Zoek.exe v5.0.0.1 Updated 28-November-2015 Tool run by Nancy on di 01/12/2015 at 19:26:19,19. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Nancy\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 1/12/2015 19:29:04 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\GUM31AA.tmp deleted successfully C:\PROGRA~2\NirSoft deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\Program Files\Bitdefender deleted successfully C:\PROGRA~3\Trend Micro Installer deleted successfully C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully C:\Users\Nancy\AppData\Roaming\BitTorrent deleted successfully C:\Users\Nancy\AppData\Roaming\QuickScan deleted successfully C:\Users\Nancy\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Nancy\AppData\Local\EmieSiteList deleted successfully C:\Users\Nancy\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent Acrobat.com Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 19 ActiveX Adobe Reader XI (11.0.10) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 12.0 Advanced SystemCare 9 Alcor Micro USB Card Reader Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update ASUS AI Recovery ASUS CopyProtect ASUS FancyStart ASUS LifeFrame3 ASUS Live Update ASUS MultiFrame ASUS Power4Gear Hybrid ASUS SmartLogon ASUS Splendid Video Enhancement Technology ASUS Virtual Camera Asus_Camera_ScreenSaver Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver ATK Generic Function Service ATK Hotkey ATK Media ATKOSD2 AVG AVG 2016 AVG Protection AVG Zen Bonjour Canon MP280 series MP Drivers CCleaner Choice Guard ControlDeck CyberLink LabelPrint CyberLink Power2Go ETDWare PS/2-x64 7.0.5.5_WHQL Fast Boot FMW 1 Google Chrome Google Toolbar for Internet Explorer Google Update Helper HP Deskjet 2540 series Basissoftware van het apparaat HP Deskjet 2540 series Help HP Photo Creations HP Update Intel(R) Graphics Media Accelerator Driver IObit Uninstaller iTunes Java 8 Update 66 Java Auto Updater Junk Mail filter update Malwarebytes Anti-Malware versie 2.2.0.1024 Microsoft-invoegtoepassing Opslaan als PDF of XPS voor 2007 Microsoft Office-programma's Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office Access MUI (Chinese (Traditional)) 2007 Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Access MUI (French) 2007 Microsoft Office Access MUI (German) 2007 Microsoft Office Access MUI (Greek) 2007 Microsoft Office Access MUI (Hebrew) 2007 Microsoft Office Access MUI (Italian) 2007 Microsoft Office Access MUI (Portuguese (Portugal)) 2007 Microsoft Office Access MUI (Spanish) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Chinese (Traditional)) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office Excel MUI (French) 2007 Microsoft Office Excel MUI (German) 2007 Microsoft Office Excel MUI (Greek) 2007 Microsoft Office Excel MUI (Hebrew) 2007 Microsoft Office Excel MUI (Italian) 2007 Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 Microsoft Office Excel MUI (Spanish) 2007 Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office IME (Chinese (Traditional)) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Live Add-in 1.3 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office Outlook MUI (French) 2007 Microsoft Office Outlook MUI (German) 2007 Microsoft Office Outlook MUI (Greek) 2007 Microsoft Office Outlook MUI (Hebrew) 2007 Microsoft Office Outlook MUI (Italian) 2007 Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 Microsoft Office Outlook MUI (Spanish) 2007 Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (French) 2007 Microsoft Office PowerPoint MUI (German) 2007 Microsoft Office PowerPoint MUI (Greek) 2007 Microsoft Office PowerPoint MUI (Hebrew) 2007 Microsoft Office PowerPoint MUI (Italian) 2007 Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 Microsoft Office PowerPoint MUI (Spanish) 2007 Microsoft Office Proof (Arabic) 2007 Microsoft Office Proof (Basque) 2007 Microsoft Office Proof (Catalan) 2007 Microsoft Office Proof (Chinese (Traditional)) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Galician) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Greek) 2007 Microsoft Office Proof (Hebrew) 2007 Microsoft Office Proof (Italian) 2007 Microsoft Office Proof (Portuguese (Brazil)) 2007 Microsoft Office Proof (Portuguese (Portugal)) 2007 Microsoft Office Proof (Russian) 2007 Microsoft Office Proofing (Chinese (Traditional)) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (French) 2007 Microsoft Office Proofing (German) 2007 Microsoft Office Proofing (Greek) 2007 Microsoft Office Proofing (Hebrew) 2007 Microsoft Office Proofing (Italian) 2007 Microsoft Office Proofing (Portuguese (Portugal)) 2007 Microsoft Office Proofing (Spanish) 2007 Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Publisher MUI (French) 2007 Microsoft Office Publisher MUI (German) 2007 Microsoft Office Publisher MUI (Greek) 2007 Microsoft Office Publisher MUI (Hebrew) 2007 Microsoft Office Publisher MUI (Italian) 2007 Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 Microsoft Office Publisher MUI (Spanish) 2007 Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (French) 2007 Microsoft Office Shared 64-bit MUI (German) 2007 Microsoft Office Shared 64-bit MUI (Greek) 2007 Microsoft Office Shared 64-bit MUI (Hebrew) 2007 Microsoft Office Shared 64-bit MUI (Italian) 2007 Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 Microsoft Office Shared 64-bit MUI (Spanish) 2007 Microsoft Office Shared MUI (Chinese (Traditional)) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (French) 2007 Microsoft Office Shared MUI (German) 2007 Microsoft Office Shared MUI (Greek) 2007 Microsoft Office Shared MUI (Hebrew) 2007 Microsoft Office Shared MUI (Italian) 2007 Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 Microsoft Office Shared MUI (Spanish) 2007 Microsoft Office Word MUI (Chinese (Traditional)) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Office Word MUI (French) 2007 Microsoft Office Word MUI (German) 2007 Microsoft Office Word MUI (Greek) 2007 Microsoft Office Word MUI (Hebrew) 2007 Microsoft Office Word MUI (Italian) 2007 Microsoft Office Word MUI (Portuguese (Portugal)) 2007 Microsoft Office Word MUI (Spanish) 2007 Microsoft Search Enhancement Pack Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MSVCRT Platform Productverbeteringsonderzoek voor HP Deskjet 2540 series Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft .NET Framework 4.5.1 (KB3023224) Security Update for Microsoft .NET Framework 4.5.1 (KB3035490) Security Update for Microsoft .NET Framework 4.5.1 (KB3037581) Security Update for Microsoft .NET Framework 4.5.1 (KB3074230) Security Update for Microsoft .NET Framework 4.5.1 (KB3074550) Security Update for Microsoft .NET Framework 4.5.1 (KB3097996) Security Update for Microsoft .NET Framework 4.5.1 (KB3098781) SkypeT 6.10 Surfing Protection swMSM USB 2.0 1.3M UVC WebCam VIA Platform Device Manager Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Toolbar Windows Live Writer WinFlash WinRAR 5.00 (64-bit) Wireless Console 3 ==== Running Processes ====================== C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\ProgramData\Avg_Update_0615piz\AVG-Secure-Search-Update_0615piz.exe C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG\Av\avgui.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Nancy\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LiveUpdateSvc deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [font=times new roman,serif][size=12][-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Advanced SystemCare 9"=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\GUM31AA.tmp not found C:\PROGRA~2\NirSoft not found C:\Program Files\Bitdefender not found C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found C:\PROGRA~2\GUM14D7.tmp deleted C:\PROGRA~2\Windows Live SkyDrive deleted C:\ProgramData\Bitdefender deleted C:\Program Files\Common Files\Bitdefender deleted C:\Users\Nancy\AppData\Roaming\IObit deleted C:\windows\SysNative\Tasks\AVG_SYS_TASK_0615piz deleted C:\windows\SysNative\Tasks\AVG_SYS_TASK_0615piz_DELETE deleted C:\Windows\tasks\AVG_SYS_TASK_0615piz.job deleted C:\Windows\tasks\AVG_SYS_TASK_0615piz_DELETE.job deleted C:\PROGRA~2\GUT95BA.tmp deleted C:\PROGRA~2\GUM95B9.tmp deleted C:\Users\Nancy\AppData\Roaming\ProductData deleted C:\PROGRA~3\ProductData deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted "C:\ProgramData\Avg_Update_0615piz\AVG-Secure-Search-Update_0615piz.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\CPUIDInterface.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\datastate.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\HomepageSvc.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\rtl120.bpl" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\sqlite3.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\taskmgr.dll" deleted "C:\Program Files (x86)\IObit\Advanced SystemCare\vcl120.bpl" deleted "C:\PROGRA~3\Avg_Update_0615piz\AVG-Secure-Search-Update_0615piz.exe" deleted "C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection\ASCService.log" not deleted "C:\Program Files (x86)\IObit\Advanced SystemCare" not deleted "C:\ProgramData\IObit" not deleted "C:\PROGRA~3\Avg_Update_0615piz" not deleted "C:\ProgramData\IObit\Advanced SystemCare" not deleted "C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4062 MB CPU Info: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz CPU Speed: 286.9 MHz Sound Card: Speakers (VIA High Definition A | Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller | Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ880AS Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 149.0GB | D: 134.4GB Hard Disks - Free: C: 98.5GB | D: 134.0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/26/09 | _ASUS_ - 20090826 Time Zone: Romance (standaardtijd) Motherboard *: ASUSTeK Computer Inc. K50IJ Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} Default Browser: Google Chrome 46.0.2490.86 Internet Explorer Version: 11.0.9600.18097 Google Chrome version: 46.0.2490.86 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_66 (32-bit) Sun Java version: 1.8.0_66 (64-bit) Shockwave Player version: 12.0.5r146 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Nancy\AppData\Local\Temp ==== 2015-11-29 12:11:48 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\libiconv2.dll 2015-11-29 12:11:48 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\libintl3.dll 2015-11-29 12:11:48 BD59D8A4565D1D1AB3C7CF81948C8DBE 86840 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\CreateRestorePoint.exe 2015-11-29 12:11:48 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\pcre3.dll 2015-11-29 12:11:48 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\regex2.dll 2015-11-29 12:11:48 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\nfo\nircmdc.exe 2015-11-22 17:56:20 721A2B8896419ADD5341803A30470B58 7068360 ----a-w- C:\Users\Nancy\AppData\Local\Temp\HP\Diagnostics\PSDR\HPPSdr.exe ====== Java Cache ===== 2015-11-29 12:58:50 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-196917b9 2015-11-29 12:58:51 F5B3F92C7F5C4F06D1DD7CA6C69A77FD 428 ----a-w- C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2015-11-29 12:58:51 C9588417B10E1D770E3E5DA1F3510AE5 8425 ----a-w- C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-27075bc3 2015-11-29 12:58:56 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Nancy\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-6f8696a9 ====== C:\Windows\SysWOW64 ===== 2015-11-29 12:50:28 6653906AFCCC8179315A889B4AC29172 108968 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-64.dll 2015-11-22 10:42:18 F1BAAC5C7B35968EFAB7C21C32ECBB28 93696 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-11-22 10:42:18 D714B7F77DB7E1D81CBFCE8DDCDCC5FE 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-11-22 10:42:18 B35154CD5A10368ED3DB277BB38012B3 35328 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2015-11-22 10:42:18 5670A441F06AE04D2B587D1BD2DC1DC0 30208 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-11-22 10:42:18 1E643C501E621F91776F9F9AC226FADF 174080 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-11-22 10:41:22 14A7260EAD6FAA708DA57E3C6E27A0E4 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2015-11-22 10:41:21 912EBD61017559C8163FAF3C1F54AD00 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2015-11-22 10:41:21 68BF7EB3D428C57528E2D134B34512F1 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2015-11-22 10:41:21 5FA5FD8DCE9BC04D87A17D0E335388CF 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2015-11-22 10:41:21 25E81C8C9AE6251F472AD3677DE829E0 1311744 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-11-22 10:41:21 1840A7632E1E6EC26762D460F6D1B0E2 342728 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2015-11-22 10:41:20 D49701891D475F61B23BA4DBEF6E71EC 20331520 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-11-22 10:41:20 91220E779EDE9C3511C42ECDAA58192B 504832 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-11-22 10:41:20 2F898AFA929824861737488746FD5B47 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-11-22 10:41:20 035F1154B50CE7CAFB60405D83F13A78 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-22 10:41:20 00F600046B58D98631487A8AADC7C200 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2015-11-22 10:41:19 8C3D651836C2E9AADFAA47C5C25CF4D4 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2015-11-22 10:41:19 4BFA8AD57A5ED4508981732F862738EA 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2015-11-22 10:41:18 ECB3E36B098F8C9BE9DFD6CF38BDBE69 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-11-22 10:41:18 9A555780545211BD2DD89575088C39F4 2279936 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-11-22 10:41:18 8F13B52696EB7B0D24039E5CB24C088F 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2015-11-22 10:41:18 7FA7A377F32A3D8F2EE4128CF127EB93 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-11-22 10:41:17 D74C3DAD496F59FAFB9BAF3C24EAAB2F 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2015-11-22 10:41:17 9101F70E34D3E28E63299A105B7F12C4 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2015-11-22 10:41:17 8C9EB49AA5E016500D3C29A59ED52345 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2015-11-22 10:41:17 7B2F5324F28C71D69BC087E27B0BE7AE 12854272 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-11-22 10:41:17 4E84DCAF706E3447951212CFFE2A7B84 480256 ----a-w- C:\Windows\SysWOW64\ieui.dll 2015-11-22 10:41:17 4484B41D0A3F07D71BBCB4DB5C426302 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2015-11-22 10:41:14 8215390B06602AC1FDA702CD74A7250C 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2015-11-22 10:41:14 5AAEB88DF7F09677E9C8C849D4915132 4527616 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-11-22 10:41:14 4D20D5ACB439DA837E4329F28C35ADA1 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2015-11-22 10:41:14 1179043BBB3D0C8826D8BF8615A34EB6 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2015-11-22 10:41:13 BCC36AC2241B092E30E0F47B62D7C4EA 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2015-11-22 10:41:13 832CA97817B20B74E2D74A8154630311 2011136 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-11-22 10:41:13 68647B5AB71ABB5130CCA4FA55EFB0BD 341504 ----a-w- C:\Windows\SysWOW64\html.iec 2015-11-22 10:40:09 05D37C4742B32B37ED953631B7B0A7A9 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2015-11-22 10:40:08 0DD296312E531C6E0BF1AB7F2C092801 251392 ----a-w- C:\Windows\SysWOW64\schannel.dll 2015-11-22 10:40:07 8DE94E8213ABE0F7C5154507305779A0 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2015-11-22 10:40:06 A860CAA340D18B2CB7B93A9C67FDDB49 3935680 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2015-11-22 10:40:05 64AD529B85D7E856F9A4FFF9C809E693 3991488 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-11-22 10:40:05 63F52FF6FCA2C492F4FB7EE545319FA8 251000 ----a-w- C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-22 10:39:59 50D21D408B0FD40019A6EACF94A62ACF 1311768 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-11-22 10:39:56 C661D1599DA67BD411479A2C53058DE4 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2015-11-22 10:39:56 BA00A2FCB86D084F3E8F7D88EC85E216 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2015-11-22 10:39:56 A748DEC93B4E8C9DDE11B79FB6E97088 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2015-11-22 10:39:56 9FDCF3A01849F24625DE831C7749F080 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2015-11-22 10:39:56 73F97CF58D1EF42F49B696951BDE6081 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2015-11-22 10:39:56 58ABF51E9107661559B801B07011202D 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2015-11-22 10:39:56 1C9E00CA0D823DC672017D8AB92DBC2A 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2015-11-22 10:39:55 CFF504AD277328CE10BE56D76297FDAC 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2015-11-22 10:39:55 7B23D23E2F9D51F700BFDD5B5FCAE30A 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2015-11-22 10:39:55 5D369C45F0D2A993CCDC6BD160793822 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2015-11-22 10:39:55 553F7D05AE3E2EC2EDE06416901F5803 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2015-11-22 10:39:55 4166C05FA57548E6518D7EE20896C0A5 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2015-11-22 10:39:55 1D0826DF3F439FECBA99772D0A939A28 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2015-11-22 10:39:55 000D8B84E09CC73472945560D411BDAC 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2015-11-22 10:39:54 3B6668958DD782D37731EBF4ADA050CF 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2015-11-22 10:39:53 F357AE37073472DD0288B579B0B3E005 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2015-11-22 10:39:51 CC668F6D0C6F76398AF840C3C0048D93 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2015-11-22 10:39:51 A2911E5C4BA462F2BD4129418A00449A 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2015-11-22 10:39:51 8A6DE61B5797F03F4E0BB62F467F4854 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2015-11-22 10:39:51 7A8070653B42E81F8EFD19054B67C764 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2015-11-22 10:39:51 1690F4F1807AEC79CF4B6DEF34C366C0 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2015-11-22 10:39:30 D5AFC3A476925CE740B7079D9BD2D269 295936 ----a-w- C:\Windows\SysWOW64\apphelp.dll 2015-11-22 10:39:30 2996B3E7BBA42BEA62D386D9386EDE97 20992 ----a-w- C:\Windows\SysWOW64\sdbinst.exe 2015-11-22 10:39:30 15DDF8D059752C6CBE3DCDCAA1264F45 5120 ----a-w- C:\Windows\SysWOW64\shimeng.dll 2015-11-22 10:39:13 6EAA9E88F7985BFA94F10A53725D3AA3 216064 ----a-w- C:\Windows\SysWOW64\InkEd.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-11-22 13:24:03 D5D9ADE778937C4866D9AEBAF1E8FFFE 763912 ------w- C:\Windows\Sysnative\HPDiscoPMC211.dll 2015-11-22 10:42:20 361845875ED8ED13086E7F37265C45DA 2608128 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-11-22 10:42:19 4AA4838D59A51B3B5A6C2BFC2092FDEC 3168768 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-11-22 10:42:18 F62A6979E13872D744BA69F4F78109B8 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-11-22 10:42:18 CDBE532602413E7FB0C395024749C7AA 140288 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-11-22 10:42:18 C64959F2D2EE6EDB96916902962D48B9 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-11-22 10:42:18 B2AA75E472BAB24818915342E44FF2AD 98816 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-11-22 10:42:18 9D3A6E1660B3D6BF63E83A901D1109BB 37888 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-11-22 10:42:18 500B7A762291EC4EE4B445337956BDBC 36864 ----a-w- C:\Windows\Sysnative\wups.dll 2015-11-22 10:42:18 3E89AD28893A8E9C1F01D2A162C7D457 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-11-22 10:42:18 24E1CD4E823628943540A63187AC282E 192512 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-11-22 10:42:18 246FD89B6B5521AD2CE1C560D666BAD7 37888 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-11-22 10:41:22 478DD45708B600245916A2A0F81FE7C9 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2015-11-22 10:41:21 95F3687EF1486833AC713A23C671B397 720896 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-11-22 10:41:21 6686B946B973BA1C3B226A95D4E63D8E 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2015-11-22 10:41:21 65075CAC90824B720E9EB0C6663CE157 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2015-11-22 10:41:21 1067787EC9DAD6D084306C6795BC409A 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2015-11-22 10:41:20 CD59055A66EF5DFA3D5EFA2D29B14B0B 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2015-11-22 10:41:18 E4FB4DE391BB2BFBC5C30BBD519C83BE 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2015-11-22 10:41:18 CA0F3F16FC677701DFF1087A58B6F5B4 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2015-11-22 10:41:18 2BE29ECF17FFCE762C1E3E21EFF06174 390344 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2015-11-22 10:41:18 08D283FD8FEC1B45932783E8640C700F 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-11-22 10:41:17 E78DD040D2786BFAF5DED3BC12B438EE 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2015-11-22 10:41:17 DC1AE8930979FCDC137F44B848556439 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-11-22 10:41:17 806A6CA05B4F1F69C84B871406C2D21D 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2015-11-22 10:41:16 7E11CF5F472AEDD0D2BE3274FE709CF4 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2015-11-22 10:41:16 1275AFB2B4E55172F0AE939311F95468 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-11-22 10:41:15 B9DFC06F70545E14A0704698FBD9F926 2886656 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-11-22 10:41:15 423072B7A458E1B274812796721197BE 2126336 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2015-11-22 10:41:14 5EE8E2E6BFFC9DA9D816A62B904116CD 585728 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-11-22 10:41:13 1837B220558BB96AAB5B95F1BB89BE99 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2015-11-22 10:41:13 0C7CFA5A099A591A2B7CB2557F0AF1C1 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2015-11-22 10:41:12 EC72BB355FB8E34B3D4F6140F6795348 616960 ----a-w- C:\Windows\Sysnative\ieui.dll 2015-11-22 10:41:12 C4E8F3E26E7FFB4F85FBAC880BB3385C 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-11-22 10:41:12 1DF0E083D4D067B5798504CC3009F21C 14457856 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-11-22 10:41:11 FBF2564A3F45F69A5D56D30129635691 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-11-22 10:41:11 F2292865E0C8BCA069BB3F0BBB069265 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2015-11-22 10:41:11 93CA9F81806793E79635D1B6CE4C10BA 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2015-11-22 10:41:11 81529B486E446717F7F782D8AB18FC93 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2015-11-22 10:41:11 5698DE88DA9C901E92651394ACBFB34D 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2015-11-22 10:41:10 7EFA2CD22DB05CBC41FF77E16431EF3B 5990912 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-11-22 10:41:10 033E70DEEE5FED5E9A3E197A2DB1A618 2487808 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-11-22 10:41:09 E35836459E1FFFA011F4716A5B826966 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2015-11-22 10:41:09 CDCCDC0CA9E094E9CE4EB0ECD970D77A 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2015-11-22 10:41:09 99E634291C35D8281A772817AA40CD51 417792 ----a-w- C:\Windows\Sysnative\html.iec 2015-11-22 10:41:08 67D3A8E2F5DECD6B6F7194BBF58696E6 25818624 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-11-22 10:40:10 6D1CF2634A2EB33D3FCED43D96621FCC 5570496 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-11-22 10:40:09 48078433D1EF32AAA41FCB8109C5F3DC 729600 ----a-w- C:\Windows\Sysnative\kerberos.dll 2015-11-22 10:40:09 08A922374554BA576F96FD3FDFE66964 344064 ----a-w- C:\Windows\Sysnative\schannel.dll 2015-11-22 10:40:07 2068233A1C249B9FADF0690AC4C951D9 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2015-11-22 10:40:05 BA6F0BC094ABBB9EFA3BB636D032C403 299632 ----a-w- C:\Windows\Sysnative\bcryptprimitives.dll 2015-11-22 10:40:04 386BF677B78B66AABBA92C0FCA0579A6 1164800 ----a-w- C:\Windows\Sysnative\kernel32.dll 2015-11-22 10:40:01 DF3FD4579118D6F13FE725CDB4F1F93E 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2015-11-22 10:39:59 6818F2C2E6656E48D38951D753097797 1730496 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-11-22 10:39:57 F5AA5787F8B4E7200D1BF9171BED3AF0 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2015-11-22 10:39:57 3716E2771C713387C8E8E2CAD170B2B6 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-11-22 10:39:57 1AE4881BAA7C3DE4D9EC8EA38A3F6BCC 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2015-11-22 10:39:57 0EA14EE0C4B1DA2447E36FD3E183C015 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2015-11-22 10:39:56 FF41063E45C6238CAF48CBE6D0D6FC4B 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2015-11-22 10:39:56 FA15610B77877F2BB2AC5D32277CE82B 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2015-11-22 10:39:56 EED57582155969AA51789268FE41E254 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2015-11-22 10:39:56 CC4E8485336604846E50D28897AAE67F 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2015-11-22 10:39:56 998C50530F44CE2900779CE7FF6B205E 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2015-11-22 10:39:56 926F7A2F153F004D492C0B8CC105AC2E 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2015-11-22 10:39:56 9102E19E45AEDE6077023CF2945261F3 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2015-11-22 10:39:56 9066AE964D95B1ABC999CED271556A7C 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2015-11-22 10:39:56 60F8ECF4FCE0DDEC8D6E3E2E987867A4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2015-11-22 10:39:56 4494B06139E8EE6D19FC2BFD0955BCD6 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2015-11-22 10:39:56 2BC45F4CF55B45BDD650828192F132B8 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2015-11-22 10:39:56 27339655781D5F4C9995FC5202F1F239 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe 2015-11-22 10:39:56 20592BDF5A368B43BEF086DC61C6863D 50176 ----a-w- C:\Windows\Sysnative\srclient.dll 2015-11-22 10:39:56 1A05FB05E701A9D65EB42656CF46D173 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2015-11-22 10:39:56 105B82E40B82A5B5A140969099FE3FAF 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2015-11-22 10:39:56 079317396D1E4F9EE8E745DF5C2372DD 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2015-11-22 10:39:55 95F7494638D489665CB1C172D62FC872 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2015-11-22 10:39:55 286A1E8B06EE3E8E06176010C41988B2 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-11-22 10:39:55 1CE982CF943680F776F46D6F9F53642F 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2015-11-22 10:39:53 A10B9876772F1AB83DEC50EE9B0696B7 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll 2015-11-22 10:39:51 EB618353B1F34E790952982A226AFFB2 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2015-11-22 10:39:51 700E5B0452B1B2CE1AD23F1557995FF9 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2015-11-22 10:39:51 6F4AAA80DBB19CE945389FFEA43C1BA1 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll 2015-11-22 10:39:30 E9DE8D0A3A7306AF26B25F52F13A9234 23552 ----a-w- C:\Windows\Sysnative\sdbinst.exe 2015-11-22 10:39:30 BBD257696E3FB0B8B1D3C115072116C6 6656 ----a-w- C:\Windows\Sysnative\shimeng.dll 2015-11-22 10:39:30 262D7C87D0AC20B96EF9877D3CA478A0 72192 ----a-w- C:\Windows\Sysnative\aelupsvc.dll 2015-11-22 10:39:30 07EAEA9D3E09340E64918EED526A5FFE 342016 ----a-w- C:\Windows\Sysnative\apphelp.dll 2015-11-22 10:39:29 92C729B1A03F8B55A68597A50394FB76 3211264 ----a-w- C:\Windows\Sysnative\win32k.sys 2015-11-22 10:39:13 806E52CF244371661A7079A8A769B00B 275456 ----a-w- C:\Windows\Sysnative\InkEd.dll 2015-11-22 10:39:13 663D10339325743941089DF3AE47B2C4 24576 ----a-w- C:\Windows\Sysnative\jnwmon.dll ====== C:\Windows\Sysnative\drivers ===== 2015-11-29 11:44:15 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-11-29 11:43:35 D61070CFAD43038DC56AEAD9BFE9CE2A 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-11-29 11:43:35 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-11-29 11:43:35 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-11-22 10:41:52 AA77EB517D2F07A947294F260E3ACA83 118272 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys 2015-11-22 10:41:52 9A4A1EEE802BF2F878EE8EAB407B21B7 497664 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2015-11-22 10:40:07 EC0511BB85BAA42A9734011685A6732C 460776 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2015-11-22 10:40:07 33D52A96BEEE8AFCE9E07EEC9FE0C9DB 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-11-22 10:39:57 BCC83F22805F560C8A487F2F296A78FE 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-11-22 10:39:55 ACB763673BCCE6C7B3B8F858C9FE4F1F 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2015-11-22 10:39:55 7C81098FBAF2EAF5B54B939F832B0F61 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2015-11-22 10:39:55 73ADDCC406B86E7DA4416691E8E74BDA 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2015-11-22 10:39:27 F7309F42555F8AAB7144A51A1F2585B0 950720 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys 2015-11-03 15:37:42 27DABFB4A6B0140C34DBEC713469592B 61440 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2015-11-03 14:07:55 67050452C0118BAF2883928E6FCCFE47 94656 ----a-w- C:\Windows\Sysnative\drivers\mountmgr.sys 2015-11-03 13:59:58 ED6E75158D28D33A2E2A020AC5B2B59D 663552 ----a-w- C:\Windows\Sysnative\drivers\PEAuth.sys ====== C:\Windows\Tasks ====== 2015-11-29 11:27:44 D1AF641BD65A7E517D291A725B2083D2 2904 ----a-w- C:\Windows\Sysnative\Tasks\Uninstaller_SkipUac_Nancy 2015-11-29 10:03:14 F2F10790E10EEEE02B002E2226EDCAAA 2868 ----a-w- C:\Windows\Sysnative\Tasks\ASC9_SkipUac_Nancy 2015-11-29 10:03:10 8E8E751C7DFA9186A333A8588F6C4FE1 3180 ----a-w- C:\Windows\Sysnative\Tasks\ASC9_PerformanceMonitor 2015-11-22 13:24:18 633C3C9D59D000195F53B02E7A3338FC 3614 ----a-w- C:\Windows\Sysnative\Tasks\HPCustParticipation HP Deskjet 2540 series ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-11-29 13:02:07 -------- d-----w- C:\Program Files\trend micro 2015-11-22 13:23:30 -------- d-----w- C:\Program Files\HP ======= C:\PROGRA~2 ===== 2015-11-29 12:51:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2015-11-29 10:03:05 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit 2015-11-29 10:01:53 -------- d-----w- C:\PROGRA~2\IObit 2015-11-22 20:12:18 -------- d-----w- C:\PROGRA~2\AVG 2015-11-22 13:24:53 -------- d-----w- C:\PROGRA~2\Hewlett-Packard 2015-11-22 13:24:49 -------- d-----w- C:\PROGRA~2\HP Photo Creations 2015-11-22 13:23:32 -------- d-----w- C:\PROGRA~2\HP 2015-11-19 20:55:18 -------- d-----w- C:\PROGRA~2\MSECache ======= C: ===== 2015-11-29 09:43:45 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ====== C:\Users\Nancy\AppData\Roaming ====== 2015-11-29 12:50:59 -------- d-----w- C:\Users\Nancy\AppData\Roaming\Sun 2015-11-29 12:48:35 -------- d-----w- C:\Users\Nancy\AppData\Locallow\Oracle 2015-11-29 11:23:48 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\IObit 2015-11-29 11:13:11 -------- d-----w- C:\Users\Nancy\AppData\Locallow\uTorrent 2015-11-29 11:12:06 -------- d-----w- C:\Users\Nancy\AppData\Roaming\uTorrent 2015-11-29 10:03:57 -------- d-----w- C:\Users\Nancy\AppData\Locallow\IObit 2015-11-22 20:17:32 -------- d-----w- C:\Users\Nancy\AppData\Roaming\AVG 2015-11-22 20:17:16 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG 2015-11-22 20:16:52 -------- d-----w- C:\Users\Nancy\AppData\Roaming\TuneUp Software 2015-11-22 20:13:14 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog 2015-11-22 20:13:14 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg 2015-11-22 20:12:58 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg 2015-11-22 20:11:19 -------- d-----w- C:\Users\Nancy\AppData\Local\AvgSetupLog 2015-11-22 20:11:19 -------- d-----w- C:\Users\Nancy\AppData\Local\Avg 2015-11-22 17:27:34 -------- d-----w- C:\Users\Nancy\AppData\Local\GWX 2015-11-22 13:24:23 -------- d-----w- C:\Users\Nancy\AppData\Roaming\HpUpdate 2015-11-22 13:21:31 -------- d-----w- C:\Users\Nancy\AppData\Local\HP 2015-11-03 17:07:57 -------- d-----w- C:\Users\Nancy\AppData\Local\WiFi Guard 2015-11-03 16:53:37 -------- d-----w- C:\Users\Nancy\AppData\Roaming\stremio 2015-11-03 14:07:00 -------- d-----w- C:\Users\Nancy\AppData\Local\PopcornTimeDesktop ====== C:\Users\Nancy ====== 2015-11-29 18:22:10 4BC0D0607747670F4E8AD123CB22FA66 1733632 ----a-w- C:\Users\Nancy\Downloads\adwcleaner_5.022 (1).exe 2015-11-29 12:50:53 -------- d-----w- C:\Users\Nancy\.oracle_jre_usage 2015-11-29 12:49:57 -------- d-----w- C:\ProgramData\Oracle 2015-11-29 12:48:24 81EDCA9D9BFDDB931ED448078762A31A 584288 ----a-w- C:\Users\Nancy\Downloads\chromeinstall-8u66.exe 2015-11-29 12:47:37 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nancy\Downloads\RSITx64.exe 2015-11-29 12:09:59 948FB3EAB3760B273975F1940F8B3C22 1599336 ----a-w- C:\Users\Nancy\Downloads\JRT.exe 2015-11-29 12:07:54 556A394A5528EBA47EEB4760C46CA185 3237248 ----a-w- C:\Users\Nancy\Downloads\SpyHunter-Installer (1).exe 2015-11-29 11:42:36 49E3825ACB348F848D9B841E4D48FD3B 22908888 ----a-w- C:\Users\Nancy\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-29 11:31:10 4BC0D0607747670F4E8AD123CB22FA66 1733632 ----a-w- C:\Users\Nancy\Downloads\adwcleaner_5.022.exe 2015-11-29 11:11:52 C355D12FA264B22BA44FC67323EBE819 2026520 ----a-w- C:\Users\Nancy\Downloads\uTorrent.exe 2015-11-29 10:04:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2015-11-29 10:02:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2015-11-29 10:01:53 -------- d-----w- C:\ProgramData\IObit 2015-11-29 09:59:04 1198F2CA64428A32F898FB0DCAC692F8 39603488 ----a-w- C:\Users\Nancy\Downloads\advanced-systemcare-setup-v9.exe 2015-11-29 09:42:56 -------- d-----w- C:\Users\Nancy\Start Menu 2015-11-29 09:41:09 556A394A5528EBA47EEB4760C46CA185 3237248 ----a-w- C:\Users\Nancy\Downloads\SpyHunter-Installer.exe 2015-11-22 20:16:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-11-22 20:13:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen 2015-11-22 20:12:18 -------- d--h--w- C:\ProgramData\Common Files 2015-11-22 20:12:17 -------- d-----w- C:\ProgramData\Avg 2015-11-22 17:12:29 74F8BBA7164FD60D67AB445A2AE58EFE 3855 ----a-w- C:\Users\Nancy\ipconfig.txt 2015-11-22 15:19:15 C4469FB9E300B8D62028D3485268F1FD 244634 ----a-w- C:\ProgramData\1448205452.bdinstall.bin 2015-11-22 13:37:58 C632B25919DA905EA79EA98BA25FEAC7 2483520 ----a-w- C:\Users\Nancy\Downloads\wifiguard_windows_setup (1).exe 2015-11-22 13:34:19 3861AFFDF6ACE7FFB2C23AA2AF105B32 328744 ----a-w- C:\Users\Nancy\Downloads\wnetwatcher_setup.exe 2015-11-22 13:24:49 -------- d-----w- C:\ProgramData\Visan 2015-11-22 13:24:49 -------- d-----w- C:\ProgramData\HP Photo Creations 2015-11-22 13:24:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2015-11-22 13:23:34 -------- d-----w- C:\ProgramData\HP 2015-11-22 13:22:41 6FC0DB61B460395939323CC661843844 57 ----a-w- C:\ProgramData\Ament.ini 2015-11-19 20:55:05 473DB431C8479A89F0B27A43F453F103 956976 ----a-w- C:\Users\Nancy\Downloads\SaveAsPDFandXPS.exe ====== C: exe-files == 2015-11-29 18:22:10 4BC0D0607747670F4E8AD123CB22FA66 1733632 ----a-w- C:\Users\Nancy\Downloads\adwcleaner_5.022 (1).exe 2015-11-29 13:02:07 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Nancy.exe 2015-11-29 12:50:28 F003BBCB09CACF8A9F4CE0C67A2D6E63 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-11-29 12:50:28 A9E84AD3536425BC68263B723C2442E4 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-11-29 12:50:28 7BDD7F1BC2A20971DEE17B6920D61BBC 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-11-29 12:50:17 F003BBCB09CACF8A9F4CE0C67A2D6E63 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe 2015-11-29 12:50:17 D8EEED21B06866E85DA30485F5059FF6 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe 2015-11-29 12:50:17 CA51FB3FE5012E21D9A14AC071527866 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe 2015-11-29 12:50:17 ADAF1151B29D2D1691FA027B6C55B3D7 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe 2015-11-29 12:50:17 8977B87AB10AB1DA8769CA0053B401B0 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe 2015-11-29 12:50:17 7BE9BE6E15653824A28F5CED6B273588 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe 2015-11-29 12:50:17 7BDD7F1BC2A20971DEE17B6920D61BBC 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe 2015-11-29 12:50:17 73368169BFD965EC6257E77C23CED879 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe 2015-11-29 12:50:17 525027DF51378DDA25F0F52C20BCB132 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe 2015-11-29 12:50:17 46AB480B01CD30801B3AE89B5AAE75A8 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe 2015-11-29 12:50:17 3B306D41F07396975ECE34A860BD9036 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe 2015-11-29 12:50:17 36A44033C6B970F95E2A1448F4481CEA 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe 2015-11-29 12:50:17 28FB06FC63D5817153B5502A49DF3F00 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe 2015-11-29 12:50:17 17A8DD2484DC26E38DFE3209C8B36980 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe 2015-11-29 12:50:17 0B82777B13B81417E5520DF7B1E8C319 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe 2015-11-29 12:50:17 0A3936FE18FC04350159A1E647201501 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe 2015-11-29 12:50:17 092F4D3C25F3086D4C7FDEC79DD71302 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe 2015-11-29 12:50:16 FDF059C05249FAEA0221ED65CD59A9C8 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe 2015-11-29 12:50:16 EFC80BC662BCC20B0B09700636FDC732 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe 2015-11-29 12:50:16 A9E84AD3536425BC68263B723C2442E4 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe 2015-11-29 12:50:16 04D67FF5044A605F1E7D923A1D6F1751 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe 2015-11-29 12:48:24 81EDCA9D9BFDDB931ED448078762A31A 584288 ----a-w- C:\Users\Nancy\Downloads\chromeinstall-8u66.exe 2015-11-29 12:47:37 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Nancy\Downloads\RSITx64.exe 2015-11-29 12:11:48 BD59D8A4565D1D1AB3C7CF81948C8DBE 86840 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\CreateRestorePoint.exe 2015-11-29 12:11:48 2F9C7FDA92C346CB5AA32091536AE0CB 43520 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\nfo\nircmdc.exe 2015-11-29 12:09:59 948FB3EAB3760B273975F1940F8B3C22 1599336 ----a-w- C:\Users\Nancy\Downloads\JRT.exe 2015-11-29 12:07:54 556A394A5528EBA47EEB4760C46CA185 3237248 ----a-w- C:\Users\Nancy\Downloads\SpyHunter-Installer (1).exe 2015-11-29 11:55:20 7BCCF335EFCEA5F62C226D700676A3A4 762368 ----a-w- C:\Users\Nancy\Downloads\RAR Password Unlocker v4.2.0.0 [h33t.com] Full\Crack\RAR Password Unlocker.exe 2015-11-29 11:55:19 0FD873C1C20FD49ACB187C748944BD11 2960933 ----a-w- C:\Users\Nancy\Downloads\RAR Password Unlocker v4.2.0.0 [h33t.com] Full\rar_password_unlocker_trial.exe 2015-11-29 11:42:36 49E3825ACB348F848D9B841E4D48FD3B 22908888 ----a-w- C:\Users\Nancy\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-29 11:31:10 4BC0D0607747670F4E8AD123CB22FA66 1733632 ----a-w- C:\Users\Nancy\Downloads\adwcleaner_5.022.exe 2015-11-29 11:14:03 C5129AAED888B5A223A2425464F371FA 15397208 ----a-w- C:\Users\Nancy\Downloads\SpyHunter Fully Cracked and Working\SpyHunter.4.1.11\setup\spyhunterS.exe 2015-11-29 11:14:03 3EA0F9D106CD921711061CB82740059B 3021720 ----a-w- C:\Users\Nancy\Downloads\SpyHunter Fully Cracked and Working\SpyHunter.4.1.11\crack\SpyHunter4.exe 2015-11-29 11:13:05 233B5852363BFB41D73D219FA8528AF4 336896 ----a-w- C:\Users\Nancy\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe 2015-11-29 11:13:04 C355D12FA264B22BA44FC67323EBE819 2026520 ----a-w- C:\Users\Nancy\AppData\Roaming\uTorrent\updates\3.4.5_41372.exe 2015-11-29 11:12:57 C355D12FA264B22BA44FC67323EBE819 2026520 ----a-w- C:\Users\Nancy\AppData\Roaming\uTorrent\uTorrent.exe 2015-11-29 11:11:52 C355D12FA264B22BA44FC67323EBE819 2026520 ----a-w- C:\Users\Nancy\Downloads\uTorrent.exe 2015-11-29 10:04:12 149B4A908F0845A4E7BFAC9DE065783B 260896 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe 2015-11-29 10:04:11 DD52AF7A1D13C22E34CA04116716C826 560928 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallHistory.exe 2015-11-29 10:04:11 CE3E77AC32E063C228130752068DFAA5 339744 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstall_Mitor.exe 2015-11-29 10:04:11 CC526631C195324399963E3391B89E1E 541984 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\IUPluginNotice.exe 2015-11-29 10:04:11 AF54EF98D4D20840235D1FCB0DB3AE3A 4865312 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe 2015-11-29 10:04:11 1C169A63D96E8CF8727F41A2AFFECB82 65312 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Install_PintoStartMenu.exe 2015-11-29 10:04:10 891D602E51127FBDB36A980902FACA1A 362784 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\DatabaseDownload.exe 2015-11-29 10:04:10 4631A0088032331B25E45504B3B0A58D 890656 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\PPUninstaller.exe 2015-11-29 10:04:10 178CA995DA076D94258FD9C246AE5564 589088 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 2015-11-29 10:04:07 F236C3DAC3E88D0B2981177548B3A38D 3356960 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallPromote.exe 2015-11-29 10:04:07 91965DD96253FA213885A86A5B3269F6 589088 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\SendBugReportNew.exe 2015-11-29 10:04:07 5100AE7C075C9436E9DD45F96A4A74FC 2934048 ----a-w- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 2015-11-29 10:04:07 39F5CC54AD5BADE0B497915B2FE847A6 592672 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\AUpdate.exe 2015-11-29 10:03:55 3F8A23D8D626D7E88B03A72BD4861AEE 588576 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\IU_KillAllFile.exe 2015-11-29 10:03:54 40E1C9EB4B13973FF9CF6240ABA9F0CF 1201952 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe 2015-11-29 10:03:51 419BEE93691065EDFD0B9DA56EC17E70 1009952 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\bbmegnmpleoagolcnjnejdacakedpcgd\2.0.0_0\Plugin\SPNativeMessage.exe 2015-11-29 10:03:49 E576A5F387DBE44AEFE92E5613CBB070 1339680 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\PluginInstall.exe 2015-11-29 10:03:49 2CC19C0E6DC09F14AD3B7C47DB31AB2E 1371424 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\SPUpdate.exe 2015-11-29 10:03:47 CA671B49B70785EEE1DE0A8AA8482472 1199392 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe 2015-11-29 09:59:04 1198F2CA64428A32F898FB0DCAC692F8 39603488 ----a-w- C:\Users\Nancy\Downloads\advanced-systemcare-setup-v9.exe 2015-11-29 09:41:09 556A394A5528EBA47EEB4760C46CA185 3237248 ----a-w- C:\Users\Nancy\Downloads\SpyHunter-Installer.exe === C: other files == 2015-11-29 12:50:18 4DB4B1F67E583B41F841F48254BE38E3 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip 2015-11-29 12:11:48 C7CF7BFA63F6A91C761A2712CDE7E89C 118619 ----a-w- C:\Users\Nancy\AppData\Local\Temp\jrt\get.bat 2015-11-29 11:44:15 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-11-29 11:43:35 D61070CFAD43038DC56AEAD9BFE9CE2A 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-11-29 11:43:35 CFBC6C6D8A492697CABD1D353EE64933 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-11-29 11:43:35 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-11-29 09:43:45 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-571625239-635233866-229951279-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Settings Manager"="C:\Users\Nancy\AppData\Roaming\Settings Manager\SettingsManager.EXE /autostart /restart" "UM"="C:\Users\Nancy\AppData\Roaming\Update Manager\UM.EXE" "Advanced SystemCare 9"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" "Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard" "Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Settings Manager"="C:\Users\Nancy\AppData\Roaming\Settings Manager\SettingsManager.EXE /autostart /restart" "UM"="C:\Users\Nancy\AppData\Roaming\Update Manager\UM.EXE" "Advanced SystemCare 9"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Camera ScreenSaver] "command"="C:\\Windows\\AsScrProlog.exe" "hkey"="HKLM" "item"="ASUS Camera ScreenSaver" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2009-09-22 15:46:32 2617 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [19/11/2015 21:40] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/09/2015 15:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/09/2015 15:07] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASC9_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe] "C:\Windows\SysNative\tasks\ASC9_SkipUac_Nancy" ["C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\ASPG" [C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8" [C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 2540 series" ["C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Nancy" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{A8B2BD8E-0418-47A0-B674-05B9D2FA0B63}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bmiabdepfhhiieiipmeecdmeljggmfee - No path found[] dflinnddekagfkncpgojoppgnppfkbkj - No path found[] heoldelcflnigdllmlopiefhkkobendj - No path found[] AdBlock - Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom AVG Secure Search - Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Chrome Web Store Payments - Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Bitdefender Wallet - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==== Reset Google Chrome ====================== C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Settings Manager] "C:\Users\Nancy\AppData\Roaming\Settings Manager\SettingsManager.EXE" /autostart /restart O4 - HKCU\..\Run: [UM] C:\Users\Nancy\AppData\Roaming\Update Manager\UM.EXE O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" (User 'Default user') O4 - Global Startup: FancyStart daemon.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - Unknown owner - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (file missing) O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=375 folders=60 147077124 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Nancy\AppData\Local\Temp will be emptied at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nancy\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\ProgramData\IObit\Advanced SystemCare\Homepage Protection\ASCService.log" not found "C:\ProgramData\Avg_Update_0615piz\AVG-Secure-Search-Update_0615piz.exesearch" not found "C:\Program Files (x86)\IObit\Advanced SystemCare" not found "C:\ProgramData\IObit" not found "C:\PROGRA~3\Avg_Update_0615piz" not found ==== EOF on di 01/12/2015 at 20:00:40,80 ======================