start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\...\ChromeHTML: ->  <==== AANDACHT
CustomCLSID: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001_Classes\CLSID\{034DF736-A378-4292-ACAE-A561088999F5}\InprocServer32 -> C:\Users\Esther\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司)
CustomCLSID: HKU\S-1-5-21-2602939782-1314808242-3865560093-1001_Classes\CLSID\{1077138E-896C-445E-BD31-CFCFFA4636C4}\InprocServer32 -> C:\Users\Esther\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司)
Task: {0DDAA308-13C5-40F6-94CD-08D99C5D9258} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {149529DC-2B7D-4024-AB79-187F0AC0CD91} - \PostPoneInstall -> Geen bestand <==== AANDACHT
Task: {23206051-EF48-4D0E-904B-1D4731EC3F7B} - System32\Tasks\DNSWILLISTON => dnswilliston.exe <==== AANDACHT
Task: {28A478D4-4410-42D6-8B43-F9B5C771842D} - \WPD\SqmUpload_S-1-5-21-2602939782-1314808242-3865560093-1001 -> Geen bestand <==== AANDACHT
Task: {2CBD774F-0B70-4937-8396-1F215CEF86E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {2DBB619D-FDD0-4226-BC4B-331F34F1DBFB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {379B0B0F-B59D-48BB-853E-570D410FEA2B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {3ABE41D0-E97E-497C-BBE0-C9C869EF6C4A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {4147923D-7BDA-4DFA-AEF4-A203C5CE824A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {46E552B1-82F4-43D3-A976-90D0EA88EE83} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {5DE8FEBF-E876-442C-9CA0-B0F65A737F0C} - System32\Tasks\CKCY => C:\Users\Esther\AppData\Roaming\CKCY.exe <==== AANDACHT
Task: {61C8B2BC-ED6B-4EA4-AD53-F2CC57B0D973} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {7B70DC0F-3A9A-4982-AC97-24551809FA3E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {DC193BBA-F66E-4C5F-8906-B8B4D946A1A2} - \{0F7A0F47-7E0E-7D0E-0C11-7F050E0F110B} -> Geen bestand <==== AANDACHT
Task: {EC2BCDC5-B82F-4888-BFEF-129A8A698DC4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: {FA65A437-726D-46E0-AE8F-D22B0DFF0FCE} - System32\Tasks\WYRSSKMK => C:\Users\Esther\AppData\Roaming\WYRSSKMK.exe <==== AANDACHT
Task: {FF227751-73B8-4CB6-AAE6-379A5C51DE73} - System32\Tasks\PPTAssistantUpdateTask_Esther => C:\Users\Esther\AppData\Local\PPTAssist\assistupdate.exe [2016-11-07] (Zhuhai Kingsoft Office Software Co.,Ltd) <==== AANDACHT
Task: C:\WINDOWS\Tasks\CKCY.job => C:\Users\Esther\AppData\Roaming\CKCY.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Esther.job => C:\Users\Esther\appdata\local\pptassist\notify.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Esther.job => C:\Users\Esther\AppData\Local\PPTAssist\assistupdate.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\WYRSSKMK.job => C:\Users\Esther\AppData\Roaming\WYRSSKMK.exe <==== AANDACHT
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
FirewallRules: [{D18D3BB4-0220-496E-AC82-7DDB29AD5CF8}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{A8F27EAE-C940-4DD9-851E-5D20DDCDC8A0}] => C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [UDP Query User{2CB9C9D0-CEF1-4A0C-9557-A81AF8F98CE4}C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe] => C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [TCP Query User{31A9D1C7-B034-4855-B3D6-B863ECA9A891}C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe] => C:\users\esther\appdata\roaming\torntv.com\torntv downloader.exe
FirewallRules: [{B92079E1-FD60-4525-B9DE-343C5D1D5BFE}] => C:\Program Files (x86)\GoForFiles\GoforFiles.exe
FirewallRules: [{3BD93E25-4959-4D3D-86A3-FE15EDD3729C}] => C:\Program Files (x86)\GoForFiles\GoforFiles.exe
FirewallRules: [{CE9AD241-BC0E-4F5E-A42C-7662A7EFF61F}] => C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{121030ED-345E-4DD0-B581-96526B80B281}] => C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{2321FAA1-3DBB-4E87-8015-56993255BE6D}] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\PLUGINS\CHECKPCMGRUPDATE.EXE
FirewallRules: [{584BA59E-5C3B-4F93-913F-69DFE45710EA}] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\WechatBackup\WechatBackup.exe
FirewallRules: [{ABBA486B-C13C-442D-8161-F8AE22B5791A}] => C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\plugins\WechatBackup\WechatBackup.exe
FirewallRules: [{68A1C2BB-8C14-4ADB-B14E-8CC7DE4C5CAB}] => C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{77D108FD-829B-4F1C-82E8-8113499412D9}] => C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
HKLM-x32\...\Run: [PCFIXTRAYERNMB] => c:\pcfiXtrayknfii.lnk [2141 2016-04-18] ()
HKLM-x32\...\Run: [PCFIXTRAYMSPSL] => c:\pcfiXtraylmxrr.lnk [2141 2016-04-19] ()
HKLM-x32\...\Run: [PCFIXTRAYEJXNN] => c:\pcfiXtrayyxmtl.lnk [2141 2016-05-01] ()
HKLM-x32\...\Run: [PCFIXTRAYCNJRX] => c:\pcfiXtrayoznvp.lnk [2141 2016-04-21] ()
HKLM-x32\...\Run: [PCFIXTRAYTMOTK] => c:\pcfiXtraydrwjk.lnk [2141 2016-04-22] ()
HKLM-x32\...\Run: [PCFIXTRAYJCZUH] => c:\pcfiXtraymmvla.lnk [2141 2016-04-22] ()
HKLM-x32\...\Run: [PCFIXTRAYQGYCL] => c:\pcfiXtrayceraq.lnk [2181 2016-07-14] ()
HKLM-x32\...\Run: [PCFIXTRAYCUJSK] => c:\pcfiXtrayqvqyk.lnk [2141 2016-04-23] ()
HKLM-x32\...\Run: [PCFIXTRAYWXQHI] => c:\pcfiXtrayaspwg.lnk [2181 2016-12-30] ()
HKLM-x32\...\Run: [PCFIXTRAYLLYRL] => c:\pcfiXtrayqreao.lnk [2181 2016-09-12] ()
HKLM-x32\...\Run: [PCFIXTRAYGFGGK] => c:\pcfiXtrayexzqo.lnk [2141 2016-04-26] ()
HKLM-x32\...\Run: [PCFIXTRAYRYVUT] => c:\pcfiXtraykohgw.lnk [2141 2016-04-27] ()
HKLM-x32\...\Run: [PCFIXTRAYJYMRI] => c:\pcfiXtraykervw.lnk [2141 2016-04-28] ()
HKLM-x32\...\Run: [PCFIXTRAYKQFSV] => c:\pcfiXtrayoolbp.lnk [2181 2016-12-15] ()
HKLM-x32\...\Run: [PCFIXTRAYJDLDA] => c:\pcfiXtrayamprv.lnk [2141 2016-04-30] ()
HKLM-x32\...\Run: [PCFIXTRAYKWWJJ] => c:\pcfiXtrayonnvb.lnk [2181 2016-05-01] ()
HKLM-x32\...\Run: [PCFIXTRAYQTSFM] => c:\pcfiXtrayeijtx.lnk [2181 2017-01-13] ()
HKLM-x32\...\Run: [PCFIXTRAYGIJJX] => c:\pcfiXtrayzebva.lnk [2181 2016-08-26] ()
HKLM-x32\...\Run: [PCFIXTRAYDWEOX] => c:\pcfiXtrayvultm.lnk [2181 2016-05-04] ()
HKLM-x32\...\Run: [PCFIXTRAYKKUXX] => c:\pcfiXtrayyscnj.lnk [2181 2016-05-05] ()
HKLM-x32\...\Run: [PCFIXTRAYVZYMH] => c:\pcfiXtrayjrson.lnk [2181 2016-05-06] ()
HKLM-x32\...\Run: [PCFIXTRAYKUKOV] => c:\pcfiXtrayqwprk.lnk [2181 2016-05-07] ()
HKLM-x32\...\Run: [PCFIXTRAYGQOOX] => c:\pcfiXtrayitsne.lnk [2181 2016-05-08] ()
HKLM-x32\...\Run: [PCFIXTRAYJYEQI] => c:\pcfiXtrayevuwl.lnk [2181 2016-05-16] ()
HKLM-x32\...\Run: [PCFIXTRAYWMGHG] => c:\pcfiXtrayydptr.lnk [2181 2016-05-10] ()
HKLM-x32\...\Run: [PCFIXTRAYBPNPV] => c:\pcfiXtrayqparf.lnk [2181 2016-10-19] ()
HKLM-x32\...\Run: [PCFIXTRAYCKEVY] => c:\pcfiXtraymrjfu.lnk [2181 2016-05-12] ()
HKLM-x32\...\Run: [PCFIXTRAYJVZBU] => c:\pcfiXtraykzsjf.lnk [2181 2016-05-13] ()
HKLM-x32\...\Run: [PCFIXTRAYTMHWW] => c:\pcfiXtraywkzkz.lnk [2181 2016-09-22] ()
HKLM-x32\...\Run: [PCFIXTRAYUEZVY] => c:\pcfiXtraygbyod.lnk [2181 2016-05-14] ()
HKLM-x32\...\Run: [PCFIXTRAYJIVWH] => c:\pcfiXtrayudufv.lnk [2181 2016-05-15] ()
HKLM-x32\...\Run: [PCFIXTRAYFZKDV] => c:\pcfiXtrayerjri.lnk [2181 2016-10-18] ()
HKLM-x32\...\Run: [PCFIXTRAYMDNKT] => c:\pcfiXtrayzjchm.lnk [2181 2016-05-18] ()
HKLM-x32\...\Run: [PCFIXTRAYULAPK] => c:\pcfiXtrayoyyqj.lnk [2181 2016-05-19] ()
HKLM-x32\...\Run: [PCFIXTRAYWCWEH] => c:\pcfiXtrayxgxdh.lnk [2181 2016-05-20] ()
HKLM-x32\...\Run: [PCFIXTRAYBREVW] => c:\pcfiXtraywrvce.lnk [2181 2016-05-21] ()
HKLM-x32\...\Run: [PCFIXTRAYNYVPM] => c:\pcfiXtrayzbbba.lnk [2181 2016-05-22] ()
HKLM-x32\...\Run: [PCFIXTRAYBRWUW] => c:\pcfiXtrayqhzlt.lnk [2181 2016-05-23] ()
HKLM-x32\...\Run: [PCFIXTRAYMULHT] => c:\pcfiXtrayxmbzk.lnk [2181 2016-05-24] ()
HKLM-x32\...\Run: [PCFIXTRAYIMFZM] => c:\pcfiXtrayptokh.lnk [2181 2016-05-25] ()
HKLM-x32\...\Run: [PCFIXTRAYTSPWW] => c:\pcfiXtraylvvcr.lnk [2181 2016-09-02] ()
HKLM-x32\...\Run: [PCFIXTRAYVWKOM] => c:\pcfiXtrayjetbo.lnk [2181 2016-11-08] ()
HKLM-x32\...\Run: [PCFIXTRAYWSQHV] => c:\pcfiXtraytlikj.lnk [2181 2016-05-28] ()
HKLM-x32\...\Run: [PCFIXTRAYFQIJV] => c:\pcfiXtrayjmfsk.lnk [2181 2016-05-29] ()
HKLM-x32\...\Run: [PCFIXTRAYCHYQJ] => c:\pcfiXtraytsuex.lnk [2181 2016-05-30] ()
HKLM-x32\...\Run: [PCFIXTRAYTPTXJ] => c:\pcfiXtrayfzazo.lnk [2181 2016-11-02] ()
HKLM-x32\...\Run: [PCFIXTRAYWSTIH] => c:\pcfiXtrayadswb.lnk [2181 2016-06-26] ()
HKLM-x32\...\Run: [PCFIXTRAYZVMCY] => c:\pcfiXtraypyafc.lnk [2181 2016-06-02] ()
HKLM-x32\...\Run: [PCFIXTRAYDFXIF] => c:\pcfiXtrayqapkk.lnk [2181 2016-06-03] ()
HKLM-x32\...\Run: [PCFIXTRAYPQKYW] => c:\pcfiXtrayrcqtc.lnk [2181 2016-06-04] ()
HKLM-x32\...\Run: [PCFIXTRAYQMXCY] => c:\pcfiXtrayilqmv.lnk [2181 2016-08-16] ()
HKLM-x32\...\Run: [PCFIXTRAYKWESI] => c:\pcfiXtrayuwjmm.lnk [2181 2016-06-06] ()
HKLM-x32\...\Run: [PCFIXTRAYOOQFV] => c:\pcfiXtrayfvyzx.lnk [2181 2016-06-07] ()
HKLM-x32\...\Run: [PCFIXTRAYTOXNW] => c:\pcfiXtrayepiji.lnk [2181 2016-06-08] ()
HKLM-x32\...\Run: [PCFIXTRAYBVYXJ] => c:\pcfiXtraykxtqf.lnk [2181 2016-06-09] ()
HKLM-x32\...\Run: [PCFIXTRAYHEAVS] => c:\pcfiXtrayqeaxn.lnk [2181 2016-06-10] ()
HKLM-x32\...\Run: [PCFIXTRAYZCXXF] => c:\pcfiXtrayfvjla.lnk [2181 2016-06-11] ()
HKLM-x32\...\Run: [PCFIXTRAYLAGRK] => c:\pcfiXtraypcnyq.lnk [2181 2016-06-12] ()
HKLM-x32\...\Run: [PCFIXTRAYTNSPW] => c:\pcfiXtraymghkl.lnk [2181 2016-06-13] ()
HKLM-x32\...\Run: [PCFIXTRAYIFEQG] => c:\pcfiXtrayouzcv.lnk [2181 2016-06-14] ()
HKLM-x32\...\Run: [PCFIXTRAYMQJFG] => c:\pcfiXtrayjnelk.lnk [2181 2016-06-15] ()
HKLM-x32\...\Run: [PCFIXTRAYCVGUX] => c:\pcfiXtrayrwqor.lnk [2181 2016-06-16] ()
HKLM-x32\...\Run: [PCFIXTRAYXBIHJ] => c:\pcfiXtraybhgye.lnk [2181 2017-01-12] ()
HKLM-x32\...\Run: [PCFIXTRAYMLWZY] => c:\pcfiXtrayjyupw.lnk [2181 2016-06-18] ()
HKLM-x32\...\Run: [PCFIXTRAYWSIGV] => c:\pcfiXtraynumty.lnk [2181 2016-06-19] ()
HKLM-x32\...\Run: [PCFIXTRAYVWZVA] => c:\pcfiXtraywumrl.lnk [2181 2016-06-20] ()
HKLM-x32\...\Run: [PCFIXTRAYXRUBW] => c:\pcfiXtrayszrbl.lnk [2181 2016-06-21] ()
HKLM-x32\...\Run: [PCFIXTRAYDJAKS] => c:\pcfiXtrayeznyd.lnk [2181 2016-06-22] ()
HKLM-x32\...\Run: [PCFIXTRAYOBCHW] => c:\pcfiXtraycqutk.lnk [2181 2016-06-23] ()
HKLM-x32\...\Run: [PCFIXTRAYLCXYL] => c:\pcfiXtrayvlibq.lnk [2181 2016-06-24] ()
HKLM-x32\...\Run: [PCFIXTRAYDPLSZ] => c:\pcfiXtrayzgnpd.lnk [2181 2016-06-27] ()
HKLM-x32\...\Run: [PCFIXTRAYQZBYK] => c:\pcfiXtrayyzohx.lnk [2181 2016-06-28] ()
HKLM-x32\...\Run: [PCFIXTRAYTCRPW] => c:\pcfiXtraygbabp.lnk [2181 2016-06-29] ()
HKLM-x32\...\Run: [PCFIXTRAYHSAJL] => c:\pcfiXtrayhjrjv.lnk [2181 2016-06-30] ()
HKLM-x32\...\Run: [PCFIXTRAYWJPMV] => c:\pcfiXtrayropca.lnk [2181 2016-07-01] ()
HKLM-x32\...\Run: [PCFIXTRAYMYGJG] => c:\pcfiXtraymkhed.lnk [2181 2016-07-02] ()
HKLM-x32\...\Run: [PCFIXTRAYNMPLT] => c:\pcfiXtrayupggj.lnk [2181 2016-07-03] ()
HKLM-x32\...\Run: [PCFIXTRAYHINZJ] => c:\pcfiXtrayydafu.lnk [2181 2016-07-04] ()
HKLM-x32\...\Run: [PCFIXTRAYIGYYA] => c:\pcfiXtraycuthy.lnk [2181 2016-07-05] ()
HKLM-x32\...\Run: [PCFIXTRAYDJKME] => c:\pcfiXtraysitaf.lnk [2181 2016-07-06] ()
HKLM-x32\...\Run: [PCFIXTRAYUNQWL] => c:\pcfiXtrayuhltb.lnk [2181 2016-07-07] ()
HKLM-x32\...\Run: [PCFIXTRAYDOHLF] => c:\pcfiXtrayrxpal.lnk [2181 2016-07-08] ()
HKLM-x32\...\Run: [PCFIXTRAYPSIKK] => c:\pcfiXtraynsnay.lnk [2181 2016-07-09] ()
HKLM-x32\...\Run: [PCFIXTRAYMFLOY] => c:\pcfiXtrayvyywp.lnk [2181 2016-07-10] ()
HKLM-x32\...\Run: [PCFIXTRAYOIRKW] => c:\pcfiXtrayfvxml.lnk [2181 2016-07-11] ()
HKLM-x32\...\Run: [PCFIXTRAYIWTXG] => c:\pcfiXtrayzxruj.lnk [2181 2016-07-12] ()
HKLM-x32\...\Run: [PCFIXTRAYRUAYU] => c:\pcfiXtraycxhzh.lnk [2181 2016-07-13] ()
HKLM-x32\...\Run: [PCFIXTRAYMLOYZ] => c:\pcfiXtraydpyql.lnk [2181 2016-07-15] ()
HKLM-x32\...\Run: [PCFIXTRAYNTPSN] => c:\pcfiXtraybnsmh.lnk [2181 2016-07-16] ()
HKLM-x32\...\Run: [PCFIXTRAYPLXCW] => c:\pcfiXtraytkujg.lnk [2181 2016-07-17] ()
HKLM-x32\...\Run: [PCFIXTRAYSWMTI] => c:\pcfiXtrayafgdx.lnk [2181 2016-11-01] ()
HKLM-x32\...\Run: [PCFIXTRAYZESUT] => c:\pcfiXtraykvegb.lnk [2181 2016-07-19] ()
HKLM-x32\...\Run: [PCFIXTRAYRIICB] => c:\pcfiXtrayzbdra.lnk [2181 2016-07-20] ()
HKLM-x32\...\Run: [PCFIXTRAYKAVWJ] => c:\pcfiXtraykeiik.lnk [2181 2016-07-21] ()
HKLM-x32\...\Run: [PCFIXTRAYDWTNL] => c:\pcfiXtrayhlmjj.lnk [2181 2016-07-22] ()
HKLM-x32\...\Run: [PCFIXTRAYXWTJK] => c:\pcfiXtrayxcbaz.lnk [2181 2016-08-21] ()
HKLM-x32\...\Run: [PCFIXTRAYEYUSN] => c:\pcfiXtrayhlddy.lnk [2181 2016-08-07] ()
HKLM-x32\...\Run: [PCFIXTRAYFZSEU] => c:\pcfiXtraylbfit.lnk [2181 2016-08-08] ()
HKLM-x32\...\Run: [PCFIXTRAYFXJDI] => c:\pcfiXtraylzivf.lnk [2181 2016-08-09] ()
HKLM-x32\...\Run: [PCFIXTRAYXAVEV] => c:\pcfiXtrayuojru.lnk [2181 2016-08-10] ()
HKLM-x32\...\Run: [PCFIXTRAYOFEJJ] => c:\pcfiXtrayxgoyw.lnk [2181 2016-08-18] ()
HKLM-x32\...\Run: [PCFIXTRAYRPLAT] => c:\pcfiXtrayjrpyn.lnk [2181 2016-08-12] ()
HKLM-x32\...\Run: [PCFIXTRAYVDAPM] => c:\pcfiXtrayezlkr.lnk [2181 2016-08-13] ()
HKLM-x32\...\Run: [PCFIXTRAYUVYTY] => c:\pcfiXtraylnuxf.lnk [2181 2016-08-14] ()
HKLM-x32\...\Run: [PCFIXTRAYSXGDB] => c:\pcfiXtrayuowie.lnk [2181 2016-10-08] ()
HKLM-x32\...\Run: [PCFIXTRAYQKIKM] => c:\pcfiXtraydtjdn.lnk [2181 2016-08-15] ()
HKLM-x32\...\Run: [PCFIXTRAYZOHXY] => c:\pcfiXtraygkbnx.lnk [2181 2016-08-17] ()
HKLM-x32\...\Run: [PCFIXTRAYTYKXX] => c:\pcfiXtraynvynb.lnk [2181 2016-08-19] ()
HKLM-x32\...\Run: [PCFIXTRAYOJZLW] => c:\pcfiXtraylftlw.lnk [2181 2016-08-20] ()
HKLM-x32\...\Run: [PCFIXTRAYSERYI] => c:\pcfiXtrayktfnc.lnk [2181 2016-08-22] ()
HKLM-x32\...\Run: [PCFIXTRAYHTXYL] => c:\pcfiXtraytjvqg.lnk [2181 2016-08-23] ()
HKLM-x32\...\Run: [PCFIXTRAYGBMFX] => c:\pcfiXtrayqybln.lnk [2181 2016-08-24] ()
HKLM-x32\...\Run: [PCFIXTRAYGQYIJ] => c:\pcfiXtraywczph.lnk [2181 2016-08-25] ()
HKLM-x32\...\Run: [PCFIXTRAYJIABB] => c:\pcfiXtraytkhap.lnk [2181 2016-08-27] ()
HKLM-x32\...\Run: [PCFIXTRAYIQKDL] => c:\pcfiXtrayrbrac.lnk [2181 2016-08-28] ()
HKLM-x32\...\Run: [PCFIXTRAYVMUIV] => c:\pcfiXtraytwtsd.lnk [2181 2016-08-29] ()
HKLM-x32\...\Run: [PCFIXTRAYACYXH] => c:\pcfiXtrayvwxnp.lnk [2181 2016-08-30] ()
HKLM-x32\...\Run: [PCFIXTRAYQWBYF] => c:\pcfiXtrayfontu.lnk [2181 2016-08-31] ()
HKLM-x32\...\Run: [PCFIXTRAYPDGCK] => c:\pcfiXtrayahsxa.lnk [2181 2016-09-13] ()
HKLM-x32\...\Run: [PCFIXTRAYMILWM] => c:\pcfiXtrayojakk.lnk [2181 2017-01-11] ()
HKLM-x32\...\Run: [PCFIXTRAYCQRKJ] => c:\pcfiXtraypgzvv.lnk [2181 2016-09-04] ()
HKLM-x32\...\Run: [PCFIXTRAYQHWJY] => c:\pcfiXtrayudhoy.lnk [2181 2016-09-05] ()
HKLM-x32\...\Run: [PCFIXTRAYOZXJW] => c:\pcfiXtraykitvn.lnk [2181 2016-09-06] ()
HKLM-x32\...\Run: [PCFIXTRAYVZIOT] => c:\pcfiXtrayxbyqq.lnk [2181 2016-12-06] ()
HKLM-x32\...\Run: [PCFIXTRAYJMNEA] => c:\pcfiXtrayvalqs.lnk [2181 2016-09-08] ()
HKLM-x32\...\Run: [PCFIXTRAYNDUHH] => c:\pcfiXtrayfiznx.lnk [2181 2016-09-09] ()
HKLM-x32\...\Run: [PCFIXTRAYYKNEJ] => c:\pcfiXtrayblhfp.lnk [2181 2016-09-10] ()
HKLM-x32\...\Run: [PCFIXTRAYGSSEW] => c:\pcfiXtrayabtlb.lnk [2181 2016-09-11] ()
HKLM-x32\...\Run: [PCFIXTRAYHBBDL] => c:\pcfiXtraycpvak.lnk [2181 2016-09-14] ()
HKLM-x32\...\Run: [PCFIXTRAYHRWYF] => c:\pcfiXtrayaqccd.lnk [2181 2016-09-15] ()
HKLM-x32\...\Run: [PCFIXTRAYQAVAK] => c:\pcfiXtrayunsyv.lnk [2181 2016-09-16] ()
HKLM-x32\...\Run: [PCFIXTRAYXKTIJ] => c:\pcfiXtrayqeoyq.lnk [2181 2016-09-17] ()
HKLM-x32\...\Run: [PCFIXTRAYSTWUI] => c:\pcfiXtraytzfxg.lnk [2181 2016-09-18] ()
HKLM-x32\...\Run: [PCFIXTRAYZRZFA] => c:\pcfiXtrayhzaqv.lnk [2181 2016-09-19] ()
HKLM-x32\...\Run: [PCFIXTRAYZFOEY] => c:\pcfiXtraylewwz.lnk [2181 2016-12-09] ()
HKLM-x32\...\Run: [PCFIXTRAYKKMWX] => c:\pcfiXtraysafwf.lnk [2181 2016-09-21] ()
HKLM-x32\...\Run: [PCFIXTRAYXSYMJ] => c:\pcfiXtrayzkfqv.lnk [2181 2016-09-23] ()
HKLM-x32\...\Run: [PCFIXTRAYOOYCJ] => c:\pcfiXtraymdwxi.lnk [2181 2016-09-24] ()
HKLM-x32\...\Run: [PCFIXTRAYNQGJI] => c:\pcfiXtrayclvht.lnk [2181 2016-09-24] ()
HKLM-x32\...\Run: [PCFIXTRAYBAEUI] => c:\pcfiXtrayilbxy.lnk [2181 2016-09-25] ()
HKLM-x32\...\Run: [PCFIXTRAYCDDMK] => c:\pcfiXtraylbuxi.lnk [2181 2016-09-26] ()
HKLM-x32\...\Run: [PCFIXTRAYAKSAN] => c:\pcfiXtrayrtqvr.lnk [2181 2016-12-13] ()
HKLM-x32\...\Run: [PCFIXTRAYJJEZH] => c:\pcfiXtraywamve.lnk [2181 2016-12-02] ()
HKLM-x32\...\Run: [PCFIXTRAYAGIAM] => c:\pcfiXtraypezsb.lnk [2181 2016-09-29] ()
HKLM-x32\...\Run: [PCFIXTRAYRGKYT] => c:\pcfiXtraynllhp.lnk [2181 2016-09-30] ()
HKLM-x32\...\Run: [PCFIXTRAYWHRII] => c:\pcfiXtrayvylne.lnk [2181 2016-09-30] ()
HKLM-x32\...\Run: [PCFIXTRAYGSVFJ] => c:\pcfiXtrayicdwa.lnk [2181 2016-10-01] ()
HKLM-x32\...\Run: [PCFIXTRAYNYDQM] => c:\pcfiXtrayfkxsl.lnk [2181 2016-10-02] ()
HKLM-x32\...\Run: [PCFIXTRAYKTGYX] => c:\pcfiXtraynokvv.lnk [2181 2016-10-03] ()
HKLM-x32\...\Run: [PCFIXTRAYAKDCZ] => c:\pcfiXtrayecxxu.lnk [2181 2016-10-04] ()
HKLM-x32\...\Run: [PCFIXTRAYMRDWA] => c:\pcfiXtraywnyzf.lnk [2181 2016-10-05] ()
HKLM-x32\...\Run: [PCFIXTRAYIAXTF] => c:\pcfiXtraybfukm.lnk [2181 2016-10-06] ()
HKLM-x32\...\Run: [PCFIXTRAYIDGYH] => c:\pcfiXtraybfteb.lnk [2181 2016-10-07] ()
HKLM-x32\...\Run: [PCFIXTRAYJJWYH] => c:\pcfiXtrayprqet.lnk [2181 2016-10-09] ()
HKLM-x32\...\Run: [PCFIXTRAYSKMAI] => c:\pcfiXtrayskepx.lnk [2181 2016-10-14] ()
HKLM-x32\...\Run: [PCFIXTRAYAEHAH] => c:\pcfiXtraywlyvy.lnk [2181 2016-11-07] ()
HKLM-x32\...\Run: [PCFIXTRAYINJUG] => c:\pcfiXtrayyiymi.lnk [2181 2016-10-15] ()
HKLM-x32\...\Run: [PCFIXTRAYZEVBN] => c:\pcfiXtrayrmcvl.lnk [2181 2016-10-16] ()
HKLM-x32\...\Run: [PCFIXTRAYUONTK] => c:\pcfiXtrayqgbgf.lnk [2181 2016-10-20] ()
HKLM-x32\...\Run: [PCFIXTRAYMFVPL] => c:\pcfiXtrayjifzs.lnk [2181 2016-10-21] ()
HKLM-x32\...\Run: [PCFIXTRAYRMDGZ] => c:\pcfiXtrayisdyp.lnk [2181 2016-10-22] ()
HKLM-x32\...\Run: [PCFIXTRAYJBNZV] => c:\pcfiXtrayexkkz.lnk [2181 2016-10-23] ()
HKLM-x32\...\Run: [PCFIXTRAYROZWZ] => c:\pcfiXtrayabewm.lnk [2181 2016-10-24] ()
HKLM-x32\...\Run: [PCFIXTRAYSRVUU] => c:\pcfiXtrayapdjd.lnk [2181 2016-10-25] ()
HKLM-x32\...\Run: [PCFIXTRAYHICXX] => c:\pcfiXtrayktucr.lnk [2181 2016-10-26] ()
HKLM-x32\...\Run: [PCFIXTRAYKTOZX] => c:\pcfiXtraytxgmg.lnk [2181 2016-10-27] ()
HKLM-x32\...\Run: [PCFIXTRAYDDTSY] => c:\pcfiXtrayyromf.lnk [2181 2016-10-28] ()
HKLM-x32\...\Run: [PCFIXTRAYYQYEY] => c:\pcfiXtraywsaxh.lnk [2181 2016-10-29] ()
HKLM-x32\...\Run: [PCFIXTRAYOFWIJ] => c:\pcfiXtrayqxrgl.lnk [2181 2016-10-30] ()
HKLM-x32\...\Run: [PCFIXTRAYLQNQK] => c:\pcfiXtrayuwiza.lnk [2181 2016-10-31] ()
HKLM-x32\...\Run: [PCFIXTRAYWWLIJ] => c:\pcfiXtraybsrgy.lnk [2181 2016-11-03] ()
HKLM-x32\...\Run: [PCFIXTRAYYSCCX] => c:\pcfiXtrayobbvm.lnk [2181 2016-11-04] ()
HKLM-x32\...\Run: [PCFIXTRAYDSTLS] => c:\pcfiXtrayanrpa.lnk [2181 2016-11-05] ()
HKLM-x32\...\Run: [PCFIXTRAYAJGST] => c:\pcfiXtraydbwhw.lnk [2181 2016-11-07] ()
HKLM-x32\...\Run: [PCFIXTRAYQTQVS] => c:\pcfiXtraykztoq.lnk [2181 2016-11-09] ()
HKLM-x32\...\Run: [PCFIXTRAYOWVKV] => c:\pcfiXtraypcyjb.lnk [2181 2016-11-09] ()
HKLM-x32\...\Run: [PCFIXTRAYUMFNS] => c:\pcfiXtrayghyog.lnk [2181 2016-11-10] ()
HKLM-x32\...\Run: [PCFIXTRAYVWOMG] => c:\pcfiXtrayiuslp.lnk [2181 2016-11-11] ()
HKLM-x32\...\Run: [PCFIXTRAYHIFYS] => c:\pcfiXtraysmeni.lnk [2181 2016-11-12] ()
HKLM-x32\...\Run: [PCFIXTRAYKVWWW] => c:\pcfiXtraydxjen.lnk [2181 2016-11-13] ()
HKLM-x32\...\Run: [PCFIXTRAYVMCJM] => c:\pcfiXtrayafqjp.lnk [2181 2016-11-14] ()
HKLM-x32\...\Run: [PCFIXTRAYSXRWV] => c:\pcfiXtrayiyclh.lnk [2181 2017-01-02] ()
HKLM-x32\...\Run: [PCFIXTRAYNMEKH] => c:\pcfiXtrayhfavg.lnk [2181 2016-11-16] ()
HKLM-x32\...\Run: [PCFIXTRAYBCDCB] => c:\pcfiXtrayudtaj.lnk [2181 2016-11-30] ()
HKLM-x32\...\Run: [PCFIXTRAYTPJVX] => c:\pcfiXtrayrpcwl.lnk [2181 2016-11-18] ()
HKLM-x32\...\Run: [PCFIXTRAYPXFJK] => c:\pcfiXtraymzjal.lnk [2181 2016-11-19] ()
HKLM-x32\...\Run: [PCFIXTRAYLCPSX] => c:\pcfiXtraypdcde.lnk [2181 2016-11-20] ()
HKLM-x32\...\Run: [PCFIXTRAYRLQVU] => c:\pcfiXtrayaapry.lnk [2181 2016-11-21] ()
HKLM-x32\...\Run: [PCFIXTRAYBPZXW] => c:\pcfiXtrayeiuea.lnk [2181 2016-11-22] ()
HKLM-x32\...\Run: [PCFIXTRAYAEKST] => c:\pcfiXtraydmipq.lnk [2181 2016-11-23] ()
HKLM-x32\...\Run: [PCFIXTRAYGMTMK] => c:\pcfiXtrayuuvze.lnk [2181 2016-11-24] ()
HKLM-x32\...\Run: [PCFIXTRAYTTTYK] => c:\pcfiXtraymxwtp.lnk [2181 2016-11-25] ()
HKLM-x32\...\Run: [PCFIXTRAYKHERV] => c:\pcfiXtraysihkr.lnk [2181 2016-11-26] ()
HKLM-x32\...\Run: [PCFIXTRAYSPBYJ] => c:\pcfiXtrayliwqz.lnk [2181 2016-11-27] ()
HKLM-x32\...\Run: [PCFIXTRAYFDMGI] => c:\pcfiXtrayzzdom.lnk [2181 2016-11-28] ()
HKLM-x32\...\Run: [PCFIXTRAYHGBDX] => c:\pcfiXtrayjwumq.lnk [2181 2016-11-29] ()
HKLM-x32\...\Run: [PCFIXTRAYBSXXW] => c:\pcfiXtrayresbc.lnk [2181 2016-12-01] ()
HKLM-x32\...\Run: [PCFIXTRAYYMDCL] => c:\pcfiXtrayhucrh.lnk [2181 2016-12-03] ()
HKLM-x32\...\Run: [PCFIXTRAYJWAUU] => c:\pcfiXtraygfoau.lnk [2181 2016-12-04] ()
HKLM-x32\...\Run: [PCFIXTRAYQQHCZ] => c:\pcfiXtraykahol.lnk [2181 2016-12-05] ()
HKLM-x32\...\Run: [PCFIXTRAYUYOOJ] => c:\pcfiXtraysdcoo.lnk [2181 2016-12-07] ()
HKLM-x32\...\Run: [PCFIXTRAYAPCCU] => c:\pcfiXtraylkvjr.lnk [2181 2016-12-08] ()
HKLM-x32\...\Run: [PCFIXTRAYIIDXH] => c:\pcfiXtrayauqeg.lnk [2181 2016-12-10] ()
HKLM-x32\...\Run: [PCFIXTRAYANBTH] => c:\pcfiXtrayrzcuw.lnk [2181 2016-12-10] ()
HKLM-x32\...\Run: [PCFIXTRAYUBJOX] => c:\pcfiXtrayasdkd.lnk [2181 2016-12-11] ()
HKLM-x32\...\Run: [PCFIXTRAYATUCN] => c:\pcfiXtraymhvmp.lnk [2181 2016-12-12] ()
HKLM-x32\...\Run: [PCFIXTRAYFJXNX] => c:\pcfiXtraynyawb.lnk [2181 2016-12-14] ()
HKLM-x32\...\Run: [PCFIXTRAYHVUDY] => c:\pcfiXtrayvhwwn.lnk [2181 2016-12-14] ()
HKLM-x32\...\Run: [PCFIXTRAYOPCNO] => c:\pcfiXtraytwsfs.lnk [2181 2016-12-16] ()
HKLM-x32\...\Run: [PCFIXTRAYOXAFJ] => c:\pcfiXtraynswor.lnk [2181 2016-12-17] ()
HKLM-x32\...\Run: [PCFIXTRAYNAWPA] => c:\pcfiXtraystuqd.lnk [2181 2016-12-18] ()
HKLM-x32\...\Run: [PCFIXTRAYSCFUW] => c:\pcfiXtraybevlb.lnk [2181 2016-12-19] ()
HKLM-x32\...\Run: [PCFIXTRAYBIMVI] => c:\pcfiXtrayouxok.lnk [2181 2016-12-20] ()
HKLM-x32\...\Run: [PCFIXTRAYOJJFI] => c:\pcfiXtrayzoaoz.lnk [2181 2016-12-21] ()
HKLM-x32\...\Run: [PCFIXTRAYCRLSK] => c:\pcfiXtraycytjq.lnk [2181 2016-12-22] ()
HKLM-x32\...\Run: [PCFIXTRAYKXAUW] => c:\pcfiXtrayvgkck.lnk [2181 2016-12-23] ()
HKLM-x32\...\Run: [PCFIXTRAYKQQMI] => c:\pcfiXtraybyrds.lnk [2181 2016-12-24] ()
HKLM-x32\...\Run: [PCFIXTRAYRIAFM] => c:\pcfiXtraytuglp.lnk [2181 2016-12-25] ()
HKLM-x32\...\Run: [PCFIXTRAYBFEUV] => c:\pcfiXtraypsajv.lnk [2181 2016-12-26] ()
HKLM-x32\...\Run: [PCFIXTRAYOPKHV] => c:\pcfiXtraybbcqu.lnk [2181 2016-12-27] ()
HKLM-x32\...\Run: [PCFIXTRAYKOOZK] => c:\pcfiXtraynqzbj.lnk [2181 2016-12-28] ()
HKLM-x32\...\Run: [PCFIXTRAYAXOEA] => c:\pcfiXtrayafszp.lnk [2181 2016-12-28] ()
HKLM-x32\...\Run: [PCFIXTRAYYUKIX] => c:\pcfiXtrayyamnl.lnk [2181 2016-12-29] ()
HKLM-x32\...\Run: [PCFIXTRAYRXBYH] => c:\pcfiXtrayvhjnk.lnk [2181 2016-12-31] ()
HKLM-x32\...\Run: [PCFIXTRAYRRMAG] => c:\pcfiXtraycjimp.lnk [2181 2017-01-01] ()
HKLM-x32\...\Run: [PCFIXTRAYNDKNV] => c:\pcfiXtrayshtcu.lnk [2181 2017-01-03] ()
HKLM-x32\...\Run: [PCFIXTRAYOLSLK] => c:\pcfiXtrayygqig.lnk [2181 2017-01-04] ()
HKLM-x32\...\Run: [PCFIXTRAYFKNZU] => c:\pcfiXtraybugyp.lnk [2181 2017-01-04] ()
HKLM-x32\...\Run: [PCFIXTRAYMUTIT] => c:\pcfiXtraydvyqw.lnk [2181 2017-01-05] ()
HKLM-x32\...\Run: [PCFIXTRAYMBBNX] => c:\pcfiXtrayubhls.lnk [2181 2017-01-06] ()
HKLM-x32\...\Run: [PCFIXTRAYLBLHR] => c:\pcfiXtrayhlnwv.lnk [2181 2017-01-07] ()
HKLM-x32\...\Run: [PCFIXTRAYHVCMX] => c:\pcfiXtraycqtoy.lnk [2181 2017-01-08] ()
HKLM-x32\...\Run: [PCFIXTRAYKAZMV] => c:\pcfiXtrayjupse.lnk [2181 2017-01-09] ()
HKLM-x32\...\Run: [PCFIXTRAYERVNA] => c:\pcfiXtrayqeciu.lnk [2181 2017-01-10] ()
HKLM-x32\...\Run: [PCFIXTRAYSOPDN] => c:\pcfiXtraymsyuj.lnk [2181 2017-01-11] ()
HKLM-x32\...\Run: [PCFIXTRAYWHVQK] => c:\pcfiXtraycpjjw.lnk [2181 2017-01-11] ()
HKLM-x32\...\Run: [PCFIXTRAYOWVHJ] => c:\pcfiXtrayvjvhn.lnk [2181 2017-01-11] ()
HKLM-x32\...\Run: [PCFIXTRAYNJUHU] => c:\pcfiXtraymyyqc.lnk [2181 2017-01-12] ()
HKLM-x32\...\Run: [PCFIXTRAYZYDVS] => c:\pcfiXtrayqxefh.lnk [2181 2017-01-13] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Geen bestand
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
CHR HKU\S-1-5-21-2602939782-1314808242-3865560093-1001\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
BHO: AlllSaveR -> {3F43ED28-76C2-4ECD-B06B-C4F04161CC2B} -> C:\Program Files (x86)\AlllSaveR\LKLdnfUjf6sFBs.x64.dll => Geen bestand
BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand
BHO-x32: Geen Naam -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> Geen bestand
BHO-x32: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司)
CHR StartupUrls: Profile 3 -> "hxxp://www.trovi.com/?gd=&ctid=CT3331213&octid=EB_ORIGINAL_CTID&ISID=M4AB84077-7C31-43C3-A6E6-30EFC36DA467&SearchSource=55&CUI=&UM=8&UP=SP2A1A914A-D0FF-4FDC-B9B6-9D71CF7C81AC&SSPV=","hxxp://www.yessearches.com/?mode=nnnb&ptid=sqr1&uid=711D8F3AF1F87FA2D17E4CA16CCCFC57&v=20160415&ts=AHEqA3UsB3QkCE..","search.mpc.am"\
CHR Extension: (Ponyhoof) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\efjjgphedlaihnlgaibiaihhmhaejjdd [2015-07-26] [UpdateUrl: hxxps://mynamedomain.koko/00] <==== AANDACHT
CHR Extension: (Anti Porn Pro  The best Anti Porn addon) - C:\Users\Esther\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\hbepadcdhpahlikldbochnhfleejiokp [2015-02-16] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== AANDACHT
CHR Extension: (AlllSaveR) - C:\ProgramData\bccekifpmjegopegffdafmgjhmapeonh\ []
U0 aswVmm; geen ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
2017-01-13 07:29 - 2017-01-13 07:29 - 00002181 _____ C:\pcfiXtrayqxefh.lnk
2017-01-12 23:22 - 2017-01-12 23:22 - 00002181 _____ C:\pcfiXtraymyyqc.lnk
2017-01-11 19:02 - 2017-01-11 19:02 - 00002181 _____ C:\pcfiXtrayvjvhn.lnk
2017-01-11 15:40 - 2017-01-11 15:40 - 00002181 _____ C:\pcfiXtraycpjjw.lnk
2017-01-11 07:25 - 2017-01-11 07:25 - 00002181 _____ C:\pcfiXtraymsyuj.lnk
2017-01-10 07:21 - 2017-01-10 07:21 - 00002181 _____ C:\pcfiXtrayqeciu.lnk
2017-01-09 16:56 - 2017-01-09 16:56 - 00002181 _____ C:\pcfiXtrayjupse.lnk
2017-01-08 07:01 - 2017-01-08 07:01 - 00002181 _____ C:\pcfiXtraycqtoy.lnk
2017-01-07 08:03 - 2017-01-07 08:03 - 00002181 _____ C:\pcfiXtrayhlnwv.lnk
2017-01-06 09:57 - 2017-01-06 09:57 - 00002181 _____ C:\pcfiXtrayubhls.lnk
2017-01-05 06:50 - 2017-01-05 06:50 - 00002181 _____ C:\pcfiXtraydvyqw.lnk
2017-01-04 17:10 - 2017-01-04 17:10 - 00002181 _____ C:\pcfiXtraybugyp.lnk
2017-01-04 06:51 - 2017-01-04 06:51 - 00002181 _____ C:\pcfiXtrayygqig.lnk
2017-01-03 07:51 - 2017-01-03 07:51 - 00002181 _____ C:\pcfiXtrayshtcu.lnk
2017-01-01 12:04 - 2017-01-01 12:04 - 00002181 _____ C:\pcfiXtraycjimp.lnk
2016-12-31 10:10 - 2016-12-31 10:10 - 00002181 _____ C:\pcfiXtrayvhjnk.lnk
2016-12-29 13:36 - 2016-12-29 13:36 - 00002181 _____ C:\pcfiXtrayyamnl.lnk
2016-12-28 11:52 - 2016-12-28 11:52 - 00002181 _____ C:\pcfiXtrayafszp.lnk
2016-12-28 09:20 - 2016-12-28 09:20 - 00002181 _____ C:\pcfiXtraynqzbj.lnk
2016-12-27 10:23 - 2016-12-27 10:23 - 00002181 _____ C:\pcfiXtraybbcqu.lnk
2016-12-26 10:16 - 2016-12-26 10:16 - 00002181 _____ C:\pcfiXtraypsajv.lnk
2016-12-25 11:27 - 2016-12-25 11:27 - 00002181 _____ C:\pcfiXtraytuglp.lnk
2016-12-24 07:45 - 2016-12-24 07:45 - 00002181 _____ C:\pcfiXtraybyrds.lnk
2016-12-23 07:41 - 2016-12-23 07:41 - 00002181 _____ C:\pcfiXtrayvgkck.lnk
2016-12-22 06:45 - 2016-12-22 06:45 - 00002181 _____ C:\pcfiXtraycytjq.lnk
2016-12-21 07:26 - 2016-12-21 07:26 - 00002181 _____ C:\pcfiXtrayzoaoz.lnk
2016-12-20 07:42 - 2016-12-20 07:42 - 00002181 _____ C:\pcfiXtrayouxok.lnk
2016-12-19 15:31 - 2016-12-19 15:31 - 00002181 _____ C:\pcfiXtraybevlb.lnk
2016-12-18 11:31 - 2016-12-18 11:31 - 00002181 _____ C:\pcfiXtraystuqd.lnk
2016-12-17 09:41 - 2016-12-17 09:41 - 00002181 _____ C:\pcfiXtraynswor.lnk
2016-12-16 07:18 - 2016-12-16 07:18 - 00002181 _____ C:\pcfiXtraytwsfs.lnk
2016-12-14 09:06 - 2016-12-14 09:06 - 00002181 _____ C:\pcfiXtrayvhwwn.lnk
2016-12-14 07:23 - 2016-12-14 07:23 - 00002181 _____ C:\pcfiXtraynyawb.lnk
2017-01-12 07:24 - 2016-06-17 06:17 - 00002181 _____ C:\pcfiXtraybhgye.lnk
2017-01-11 16:07 - 2016-09-03 07:49 - 00002181 _____ C:\pcfiXtrayojakk.lnk
2017-01-02 09:34 - 2016-11-15 16:08 - 00002181 _____ C:\pcfiXtrayiyclh.lnk
2016-12-30 10:16 - 2016-04-24 08:51 - 00002181 _____ C:\pcfiXtrayaspwg.lnk
2016-12-15 07:23 - 2016-04-29 08:10 - 00002181 _____ C:\pcfiXtrayoolbp.lnk
C:\program files (x86)\common files\tencent
C:\users\esther\appdata\roaming\torntv.com
C:\Program Files (x86)\GoForFiles
C:\Program Files (x86)\Tencent
Task: C:\WINDOWS\Tasks\CKCY.job
C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Esther.job 
C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Esther.job
C:\Users\Esther\AppData\Local\PPTAssist
C:\WINDOWS\Tasks\WYRSSKMK.job
C:\Users\Esther\AppData\Roaming\WYRSSKMK.exe
C:\Users\Esther\AppData\Roaming\CKCY.exe
Hosts:
EmptyTemp:
RemoveProxy:
end