe9BIDRckljw==PABDAGUAcgB0AEkAbgBmAG8APgA8AEsAZQB5AHAAYQBpAHIAPgBBAFEAQQBBAEEATgBDAE0AbgBkADgAQgBGAGQARQBSAGoASABvAEEAdwBFAC8AQwBsACsAcwBCAEEAQQBBAEEATwBoAHEATAA3AFcAZwBpADIAVQBXADQAdgBYAFUAcwBLAEUAZgBPAEsAdwBRAEEAQQBBAEEAQwBBAEEAQQBBAEEAQQBBAFEAWgBnAEEAQQBBAEEARQBBAEEAQwBBAEEAQQBBAEEAOAAzAHEARQBUAG0ALwBrAHEANQBsAFkARABHADQAWQBrAHQAeQB6AHMAZwB0AGsAVgBVAHcASQBOAHYANwBIAGEAbwBSAEYAaQBSADEAWQBCAFYAUQBBAEEAQQBBAEEATwBnAEEAQQBBAEEAQQBJAEEAQQBDAEEAQQBBAEEARABUAFoAWgBhAEcAegBDAEkAWQA5AEkANwB0AG8ANQBVADMAegBwAGYAQwAyAGwAQwBLAEcAbABFAEkAcQBUAEcARQAzAGwANwBzAFcATAB6AFEAKwBHAEEAQwBBAEEAQwBUAHEAawBoAGEAagBFAHEATwBjAE8AawBoAFgAUABKAE4AWgBvAFQAZABiAFcAbgBMAFYAdABHADEANAByAFAAMQBRAEwARgBrAGkAVwAzAGQANgBlAEQAWQBwAE0AUABNADEAVABPAFoATQB4AHEAUwB4AHUAagA0AG0AYgBuADIARABJAFgAVAArAEkAVwBrAGkAOQBmAHAATgBiAGMAeQA1AGkAUQBpAE0AVwBaAE4ARABRADUAUQBBAFkATwBHAFAAcQBOAHMATQBlAEoAcABzADQAcABSAE8AZgBPAFYAbwBJAG8AUABvAGsALwBsAGwAQwBUAGwAVgA5ADMAKwBIADIAaQBRAEgATABXAHoASQA1AGMAZQBCAG8ANQBNAGEAUABmAEQAegB0AGgASABzAFMAQwBGAFUAZgAzAEgANgBmAHYATQBNAFIAegB3AFIAcQBYAHIAQgBWAHkAMwB0AFgALwBaAE0AZABjAFYAaQAvAFUAWgBtAEUAZwBTAEEARABKAHkAVwBEAGYAYQBSAHcAcABMADYAcABFAG4AQQArAFMAdQBYAG4ARQBaAFkAcgB5AFkAMQBKAGIAMgBLAGIAVABhAGkAOQBDAHQANwBrAFYANABaAEYAdwBpAGwAcQBwAEMAZgAwAHEAMgBaAE8ARQBPAFIAdwBhAGcANABMAEkAMQBXAEwAZQAwADQASgBOAGkAOQBlAEcALwBLAGoATwBLADkAQQBIAEUAYQArAEYAQgBKAHMAbQB3AGwAQQBsAEQAYwBkAHQAZABmAGEAQgBSAHIARgBuAGIAbgBrAHAAZABFAE4ANQBsAEEAWQBhAEYALwBPAGEARABnAEIALwBQAGkAWAAyAGsAQgBnAEoAWgB6AHAAbwBQAGMAaQBPAGMAMABhADYAaAA3ACsAYwBOAGQAaQBxAFQAagBVAEMAYwB0AFMAbAB1AFkAdQBKAG0AZwA0AEsARgBYAHEAVAAyAEQAcgB1AFcAKwBWAEgAQwBPAC8AOQBOAGgANQB1AHQATAB4AHQAMQBoAGkAcABoAFgAYQBvAHkAcwBsAFMATwBPAG8ARAAyADUAUQBxAE0AUABsAHQAKwAzADIANgBnAEwAaABaAEEAKwBvAFoARwBwAGUARABqAHcAMQA2AC8ANQAvADkAMQBEAHgAUQBpADAAbABLAGUANgBpAEsAQgAxAHAAeABGAEcAUwAxAE0AYQBqAEYAdQBQAFoARwB2AHAAVABwAEQANABkAFYAUgA3AGsAcwBRAEQAMQBLAGgANQBkAGcAWgBzADIASwBXAEgAcwBVAHkAbAA1AHEAMgA3AEEANQBiAGoANABlAG8AbwBUAFgAcwBVADQAaABvAEEARABwAEkAaQBGAGEAWQAzAEIAWgBXAEQATQBZAFoASQBZAGYAcgA4AHYATABQAHEANQBnAE0AaAAvAGEAcgA5AHcAMwBpAGsAMQBWAC8AVABWADAANgBIAHUAeAB0AGkARwBHAFUAMABLADAAZwA3AFEAZgBPAFUAVABGAE0ARQAyAFcARgBaAHEAYQBsAGEAZwBHADgAVAA0AEIAMABMAEUASABTAHUAdABNAFUAagA5AFAAbwBnAEcASgBDACsAcQBOADkAUABkADIANABOAHoAMQBjAEsAOQBrAFgAUQB6AEIASgAyAGoATwB1ADgAaABBADcAVgByAEEAagBLADkAMwBtAFUAVwBTADUAcwBCADIAcABHAE8AaQAyAHEASwBXAEgASwBhAGsAYwBKAGgAMwBKADgARABhAGQAaQAvAGcAZQBOAHoARgBDAHEAeQByAE4AZABtAGYAVAAxADQAYQBpADkAUgBXAHMAdQBkAHMAdABTAFAARwA5AHkAWQB4AEkAUwA0AHQAMQBvAGwAVgBxAGEASQBDAGUALwB0AGwAQwA2AGoARwBkAE4AYgBmAEIAaABMAHAAYgBnAE0AbgBZAHoAZQBFAEUAbABWAFYANABkAFkANQA1AEQAMgBhADQAcwAzADgANQAyAE4AYgBaAGEARQBxAEUAZwAzAHAAVwBHADUAcgBZAHoAbQA3ADIAKwBzADQAWgB0AFkARAB0AGUAeAB1AEgASQB3AFgAWAB2ADEASABpADgAZwBUAGQAVwBFAEEAQQBBAEEARABCAGcAMABrAHMANwBJADkAaAAzAFcAOABiAGgATABZAGIAdwBwAE8AegBDAHcASwA4AFYAZQBJAHAAeQBYAG4ANQBqAHYAcgBnAHYAZwBjAFMAbwBoAEUAUQBxADYAWgBwAHgALwBYAGEAQgBoAEYAQwBxAE8ASgBJAFQAMQAvAGYAVwA0AFIAYgBIAEcAagBnAEUAQgBYAHQAegBHAGUAUQBsAGMAVQBXADwALwBLAGUAeQBwAGEAaQByAD4APABLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA4ADwALwBLAGUAeQBHAGUAbgBGAGwAYQBnAHMAPgA8AEMAZQByAHQAPgBNAEkASQBFAEkARABDAEMAQQArAEMAZwBBAHcASQBCAEEAZwBJAFUAMABSAHcAVQBzAGIAdwBNAEEAUgBpAE4AWABPAG0AcQA5AEEATQBhAGwAcQBUAFoATABOAGsAdwBDAFEAWQBIAEsAbwBaAEkAegBqAGcARQBBAHoAQQBqAE0AUwBFAHcASAB3AFkARABWAFEAUQBEAEUAeABoAFUAYgAyAHQAbABiAGkAQgBUAGEAVwBkAHUAYQBXADUAbgBJAEYAQgAxAFkAbQB4AHAAWQB5AEIATABaAFgAawB3AEgAaABjAE4ATQBUAFUAeABNAEQARQAwAE0AVABFAHcATQB6AEkAeQBXAGgAYwBOAE0AVABZAHcATgBEAEUAeABNAFQARQB3AE0AegBJAHkAVwBqAEEAdABNAFMAcwB3AEsAUQBZAEQAVgBRAFEARABIAGkASQBBAE0AQQBBAHcAQQBEAEUAQQBPAEEAQQB3AEEARABBAEEATQBBAEEAdwBBAEQAYwBBAE0AZwBBADEAQQBFAFEAQQBRAHcAQQB5AEEARABnAEEAUgBnAEEAQQBNAEkARwBmAE0AQQAwAEcAQwBTAHEARwBTAEkAYgAzAEQAUQBFAEIAQQBRAFUAQQBBADQARwBOAEEARABDAEIAaQBRAEsAQgBnAFEARABTADMASABoAEsAOQAzAEYAQwBlAFoAQQArAEYATABvADUAUgB3ADQASABFAEwAMAAyAFcARgBYADgAbABsAHgAYgB3AGcASgAvAEMAcwBvAEMAcwB0AHIAZABmAEkAbgAzAEUARABUAFIAUQBSAGEANgBBADgAUABlADgAUABrAEIASABUAGYAbgBpAGEAOQBqAFgAQgBCAHAAVgBWAHAARgB3ADMAMgBVAEwAUQBJAE0AdABLAE0AMwB4AEYAWgA2AHkAeABLAEMANwBaAEYAbABOAEUAcgBZAGMASQBFAGoARgA2ADUANABaAEgAYwByADYAdwB3AFgAWAArADkAbgA3ADEAOQBTADUAMwBXAEwAZgB3AEEAdABvAEsAZABWAEUAOQAzAHEARQBJAHUAeABTADQAVgBzAE0ATgBYADIARgBLACsAegA0AFIAdQB2ADMAUQBJAEQAQQBRAEEAQgBvADQASQBDAG8ARABDAEMAQQBwAHcAdwBEAGcAWQBEAFYAUgAwAFAAQQBRAEgALwBCAEEAUQBEAEEAZwBXAGcATQBCAE0ARwBBADEAVQBkAEoAUQBRAE0ATQBBAG8ARwBDAEMAcwBHAEEAUQBVAEYAQgB3AE0AQwBNAEkASQBCAC8AdwBZAEQAVgBSADAAZwBCAEkASQBCADkAagBDAEMAQQBmAEkAdwBnAGcASAB1AEIAZwBvAHIAQgBnAEUARQBBAFkASQAzAE0AdwBNAEMATQBJAEkAQgAzAGoAQwBDAEEAZABvAEcAQwBDAHMARwBBAFEAVQBGAEIAdwBJAEMATQBJAEkAQgB6AEIANgBDAEEAYwBnAEEAVABRAEIAcABBAEcATQBBAGMAZwBCAHYAQQBIAE0AQQBiAHcAQgBtAEEASABRAEEASQBBAEIAawBBAEcAOABBAFoAUQBCAHoAQQBDAEEAQQBiAGcAQgB2AEEASABRAEEASQBBAEIAMwBBAEcARQBBAGMAZwBCAHkAQQBHAEUAQQBiAGcAQgAwAEEAQwBBAEEAYgB3AEIAeQBBAEMAQQBBAFkAdwBCAHMAQQBHAEUAQQBhAFEAQgB0AEEAQwBBAEEAZABBAEIAbwBBAEcARQBBAGQAQQBBAGcAQQBIAFEAQQBhAEEAQgBsAEEAQwBBAEEAYQBRAEIAdQBBAEcAWQBBAGIAdwBCAHkAQQBHADAAQQBZAFEAQgAwAEEARwBrAEEAYgB3AEIAdQBBAEMAQQBBAFoAQQBCAHAAQQBIAE0AQQBjAEEAQgBzAEEARwBFAEEAZQBRAEIAbABBAEcAUQBBAEkAQQBCAHAAQQBHADQAQQBJAEEAQgAwAEEARwBnAEEAYQBRAEIAegBBAEMAQQBBAFkAdwBCAGwAQQBIAEkAQQBkAEEAQgBwAEEARwBZAEEAYQBRAEIAagBBAEcARQBBAGQAQQBCAGwAQQBDAEEAQQBhAFEAQgB6AEEAQwBBAEEAWQB3AEIAMQBBAEgASQBBAGMAZwBCAGwAQQBHADQAQQBkAEEAQQBnAEEARwA4AEEAYwBnAEEAZwBBAEcARQBBAFkAdwBCAGoAQQBIAFUAQQBjAGcAQgBoAEEASABRAEEAWgBRAEEAcwBBAEMAQQBBAGIAZwBCAHYAQQBIAEkAQQBJAEEAQgBrAEEARwA4AEEAWgBRAEIAegBBAEMAQQBBAGEAUQBCADAAQQBDAEEAQQBiAFEAQgBoAEEARwBzAEEAWgBRAEEAZwBBAEcARQBBAGIAZwBCADUAQQBDAEEAQQBaAGcAQgB2AEEASABJAEEAYgBRAEIAaABBAEcAdwBBAEkAQQBCAHoAQQBIAFEAQQBZAFEAQgAwAEEARwBVAEEAYgBRAEIAbABBAEcANABBAGQAQQBCAHoAQQBDAEEAQQBZAFEAQgBpAEEARwA4AEEAZABRAEIAMABBAEMAQQBBAGQAQQBCAG8AQQBHAFUAQQBJAEEAQgB4AEEASABVAEEAWQBRAEIAcwBBAEcAawBBAGQAQQBCADUAQQBDAEEAQQBiAHcAQgB5AEEAQwBBAEEAYwB3AEIAaABBAEcAWQBBAFoAUQBCADAAQQBIAGsAQQBJAEEAQgB2AEEARwBZAEEASQBBAEIAawBBAEcARQBBAGQAQQBCAGgAQQBDAEEAQQBjAHcAQgBwAEEARwBjAEEAYgBnAEIAbABBAEcAUQBBAEkAQQBCADMAQQBHAGsAQQBkAEEAQgBvAEEAQwBBAEEAZABBAEIAbwBBAEcAVQBBAEkAQQBCAGoAQQBHADgAQQBjAGcAQgB5AEEARwBVAEEAYwB3AEIAdwBBAEcAOABBAGIAZwBCAGsAQQBHAGsAQQBiAGcAQgBuAEEAQwBBAEEAYwBBAEIAeQBBAEcAawBBAGQAZwBCAGgAQQBIAFEAQQBaAFEAQQBnAEEARwBzAEEAWgBRAEIANQBBAEMANAB3AFUAdwBZAEQAVgBSADAAagBCAEUAdwB3AFMAbwBBAFUAYQBJAFMAbwBsAG8AVgBsAGsAVgAvAFAANABKAEcAawBnAFUARwBqAGcAegBqAHIAVgBTAEMAaABKADYAUQBsAE0AQwBNAHgASQBUAEEAZgBCAGcATgBWAEIAQQBNAFQARwBGAFIAdgBhADIAVgB1AEkARgBOAHAAWgAyADUAcABiAG0AYwBnAFUASABWAGkAYgBHAGwAagBJAEUAdABsAGUAWQBJAEoAQQBLAHMAKwBGAFMAdwBrAHkAZQBjAGgATQBCADAARwBBADEAVQBkAEQAZwBRAFcAQgBCAFEAdQBiAFUAagBHAHQAdgBzAEwAaQBPAEEAVgBkAHoAdgBNAHEAaQBIAEIARgBXADIAZQBXAGoAQQBKAEIAZwBjAHEAaABrAGoATwBPAEEAUQBEAEEAeQA4AEEATQBDAHcAQwBGAEcAbwBOAEgAagBZAE4ARQBXAHgAUABOAEkASABsAGIAUQA4AC8ARwBnAFEAdQAzADQAZgBaAEEAaABSAEkAdQBPAHAAMABiAEYAYQA2ADAANQBxAHUAbwBiAGQAUgBiAFkAaQBDAEcAbQA1AFcARgB6AFUAeQA8AC8AQwBlAHIAdAA+ADwARQB4AHAAaQByAGUAZABUAGkAbQBlAD4AMgAwADEANgAtADAANAAtADEAMQBUADEAMQA6ADAAOAA6ADIAMQA8AC8ARQB4AHAAaQByAGUAZABUAGkAbQBlAD4APAAvAEMAZQByAHQASQBuAGYAbwA+AA==
==== Registry Search Results for "gizmo" ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt]
@="GizmoShellMenuExt Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt\CurVer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt\CurVer]
@="Gshell.GizmoShellMenuExt.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt.1]
@="GizmoShellMenuExt Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gshell.GizmoShellMenuExt.1\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF18AE48-51C4-4207-9B7C-D45EAACF3B9B}]
@="IGizmoShellMenuExt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E91A38AD-0B2D-4821-9354-084BCF8B4CB3}\1.0\0\win64]
@="C:\\Program Files (x86)\\Gizmo\\gshell-x64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{AF18AE48-51C4-4207-9B7C-D45EAACF3B9B}]
@="IGizmoShellMenuExt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{E91A38AD-0B2D-4821-9354-084BCF8B4CB3}\1.0\0\win64]
@="C:\\Program Files (x86)\\Gizmo\\gshell-x64.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GIZMODRV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GIZMODRV\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GIZMODRV\0000]
"Service"="GizmoDrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GIZMODRV\0000]
"DeviceDesc"="Gizmo Device Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_GIZMODRV\0000\Control]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GizmoDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GizmoDrv]
"DisplayName"="Gizmo Device Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GizmoDrv]
"Description"="Gizmo kernel-mode device driver, used to emulate CD/DVD-ROM and hard drives"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GizmoDrv\Settings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GizmoDrv\Enum]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\GizmoDrv\Enum]
"0"="Root\\LEGACY_GIZMODRV\\0000"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_GIZMODRV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_GIZMODRV\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_GIZMODRV\0000]
"Service"="GizmoDrv"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_GIZMODRV\0000]
"DeviceDesc"="Gizmo Device Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\GizmoDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\GizmoDrv]
"DisplayName"="Gizmo Device Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\GizmoDrv]
"Description"="Gizmo kernel-mode device driver, used to emulate CD/DVD-ROM and hard drives"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\GizmoDrv\Settings]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GIZMODRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GIZMODRV\0000]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GIZMODRV\0000]
"Service"="GizmoDrv"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GIZMODRV\0000]
"DeviceDesc"="Gizmo Device Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_GIZMODRV\0000\Control]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GizmoDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GizmoDrv]
"DisplayName"="Gizmo Device Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GizmoDrv]
"Description"="Gizmo kernel-mode device driver, used to emulate CD/DVD-ROM and hard drives"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GizmoDrv\Settings]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GizmoDrv\Enum]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\GizmoDrv\Enum]
"0"="Root\\LEGACY_GIZMODRV\\0000"
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iso\OpenWithList]
"d"="gizmo.exe"
==== Registry Search Results for "bvxvexvbg" ======================
No instances of string "bvxvexvbg" found.
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4003 MB
CPU Info: Intel(R) Celeron(R) CPU G530T @ 2.00GHz
CPU Speed: 2004,4 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 3x (E: | G: | H: | ) E: hp CDDVDW SH-216ALN | G: MagicISOVirtual DVD-ROM | H:
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 448,3GB | D: 17,4GB
Hard Disks - Free: C: 352,2GB | D: 2,2GB
Manufacturer *: AMI
BIOS Info: AT/AT COMPATIBLE | 11/18/11 | HPQOEM - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: PEGATRON CORPORATION 2AD4
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
Default Browser: Google Chrome 46.0.2490.80
Internet Explorer Version: 11.0.9600.18059
Google Chrome version: 46.0.2490.80
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2015-11-02 07:36:39 6C47927863C2E16819FE4DBEF6FA7EAF 7818 ----a-w- C:\Windows\BROPJ152W.INI
2015-10-24 19:17:49 127AA81343A7C6F665C22CB1293B0A90 67072 ----a-w- C:\Windows\splwow64.exe
2015-10-15 08:35:56 B32189BDFF6E577A92BAA61AD49264E6 193536 ----a-w- C:\Windows\notepad.exe
2015-10-14 14:22:59 677B7A478C237940CB3136864BC8AB47 37 ----a-w- C:\Windows\iltwain.ini
2015-10-14 11:18:18 186A9F81435017A0265207FA9E2ACB00 23521 ----a-w- C:\Windows\BRRBCOM.INI
2015-10-14 11:18:18 05AEF0BCAD3DA3A4D6F343B870A7BA2C 7819 ----a-w- C:\Windows\BROPJ552DW.INI
====== C:\Users\GEAtje\AppData\Local\Temp ====
2015-11-03 17:59:25 A560DBA4BC0D93CE2CB25FD68C5D191E 71168 ----a-w- C:\Users\GEAtje\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjy_ygf.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-11-02 07:37:59 38E5E24BEDE6F59AFC648CB7EF897D69 180224 ----a-w- C:\Windows\SysWOW64\BROSNMP.DLL
2015-10-24 20:13:51 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-10-24 19:19:52 908BBA41A5B57DDB126B85EC14DD58EF 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-10-24 19:19:52 0E036A353DB9D8F4F642AC0F9412F09E 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-24 19:19:52 04BB7AF8E0DAE83982155F0752308666 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-24 19:19:51 C89372B642726F1CF3EB479397976DA3 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-10-24 19:19:51 C848E013BB85C48C787001E1EA36905F 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-24 19:19:51 A7028D5D5E3DCF820B3C0AFE0137A87E 130048 ----a-w- C:\Windows\SysWOW64\occache.dll
2015-10-24 19:19:51 9F36964CDB9A920779314395E3911503 504832 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-10-24 19:19:51 098F6097F919EE77EA490E16D11E427A 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-10-24 19:19:51 00FBEDF0E74AD8815469A95271C0E562 345688 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-10-24 19:19:50 D586CB95B4EADC0525E8929A241898F5 20357632 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-10-24 19:19:50 060409834CC8FAC3F1231DA3F0648CC5 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-10-24 19:19:49 B87A11C95703AB19ACB43993DDA0F1A3 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-10-24 19:19:49 7E8EABA6A2B10FE11E2381378A57322B 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-10-24 19:19:49 12DCE9300FF5B74DC2F7DBAC96B0614E 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-10-24 19:19:48 F274AF14C7DB6C52C023BCBDA4197D17 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-10-24 19:19:48 9F4234838400CC3A964AF53DE4410A50 2279936 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-10-24 19:19:48 8C9BCE16E894D4FBCE151F4A5FE05F55 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-10-24 19:19:48 816B489E2BBFE2479C844AAD486ABB42 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-10-24 19:19:48 73189A2739491ABB556872737C501F8E 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-10-24 19:19:48 584E6632F1F4027AB64DEB0F4139E7D7 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-10-24 19:19:47 BE1263EE0CB8CF942FC35CC86E0C3941 12853760 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-10-24 19:19:47 AFC4F34507B555D1C9C4F049CCA1475F 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-10-24 19:19:47 4A3CA2C73C4D66A90C63E9E532746020 480256 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-10-24 19:19:45 DE53F76D63CA64E172B336BC7CFF6EDA 4527616 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-10-24 19:19:45 CEDBC9DBD9800E0EE81B0840EBC2BAC5 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-24 19:19:45 A25C9DD040CA9799C2A7E41732D0752A 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll
2015-10-24 19:19:45 17B66052348D3A3681A9411EDD839E18 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-10-24 19:19:44 E401E66CCB2AE219CF41F7F901C410C1 2011136 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-10-24 19:19:44 A7012A7032207D1C16B7236EDF91F4BB 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-10-24 19:19:44 5EE17D52CAF79663211C01C614594620 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-10-24 19:19:29 C7673B3F8BB35221B42D67BF7ADAFDFD 7168 ----a-w- C:\Windows\SysWOW64\KBDYAK.DLL
2015-10-24 19:19:29 730B7C639957EA0BF37C1459831A1E19 6656 ----a-w- C:\Windows\SysWOW64\KBDRU1.DLL
2015-10-24 19:19:29 72222991598E173BBE1429426926C020 7168 ----a-w- C:\Windows\SysWOW64\KBDTAT.DLL
2015-10-24 19:19:29 45B308F20FEF040BD7321E85F69DF5E2 6656 ----a-w- C:\Windows\SysWOW64\KBDRU.DLL
2015-10-24 19:19:28 2BD0519015E899A2FF52210CC5875F88 6656 ----a-w- C:\Windows\SysWOW64\KBDBASH.DLL
2015-10-24 19:19:20 14800BD31701A5047AC3145BB1E698AE 3419136 ----a-w- C:\Windows\SysWOW64\d2d1.dll
2015-10-24 19:00:07 CE21524C53E9671A7108B28FB9B4E474 1251328 ----a-w- C:\Windows\SysWOW64\DWrite.dll
2015-10-24 19:00:07 965CFC7687F0D188F215DC142FC8F6A1 1987584 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll
2015-10-24 19:00:03 5F3628DCF926C4499BE1DC74431DFBC8 1230848 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll
2015-10-24 18:59:54 9566C8BBD2271A7962D4432A624762AD 417792 ----a-w- C:\Windows\SysWOW64\WMPhoto.dll
====== C:\Windows\SysWOW64\drivers =====
2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\SysWOW64\drivers\mcdbus.sys
2015-10-14 10:22:47 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\Windows\SysWOW64\drivers\103C_HP_cPC_CQ2700ED_Y53316J_0U_QCZC213_E12CE1PRW602_4A_I2AD4_SPEGATRON CORPORATION_V1.02_B7.09_T111125_W73-1_L413_M4003_J500_7Intel_86A7_92.00_#120530_N19692062_Z_G80860102_Ohp CDDVDW SH-216ALN_DMED3673.MRK
====== C:\Windows\Sysnative =====
2015-11-02 07:38:38 4277711E5A86DFE600355730EC92925E 87040 ----a-w- C:\Windows\Sysnative\BrNetSti.dll
2015-11-02 07:37:58 C0F76DBB3732352EC12C93EA96B9C670 227328 ----a-w- C:\Windows\Sysnative\BRCOI13I.DLL
2015-10-28 19:31:39 3D733144477CADCF77009EF614413630 90112 ----a-w- C:\Windows\Sysnative\Vestris.ResourceLib.dll
2015-10-24 20:13:51 3469B9FAE899139FEE7356E91693376A 2777088 ----a-w- C:\Windows\Sysnative\msmpeg2vdec.dll
2015-10-24 19:19:52 9AEE2A881FD10E6A463588303D8027AD 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-10-24 19:19:52 3A0773E21355B41176ACAD8BB099D9B3 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-10-24 19:19:51 BF8A5B4E696F4E8F3B2B5E9902467418 720896 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-10-24 19:19:51 9E0D0522908C1106E0D77708CB9926FE 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-10-24 19:19:51 80E9DF296F127B3BC965EBC5A2C8F044 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-10-24 19:19:51 521E1A87D4F750FD9694DBF3AB37B38F 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-10-24 19:19:49 3295B811A0260C0A5B346ECB73C5FCF0 152064 ----a-w- C:\Windows\Sysnative\occache.dll
2015-10-24 19:19:48 8A2A46DD0C51E5D2D0A2EF2AA289DA4D 1546752 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-10-24 19:19:48 4AEB3F2FB0CC23A18ED997F6C0476819 391784 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-10-24 19:19:48 12C1DECE9502828C0A5ADB50AB1673A0 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-10-24 19:19:47 D661A17B4634171C58373699CBD6455B 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-10-24 19:19:47 6E1EEB1CE2F9F3AB14A9E8A6B1E82455 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-10-24 19:19:47 2A898891EB7FBCF0774F0B96AAD05561 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-10-24 19:19:46 F6F91F217D760981017E4AA4F1C7E633 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-10-24 19:19:46 7C3050383491011FEDD40961A37A2D99 2126336 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-10-24 19:19:46 0FA614470B3A78FC5B8F3F3F742B9837 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-10-24 19:19:45 E91FD3ACC10C971CBA991FCD058ABB58 2886656 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-10-24 19:19:45 A865136AC6436533E0A4A3C67F259401 585728 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-10-24 19:19:44 88D3F690043A1AA43F33DEC6DDA82178 616960 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-10-24 19:19:44 84C63F3D2D488A918A947E06BD1105EF 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-10-24 19:19:44 45A56A2CC2D6A4B649B7DC3B5DF259FF 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-10-24 19:19:43 BC92D9D88959542FBAF1F8CF21F86B38 14458368 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-10-24 19:19:43 4A9FFAC9325EFFDEFD7E8C0830B0ABEC 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-10-24 19:19:42 B0917E6238C1675E48CFE64947DD9FD9 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-10-24 19:19:42 5175A9C2C71D49394424C07CA856B803 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-10-24 19:19:42 454669BB12162610D93954BCC942A41C 817664 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-10-24 19:19:42 373B3EFBBF1A2706F8660C4DE4202694 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll
2015-10-24 19:19:41 E36C7069B9C56DF9A53DD4FA5DCDDE72 5990912 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-10-24 19:19:41 BD06D875FB79E92DAF724C91DE743AFA 2487808 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-10-24 19:19:41 1DE918244ED8AB9D3F2C4B9A1F91A24D 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-10-24 19:19:40 BEA081F4F2D507D6461B142AB11995B3 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-10-24 19:19:40 58DD42AC31D1F86D303BAAF5955A59BA 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-10-24 19:19:40 0783994A921469A6E97F3117AA0934DD 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-10-24 19:19:39 99BA96F5AC545D857E662A9FC576D919 25851904 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-10-24 19:19:29 BE67D99EDA34A68B827868371B5529AD 7168 ----a-w- C:\Windows\Sysnative\KBDTAT.DLL
2015-10-24 19:19:28 EA21295A386C6DB2A2A90E657B37C5F4 7168 ----a-w- C:\Windows\Sysnative\KBDYAK.DLL
2015-10-24 19:19:28 920B5C1CC0BAB6E574297BC3D945DA31 7168 ----a-w- C:\Windows\Sysnative\KBDBASH.DLL
2015-10-24 19:19:28 80EDA24B00478FA795F90DFA09C12E86 7168 ----a-w- C:\Windows\Sysnative\KBDRU1.DLL
2015-10-24 19:19:28 353C4A38042819CA83AEFC6F2E7051CD 6656 ----a-w- C:\Windows\Sysnative\KBDRU.DLL
2015-10-24 19:19:20 C676E5EA388AF7C4C031F56F9B42E362 3928064 ----a-w- C:\Windows\Sysnative\d2d1.dll
2015-10-24 19:17:49 85DAA09A98C9286D4EA2BA8D0E644377 559104 ----a-w- C:\Windows\Sysnative\spoolsv.exe
2015-10-24 19:00:07 DB94C47BD7F2AD9C58DEC46026D5FD08 1648128 ----a-w- C:\Windows\Sysnative\DWrite.dll
2015-10-24 19:00:07 D5A775990A7C202A037378FDBCDB6141 1180160 ----a-w- C:\Windows\Sysnative\FntCache.dll
2015-10-24 19:00:07 D4FB2E00F49711C9DD3E2C2646D7C767 2565120 ----a-w- C:\Windows\Sysnative\d3d10warp.dll
2015-10-24 19:00:03 0A4D03A4C0F908B15B8A4C48FB18F197 1424896 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll
2015-10-24 18:59:54 CBA2694BFC61F371181F2BE2BCD66C40 465920 ----a-w- C:\Windows\Sysnative\WMPhoto.dll
====== C:\Windows\Sysnative\drivers =====
2015-10-30 20:42:19 7914A30A3849306FAE9F5DD9C3615F18 141368 ----a-w- C:\Windows\Sysnative\drivers\waemu.sys
2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\Sysnative\drivers\mcdbus.sys
2015-10-28 19:50:17 496C3C6BC3D930D0960C9E75AA30F4A7 30264 ----a-w- C:\Windows\Sysnative\drivers\dtlitescsibus.sys
2015-10-16 07:29:49 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys
2015-10-16 07:29:49 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys
2015-10-16 07:29:49 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-10-15 08:44:48 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys
2015-10-15 08:42:51 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys
2015-10-15 08:41:52 6BD9295CC032DD3077C671FCCF579A7B 23408 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys
2015-10-15 08:41:51 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2015-10-15 08:41:50 3555BA97171CD153118F73FDCCC8BFDE 376768 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2015-10-15 08:41:49 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2015-10-15 08:41:08 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys
2015-10-15 08:41:08 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
2015-10-15 08:40:49 FFA06EF43987ED0DD42AD59B260C0C78 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys
2015-10-15 08:40:49 DCA68B0943D6FA415F0C56C92158A83A 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys
2015-10-15 08:40:49 8D1196CFBB223621F2C67D45710F25BA 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys
2015-10-15 08:40:49 18A85013A3E0F7E1755365D287443965 53248 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys
2015-10-15 08:40:49 12FEB33791920678F8433701C822BCFD 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys
2015-10-15 08:40:44 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys
2015-10-15 08:40:03 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2015-10-15 08:40:00 059F00DEF82BF41E433B7ED465847726 155584 ----a-w- C:\Windows\Sysnative\drivers\ataport.sys
2015-10-15 08:39:13 C6330F7C2E92A00E6773E82F79078AFC 157016 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-10-15 08:39:13 ACB6782973BD93760D597FC7BB37E692 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-10-15 08:39:13 8C0376974AA28398FF501E78C04ACB30 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-10-15 08:39:13 3A8C03156C3E31E70EF84E48CA179B46 97112 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-10-15 08:39:13 262BF7BB7D0E44CFAA9B12A1E0A6EDF1 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-10-15 08:38:56 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys
2015-10-15 08:38:56 0E01641D96889BDEB22DE12D30575B08 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2015-10-15 08:38:32 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2015-10-15 08:38:31 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2015-10-15 08:38:31 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys
2015-10-15 08:38:31 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-10-15 08:38:10 27DABFB4A6B0140C34DBEC713469592B 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys
2015-10-15 08:37:50 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2015-10-15 08:37:48 1B16D0BD9841794A6E0CDE0CEF744ABC 45568 ----a-w- C:\Windows\Sysnative\drivers\tcpipreg.sys
2015-10-15 08:37:43 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys
2015-10-15 08:37:42 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys
2015-10-15 08:37:42 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2015-10-15 08:37:42 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2015-10-15 08:36:23 27667A788130A7F7A5858DE27572E6D7 459336 ----a-w- C:\Windows\Sysnative\drivers\cng.sys
2015-10-15 08:35:52 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
2015-10-15 08:35:52 1F04CFB79DD5FB7694468CE3FB3DCC31 265064 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys
2015-10-15 08:35:01 E9766131EEADE40A27DC27D2D68FBA9C 75120 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys
2015-10-15 08:34:08 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys
2015-10-15 08:34:07 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\Windows\Sysnative\drivers\http.sys
2015-10-15 08:34:04 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys
2015-10-15 08:34:04 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys
2015-10-15 08:34:04 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys
2015-10-15 08:32:05 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys
2015-10-15 08:32:05 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys
2015-10-15 08:31:53 8F6322049018354F45F05A2FD2D4E5E0 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys
2015-10-15 08:31:50 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2015-10-15 08:31:02 6C02A83164F5CC0A262F4199F0871CF5 90624 ----a-w- C:\Windows\Sysnative\drivers\bowser.sys
2015-10-14 12:55:16 627FFBE52FEDF0460C3D7259FC0EDF50 206080 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys
2015-10-14 12:55:16 5492F6FB1F32E10AEF02679872AFD194 110720 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys
2015-10-14 12:43:55 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-10-14 12:40:33 51C5ECEB1CDEE2468A1748BE550CFBC8 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys
2015-10-14 10:22:46 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\Windows\Sysnative\drivers\103C_HP_cPC_CQ2700ED_Y53316J_0U_QCZC213_E12CE1PRW602_4A_I2AD4_SPEGATRON CORPORATION_V1.02_B7.09_T111125_W73-1_L413_M4003_J500_7Intel_86A7_92.00_#120530_N19692062_Z_G80860102_Ohp CDDVDW SH-216ALN_DMED3673.MRK
====== C:\Windows\Tasks ======
2015-11-02 08:16:12 5DDA331A16972BA986C46F8B5364B276 2988 ----a-w- C:\Windows\Sysnative\Tasks\{D51B9355-8F46-4D63-8F6A-736B4EB2A0A3}
2015-10-28 19:31:58 A813358FFDD4924DDD1DAEF84A3D1956 3366 ----a-w- C:\Windows\Sysnative\Tasks\AutoPico Daily Restart
2015-10-25 12:12:27 -------- d-----w- C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
2015-10-25 07:33:36 -------- d-----w- C:\Windows\Sysnative\Tasks\Remediation
2015-10-14 12:48:48 62E08FECB03255FDF8C321341D256813 4010 ----a-w- C:\Windows\Sysnative\Tasks\DropboxUpdateTaskMachineUA
2015-10-14 12:48:48 09A7FCDDF5F49FF6D4C9541955796014 1014 ----a-w- C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-10-14 12:48:45 49E50DAE9325F36C78E80912A0F683B0 3758 ----a-w- C:\Windows\Sysnative\Tasks\DropboxUpdateTaskMachineCore
2015-10-14 12:48:44 3919A0B35BB4F8B63D167C253E051EC0 1010 ----a-w- C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-10-14 11:08:33 D64A741969CCE598B0BEB846FB3C5DAA 3220 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForGEATJE-HP$
2015-10-14 11:08:33 6CA30DEADA79F6106F69065111AAF5F8 344 ----a-w- C:\Windows\Tasks\HPCeeScheduleForGEATJE-HP$.job
2015-10-14 10:48:17 8F09E0E76C7C2105D90BE805746A8031 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-14 10:48:17 83EBBD9F98AC98F38525EAF5774A5FB5 4052 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2015-10-14 10:48:17 69AB46E5DA7344D8AD588B620095AA74 3800 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2015-10-14 10:48:17 12E4594990EBDAF8957DF22551A893C7 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-14 10:31:23 7972EA61D6D8BB14A8B4DF8A31539478 3858 ----a-w- C:\Windows\Sysnative\Tasks\SetupManager
2015-10-14 10:31:05 6973C097DFF858ED9CDAFD9F12377AD6 3966 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{9FCDEE2B-079D-4B58-A8D3-BEFBACE2206F}
2015-10-14 10:30:39 6D9E31A32935F5365A33E0E81D32C53A 3192 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForGEAtje
2015-10-14 10:30:38 83CEA62844B77521E05E5E76CAB48D49 336 ----a-w- C:\Windows\Tasks\HPCeeScheduleForGEAtje.job
2015-10-14 10:22:28 591C9027A1A2C26CDBEE2A3B57DF062A 3290 ----a-w- C:\Windows\Sysnative\Tasks\RMCreator
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-11-02 20:25:43 -------- d-----w- C:\Program Files\Microsoft.NET
2015-10-30 21:14:16 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2015-10-30 21:13:54 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2015-10-30 20:58:22 -------- d-----w- C:\Program Files\trend micro
2015-10-30 19:50:42 -------- d-----w- C:\Program Files\PowerISO
2015-10-28 19:50:12 -------- d-----w- C:\Program Files\DAEMON Tools Lite
2015-10-28 19:31:36 -------- d-----w- C:\Program Files\KMSpico
2015-10-28 18:40:57 -------- d-----w- C:\Program Files\Concom
2015-10-26 21:04:23 -------- d-----w- C:\Program Files\Common Files\DESIGNER
2015-10-26 21:03:14 -------- d-----w- C:\Program Files\Microsoft SQL Server
2015-10-26 20:59:53 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2015-10-26 20:59:26 -------- d-----w- C:\Program Files\Microsoft Office
2015-10-25 07:33:25 -------- d-----w- C:\Program Files\Common Files\AV
2015-10-16 19:30:32 -------- d-----w- C:\Program Files\Microsoft Silverlight
2015-10-14 14:31:31 -------- d-----w- C:\Program Files\Bonjour
2015-10-14 11:39:44 -------- d-----w- C:\Program Files\WinRAR
2015-10-14 11:33:01 -------- d-----w- C:\Program Files\Windows Live
======= C:\PROGRA~2 =====
2015-10-30 21:12:45 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 8
2015-10-30 20:42:18 -------- d-----w- C:\PROGRA~2\WinArchiver Virtual Drive
2015-10-30 20:16:27 -------- d-----w- C:\PROGRA~2\MagicDisc
2015-10-28 19:51:38 -------- d-----w- C:\PROGRA~2\Disc Soft
2015-10-28 18:47:27 -------- d-----w- C:\PROGRA~2\CinemaPlus-3.2cV23.10
2015-10-28 18:39:35 -------- d-----w- C:\PROGRA~2\CinemaPlus-3.2cV25.10
2015-10-28 18:37:38 -------- d-----w- C:\PROGRA~2\WNetEnhancer
2015-10-28 18:36:56 -------- d-----w- C:\PROGRA~2\Opera
2015-10-28 18:36:42 -------- d-----w- C:\PROGRA~2\Max Driver Updater
2015-10-28 18:36:40 -------- d-----w- C:\PROGRA~2\MaxDrivrUpdater_v71.6314
2015-10-28 18:36:40 -------- d-----w- C:\PROGRA~2\MaxDrivrUpdater
2015-10-26 21:03:58 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server
2015-10-26 20:59:52 -------- d-----w- C:\PROGRA~2\Microsoft Analysis Services
2015-10-25 12:20:13 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER
2015-10-25 10:47:49 -------- d-----w- C:\PROGRA~2\TomTom HOME 2
2015-10-25 10:39:48 -------- d-----w- C:\PROGRA~2\TomTom International B.V
2015-10-16 19:30:32 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight
2015-10-16 19:02:27 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
2015-10-16 19:02:27 -------- d-----r- C:\PROGRA~2\Skype
2015-10-14 14:31:31 -------- d-----w- C:\PROGRA~2\Bonjour
2015-10-14 14:22:31 -------- d-----w- C:\PROGRA~2\DYMO
2015-10-14 12:53:10 -------- d-----w- C:\PROGRA~2\MyFree Codec
2015-10-14 12:51:01 -------- d-----w- C:\PROGRA~2\Samsung
2015-10-14 12:48:40 -------- d-----w- C:\PROGRA~2\Dropbox
2015-10-14 11:30:20 -------- d-----w- C:\PROGRA~2\Microsoft OneDrive
2015-10-14 11:26:55 -------- d-----w- C:\PROGRA~2\Browny02
2015-10-14 11:26:51 -------- d-----w- C:\PROGRA~2\ControlCenter4
2015-10-14 11:26:06 -------- d-----w- C:\PROGRA~2\Brother
2015-10-14 10:48:15 -------- d-----w- C:\PROGRA~2\Google
2015-10-14 10:22:32 -------- d-----w- C:\PROGRA~2\Microsoft Mathematics
======= C: =====
====== C:\Users\GEAtje\AppData\Roaming ======
2015-11-02 20:28:06 F78D40A1C0858FE9DA4C14AA7AE3E529 237792 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2015-11-02 16:10:43 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-11-02 16:10:43 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-11-02 16:10:43 -------- d-----w- C:\Users\GEAtje\AppData\Local\Temp
2015-11-02 16:10:43 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2015-11-02 16:10:43 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2015-11-02 08:16:17 -------- d-----w- C:\Users\GEAtje\AppData\Local\Diagnostics
2015-10-30 20:16:35 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicDisc
2015-10-30 19:51:51 -------- d-----w- C:\Users\GEAtje\AppData\Local\Chromium
2015-10-28 20:32:40 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help
2015-10-28 20:32:40 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help
2015-10-28 19:58:41 -------- d-----w- C:\Users\GEAtje\AppData\Local\Disc_Soft_Ltd
2015-10-28 19:50:15 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\DAEMON Tools Lite
2015-10-28 18:38:58 -------- d-----w- C:\Users\GEAtje\AppData\Local\bvxvexvbg
2015-10-28 18:37:20 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Opera Software
2015-10-28 18:37:20 -------- d-----w- C:\Users\GEAtje\AppData\Local\Opera Software
2015-10-28 18:35:38 -------- d-----w- C:\Users\GEAtje\AppData\Local\Programs
2015-10-27 18:45:59 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Elephant Games
2015-10-27 17:33:17 -------- d-----w- C:\Users\GEAtje\AppData\Local\GWX
2015-10-27 08:42:42 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\Brother
2015-10-27 08:42:42 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Brother
2015-10-26 21:21:52 -------- d-----w- C:\Users\GEAtje\AppData\Local\CrashDumps
2015-10-26 20:59:35 -------- d-----w- C:\Users\GEAtje\AppData\Local\Microsoft Help
2015-10-26 20:31:21 -------- d-----w- C:\Users\GEAtje\AppData\Local\MEGAsync
2015-10-25 14:35:54 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2015-10-25 10:49:52 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\TomTom
2015-10-25 10:49:52 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Mozilla
2015-10-25 10:49:52 -------- d-----w- C:\Users\GEAtje\AppData\Local\TomTom
2015-10-15 16:57:02 -------- d-----w- C:\Users\GEAtje\AppData\Local\DM
2015-10-15 10:26:34 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\HP Support Assistant
2015-10-14 19:19:32 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Hewlett-Packard_Company
2015-10-14 14:46:14 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Odian Games
2015-10-14 14:23:43 -------- d-----w- C:\Users\GEAtje\AppData\Local\Sanford,_L.P
2015-10-14 14:23:10 -------- d-----w- C:\Users\GEAtje\AppData\Local\DYMO
2015-10-14 13:46:45 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\TeamViewer
2015-10-14 12:58:43 -------- d-----w- C:\Users\GEAtje\AppData\Local\Samsung
2015-10-14 12:58:21 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Samsung
2015-10-14 12:49:53 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Dropbox
2015-10-14 12:48:33 -------- d-----w- C:\Users\GEAtje\AppData\Local\Dropbox
2015-10-14 12:45:08 -------- d-----w- C:\Users\GEAtje\AppData\Local\Downloaded Installations
2015-10-14 11:49:20 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Windows Live Writer
2015-10-14 11:49:20 -------- d-----w- C:\Users\GEAtje\AppData\Local\Windows Live Writer
2015-10-14 11:46:48 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\ControlCenter4
2015-10-14 11:44:55 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\CyberLink
2015-10-14 11:39:58 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\WinRAR
2015-10-14 11:39:44 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-14 11:28:09 -------- d-----w- C:\Users\GEAtje\AppData\Local\Windows Live
2015-10-14 11:24:02 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\InstallShield
2015-10-14 11:08:33 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Hewlett-Packard
2015-10-14 11:03:54 -------- d-----w- C:\Users\GEAtje\AppData\Local\ElevatedDiagnostics
2015-10-14 10:56:39 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2015-10-14 10:55:05 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2015-10-14 10:48:05 -------- d-----w- C:\Users\GEAtje\AppData\Local\Google
2015-10-14 10:47:38 F4D272C13E53B19CC2D25ED9C8B72AFD 116336 ----a-w- C:\Users\GEAtje\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-14 10:47:35 -------- d-----w- C:\Users\GEAtje\AppData\Local\Apps
2015-10-14 10:47:34 -------- d-----w- C:\Users\GEAtje\AppData\Local\Deployment
2015-10-14 10:47:03 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Adobe
2015-10-14 10:31:05 -------- d-----w- C:\Users\GEAtje\AppData\Locallow\Microsoft
2015-10-14 10:30:57 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-10-14 10:30:57 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2015-10-14 10:30:49 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Identities
2015-10-14 10:30:46 -------- d-----w- C:\Users\GEAtje\AppData\Local\VirtualStore
2015-10-14 10:30:11 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Hewlett-Packard
2015-10-14 10:24:05 -------- d-----w- C:\Users\GEAtje\AppData\Local\TouchSmartData
2015-10-14 10:23:10 -------- d-----w- C:\Users\GEAtje\AppData\Local\RemEngine
2015-10-14 10:23:07 -------- d-----w- C:\Users\GEAtje\AppData\Local\Hewlett-Packard_Company
2015-10-14 10:22:36 -------- d-s---w- C:\Users\GEAtje\AppData\Roaming\Microsoft
2015-10-14 10:22:36 -------- d-----w- C:\Users\GEAtje\AppData\Roaming\Media Center Programs
2015-10-14 10:22:36 -------- d-----w- C:\Users\GEAtje\AppData\Local\Microsoft
2015-10-14 10:22:36 -------- d-----w- C:\Users\GEAtje\AppData\Local\Hewlett-Packard
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
====== C:\Users\GEAtje ======
2015-11-02 07:47:10 F528625BA29ED073D7AB6CAB066315CC 924173 ----a-w- C:\Users\GEAtje\Downloads\BrMain480.exe
2015-11-02 07:35:35 573DED493A33130268671B331FEDC012 151472160 ----a-w- C:\Users\GEAtje\Downloads\DCP-J152W-inst-A1-OCE.EXE
2015-10-30 21:15:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-10-30 21:15:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-30 20:58:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\GEAtje\Downloads\RSITx64.exe
2015-10-30 20:42:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinArchiver Virtual Drive
2015-10-30 20:42:12 37346092E12CA41A4193D970950A0456 729262 ----a-w- C:\Users\GEAtje\Downloads\WADrive28.exe
2015-10-30 20:38:29 4AF0B87C01FA61690906D990387CD1B1 61064 ----a-w- C:\Users\GEAtje\Downloads\winxpvirtualcdcontrolpanel_21.exe
2015-10-30 20:37:23 4F4ABE635A57662510F55C3D65540A89 7321032 ----a-w- C:\Users\GEAtje\Downloads\Daemon-Tools-DukeN-NL.exe
2015-10-30 20:16:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicDisc
2015-10-30 20:16:09 22EAB34E639CF9596F62CA063486CAEF 1352435 ----a-w- C:\Users\GEAtje\Downloads\setup_magicdisc.exe
2015-10-28 20:02:39 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller (1).exe
2015-10-28 19:56:00 8BE02B1C74164D70CBDE3CF8AFC460D8 134213272 ----a-w- C:\Users\GEAtje\Downloads\NIS-ESDDef-22.5.4.24-NL.exe
2015-10-28 19:53:33 -------- d-----w- C:\Users\Public\Documents\Daemon Tools Images
2015-10-28 19:52:01 -------- d--h--w- C:\ProgramData\Common Files
2015-10-28 19:49:43 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2015-10-28 19:47:16 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller.exe
2015-10-28 19:31:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2015-10-28 18:41:05 -------- d-----w- C:\ProgramData\SmartPurple
2015-10-27 18:45:59 -------- d-----w- C:\ProgramData\Elephant Games
2015-10-26 21:05:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-26 20:59:24 -------- d-----w- C:\ProgramData\Microsoft Help
2015-10-26 20:26:25 C334F68F3AAA17578887A0E47AA99A97 9989712 ----a-w- C:\Users\GEAtje\Downloads\MEGAsyncSetup.exe
2015-10-25 10:49:55 -------- d-----w- C:\ProgramData\TomTom
2015-10-25 10:47:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-10-25 10:37:26 5D4C0E1A15D3EFB767069F1BDA4D05F3 31109864 ----a-w- C:\Users\GEAtje\Downloads\TomTomHOME2winlatest.exe
2015-10-16 19:31:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-16 19:02:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-14 20:15:00 -------- d-----w- C:\ProgramData\Recovery
2015-10-14 14:46:14 -------- d-----w- C:\ProgramData\Odian Games
2015-10-14 14:31:30 -------- d-----w- C:\ProgramData\Apple
2015-10-14 14:23:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DYMO
2015-10-14 14:22:28 -------- d-----w- C:\ProgramData\DYMO
2015-10-14 13:03:50 -------- d-----w- C:\Users\Public\Documents\NativeFus_Log
2015-10-14 12:53:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-10-14 12:52:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-10-14 12:52:06 -------- d-----r- C:\Users\GEAtje\Dropbox
2015-10-14 12:51:01 -------- d-----w- C:\ProgramData\Samsung
2015-10-14 12:50:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-14 12:48:33 -------- d-----w- C:\ProgramData\Dropbox
2015-10-14 11:44:55 -------- d-----w- C:\Users\Public\CyberLink
2015-10-14 11:39:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-14 11:35:32 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-14 11:30:19 -------- d-----r- C:\Users\GEAtje\OneDrive
2015-10-14 11:29:57 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2015-10-14 11:28:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2015-10-14 11:26:55 -------- d-----w- C:\ProgramData\ControlCenter4
2015-10-14 11:22:16 -------- d-----w- C:\ProgramData\boost_interprocess
2015-10-14 11:13:04 -------- d-----w- C:\ProgramData\Brother
2015-10-14 10:48:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-14 10:30:57 -------- d-----r- C:\Users\GEAtje\Searches
2015-10-14 10:30:48 -------- d-----r- C:\Users\GEAtje\Contacts
2015-10-14 10:23:11 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2015-10-14 10:22:37 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\GEAtje\ntuser.ini
2015-10-14 10:22:36 -------- d--h--w- C:\Users\GEAtje\AppData
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Videos
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Saved Games
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Pictures
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Music
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Links
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Favorites
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Downloads
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Documents
2015-10-14 10:22:36 -------- d-----r- C:\Users\GEAtje\Desktop
2015-10-14 10:22:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mathematics
====== C: exe-files ==
2015-11-02 07:47:28 D105932A84750C5FE275A5641DB51010 643072 ------w- C:\Program Files (x86)\Brother\Firmware\FirmwareUpdater.exe
2015-11-02 07:47:28 5F4A92175B8A286D56A987419A0A0217 229376 ------w- C:\Program Files (x86)\Brother\Firmware\Pack.exe
2015-11-02 07:47:10 F528625BA29ED073D7AB6CAB066315CC 924173 ----a-w- C:\Users\GEAtje\Downloads\BrMain480.exe
2015-11-02 07:39:09 F55B617F4B7F26F6CC5F54C02760BB28 289280 ------w- C:\Program Files (x86)\Brother\Brmfl13a\Brinstck.exe
2015-11-02 07:39:09 610941B20B8C62344D428C8EB7020EED 1702912 ------w- C:\Program Files (x86)\Brother\Brmfl13a\BrScUtil.exe
2015-11-02 07:38:37 AFDFC70868F3FB89D2A541CE1DA2878E 102400 ------w- C:\Program Files (x86)\Brother\Brmfl13a\BrStDvPt.exe
2015-11-02 07:38:37 7766E65E9E466339CA583F7F2051CD5B 455432 ------w- C:\Program Files (x86)\Brother\Brmfl13a\BrRemPnP.exe
2015-11-02 07:38:37 27C9A12D64E5E7F6A395A2D0B8610522 45056 ----a-w- C:\Program Files (x86)\Brother\Brmfl13a\Brolink\Brolink0.exe
2015-11-02 07:38:20 E6213CEC602F332BF8E868B7B8BF2BB1 922176 ----a-w- C:\Program Files (x86)\Brother\Brmfl13a\NetScn\dpinstx86.exe
2015-11-02 07:38:20 AA0A91227631A09CD075D315646FB7A9 1047632 ----a-w- C:\Program Files (x86)\Brother\Brmfl13a\NetScn\dpinstx64.exe
2015-11-02 07:37:47 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{B742757A-7658-4E09-A51A-085CF0F7F4D3}\setup.exe
2015-11-02 07:36:27 D8E18AA0D7E84758376ACB9FF0B3220E 2043392 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\wlan_assistant\waw.exe
2015-11-02 07:36:26 A26A10298931E44F1880D61C340F48A7 376832 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\WirelessAPChecker.exe
2015-11-02 07:36:26 8A2D64F4F098393AF4FBB23721299B73 1913344 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\uwdsw.exe
2015-11-02 07:36:26 88906AC52135299416F23C1E7FCF0A91 94208 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\difx_2k\BrDifxapi2k.exe
2015-11-02 07:36:26 6D0E275B923220990633888A1340312D 94208 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\difx_32\BrDifxapi.exe
2015-11-02 07:36:26 6264C18F67E9D6268A812F514657A387 119296 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\difx_64\BrDifxapi64.exe
2015-11-02 07:36:26 481F60AC74F1CA5D7E17BED1D05470E8 311808 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\WirelessSetupChecker.exe
2015-11-02 07:36:25 FECFDE5FC3B4162F0501242EE958F121 102400 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\brwlankey.exe
2015-11-02 07:36:25 9E07671185233FDE9B4A2FCEF551F312 139264 ----a-w- C:\Users\GEAtje\Downloads\install\wlan_wiz\BrWPrWiz.exe
2015-11-02 07:36:21 E6213CEC602F332BF8E868B7B8BF2BB1 922176 ----a-w- C:\Users\GEAtje\Downloads\install\driver\gdi\32_64\dpinstx86.exe
2015-11-02 07:36:21 AA0A91227631A09CD075D315646FB7A9 1047632 ----a-w- C:\Users\GEAtje\Downloads\install\driver\gdi\32_64\dpinstx64.exe
2015-11-02 07:36:17 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\setup.exe
2015-11-02 07:36:17 CE2922F83FB4B170AFFCE0EA448B107B 2707352 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\VC2005RunTime\vcredist32.exe
2015-11-02 07:36:17 B88228D5FEF4B6DC019D69D4471F23EC 5073240 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\VC2010RunTime\vcredist32.exe
2015-11-02 07:36:17 630D75210B325A280C3352F879297ED5 5718872 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\VC2010RunTime\vcredist64.exe
2015-11-02 07:36:17 56EAF4E1237C974F6984EDC93972C123 3175832 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\VC2005RunTime\vcredist64.exe
2015-11-02 07:36:17 342F79337765760AD4E392EB67D5ED2C 2585872 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\WindowsInstaller-KB893803-v2-x86.exe
2015-11-02 07:36:17 1A791E445A12FD0530726920C8296D18 290816 ----a-w- C:\Users\GEAtje\Downloads\install\DCP-J152W\Setup.exe
2015-11-02 07:36:15 2C6E4E668FA2A69EE07D904403418725 106496 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\INSTVIEW\InstView.exe
2015-11-02 07:36:11 27C9A12D64E5E7F6A395A2D0B8610522 45056 ----a-w- C:\Users\GEAtje\Downloads\install\data\Disk1\Brolink\Brolink0.exe
2015-11-02 07:35:35 573DED493A33130268671B331FEDC012 151472160 ----a-w- C:\Users\GEAtje\Downloads\DCP-J152W-inst-A1-OCE.EXE
2015-10-30 20:58:22 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\GEAtje.exe
2015-10-30 20:58:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\GEAtje\Downloads\RSITx64.exe
2015-10-30 20:42:19 5BAC2A4F4B910A9ADABDECC21208CFA2 83205 ----a-w- C:\Program Files (x86)\WinArchiver Virtual Drive\uninstall.exe
2015-10-30 20:42:12 37346092E12CA41A4193D970950A0456 729262 ----a-w- C:\Users\GEAtje\Downloads\WADrive28.exe
2015-10-30 20:38:29 4AF0B87C01FA61690906D990387CD1B1 61064 ----a-w- C:\Users\GEAtje\Downloads\winxpvirtualcdcontrolpanel_21.exe
2015-10-30 20:37:23 4F4ABE635A57662510F55C3D65540A89 7321032 ----a-w- C:\Users\GEAtje\Downloads\Daemon-Tools-DukeN-NL.exe
2015-10-30 20:16:28 A03AE84660953220E522068DC5B486C2 9216 ----a-w- C:\Program Files (x86)\MagicDisc\mcdInst64.exe
2015-10-30 20:16:27 A16852B04C0A5654B0B8DFD5E1A25718 576000 ----a-w- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
2015-10-30 20:16:27 973567B98CDFC147DF4E60471D9DF072 153088 ----a-w- C:\Program Files (x86)\MagicDisc\UNWISE.EXE
2015-10-30 20:16:27 3DCAD928C3BB2163F989110B4C9962A2 36864 ----a-w- C:\Program Files (x86)\MagicDisc\muninst.exe
2015-10-30 20:16:09 22EAB34E639CF9596F62CA063486CAEF 1352435 ----a-w- C:\Users\GEAtje\Downloads\setup_magicdisc.exe
2015-10-29 18:55:50 FFD052D0F464ADC243C24E71D15C9990 12344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
2015-10-29 18:55:50 F9EDD8A064F0FEDEAF812CF5B5EF5E9B 33496 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe
2015-10-29 18:55:50 F5D09A65FA57DD33E5B07CD552B459DD 141512 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe
2015-10-29 18:55:50 F57DB2F9AD648E513E97B5BCA2F14F46 44760 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe
2015-10-29 18:55:50 CF823937F3B1411B2D6D7BC044BB9AFE 37320 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDiscReminder_V2.exe
2015-10-29 18:55:50 C8D01F99A9FD0CD5BA662B3AB16D8D84 38416 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWindows10.exe
2015-10-29 18:55:50 C23490916152CA356B4BDA4A87974B45 35032 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe
2015-10-29 18:55:50 BF0DA3811D534A11752124919E3AE3CF 32968 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_InWarrantyCarePack.exe
2015-10-29 18:55:50 B026AFD260A4058CF37B6A6A5B15C3EA 33296 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_PostWarrantyCarePack.exe
2015-10-29 18:55:50 AF0D919701B5BE372A276800084E6661 30936 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder.exe
2015-10-29 18:55:50 AA58AA4652230F9C9C2F55C35E8B5A7B 34320 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe
2015-10-29 18:55:50 A6E7EB515A4497AAD84054ACDCEFE5DF 40464 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderA.exe
2015-10-29 18:55:50 9D50510E34D6B6B7FE0724FDB60A23E9 40648 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderB.exe
2015-10-29 18:55:50 9A8C02B240274DC9D76429ABEBC3061C 36552 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SystemRestoreCheck_V2.exe
2015-10-29 18:55:50 7A1DC920D662880F6EF8A34E21E010B0 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_US.exe
2015-10-29 18:55:50 6A6983390656B73226571BF79A1214AB 37176 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe
2015-10-29 18:55:50 698BA1D64B2C178B7069B2D1E0F35A7D 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe
2015-10-29 18:55:50 58D87CD3D31B52C204A40F19FEF6BF3D 27352 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe
2015-10-29 18:55:50 5606EFA83C850AB210C38A1C3AE886AE 28888 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe
2015-10-29 18:55:50 5288FEC36ADB27C8A24623F6DB8858B8 72920 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe
2015-10-29 18:55:50 443A4F21DB659C5798FBA66A63186A82 40464 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_B.exe
2015-10-29 18:55:50 43AA6EF12B473723F8A3F4791EE6121E 36040 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWindows10.exe
2015-10-29 18:55:50 2D892F35618E5761D746ACA179C63096 138256 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtilDT.exe
2015-10-29 18:55:50 2CA4A36D13732E1135C48F0F6F6C6844 35528 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_GuestAccount_V2.exe
2015-10-29 18:55:50 1059C375192D53514933CBE87E79BA64 21304 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
2015-10-29 18:55:50 0FFD3D454111B4D398EE2B6FC469C3B4 40648 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_A.exe
2015-10-29 18:55:50 0B74BF0280E062CD69B2A13B6A1F8C5D 84280 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\InterfaceValidator.exe
2015-10-29 18:55:50 074611CDD124C5FF763246B4BD37F887 97296 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe
2015-10-29 18:55:50 06D9888F172A8AC47959DA5DF68270DE 29400 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe
2015-10-28 20:02:39 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller (1).exe
2015-10-28 19:56:00 8BE02B1C74164D70CBDE3CF8AFC460D8 134213272 ----a-w- C:\Users\GEAtje\Downloads\NIS-ESDDef-22.5.4.24-NL.exe
2015-10-28 19:47:16 E87CBD264A2CA9B80CC9883B3E6F3AA9 1709792 ----a-w- C:\Users\GEAtje\Downloads\DTLiteInstaller.exe
2015-10-28 19:39:01 30C7E8E918403B9247315249A8842CE5 731809 ----a-w- C:\Program Files\KMSpico\unins000.exe
2015-10-28 19:31:39 245824502AEFE21B01E42F61955AA7F4 30208 ----a-w- C:\Program Files\KMSpico\UninsHs.exe
2015-10-28 19:31:37 05230AFDEEB13718E926FD654DE63F12 225448 ----a-w- C:\Program Files\KMSpico\driver\tap-windows-9.21.0.exe
2015-10-28 18:37:13 ED646176126E7FE3B037076DE3B05D86 948856 ----a-w- C:\Program Files (x86)\Opera\launcher.exe
2015-10-28 18:37:12 E43C2D7972A669A89E526CAE9E4017AE 1316984 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\installer.exe
2015-10-28 18:36:53 7F794A15286D0F8E1797397620907BDE 274436 ----a-w- C:\Program Files (x86)\MaxDrivrUpdater\uninstall.exe
=== C: other files ==
2015-11-03 17:59:59 F90C7A190399165D3AB2245048D34786 1092728 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\SymEFA64.sys
2015-11-03 17:59:59 8B2430762099598DA40686F754632EFD 451192 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\SymDS64.sys
2015-11-03 17:59:59 7B02F64DC80C0EC7300AF302ED5D1CB3 37496 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\srtspx64.sys
2015-11-03 17:59:59 5013A76CAAA1D7CF1C55214B490B4E35 190072 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\Ironx64.sys
2015-11-03 17:59:59 4D56F175F76C685A06471800A03219B2 738936 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\srtsp64.sys
2015-11-03 17:59:59 3911BD0E68C010E5438A87706ABBE9AB 405624 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\symnets.sys
2015-11-03 17:59:59 0E1737A63AEC0F6DE231BB59836C0A11 167048 ----a-r- C:\Windows\System32\drivers\NISx64\1305000.091\ccSetx64.sys
2015-10-30 20:42:19 7914A30A3849306FAE9F5DD9C3615F18 141368 ----a-w- C:\Windows\System32\drivers\waemu.sys
2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\SysWOW64\drivers\mcdbus.sys
2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2015-10-30 20:16:27 79D51E7F5926E8CE1B3EBECEBAE28CFF 255552 ----a-w- C:\Program Files (x86)\MagicDisc\mcdbus.sys
2015-10-29 18:56:04 E29B8EC86DEFC2E58EBCCD8C6C92E430 66862 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\nl-NL\hcsolutions.zip
2015-10-29 18:56:00 87BA9F7E340A1F11734496353CBBBD39 1427288 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip
2015-10-29 18:55:54 01980D1004FF6EFFB5D079C434BF7725 2347374 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guid.zip
2015-10-28 19:50:17 496C3C6BC3D930D0960C9E75AA30F4A7 30264 ----a-w- C:\Windows\System32\drivers\dtlitescsibus.sys
2015-10-28 19:50:17 496C3C6BC3D930D0960C9E75AA30F4A7 30264 ----a-w- C:\Program Files\DAEMON Tools Lite\dtlitescsibus.sys
2015-10-28 18:49:02 FEBFD8FF60806AA58AEF51BF5F00F0BB 400561 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV23.10\efba7dd2-bf83-415d-83c6-4595239075a3.crx
2015-10-28 18:48:17 FEBFD8FF60806AA58AEF51BF5F00F0BB 400561 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV23.10\3de63afe-ab19-4ae7-b115-55811384475e.crx
2015-10-28 18:39:54 796DD9CB1C07363188C19BB55788C425 400937 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV25.10\08d47c20-5df0-42b6-a3b0-f77cb968d1a2.crx
2015-10-28 18:39:45 796DD9CB1C07363188C19BB55788C425 400937 ----a-w- C:\Program Files (x86)\CinemaPlus-3.2cV25.10\718b4ab0-8822-4561-854a-32abfa881416.crx
2015-10-28 18:37:13 F6B685306C89EE40A4B687A1F0758DCA 218650 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\default_theme.zip
2015-10-28 18:37:13 B9E7A356DBFD03D6EC62607A3F7A267B 53056 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\reine.zip
2015-10-28 18:37:13 9BB699BFD48DC443711F1BE8077B5677 289 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\grey.zip
2015-10-28 18:37:13 57BD727A9E6668CEA21EA9A52CA65767 243193 ----a-w- C:\Program Files (x86)\Opera\33.0.1990.43\resources\standard_themes\darkbreeze.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-115903190-4080511109-3081035828-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe "
"DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun "
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe"
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"BrHelp"="C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN"
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"DLSService"="C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
"WAHELPER.EXE"="C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe "
"DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun "
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
==== Startup Registry Disabled ======================
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Tiny download manager"="\"C:\\Users\\GEAtje\\AppData\\Local\\DM\\TinyDM.exe\" /M"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"HP Software Update"="c:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
==== Startup Folders ======================
2015-10-30 20:16:35 991 ----a-w- C:\Users\GEAtje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:378C:\ProgramC:FilesC:x86\Dropbox\Update\DropboxUpdate.exe []
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [14-10-2015 13:48]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14-10-2015 11:48]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\HPCeeScheduleForGEATJE-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15-07-2011 12:43]
C:\Windows\tasks\HPCeeScheduleForGEAtje.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15-07-2011 12:43]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForGEAtje" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForGEATJE-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\WSCStub.exe"]
"C:\Windows\SysNative\tasks\RMCreator" [C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe]
"C:\Windows\SysNative\tasks\SetupManager" ["C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{9FCDEE2B-079D-4B58-A8D3-BEFBACE2206F}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{D51B9355-8F46-4D63-8F6A-736B4EB2A0A3}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Remediation\AntimalwareMigrationTask" ["C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe"]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn" [03-11-2015 19:00]
==== Firefox Extensions ======================
ProfilePath: C:\Users\GEAtje\AppData\Roaming\TomTom\HOME\Profiles\hgx0e9gi.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
==== Firefox Plugins ======================
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.80
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\Exts\Chrome.crx[14-12-2011 15:46]
Chrome Web Store Payments - GEAtje\AppData\Local\Chromium\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Slides - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Dropbox for Gmail - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec
Google Sheets - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
CinemaPlus-3.2cV25.10 - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh
Google Docs Offline - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Pin It Button - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic
Chrome Web Store Payments - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
CinemaPlus-3.2cV23.10 - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp
Gmail - GEAtje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
CinemaPlus-3.2cV25.10 - GEAtje\AppData\Roaming\Opera Software\Opera Stable\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh
CinemaPlus-3.2cV23.10 - GEAtje\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp
==== Chromium Fix ======================
C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_zynga2-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_zynga2-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NIS&pvid=19.9.1.14"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=nl&pid=NIS&pvid=19.9.1.14"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox"
{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\coIEPlg.dll
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrHelp] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [DLSService] "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
O4 - HKLM\..\Run: [WAHELPER.EXE] "C:\Program Files (x86)\WinArchiver Virtual Drive\WAHELPER.EXE"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_582BFB67187C4DDF042E1A5BAB51985A] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - (no CLSID) - (no file)
O18 - Protocol: mso-minsb.16 - (no CLSID) - (no file)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - (no CLSID) - (no file)
O18 - Protocol: osf.16 - (no CLSID) - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: CalendarSynchService - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DYMO PnP Service (DymoPnpService) - Sanford, L.P. - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.5.0.145\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files (x86)\WinArchiver Virtual Drive\WAService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GEAtje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\GEAtje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\GEAtje\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\GEAtje\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\GEAtje\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=333 folders=105 271604350 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\GEAtje\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\GEAtje\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on di 03-11-2015 at 20:36:59,60 ======================