Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Hallo Clarkie,en nee hoor er stond niks ,dussssssssssssssssssssssssssssssssssssssssssssssssssssss

Fijne avond en ik kijk geregeld of er weer een tip binnenkomt.

Tireyosa

  • Reacties 34
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Geplaatst:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de instructievideo.

  • 2 weken later...
Geplaatst: (aangepast)

Het is het bestand "Log.txt" dat we nodig hebben, niet info.txt.

Voer de scan met RSIT nogmaals uit zoals clarkie heeft aangegeven in bericht 22 en voeg dan het "Log.txt" als bijlage toe aan je volgend bericht.

Ook bij de procedure sfc /scannow heb je typfouten gemaakt in het 2de gedeelte waardoor de instructie niet werd herkend.

Open een nieuw kladblokbestand.

Kopieer onderstaande code en plak deze in het kladblokbestand.

[b]sfc /scannow[/b]
[b][b][b][b][b]findstr /c:"[sR]" %windir%\Logs\CBS\CBS.log > "%userprofile%\Desktop\sfcdetails.txt"[/b][/b][/b][/b][/b]

Ga naar Bestand - Opslaan als.

Bij "Opslaan in" kies je bureaublad

Bij "Bestandsnaam" zet je: sfcscan.bat

Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).

Klik op de knop Opslaan.

Ga naar start - alle programma's - bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor uitvoeren als administrator om het opdrachtprompt te openen.

Typ %userprofile%\desktop\sfcscan.bat in het opdrachtprompt en druk enter

De instructies in het bestand sfcscan.bat zullen nu worden uitgevoerd.

Na de uitvoering zou je het bestand sfcdetails.txt op je bureaublad moeten hebben.

Voeg ook dit bestand toe als bijlage aan je volgend bericht.

aangepast door kweezie wabbit
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

C:\WINDOWS\tasks\MySearchDial.job;f
{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47};c
{282b0e54-8981-49eb-9193-5910a1f6fd33};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
"AppInit_DLLs"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r64
"AppInit_DLLs"=-;r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe];r
chromelook; 
firefoxlook; 
emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
  • Do a Deep Scan

  • Installed Programs

  • Running Processes
  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Geplaatst:

--- IE Startpage Check 15:33:08,62

--- Program Files DB Check 15:35:09,09

--- C:\Users\Default\AppData\Roaming DB Check 15:36:15,28

--- C:\Users\Default User\AppData\Roaming DB Check 15:36:15,28

--- C:\Users\Dolly\AppData\Roaming DB Check 15:36:15,28

--- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming DB Check 15:36:15,28

--- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming DB Check 15:36:15,28

--- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming DB Check 15:36:15,28

--- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming DB Check 15:36:15,28

--- C:\Users\Dolly DB Check 15:39:43,74

--- C:\PROGRA~3 DB Check 15:40:15,50

--- C:\Users\Default\AppData\Local DB Check 15:40:17,59

--- C:\Users\Default User\AppData\Local DB Check 15:40:17,59

--- C:\Users\Dolly\AppData\Local DB Check 15:40:17,59

--- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local DB Check 15:40:17,59

--- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local DB Check 15:40:17,59

--- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local DB Check 15:40:17,59

--- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local DB Check 15:40:17,59

--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 15:43:15,13

Geplaatst:

Zoek.exe v5.0.0.0 Updated 22-05-2014

Tool run by Dolly on zo 25-05-2014 at 15:26:00,45.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Dolly\AppData\Local\Temp\Temp1_zoek 22.zip\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Running Processes ======================

C:\WINDOWS\system32\wininit.exe

C:\WINDOWS\system32\winlogon.exe Hoop dat het zo genoeg is ?????????? Een hele klus voor mij ,maar ik wil graag van de error af.

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\system32\dwm.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

C:\WINDOWS\system32\dashost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

C:\WINDOWS\system32\taskhostex.exe

C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

C:\WINDOWS\system32\DllHost.exe

C:\WINDOWS\system32\DllHost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe

C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe

C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe

C:\Windows\System32\skydrive.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

C:\Users\Dolly\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\WWAHost.exe

C:\Windows\System32\SettingSyncHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

C:\Users\Dolly\AppData\Local\Temp\Temp1_zoek 22.zip\zoek.exe

C:\WINDOWS\system32\conhost.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

==== System Restore Info ======================

25-5-2014 15:31:49 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Settings Manager deleted successfully

C:\PROGRA~3\Browser Manager deleted successfully

C:\PROGRA~3\BrowserProtect deleted successfully

C:\PROGRA~3\Systweak deleted successfully

C:\PROGRA~3\Wincert deleted successfully

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully

C:\Users\Dolly\AppData\Roaming\Common deleted successfully

C:\Users\Dolly\AppData\Roaming\OfferMosquito deleted successfully

C:\Users\Dolly\AppData\Local\cache deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA4CEA4C-984E-4654-AE0F-B7BEB96D0EBF} deleted successfully

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EB11147D-47C7-45B2-8EC9-9D5EC2176A25} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{282b0e54-8981-49eb-9193-5910a1f6fd33} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{282b0e54-8981-49eb-9193-5910a1f6fd33} deleted successfully

==== Installed Programs ======================

Adobe Digital Editions 2.0

Advanced SystemCare 7

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Collage Creator

ArcSoft Funhouse

ArcSoft Greeting Card Creator

ArcSoft Panorama Maker 3

Driver Booster

Dropbox

Facebook Video Calling 2.0.0.447

Google Chrome

Google Update Helper

Google+ Auto Backup

Intel® Processor Graphics

IObit Apps Toolbar v8.5

IObit Malware Fighter

IObit Uninstaller

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft-invoegtoepassing Opslaan als PDF voor 2007 Microsoft Office-programma's

Microsoft PowerPoint Viewer

Microsoft Silverlight

Photo Notifier and Animation Creator

Picasa 3

Realtek High Definition Audio Driver

Skype Click to Call

SkypeT 6.14

Smart Defrag 3

Start Menu 8

Surfing Protection

TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver

TP-LINK Wireless Configuration Utility

VLC media player 2.1.3

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found

C:\Users\Dolly\daemonprocess.txt deleted

C:\Users\Dolly\.android deleted

C:\PROGRA~2\Webfetti_52EI deleted

C:\PROGRA~2\Advanced System Protector deleted

C:\Users\Dolly\AppData\Roaming\UpdaterEX deleted

C:\Users\Dolly\AppData\Roaming\ParetoLogic deleted

C:\Users\Dolly\AppData\Roaming\DriverCure deleted

C:\Users\Dolly\AppData\Roaming\systweak deleted

C:\PROGRA~3\ParetoLogic deleted

C:\PROGRA~3\ProductData deleted

C:\Users\Dolly\AppData\Local\CRE deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector deleted

C:\WINDOWS\SysNative\roboot64.exe deleted

C:\windows\SysNative\Tasks\MySearchDial deleted

C:\WINDOWS\Tasks\MySearchDial.job deleted

C:\WINDOWS\SysNative\sasnative64.exe deleted

C:\Users\Dolly\Downloads\FreeYouTubeToMP3Converter.exe deleted

C:\Users\Dolly\AppData\LocalLow\IObit Apps deleted

C:\Users\Dolly\AppData\LocalLow\ADSRemoval deleted

C:\Users\Dolly\AppData\LocalLow\imeshmusicboxtoolbar181 deleted

C:\windows\SysNative\tasks\UpdaterEX deleted

C:\WINDOWS\tasks\UpdaterEX.job deleted

C:\windows\SysNative\Tasks\Advanced System Protector deleted

C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted

C:\WINDOWS\Syswow64\RegistryHelperLM.ocx deleted

"C:\WINDOWS\Installer\b5c9d9c.msi" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 3978 MB

CPU Info: Intel® Pentium® CPU 2020M @ 2.40GHz

CPU Speed: 2440,7 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek Digital Output (Realtek |

Display Adapters: Intel® HD Graphics | Intel® HD Graphics | Intel® HD Graphics

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter #2 | TP-LINK Wireless USB Adapter | Bluetooth-apparaat (Personal Area Network) | Realtek PCIe GBE Family Controller | Intel® Centrino® Wireless-N 2230

CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208DB

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 869,0GB | D: 60,0GB

Hard Disks - Free: C: 824,1GB | D: 42,5GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | | MEDION - 1

Time Zone: West-Europa (standaardtijd)

Motherboard *: Medion E6234

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: IObit Malware Fighter disabled (Outdated)

Default Browser: Google Chrome 35.0.1916.114

Internet Explorer Version: 11.0.9600.17107

Google Chrome version: 35.0.1916.114

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\Users\Dolly\AppData\Local\Temp ====

2014-05-25 10:46:05 62AEB8305A12986E4901CC4860ED0382 41984 ----a-w- C:\Users\Dolly\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplrkw6o.dll

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RTLDHCP.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe

2014-05-24 09:14:23 94142D05F00EC6601A4EA9939DE49C98 126976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\EnumDevLib.dll

2014-05-24 09:14:23 7C02774740B2EA1F5237808B1A363D34 200704 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\IpLib.dll

2014-05-24 09:14:23 49F70312DCCCE5CF01AA94DBD63FF908 479232 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RtlLib.dll

2014-05-24 09:14:23 49F70312DCCCE5CF01AA94DBD63FF908 479232 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlLib.dll

2014-05-24 09:14:23 49F70312DCCCE5CF01AA94DBD63FF908 479232 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlLib.dll

2014-05-24 09:14:23 44DB042E5B8BF57E8C991CE6C9BB5FF5 1116672 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\libeay32.dll

2014-05-24 09:14:23 29064E69158ECF8EE9D9C4F6C9F1BEBA 45056 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlICS.dll

2014-05-24 09:14:23 1C6148A2885B37593C6FF0AB4D71C6EB 249856 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RtlIhvOid.dll

2014-05-24 09:14:23 1C6148A2885B37593C6FF0AB4D71C6EB 249856 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlIhvOid.dll

2014-05-24 09:14:22 A3E3B26EC27CD51997F1E4A0D4036E73 245760 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlIhvOid.dll

2014-05-24 09:14:22 94142D05F00EC6601A4EA9939DE49C98 126976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\EnumDevLib.dll

2014-05-24 09:14:22 94142D05F00EC6601A4EA9939DE49C98 126976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\EnumDevLib.dll

2014-05-24 09:14:22 8F31B58478EC96EA61E86CFCD9DE9C25 196608 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RTLDHCP.exe

2014-05-24 09:14:22 7C02774740B2EA1F5237808B1A363D34 200704 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\IpLib.dll

2014-05-24 09:14:22 7C02774740B2EA1F5237808B1A363D34 200704 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\IpLib.dll

2014-05-24 09:14:22 44DB042E5B8BF57E8C991CE6C9BB5FF5 1116672 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\libeay32.dll

2014-05-24 09:14:22 44DB042E5B8BF57E8C991CE6C9BB5FF5 1116672 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\libeay32.dll

2014-05-24 09:14:22 29064E69158ECF8EE9D9C4F6C9F1BEBA 45056 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RtlICS.dll

2014-05-24 09:14:22 29064E69158ECF8EE9D9C4F6C9F1BEBA 45056 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlICS.dll

2014-05-24 09:14:17 8C47303CE87AEAE0E0283EC1E2072BEB 126976 ------w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\InstallHelper.dll

2014-05-24 09:14:12 7461D3DA1AABB5F703504E958455A900 926824 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_7_64bit\rtl8192cu.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_8_64bit\rtwlanu.sys

2014-05-24 09:14:12 25C503FF283E95FFC5EB5F177C21AD5E 882792 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_Vista_64bit\rtl8192cu.sys

2014-05-24 09:14:11 A2DA4EC9EB6E7EFB7C0EE0C3834EB35A 1138280 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_XP_64bit\rtl8192cu.sys

2014-05-23 15:08:22 29198D93029027C9BB4DA8E9C70AF13E 26832976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{35B36F02-0A66-418C-A605-E835983FBA3F}-35.0.1916.114_34.0.1847.137_chrome_updater.exe

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

2014-05-15 19:05:52 BE753D2FF471EA25421D931EF23DCDD3 105464 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-05-15 19:05:52 2A01A10CCCA38214C5E678D4E41D52F3 693240 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-05-14 17:01:08 DC72DC452793C9622E6F056B89F9302C 123904 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll

2014-05-14 17:01:08 D8C63F333D4A8D8433849A9ADC092BE9 31232 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe

2014-05-14 17:01:08 AB3A013BA1C50B2309E5BF8136600656 828928 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll

2014-05-14 17:01:08 8DA8026471B3470085B4AFB9C77BF45F 25088 ----a-w- C:\WINDOWS\SysWOW64\wups.dll

2014-05-14 17:01:08 82119579B000F62D96B083BC6A246C07 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll

2014-05-14 17:01:08 51B615EF9408277FEF586EB97583844E 666624 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll

2014-05-14 17:01:08 3F0DB8120F65E3223B4EAF6CA4CDB3C5 754688 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll

2014-05-14 17:01:08 0542A44401EA9451D82D3DF4BF3BD871 419928 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2014-05-14 16:59:08 EC4FA776548BF1A05DAE3B5EFB0FFE6F 1209616 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll

2014-05-14 16:59:08 C97E772120135CD320CB217C92105B12 370176 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv

2014-05-14 16:59:08 68A23F58F6F16B81BCBFCAA07CDF0680 61440 ----a-w- C:\WINDOWS\SysWOW64\srclient.dll

2014-05-14 16:59:07 FF28231D41465C253E9F9EF164DD619C 230400 ----a-w- C:\WINDOWS\SysWOW64\wlanapi.dll

2014-05-14 16:59:07 E697F1E4E819EB12C40AE01F88626BAB 219136 ----a-w- C:\WINDOWS\SysWOW64\resutils.dll

2014-05-14 16:59:07 E678126493997B951C6A6E91BC15C91C 836608 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-05-14 16:59:07 E2AAB5EDC278D489C8EF87F277B5E3E6 888320 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll

2014-05-14 16:59:07 B6803C8A600E3F029A3D688D9E590CA3 300544 ----a-w- C:\WINDOWS\SysWOW64\wlanmsm.dll

2014-05-14 16:59:07 A9A027378882FFA14000612AE6FDA7AB 1200288 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll

2014-05-14 16:59:07 A93E67D9084BEFC32C8E2B75FCC5B02E 11792384 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll

2014-05-14 16:59:07 A624CA7CDFA7941EECD6F96F1A47CCA3 178184 ----a-w- C:\WINDOWS\SysWOW64\MSVideoDSP.dll

2014-05-14 16:59:07 A5358F64D4EB5ABE2829981CD9734901 18755672 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll

2014-05-14 16:59:07 90C83CF02C884315E595FA07CA9C64EF 387896 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll

2014-05-14 16:59:07 8C25FBB338147754DA42DF990FB3AE4A 285144 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2014-05-14 16:59:07 88A821BC72CB1A935C92F453586233EF 518544 ----a-w- C:\WINDOWS\SysWOW64\mf.dll

2014-05-14 16:59:07 87AB9959EC23455326C8C55E59DE0A88 669856 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2014-05-14 16:59:07 76892045ECB1D830185618DBD3467562 337408 ----a-w- C:\WINDOWS\SysWOW64\XpsGdiConverter.dll

2014-05-14 16:59:07 6BAE2EB5EFCEAC999BB1A5BF267C711D 707048 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll

2014-05-14 16:59:07 619C6E72B8433B3F67738F7E6C972A96 230808 ----a-w- C:\WINDOWS\SysWOW64\wintrust.dll

2014-05-14 16:59:07 5FAEA469BCE03F8FABAFB63D7603DC3C 982016 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2014-05-14 16:59:07 5C74AC34C1CAA9C232836C580272B0DD 1029120 ----a-w- C:\WINDOWS\SysWOW64\mispace.dll

2014-05-14 16:59:07 5AE9C90A51256F72C541A2FD81EAB7C4 2144984 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll

2014-05-14 16:59:07 561945C42E36012B4799C342E6A96498 800768 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-05-14 16:59:07 4874EB05C1BE374B8A4AC15DF3DB07B0 111528 ----a-w- C:\WINDOWS\SysWOW64\gpapi.dll

2014-05-14 16:59:07 4550DC04464B86C5EB2CC77D9D27C06C 5833216 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-05-14 16:59:07 3CABBCB26C4E73F3440A8A064EB490FF 11264 ----a-w- C:\WINDOWS\SysWOW64\wlanhlp.dll

2014-05-14 16:59:07 15905E6B799C1446A37915ED23CD17E5 144384 ----a-w- C:\WINDOWS\SysWOW64\rpchttp.dll

2014-05-14 16:59:07 0FDDBC46B0FE68B9516BED5CDC2A5296 5104640 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2014-05-14 16:59:07 06AB75759A0B2D79680F52ACDAE702A1 313344 ----a-w- C:\WINDOWS\SysWOW64\clusapi.dll

2014-05-14 16:59:05 D0E0E176F86C3B1048A67144DE0C5CD3 46592 ----a-w- C:\WINDOWS\SysWOW64\tlscsp.dll

2014-05-14 16:59:05 CF3EA59E07BF906B43058C98B6750D16 855552 ----a-w- C:\WINDOWS\SysWOW64\rdvidcrl.dll

2014-05-14 16:59:05 A717D4AC0C44BCBE990DBF8B6EC979AA 12711424 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-05-14 16:59:05 A54EB398BC2D792A0C603A97F7975FD8 357376 ----a-w- C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll

2014-05-14 16:59:05 A4F3682781DD8B36E97FD04BA50845A2 209920 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll

2014-05-14 16:59:05 A3ECC0F6960AA699895CB48BC69BEA3B 326024 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll

2014-05-14 16:59:05 956D8170AD470804405C0564E10ED6ED 406504 ----a-w- C:\WINDOWS\SysWOW64\AudioEng.dll

2014-05-14 16:59:05 8EAD5F0BC40579B106CDD9D2591CFEC5 1797896 ----a-w- C:\WINDOWS\SysWOW64\d3d9.dll

2014-05-14 16:59:05 495C3945889DD59993474F2434863835 11776 ----a-w- C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-05-14 16:59:05 1E48870B29C7D7328A7D484A61250AE5 5774848 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll

2014-05-14 16:59:05 13CE2AA6D3ACAF0B485DBFE8AF2F5C48 305768 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2014-05-14 16:59:05 008368626F3EFAEDB0C2CD4565BA6797 98584 ----a-w- C:\WINDOWS\SysWOW64\dwmapi.dll

2014-05-14 16:58:07 3DA5CD1E3B9BDAF79731CB6CB1029CB3 53248 ----a-w- C:\WINDOWS\SysWOW64\tsgqec.dll

2014-05-14 16:54:17 1DEC681B79501A714F0D3FA2787183C3 305152 ----a-w- C:\WINDOWS\SysWOW64\wusa.exe

2014-05-14 16:53:28 BA4FA107EF9A728C58A81B2EFCD6FE2B 26784 ----a-w- C:\WINDOWS\SysWOW64\mrt100.dll

2014-05-14 16:53:28 6923D6FAB7CBA8D82BD792182B4F3DE4 80032 ----a-w- C:\WINDOWS\SysWOW64\mrt_map.dll

2014-05-14 16:51:04 FBCF3F01177953EBF1E735643621CCF5 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll

2014-05-14 16:51:04 EB5347F6149D3FF25F4D609A21A3BD67 17382912 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\WINDOWS\Sysnative\rtwlanu.sys

2014-05-24 09:14:12 346FE111845AE42343348CE5978F857C 9936 ----a-w- C:\WINDOWS\Sysnative\netrtwlanu.cat

2014-05-24 09:14:12 31ACF68B1E8232410CE93EAAD8A26FBA 36409 ----a-w- C:\WINDOWS\Sysnative\netrtwlanu.inf

2014-05-14 17:01:08 FD3638782572A8281BCF12520F6579F4 79872 ----a-w- C:\WINDOWS\Sysnative\WSReset.exe

2014-05-14 17:01:08 E9F333234A5641E2FEF2F5240BDD56B8 35328 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe

2014-05-14 17:01:08 E859E9B4A0300F56C94D2C69F6F65657 827392 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll

2014-05-14 17:01:08 C383B71BAAC22CCE37B99339AEB62F1E 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll

2014-05-14 17:01:08 AF1BC4F5421023D59F1D472C1A4E01CF 921088 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll

2014-05-14 17:01:08 850FC6B2E385766B9972CDBE947989F6 381440 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll

2014-05-14 17:01:08 7F15F3E0F847D90EB3A2124258E6B1DC 54776 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe

2014-05-14 17:01:08 7E609FBF50774CC5A239420FE34EBB9C 3464192 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll

2014-05-14 17:01:08 766DCDC7032C4C98E47B8A9F71239E38 555736 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll

2014-05-14 17:01:08 736046C9AFD66BA29BA61ACD582E7A7B 137728 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll

2014-05-14 17:01:08 68CB2B575F0C67BB14590D1471285287 201728 ----a-w- C:\WINDOWS\Sysnative\ubpm.dll

2014-05-14 17:01:08 5F74A7DB62F6D560B0C858A096A37B59 1054208 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll

2014-05-14 17:01:08 4FB80968811FAD6E88ABFAA98E51305C 1705472 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll

2014-05-14 17:01:08 3DF281C1553A6124DEF875C19D46AC0D 190976 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll

2014-05-14 17:01:08 1EC3AACDB335533A7470245C683ACF94 56320 ----a-w- C:\WINDOWS\Sysnative\wups.dll

2014-05-14 16:59:08 F587513213947A4C7EF47B660DAAFBC5 271872 ----a-w- C:\WINDOWS\Sysnative\rstrui.exe

2014-05-14 16:59:08 9ED0E72966FB08F7E6DB15E5519AF8D1 1379064 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll

2014-05-14 16:59:08 9465F8E72887AC6CCDD97F738A5AB6B6 70656 ----a-w- C:\WINDOWS\Sysnative\srclient.dll

2014-05-14 16:59:08 414B81DE6CE46022ED43051C09EDB00B 467968 ----a-w- C:\WINDOWS\Sysnative\srcore.dll

2014-05-14 16:59:08 411DBFCD6ABAB75B6F7950677AEEFB7D 1403856 ----a-w- C:\WINDOWS\Sysnative\winmde.dll

2014-05-14 16:59:07 F4C09C622BC55A80F775DF7D8AB9984F 6645248 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll

2014-05-14 16:59:07 EAE6ED6C5076CF765EB731B92A237149 955904 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll

2014-05-14 16:59:07 E86E7792A2A0854D5560371BBDDA760B 1057280 ----a-w- C:\WINDOWS\Sysnative\rdvidcrl.dll

2014-05-14 16:59:07 BAF51BE2DEB387BD99CAC4E3B7850FEC 250368 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll

2014-05-14 16:59:07 B6BD22DDEDDD8665080D664749ACFEF5 64512 ----a-w- C:\WINDOWS\Sysnative\tsgqec.dll

2014-05-14 16:59:07 AEDD44FDB8B521D443A07146F5CA3A53 7173120 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll

2014-05-14 16:59:07 AE2B9504C975B529D92D9E6603F6D33F 609448 ----a-w- C:\WINDOWS\Sysnative\mf.dll

2014-05-14 16:59:07 AD2DE3982C7B6E62346098C7570F6A7D 13287936 ----a-w- C:\WINDOWS\Sysnative\twinui.dll

2014-05-14 16:59:07 A1CD5194ACC156A852136B303F087260 491744 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll

2014-05-14 16:59:07 99277BE68298288A0E27CF9E50FAD091 881616 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll

2014-05-14 16:59:07 98A184F6EC43B178901FCD5D4E2EC43B 1222656 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Streaming.dll

2014-05-14 16:59:07 92B785213F856EC736673516C54FA791 233912 ----a-w- C:\WINDOWS\Sysnative\mfps.dll

2014-05-14 16:59:07 8ECEBEE92854C6705877911BA75889A8 2124840 ----a-w- C:\WINDOWS\Sysnative\d3d9.dll

2014-05-14 16:59:07 8E1866A4E96F1159B6625627860A0454 2100736 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlowUI.dll

2014-05-14 16:59:07 87CF824E47489DD972FB4FB9FC4EDD0A 324888 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll

2014-05-14 16:59:07 7FB9EC74ADFB2353B7782C3EF833F5B7 765408 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll

2014-05-14 16:59:07 7E4A8D95B9DBC2CB588B91848A0AE731 2688000 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers.dll

2014-05-14 16:59:07 6C6E26E0DB9AB2077F42FBBCDB153C84 2140888 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll

2014-05-14 16:59:07 6B7B2211C293218706D491204FCE8695 1126912 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll

2014-05-14 16:59:07 69A374DE46C7BAAE30BFB1E40D69C5C6 761856 ----a-w- C:\WINDOWS\Sysnative\WorkfoldersControl.dll

2014-05-14 16:59:07 6873D09262D32B95D6AC3026FCF8B424 1230336 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll

2014-05-14 16:59:07 67176AA6EAF34FF2A962F14EB8F0478B 263424 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe

2014-05-14 16:59:07 64B2A2630C964BF135A84A52FB2EEF9A 47616 ----a-w- C:\WINDOWS\Sysnative\tlscsp.dll

2014-05-14 16:59:07 5EE916C3272A19B459717A8D2397B07A 55296 ----a-w- C:\WINDOWS\Sysnative\energyprov.dll

2014-05-14 16:59:07 5661481164A164CAD67DBE5A0191207F 4190720 ----a-w- C:\WINDOWS\Sysnative\win32k.sys

2014-05-14 16:59:07 5071E71CC05346D88C5A08EB8B5A05E3 1584128 ----a-w- C:\WINDOWS\Sysnative\workfolderssvc.dll

2014-05-14 16:59:07 4684C8E852065C0A7937C395C165A24F 1466856 ----a-w- C:\WINDOWS\Sysnative\propsys.dll

2014-05-14 16:59:07 315502228EB37F36E86EF75CB1DA1D44 201920 ----a-w- C:\WINDOWS\Sysnative\MSVideoDSP.dll

2014-05-14 16:59:07 2344C5630F8EFE156BAB786EBD83A839 3359744 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll

2014-05-14 16:59:07 22B8B1F946ACFCB03832793A25216D8C 186880 ----a-w- C:\WINDOWS\Sysnative\WorkFoldersShell.dll

2014-05-14 16:59:07 1517EE52367CABAA5615AC736DC96C7D 125496 ----a-w- C:\WINDOWS\Sysnative\dwmapi.dll

2014-05-14 16:59:07 151427E526E96471A45FF6CC2257FBA0 8652800 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll

2014-05-14 16:59:07 0C5C304C3A2D9E9633A7506CBB04929E 16872448 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll

2014-05-14 16:59:07 0BDD786156C820F49EEF5D348B4ACFF4 335872 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe

2014-05-14 16:59:07 072A99F351C505A45C9FDA32E7324602 28408 ----a-w- C:\WINDOWS\Sysnative\mfpmp.exe

2014-05-14 16:59:05 F4E351BB95D473CB55BB7C1A1FEB2798 467496 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll

2014-05-14 16:59:05 F2895547FC275642A29692DC344A847F 296960 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll

2014-05-14 16:59:05 EF252510DB6C3511E30418BD2AC95A2D 1527296 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll

2014-05-14 16:59:05 EEC46BC17F28C528AB7FAC20AFDF69E3 462336 ----a-w- C:\WINDOWS\Sysnative\XpsGdiConverter.dll

2014-05-14 16:59:05 ED7C0A11E655CD8B89BE499F99D56098 486912 ----a-w- C:\WINDOWS\Sysnative\winspool.drv

2014-05-14 16:59:05 E369C59F2C0852DDD090C07E0DDE0051 1436160 ----a-w- C:\WINDOWS\Sysnative\VSSVC.exe

2014-05-14 16:59:05 E2C26EECF60D9DF94706DF981D074B98 721408 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll

2014-05-14 16:59:05 DC61194C93DE9E5D549AEC5064A06BD4 872448 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe

2014-05-14 16:59:05 D872C6095AACC13AD897DB5E4D2B5D91 805376 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll

2014-05-14 16:59:05 CB79B5D367376E7B49E2D95BFFB0BEEB 364640 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll

2014-05-14 16:59:05 C2A06D6E746C42E6CE6CA020EE67FFA2 4269056 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll

2014-05-14 16:59:05 BF6FBC9D97A24FABB0AE8B878279CF0B 244880 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe

2014-05-14 16:59:05 B24960B79BDE7D5ED1EA638027F9E8F0 143872 ----a-w- C:\WINDOWS\Sysnative\BootMenuUX.dll

2014-05-14 16:59:05 AF3FF97AC2A73E70F8A8D11FB694175B 449536 ----a-w- C:\WINDOWS\Sysnative\defragsvc.dll

2014-05-14 16:59:05 AE7D8835A29FADB39C0D095BA32A9462 21268952 ----a-w- C:\WINDOWS\Sysnative\shell32.dll

2014-05-14 16:59:05 AE210430A150FF20A58E3C6B381A832F 1025024 ----a-w- C:\WINDOWS\Sysnative\localspl.dll

2014-05-14 16:59:05 977D67467950D8048E94651EE6081B99 370176 ----a-w- C:\WINDOWS\Sysnative\wlanmsm.dll

2014-05-14 16:59:05 9654DE19551093CD73874281E1573C94 135168 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll

2014-05-14 16:59:05 95471DDCB3B3FF70015FD9AA13404F44 281600 ----a-w- C:\WINDOWS\Sysnative\resutils.dll

2014-05-14 16:59:05 88BCAEABEB2A46DB7B336B8432720AC8 443904 ----a-w- C:\WINDOWS\Sysnative\wlansec.dll

2014-05-14 16:59:05 88ACBA95BB55B8226D52117462B76CD4 307304 ----a-w- C:\WINDOWS\Sysnative\wintrust.dll

2014-05-14 16:59:05 886767FD022213F7885416134E9082E5 201216 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll

2014-05-14 16:59:05 850EBB87584484DC16F917E7B6F4A304 718336 ----a-w- C:\WINDOWS\Sysnative\swprv.dll

2014-05-14 16:59:05 82FE5F302FD7C7EF0E41465BB873EFC7 11264 ----a-w- C:\WINDOWS\Sysnative\wlanhlp.dll

2014-05-14 16:59:05 7B3255A0B833908E4A7ACEA6245D344E 426496 ----a-w- C:\WINDOWS\Sysnative\clusapi.dll

2014-05-14 16:59:05 7B12172CCE581F76C9335D7A47E0AD50 130144 ----a-w- C:\WINDOWS\Sysnative\gpapi.dll

2014-05-14 16:59:05 79B134ECE836B406B212E28C24011538 834048 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll

2014-05-14 16:59:05 78D26F162E015FF644785C8836B617CA 1287168 ----a-w- C:\WINDOWS\Sysnative\mispace.dll

2014-05-14 16:59:05 626D19F1771E1AE72208AE9A8F3082F7 491520 ----a-w- C:\WINDOWS\Sysnative\GeofenceMonitorService.dll

2014-05-14 16:59:05 46378ECCB4A29AA81BF296641C2501EF 323072 ----a-w- C:\WINDOWS\Sysnative\srvsvc.dll

2014-05-14 16:59:05 383DA813409316D69603C1D849834D24 1308160 ----a-w- C:\WINDOWS\Sysnative\gpsvc.dll

2014-05-14 16:59:05 2A4177EE5446877BD24DD72504105603 191488 ----a-w- C:\WINDOWS\Sysnative\rpchttp.dll

2014-05-14 16:59:05 1697E09CDA4DD8741B8276F48A8514DE 32600 ----a-w- C:\WINDOWS\Sysnative\ploptin.dll

2014-05-14 16:59:05 0BBD7EDAEA54D0E30445E9FC1179C60A 1411584 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll

2014-05-14 16:59:05 01851563CB6FB986A4C0221C15AB6ADC 463256 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll

2014-05-14 16:59:04 CFB353B4E33AFE922C3A62DBC9C9B0A8 7425368 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe

2014-05-14 16:59:04 067CB90C277DB4A737D5DEABA3055972 407016 ----a-w- C:\WINDOWS\Sysnative\services.exe

2014-05-14 16:54:17 326715361A7D1C65983BFE920990E4EF 308224 ----a-w- C:\WINDOWS\Sysnative\wusa.exe

2014-05-14 16:53:28 D178F55D53B9A10FFBDC134C95517846 28320 ----a-w- C:\WINDOWS\Sysnative\mrt100.dll

2014-05-14 16:53:28 A750229C96A406EE123F43916053F142 86688 ----a-w- C:\WINDOWS\Sysnative\mrt_map.dll

2014-05-14 16:51:04 A920E1336F9FEA95477763E2CC15891B 84992 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll

2014-05-14 16:51:04 797E2E5C309AFF76990D5B7AF457EACA 23544320 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll

====== C:\WINDOWS\Sysnative\drivers =====

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\WINDOWS\Sysnative\drivers\RTWlanU.sys

2014-05-14 16:59:07 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys

2014-05-14 16:59:05 FD163F487CBA9C98AFFEB546C80F49A2 677376 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys

2014-05-14 16:59:05 DBA635C6398782C549E3BE45CF1D0411 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys

2014-05-14 16:59:05 78514B073CC5775800A65BFB82A0D66B 443904 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys

2014-05-14 16:59:05 716059F37BCCB1ABEDE99EBE82E8E362 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys

2014-05-14 16:59:05 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys

2014-05-14 16:59:05 0696F66E4D423793951A60562F794D14 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys

2014-05-14 16:59:04 D90AB68D0FAC9F357F663670FDBB511E 275800 -c--a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys

2014-05-14 16:59:04 D7566BE560B040C47F6F35EB980D8377 2518360 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys

2014-05-14 16:59:04 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys

2014-05-14 16:59:04 92370F46AF28D54B67C135FA8C2AFCFC 1200128 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys

2014-05-14 16:59:04 8FCE57F7E5CDA5751FDE01A316180488 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS

2014-05-14 16:59:04 7C7BE474915166B61B84C025F1F10157 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys

2014-05-14 16:59:04 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys

2014-05-14 16:59:04 4BB9BC49DEE1A319EC58274A7BBED663 310616 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys

2014-05-14 16:59:04 498288DD5CA42C2D36D125893E968C53 77312 -c--a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys

2014-05-14 16:59:04 33977549C2CED09936E05BEE7659EAFF 384856 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys

2014-05-14 16:53:58 F5D4FA3E1F4879C361FFF3855259D2C2 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys

2014-05-14 16:53:57 6CC1BB8F6851A262E2E824F0E92D5EEF 123224 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys

2014-05-14 16:53:57 019CC610AD95FF47EAD7C08B7A683B96 257880 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys

====== C:\WINDOWS\Tasks ======

2014-05-23 15:40:38 E80D4D44AD923FD6F764795DAB00E0B5 292 ----a-w- C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job

2014-05-23 15:40:38 D44A1AD9ECA9BD7E07CE80C2EE40A8E8 2392 ----a-w- C:\WINDOWS\Sysnative\Tasks\Uninstaller_SkipUac_Administrator

2014-05-23 15:40:31 CC0919C0C3A136AC30CD9D379F17EF4E 2356 ----a-w- C:\WINDOWS\Sysnative\Tasks\ASC7_SkipUac_Dolly

2014-05-23 15:40:30 30043A71317757CD719A363B01E0A889 256 ----a-w- C:\WINDOWS\Tasks\ASC7_SkipUac_Dolly.job

2014-05-17 19:15:38 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\GenericSettingsHandler

2014-05-06 07:38:18 18C6C93EE9DCDBF3A26FE10D94C8E305 3094 ----a-w- C:\WINDOWS\Sysnative\Tasks\ASC7_PerformanceMonitor

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-05-09 18:13:30 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-05-24 09:14:22 -------- d-----w- C:\PROGRA~2\TP-LINK

2014-05-23 16:31:47 -------- d-----w- C:\PROGRA~2\trend micro

======= C: =====

2014-05-24 05:49:06 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag

====== C:\Users\Dolly\AppData\Roaming ======

2014-05-24 09:14:37 -------- d-----w- C:\Users\Dolly\AppData\Roaming\TP-LINK

2014-05-23 15:41:41 -------- d-----w- C:\Users\Dolly\AppData\Roaming\ProductData

2014-05-10 06:03:52 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google

2014-05-08 10:15:18 2A2BF8661ED6D8D80F2D7698261D5A14 2407624 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat

2014-05-04 08:13:38 A0B3FDD4C95251DCC30B1C88C80F32E4 7597 ----a-w- C:\Users\Dolly\AppData\Local\resmon.resmoncfg

====== C:\Users\Dolly ======

2014-05-24 09:14:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK

2014-05-23 15:40:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

2014-05-06 07:37:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7

====== C: exe-files ==

2014-05-24 09:14:24 51AF618755360539B4C6063C440E1187 846848 ----a-w- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RTLDHCP.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe

2014-05-24 09:14:22 8F31B58478EC96EA61E86CFCD9DE9C25 196608 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RTLDHCP.exe

2014-05-24 09:14:21 6F58A1D8E7B031C6F2A60BA04D1A0B7D 372736 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe

2014-05-24 09:14:11 6F58A1D8E7B031C6F2A60BA04D1A0B7D 372736 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{852E893E-E4FD-45BB-8B17-72ADDF686974}\setup.exe

2014-05-24 09:13:39 6F58A1D8E7B031C6F2A60BA04D1A0B7D 372736 ------r- C:\Windows\Temp\temp\Utility\setup.exe

2014-05-23 16:31:47 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Dolly.exe

2014-05-23 15:40:37 F0D13521B4723FD213ED9CDCB5A50F6E 7664928 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

2014-05-23 15:40:35 C098B4EA64D8C957486ACD736031435C 588608 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Install_PintoStartMenu.exe

2014-05-23 15:40:35 5D4ACF36CF6B3E2453C2E39216BD173B 629568 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe

2014-05-23 15:40:34 78148DC7BA8C46551929FF7E47FA4133 1114944 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe

2014-05-23 15:40:32 497AF28F6231FA74DE734C9628F30FAD 1362240 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\SPUpdate.exe

2014-05-23 15:40:31 FFFE93851E1DB6B112007AE6077BA2A5 1270080 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\PluginInstall.exe

2014-05-23 15:40:31 F1A522373D76B164ED357FD60314854D 1195808 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe

2014-05-23 15:40:31 88B7F951A2DD14BFF31AD74B4E624E98 2130720 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallPromote.exe

2014-05-23 15:40:27 D2F7C7DD5828AD6AA1BD74A336833E2A 24384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\win7_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 CB89633C0495D54654FC5A6441EB3894 23872 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wnet_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 9689B85C7E3C33F6C7788BC72C31C8B4 24384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wlh_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 78282F48B994EB1A2E9F942DF0749052 27456 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wlh_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:27 30E954BC3C98E9419DEA06F42D861010 23872 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wxp_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 2BA0E72EEB74142DEE05D80392DD21AB 26432 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wnet_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:27 2A99F3410342F2B058109CFEEDF45F64 27456 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\win7_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:27 16BE2D88119757E7B32E12901E35E58A 26432 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wxp_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:23 FB095D321D05F7B9999829650B059FC6 949024 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo12_StartupManager.exe

2014-05-23 15:40:23 D68B87B1F80E8C15C969B88F7BF08D4E 544544 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe

2014-05-23 15:40:23 B7600792B16CA0D6811D4297BE8BDDA5 1852192 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo11_InternetBooster.exe

2014-05-23 15:40:23 9EFC08CE346349C6BFA3B25A63FF286A 838432 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Reinforce.exe

2014-05-23 15:40:23 9100EA060BA3D3EEC330CE791E9BACA9 243488 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\TbAppCaller.exe

2014-05-23 15:40:23 85CC4370FBA31C5B98719A791D63603C 580384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suc12_DiskCleaner.exe

2014-05-23 15:40:23 743E8C8E1A56B6065DB83BD3EE2A7901 2229024 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suc11_RegistryCleaner.exe

2014-05-23 15:40:23 5AE7353BCD47D0C04A377844A9C9AC6F 900384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Sur13_WinFix.exe

2014-05-23 15:40:23 28D0247314629C67AB7F6AA2D99E1DAE 5422184 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SPSetup.exe

2014-05-23 15:40:23 21DB3A2FEA6E43EA830925331778A980 1900832 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Sua11_DiskExplorer.exe

2014-05-23 15:40:22 F0D13521B4723FD213ED9CDCB5A50F6E 7664928 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\IObitUninstaller.exe

2014-05-23 15:40:22 EE1F12BFCCFE1526CCBDBABB88493DF4 1082144 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Wizard.exe

2014-05-23 15:40:22 A2D598483C3D21ABC0B41C56704BB6C7 578336 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\UpgradeTip.exe

2014-05-23 15:40:22 5C74AD321FDD45D4562F6F67D9A75C84 1145120 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProjectOnUninstall.exe

2014-05-23 15:40:22 212BE27E48344EFD78BF173C5CA27C4A 167712 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe

2014-05-23 15:40:22 1157313BE0C81895F49B1D25CE77826A 687392 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProgramDeactivator.exe

2014-05-23 15:40:22 093CE9D2C6E64F23107DFB07DA1721B6 703776 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Homepage.exe

2014-05-23 15:40:21 88B7F951A2DD14BFF31AD74B4E624E98 2130720 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\UninstallPromote.exe

2014-05-23 15:40:21 7B44D4796E929393EC9B330AD52DFF4F 562464 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SendBugReportNew.exe

2014-05-23 15:40:21 3EF183CD81F9792303812714D883FBF6 1264928 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SPInit.exe

2014-05-23 15:40:21 13D946D32A1E816341D7FA3D48F5B468 947488 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SendBugReport.exe

2014-05-23 15:40:20 D2F3674FB4BCB1244E6028755B90AC27 603424 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Report.exe

2014-05-23 15:40:20 BE6DAB0C8CCB34AF60FCC907EF371346 2042144 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Register.exe

2014-05-23 15:40:20 3B74149C570AD751B377132D7C28411F 1084192 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RescueCenter.exe

2014-05-23 15:40:20 0C2F9B66D80EE02A51D0CB15E2F61864 1214240 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe

2014-05-23 15:40:19 DFBA16F3983B2FB5C9B479B577BCDE67 92960 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\PerformUpdate.exe

2014-05-23 15:40:19 D3029F71E7F453C833D28AA8CD08D14A 1873184 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\QuickSettings.exe

2014-05-23 15:40:19 99E9041F77D7988C2851153E3E0F5EBF 236320 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProTip.exe

2014-05-23 15:40:18 FA149A9A6DDDCC222865077D07DD1C51 2152736 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\LiveUpdate.exe

2014-05-23 15:40:18 8E13CA0B48A1298F46F8739B95DBE4BF 781600 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

2014-05-23 15:40:18 3EB3B7885DD64FB1E360710790320D22 323360 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Nfeatures.exe

2014-05-23 15:40:18 32AE2F1A4CEB3588F50611FD27BFA7E8 441120 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\MonitorDisk.exe

2014-05-23 15:40:17 FBC25AE0FF76FFFE0FCC7F4CEC5E6489 44320 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DiskScan.exe

2014-05-23 15:40:17 F5ADB51BC6EBF55B052B581FBC23C1E1 1107744 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\CheckDevice.exe

2014-05-23 15:40:17 E94D75A9D6E4724075BB6E6CC6FE3DD3 548128 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCUpgrade.exe

2014-05-23 15:40:17 E382AF1BEBEAB8CA249E0064E0B2F161 1141536 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoSweep.exe

2014-05-23 15:40:17 CC6B26C922B4480FCBDFF565C9ABFB6F 36640 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCFixer.exe

2014-05-23 15:40:17 6C856C581ACE1785CE3FC2414E9859A3 881952 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

2014-05-23 15:40:17 6A30A6E6164C1AC03B4F00356DED9607 645408 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCDownload.exe

2014-05-23 15:40:17 67CD9833ECFE329A35892321E71E9FE8 1327392 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoUpdate.exe

2014-05-23 15:40:17 66ED963FBA998E887C88FE6FCA46E2B9 43808 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DiskDefrag.exe

2014-05-23 15:40:17 49F4367F0885E9A77210EA9AC5835A16 468768 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DelayLoad.exe

2014-05-23 15:40:17 350E1CE270A22CF8D9584D508F0DC850 1863456 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoCare.exe

2014-05-23 15:40:17 22B9972EB524057C8CDE6168845C579C 580896 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCInit.exe

2014-05-23 15:40:17 1F98172C060A5328459A56CB7ECDA779 96032 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Display.exe

2014-05-23 15:40:17 127687F1D171D0820D02851A9FA62525 2295584 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

2014-05-23 15:40:16 E13E1FC432E031C164B241E38C214949 1757472 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ActionCenterDownloader.exe

2014-05-23 15:40:16 E0EB7A942405BB5A0CAAB5CFF2C78D0C 4474144 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

2014-05-23 15:40:16 37E24A946C409B7A0F7BE1FBC02218ED 1198368 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe

2014-05-23 15:40:00 A6A93CE12CF1B7840B20008260CCF336 36530832 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCPatch.exe

2014-05-23 15:09:26 29198D93029027C9BB4DA8E9C70AF13E 26832976 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.114\35.0.1916.114_34.0.1847.137_chrome_updater.exe

2014-05-23 15:08:22 29198D93029027C9BB4DA8E9C70AF13E 26832976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{35B36F02-0A66-418C-A605-E835983FBA3F}-35.0.1916.114_34.0.1847.137_chrome_updater.exe

2014-05-23 15:02:27 C59A1CF77A3B68AB38C21369F0EC4C72 1087296 ----a-w- C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe

=== C: other files ==

2014-05-24 09:14:14 B0A0260A3C03156937ECDB67CE5C6FE5 1975000 ----a-w- C:\Windows\LastGood.Tmp\system32\DRIVERS\RTWlanU.sys

2014-05-24 09:14:12 7461D3DA1AABB5F703504E958455A900 926824 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_7_64bit\rtl8192cu.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Windows\System32\rtwlanu.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Windows\System32\drivers\RTWlanU.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_8_64bit\rtwlanu.sys

2014-05-24 09:14:12 25C503FF283E95FFC5EB5F177C21AD5E 882792 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_Vista_64bit\rtl8192cu.sys

2014-05-24 09:14:11 A2DA4EC9EB6E7EFB7C0EE0C3834EB35A 1138280 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_XP_64bit\rtl8192cu.sys

2014-05-23 15:40:33 032694B0FE8D2AE6EC544B989E1CBF75 341164 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"

==== Startup Folders ======================

2014-05-14 19:26:51 1101 ----a-w- C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2014-05-24 09:14:24 2349 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\ASC7_SkipUac_Dolly.job --a-------- [undetermined Task]

C:\WINDOWS\tasks\Driver Booster SkipUAC (SYSTEM).job --a-------- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [14-03-2014 19:06]

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001Core.job --a-------- C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe [13-11-2013 22:56]

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001UA.job --a-------- C:@C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-01-2014 17:42]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-01-2014 17:42]

C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [06-05-2014 17:52]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe]

"C:\WINDOWS\SysNative\tasks\ASC7_SkipUac_Dolly" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\WINDOWS\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]

"C:\WINDOWS\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]

"C:\WINDOWS\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe]

"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001Core" [C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001UA" [C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe]

"C:\WINDOWS\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe]

"C:\WINDOWS\SysNative\tasks\StartMenuAutoupdate" [C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe]

"C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{ED9A2423-8CA0-46AC-A48C-B69DD8D1A3BA}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{f42e79d6-6717-4fa6-84a9-2825d86075b2}"="C:\Program Files (x86)\ViewPassword\150.xpi" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

kdfbddbdpnahdahmamlolacimfdbeckk - C:\Users\Dolly\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11-04-2014 19:46]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

kdfbddbdpnahdahmamlolacimfdbeckk - C:\Users\Dolly\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx[]

Google Docs - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

ViewPassword - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc

Advanced SystemCare Surfing Protection - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

Google Wallet - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Advanced SystemCare Surfing Protection - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd

Uitzending Gemist - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkpcnaghidjmebljggjmdplpckcngnfm

YouTube - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Bubble Shooter Level Pack - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cclpcbfoiabkkbhlcdlkkjhledodjakp

World Maps Puzzle - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfncnllmafkmjkelmocbaapmppjflkne

Google Search - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google News - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dllkocilcinkggkchnjgegijklcililc

Facebook For Chrome - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embepdkgnofhjnlpeeefkmicaiigpioe

NOS Video - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iggmbjghgeahcopdibklblgfkfendefg

Convert PDF to Word - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kclbidlajocjmicnpgpfmkblhdhjelfe

entrusted - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk

Skype Click to Call - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_kdfbddbdpnahdahmamlolacimfdbeckk_0.localstorage deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_kdfbddbdpnahdahmamlolacimfdbeckk_0.localstorage-journal deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\databases\chrome-extension_kdfbddbdpnahdahmamlolacimfdbeckk_0 deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Search Page"="Google"

"Search Bar"="Upgrade to Google Chrome"

"Default_Search_URL"="Google"

"Default_Page_URL"="Google"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Search Bar"="Bing"

"Default_Search_URL"="Bing"

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Unknown Url="Not_Found"

{A1CE9B07-0688-4147-A0DC-C8AB49B86425} Google Url="{searchTerms - Google Search}"

{A1CE9B07-0688-4147-A0DC-C8AB49B86425} Google Url="{searchTerms - Google Search}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Mozilla\Firefox\Extensions\{f42e79d6-6717-4fa6-84a9-2825d86075b2} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{32FF8E03-4332-44D3-B5E5-A04F1D69D0E1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - Startup: Dropbox.lnk = Dolly\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll

O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dolly\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\Dolly\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=625 folders=148 65313374 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Dolly\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\Dolly\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on zo 25-05-2014 at 16:19:34,46 ======================

- - - Updated - - -

Zoek.exe v5.0.0.0 Updated 22-05-2014

Tool run by Dolly on zo 25-05-2014 at 15:26:00,45.

Microsoft Windows 8.1 6.3.9600 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Dolly\AppData\Local\Temp\Temp1_zoek 22.zip\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Running Processes ======================

C:\WINDOWS\system32\wininit.exe

C:\WINDOWS\system32\winlogon.exe Hoop dat het zo genoeg is ?????????? Een hele klus voor mij ,maar ik wil graag van de error af.

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\system32\dwm.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

C:\WINDOWS\system32\dashost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe

C:\WINDOWS\system32\taskhostex.exe

C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

C:\WINDOWS\system32\DllHost.exe

C:\WINDOWS\system32\DllHost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe

C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe

C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe

C:\Windows\System32\skydrive.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

C:\Users\Dolly\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\WWAHost.exe

C:\Windows\System32\SettingSyncHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

C:\Users\Dolly\AppData\Local\Temp\Temp1_zoek 22.zip\zoek.exe

C:\WINDOWS\system32\conhost.exe

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

==== System Restore Info ======================

25-5-2014 15:31:49 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Settings Manager deleted successfully

C:\PROGRA~3\Browser Manager deleted successfully

C:\PROGRA~3\BrowserProtect deleted successfully

C:\PROGRA~3\Systweak deleted successfully

C:\PROGRA~3\Wincert deleted successfully

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully

C:\Users\Dolly\AppData\Roaming\Common deleted successfully

C:\Users\Dolly\AppData\Roaming\OfferMosquito deleted successfully

C:\Users\Dolly\AppData\Local\cache deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA4CEA4C-984E-4654-AE0F-B7BEB96D0EBF} deleted successfully

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EB11147D-47C7-45B2-8EC9-9D5EC2176A25} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{282b0e54-8981-49eb-9193-5910a1f6fd33} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{282b0e54-8981-49eb-9193-5910a1f6fd33} deleted successfully

==== Installed Programs ======================

Adobe Digital Editions 2.0

Advanced SystemCare 7

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Collage Creator

ArcSoft Funhouse

ArcSoft Greeting Card Creator

ArcSoft Panorama Maker 3

Driver Booster

Dropbox

Facebook Video Calling 2.0.0.447

Google Chrome

Google Update Helper

Google+ Auto Backup

Intel® Processor Graphics

IObit Apps Toolbar v8.5

IObit Malware Fighter

IObit Uninstaller

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft-invoegtoepassing Opslaan als PDF voor 2007 Microsoft Office-programma's

Microsoft PowerPoint Viewer

Microsoft Silverlight

Photo Notifier and Animation Creator

Picasa 3

Realtek High Definition Audio Driver

Skype Click to Call

SkypeT 6.14

Smart Defrag 3

Start Menu 8

Surfing Protection

TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver

TP-LINK Wireless Configuration Utility

VLC media player 2.1.3

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found

C:\Users\Dolly\daemonprocess.txt deleted

C:\Users\Dolly\.android deleted

C:\PROGRA~2\Webfetti_52EI deleted

C:\PROGRA~2\Advanced System Protector deleted

C:\Users\Dolly\AppData\Roaming\UpdaterEX deleted

C:\Users\Dolly\AppData\Roaming\ParetoLogic deleted

C:\Users\Dolly\AppData\Roaming\DriverCure deleted

C:\Users\Dolly\AppData\Roaming\systweak deleted

C:\PROGRA~3\ParetoLogic deleted

C:\PROGRA~3\ProductData deleted

C:\Users\Dolly\AppData\Local\CRE deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector deleted

C:\WINDOWS\SysNative\roboot64.exe deleted

C:\windows\SysNative\Tasks\MySearchDial deleted

C:\WINDOWS\Tasks\MySearchDial.job deleted

C:\WINDOWS\SysNative\sasnative64.exe deleted

C:\Users\Dolly\Downloads\FreeYouTubeToMP3Converter.exe deleted

C:\Users\Dolly\AppData\LocalLow\IObit Apps deleted

C:\Users\Dolly\AppData\LocalLow\ADSRemoval deleted

C:\Users\Dolly\AppData\LocalLow\imeshmusicboxtoolbar181 deleted

C:\windows\SysNative\tasks\UpdaterEX deleted

C:\WINDOWS\tasks\UpdaterEX.job deleted

C:\windows\SysNative\Tasks\Advanced System Protector deleted

C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted

C:\WINDOWS\Syswow64\RegistryHelperLM.ocx deleted

"C:\WINDOWS\Installer\b5c9d9c.msi" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)

Memory (RAM): 3978 MB

CPU Info: Intel® Pentium® CPU 2020M @ 2.40GHz

CPU Speed: 2440,7 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek Digital Output (Realtek |

Display Adapters: Intel® HD Graphics | Intel® HD Graphics | Intel® HD Graphics

Monitors: 1x; Generic PnP Monitor |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter #2 | TP-LINK Wireless USB Adapter | Bluetooth-apparaat (Personal Area Network) | Realtek PCIe GBE Family Controller | Intel® Centrino® Wireless-N 2230

CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208DB

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 869,0GB | D: 60,0GB

Hard Disks - Free: C: 824,1GB | D: 42,5GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | | MEDION - 1

Time Zone: West-Europa (standaardtijd)

Motherboard *: Medion E6234

Country: Nederland

Language: NLD

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: IObit Malware Fighter disabled (Outdated)

Default Browser: Google Chrome 35.0.1916.114

Internet Explorer Version: 11.0.9600.17107

Google Chrome version: 35.0.1916.114

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\Users\Dolly\AppData\Local\Temp ====

2014-05-25 10:46:05 62AEB8305A12986E4901CC4860ED0382 41984 ----a-w- C:\Users\Dolly\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplrkw6o.dll

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RTLDHCP.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe

2014-05-24 09:14:23 94142D05F00EC6601A4EA9939DE49C98 126976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\EnumDevLib.dll

2014-05-24 09:14:23 7C02774740B2EA1F5237808B1A363D34 200704 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\IpLib.dll

2014-05-24 09:14:23 49F70312DCCCE5CF01AA94DBD63FF908 479232 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RtlLib.dll

2014-05-24 09:14:23 49F70312DCCCE5CF01AA94DBD63FF908 479232 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlLib.dll

2014-05-24 09:14:23 49F70312DCCCE5CF01AA94DBD63FF908 479232 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlLib.dll

2014-05-24 09:14:23 44DB042E5B8BF57E8C991CE6C9BB5FF5 1116672 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\libeay32.dll

2014-05-24 09:14:23 29064E69158ECF8EE9D9C4F6C9F1BEBA 45056 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlICS.dll

2014-05-24 09:14:23 1C6148A2885B37593C6FF0AB4D71C6EB 249856 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RtlIhvOid.dll

2014-05-24 09:14:23 1C6148A2885B37593C6FF0AB4D71C6EB 249856 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlIhvOid.dll

2014-05-24 09:14:22 A3E3B26EC27CD51997F1E4A0D4036E73 245760 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlIhvOid.dll

2014-05-24 09:14:22 94142D05F00EC6601A4EA9939DE49C98 126976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\EnumDevLib.dll

2014-05-24 09:14:22 94142D05F00EC6601A4EA9939DE49C98 126976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\EnumDevLib.dll

2014-05-24 09:14:22 8F31B58478EC96EA61E86CFCD9DE9C25 196608 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RTLDHCP.exe

2014-05-24 09:14:22 7C02774740B2EA1F5237808B1A363D34 200704 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\IpLib.dll

2014-05-24 09:14:22 7C02774740B2EA1F5237808B1A363D34 200704 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\IpLib.dll

2014-05-24 09:14:22 44DB042E5B8BF57E8C991CE6C9BB5FF5 1116672 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\libeay32.dll

2014-05-24 09:14:22 44DB042E5B8BF57E8C991CE6C9BB5FF5 1116672 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\libeay32.dll

2014-05-24 09:14:22 29064E69158ECF8EE9D9C4F6C9F1BEBA 45056 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RtlICS.dll

2014-05-24 09:14:22 29064E69158ECF8EE9D9C4F6C9F1BEBA 45056 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlICS.dll

2014-05-24 09:14:17 8C47303CE87AEAE0E0283EC1E2072BEB 126976 ------w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\InstallHelper.dll

2014-05-24 09:14:12 7461D3DA1AABB5F703504E958455A900 926824 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_7_64bit\rtl8192cu.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_8_64bit\rtwlanu.sys

2014-05-24 09:14:12 25C503FF283E95FFC5EB5F177C21AD5E 882792 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_Vista_64bit\rtl8192cu.sys

2014-05-24 09:14:11 A2DA4EC9EB6E7EFB7C0EE0C3834EB35A 1138280 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_XP_64bit\rtl8192cu.sys

2014-05-23 15:08:22 29198D93029027C9BB4DA8E9C70AF13E 26832976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{35B36F02-0A66-418C-A605-E835983FBA3F}-35.0.1916.114_34.0.1847.137_chrome_updater.exe

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

2014-05-15 19:05:52 BE753D2FF471EA25421D931EF23DCDD3 105464 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-05-15 19:05:52 2A01A10CCCA38214C5E678D4E41D52F3 693240 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-05-14 17:01:08 DC72DC452793C9622E6F056B89F9302C 123904 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll

2014-05-14 17:01:08 D8C63F333D4A8D8433849A9ADC092BE9 31232 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe

2014-05-14 17:01:08 AB3A013BA1C50B2309E5BF8136600656 828928 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll

2014-05-14 17:01:08 8DA8026471B3470085B4AFB9C77BF45F 25088 ----a-w- C:\WINDOWS\SysWOW64\wups.dll

2014-05-14 17:01:08 82119579B000F62D96B083BC6A246C07 80896 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll

2014-05-14 17:01:08 51B615EF9408277FEF586EB97583844E 666624 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll

2014-05-14 17:01:08 3F0DB8120F65E3223B4EAF6CA4CDB3C5 754688 ----a-w- C:\WINDOWS\SysWOW64\WSShared.dll

2014-05-14 17:01:08 0542A44401EA9451D82D3DF4BF3BD871 419928 ----a-w- C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2014-05-14 16:59:08 EC4FA776548BF1A05DAE3B5EFB0FFE6F 1209616 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll

2014-05-14 16:59:08 C97E772120135CD320CB217C92105B12 370176 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv

2014-05-14 16:59:08 68A23F58F6F16B81BCBFCAA07CDF0680 61440 ----a-w- C:\WINDOWS\SysWOW64\srclient.dll

2014-05-14 16:59:07 FF28231D41465C253E9F9EF164DD619C 230400 ----a-w- C:\WINDOWS\SysWOW64\wlanapi.dll

2014-05-14 16:59:07 E697F1E4E819EB12C40AE01F88626BAB 219136 ----a-w- C:\WINDOWS\SysWOW64\resutils.dll

2014-05-14 16:59:07 E678126493997B951C6A6E91BC15C91C 836608 ----a-w- C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-05-14 16:59:07 E2AAB5EDC278D489C8EF87F277B5E3E6 888320 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll

2014-05-14 16:59:07 B6803C8A600E3F029A3D688D9E590CA3 300544 ----a-w- C:\WINDOWS\SysWOW64\wlanmsm.dll

2014-05-14 16:59:07 A9A027378882FFA14000612AE6FDA7AB 1200288 ----a-w- C:\WINDOWS\SysWOW64\propsys.dll

2014-05-14 16:59:07 A93E67D9084BEFC32C8E2B75FCC5B02E 11792384 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll

2014-05-14 16:59:07 A624CA7CDFA7941EECD6F96F1A47CCA3 178184 ----a-w- C:\WINDOWS\SysWOW64\MSVideoDSP.dll

2014-05-14 16:59:07 A5358F64D4EB5ABE2829981CD9734901 18755672 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll

2014-05-14 16:59:07 90C83CF02C884315E595FA07CA9C64EF 387896 ----a-w- C:\WINDOWS\SysWOW64\mfsvr.dll

2014-05-14 16:59:07 8C25FBB338147754DA42DF990FB3AE4A 285144 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2014-05-14 16:59:07 88A821BC72CB1A935C92F453586233EF 518544 ----a-w- C:\WINDOWS\SysWOW64\mf.dll

2014-05-14 16:59:07 87AB9959EC23455326C8C55E59DE0A88 669856 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2014-05-14 16:59:07 76892045ECB1D830185618DBD3467562 337408 ----a-w- C:\WINDOWS\SysWOW64\XpsGdiConverter.dll

2014-05-14 16:59:07 6BAE2EB5EFCEAC999BB1A5BF267C711D 707048 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll

2014-05-14 16:59:07 619C6E72B8433B3F67738F7E6C972A96 230808 ----a-w- C:\WINDOWS\SysWOW64\wintrust.dll

2014-05-14 16:59:07 5FAEA469BCE03F8FABAFB63D7603DC3C 982016 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2014-05-14 16:59:07 5C74AC34C1CAA9C232836C580272B0DD 1029120 ----a-w- C:\WINDOWS\SysWOW64\mispace.dll

2014-05-14 16:59:07 5AE9C90A51256F72C541A2FD81EAB7C4 2144984 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll

2014-05-14 16:59:07 561945C42E36012B4799C342E6A96498 800768 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-05-14 16:59:07 4874EB05C1BE374B8A4AC15DF3DB07B0 111528 ----a-w- C:\WINDOWS\SysWOW64\gpapi.dll

2014-05-14 16:59:07 4550DC04464B86C5EB2CC77D9D27C06C 5833216 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-05-14 16:59:07 3CABBCB26C4E73F3440A8A064EB490FF 11264 ----a-w- C:\WINDOWS\SysWOW64\wlanhlp.dll

2014-05-14 16:59:07 15905E6B799C1446A37915ED23CD17E5 144384 ----a-w- C:\WINDOWS\SysWOW64\rpchttp.dll

2014-05-14 16:59:07 0FDDBC46B0FE68B9516BED5CDC2A5296 5104640 ----a-w- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2014-05-14 16:59:07 06AB75759A0B2D79680F52ACDAE702A1 313344 ----a-w- C:\WINDOWS\SysWOW64\clusapi.dll

2014-05-14 16:59:05 D0E0E176F86C3B1048A67144DE0C5CD3 46592 ----a-w- C:\WINDOWS\SysWOW64\tlscsp.dll

2014-05-14 16:59:05 CF3EA59E07BF906B43058C98B6750D16 855552 ----a-w- C:\WINDOWS\SysWOW64\rdvidcrl.dll

2014-05-14 16:59:05 A717D4AC0C44BCBE990DBF8B6EC979AA 12711424 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2014-05-14 16:59:05 A54EB398BC2D792A0C603A97F7975FD8 357376 ----a-w- C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll

2014-05-14 16:59:05 A4F3682781DD8B36E97FD04BA50845A2 209920 ----a-w- C:\WINDOWS\SysWOW64\rdpencom.dll

2014-05-14 16:59:05 A3ECC0F6960AA699895CB48BC69BEA3B 326024 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll

2014-05-14 16:59:05 956D8170AD470804405C0564E10ED6ED 406504 ----a-w- C:\WINDOWS\SysWOW64\AudioEng.dll

2014-05-14 16:59:05 8EAD5F0BC40579B106CDD9D2591CFEC5 1797896 ----a-w- C:\WINDOWS\SysWOW64\d3d9.dll

2014-05-14 16:59:05 495C3945889DD59993474F2434863835 11776 ----a-w- C:\WINDOWS\SysWOW64\d3d8thk.dll

2014-05-14 16:59:05 1E48870B29C7D7328A7D484A61250AE5 5774848 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll

2014-05-14 16:59:05 13CE2AA6D3ACAF0B485DBFE8AF2F5C48 305768 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2014-05-14 16:59:05 008368626F3EFAEDB0C2CD4565BA6797 98584 ----a-w- C:\WINDOWS\SysWOW64\dwmapi.dll

2014-05-14 16:58:07 3DA5CD1E3B9BDAF79731CB6CB1029CB3 53248 ----a-w- C:\WINDOWS\SysWOW64\tsgqec.dll

2014-05-14 16:54:17 1DEC681B79501A714F0D3FA2787183C3 305152 ----a-w- C:\WINDOWS\SysWOW64\wusa.exe

2014-05-14 16:53:28 BA4FA107EF9A728C58A81B2EFCD6FE2B 26784 ----a-w- C:\WINDOWS\SysWOW64\mrt100.dll

2014-05-14 16:53:28 6923D6FAB7CBA8D82BD792182B4F3DE4 80032 ----a-w- C:\WINDOWS\SysWOW64\mrt_map.dll

2014-05-14 16:51:04 FBCF3F01177953EBF1E735643621CCF5 69632 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll

2014-05-14 16:51:04 EB5347F6149D3FF25F4D609A21A3BD67 17382912 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\WINDOWS\Sysnative\rtwlanu.sys

2014-05-24 09:14:12 346FE111845AE42343348CE5978F857C 9936 ----a-w- C:\WINDOWS\Sysnative\netrtwlanu.cat

2014-05-24 09:14:12 31ACF68B1E8232410CE93EAAD8A26FBA 36409 ----a-w- C:\WINDOWS\Sysnative\netrtwlanu.inf

2014-05-14 17:01:08 FD3638782572A8281BCF12520F6579F4 79872 ----a-w- C:\WINDOWS\Sysnative\WSReset.exe

2014-05-14 17:01:08 E9F333234A5641E2FEF2F5240BDD56B8 35328 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe

2014-05-14 17:01:08 E859E9B4A0300F56C94D2C69F6F65657 827392 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll

2014-05-14 17:01:08 C383B71BAAC22CCE37B99339AEB62F1E 93696 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll

2014-05-14 17:01:08 AF1BC4F5421023D59F1D472C1A4E01CF 921088 ----a-w- C:\WINDOWS\Sysnative\WSShared.dll

2014-05-14 17:01:08 850FC6B2E385766B9972CDBE947989F6 381440 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll

2014-05-14 17:01:08 7F15F3E0F847D90EB3A2124258E6B1DC 54776 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe

2014-05-14 17:01:08 7E609FBF50774CC5A239420FE34EBB9C 3464192 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll

2014-05-14 17:01:08 766DCDC7032C4C98E47B8A9F71239E38 555736 ----a-w- C:\WINDOWS\Sysnative\twinapi.appcore.dll

2014-05-14 17:01:08 736046C9AFD66BA29BA61ACD582E7A7B 137728 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll

2014-05-14 17:01:08 68CB2B575F0C67BB14590D1471285287 201728 ----a-w- C:\WINDOWS\Sysnative\ubpm.dll

2014-05-14 17:01:08 5F74A7DB62F6D560B0C858A096A37B59 1054208 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll

2014-05-14 17:01:08 4FB80968811FAD6E88ABFAA98E51305C 1705472 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll

2014-05-14 17:01:08 3DF281C1553A6124DEF875C19D46AC0D 190976 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll

2014-05-14 17:01:08 1EC3AACDB335533A7470245C683ACF94 56320 ----a-w- C:\WINDOWS\Sysnative\wups.dll

2014-05-14 16:59:08 F587513213947A4C7EF47B660DAAFBC5 271872 ----a-w- C:\WINDOWS\Sysnative\rstrui.exe

2014-05-14 16:59:08 9ED0E72966FB08F7E6DB15E5519AF8D1 1379064 ----a-w- C:\WINDOWS\Sysnative\wmpmde.dll

2014-05-14 16:59:08 9465F8E72887AC6CCDD97F738A5AB6B6 70656 ----a-w- C:\WINDOWS\Sysnative\srclient.dll

2014-05-14 16:59:08 414B81DE6CE46022ED43051C09EDB00B 467968 ----a-w- C:\WINDOWS\Sysnative\srcore.dll

2014-05-14 16:59:08 411DBFCD6ABAB75B6F7950677AEEFB7D 1403856 ----a-w- C:\WINDOWS\Sysnative\winmde.dll

2014-05-14 16:59:07 F4C09C622BC55A80F775DF7D8AB9984F 6645248 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll

2014-05-14 16:59:07 EAE6ED6C5076CF765EB731B92A237149 955904 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll

2014-05-14 16:59:07 E86E7792A2A0854D5560371BBDDA760B 1057280 ----a-w- C:\WINDOWS\Sysnative\rdvidcrl.dll

2014-05-14 16:59:07 BAF51BE2DEB387BD99CAC4E3B7850FEC 250368 ----a-w- C:\WINDOWS\Sysnative\rdpencom.dll

2014-05-14 16:59:07 B6BD22DDEDDD8665080D664749ACFEF5 64512 ----a-w- C:\WINDOWS\Sysnative\tsgqec.dll

2014-05-14 16:59:07 AEDD44FDB8B521D443A07146F5CA3A53 7173120 ----a-w- C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll

2014-05-14 16:59:07 AE2B9504C975B529D92D9E6603F6D33F 609448 ----a-w- C:\WINDOWS\Sysnative\mf.dll

2014-05-14 16:59:07 AD2DE3982C7B6E62346098C7570F6A7D 13287936 ----a-w- C:\WINDOWS\Sysnative\twinui.dll

2014-05-14 16:59:07 A1CD5194ACC156A852136B303F087260 491744 ----a-w- C:\WINDOWS\Sysnative\mfsvr.dll

2014-05-14 16:59:07 99277BE68298288A0E27CF9E50FAD091 881616 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll

2014-05-14 16:59:07 98A184F6EC43B178901FCD5D4E2EC43B 1222656 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Streaming.dll

2014-05-14 16:59:07 92B785213F856EC736673516C54FA791 233912 ----a-w- C:\WINDOWS\Sysnative\mfps.dll

2014-05-14 16:59:07 8ECEBEE92854C6705877911BA75889A8 2124840 ----a-w- C:\WINDOWS\Sysnative\d3d9.dll

2014-05-14 16:59:07 8E1866A4E96F1159B6625627860A0454 2100736 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlowUI.dll

2014-05-14 16:59:07 87CF824E47489DD972FB4FB9FC4EDD0A 324888 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll

2014-05-14 16:59:07 7FB9EC74ADFB2353B7782C3EF833F5B7 765408 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll

2014-05-14 16:59:07 7E4A8D95B9DBC2CB588B91848A0AE731 2688000 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers.dll

2014-05-14 16:59:07 6C6E26E0DB9AB2077F42FBBCDB153C84 2140888 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll

2014-05-14 16:59:07 6B7B2211C293218706D491204FCE8695 1126912 ----a-w- C:\WINDOWS\Sysnative\SearchFolder.dll

2014-05-14 16:59:07 69A374DE46C7BAAE30BFB1E40D69C5C6 761856 ----a-w- C:\WINDOWS\Sysnative\WorkfoldersControl.dll

2014-05-14 16:59:07 6873D09262D32B95D6AC3026FCF8B424 1230336 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll

2014-05-14 16:59:07 67176AA6EAF34FF2A962F14EB8F0478B 263424 ----a-w- C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe

2014-05-14 16:59:07 64B2A2630C964BF135A84A52FB2EEF9A 47616 ----a-w- C:\WINDOWS\Sysnative\tlscsp.dll

2014-05-14 16:59:07 5EE916C3272A19B459717A8D2397B07A 55296 ----a-w- C:\WINDOWS\Sysnative\energyprov.dll

2014-05-14 16:59:07 5661481164A164CAD67DBE5A0191207F 4190720 ----a-w- C:\WINDOWS\Sysnative\win32k.sys

2014-05-14 16:59:07 5071E71CC05346D88C5A08EB8B5A05E3 1584128 ----a-w- C:\WINDOWS\Sysnative\workfolderssvc.dll

2014-05-14 16:59:07 4684C8E852065C0A7937C395C165A24F 1466856 ----a-w- C:\WINDOWS\Sysnative\propsys.dll

2014-05-14 16:59:07 315502228EB37F36E86EF75CB1DA1D44 201920 ----a-w- C:\WINDOWS\Sysnative\MSVideoDSP.dll

2014-05-14 16:59:07 2344C5630F8EFE156BAB786EBD83A839 3359744 ----a-w- C:\WINDOWS\Sysnative\rdpcorets.dll

2014-05-14 16:59:07 22B8B1F946ACFCB03832793A25216D8C 186880 ----a-w- C:\WINDOWS\Sysnative\WorkFoldersShell.dll

2014-05-14 16:59:07 1517EE52367CABAA5615AC736DC96C7D 125496 ----a-w- C:\WINDOWS\Sysnative\dwmapi.dll

2014-05-14 16:59:07 151427E526E96471A45FF6CC2257FBA0 8652800 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Search.dll

2014-05-14 16:59:07 0C5C304C3A2D9E9633A7506CBB04929E 16872448 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll

2014-05-14 16:59:07 0BDD786156C820F49EEF5D348B4ACFF4 335872 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe

2014-05-14 16:59:07 072A99F351C505A45C9FDA32E7324602 28408 ----a-w- C:\WINDOWS\Sysnative\mfpmp.exe

2014-05-14 16:59:05 F4E351BB95D473CB55BB7C1A1FEB2798 467496 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll

2014-05-14 16:59:05 F2895547FC275642A29692DC344A847F 296960 ----a-w- C:\WINDOWS\Sysnative\wlanapi.dll

2014-05-14 16:59:05 EF252510DB6C3511E30418BD2AC95A2D 1527296 ----a-w- C:\WINDOWS\Sysnative\wlansvc.dll

2014-05-14 16:59:05 EEC46BC17F28C528AB7FAC20AFDF69E3 462336 ----a-w- C:\WINDOWS\Sysnative\XpsGdiConverter.dll

2014-05-14 16:59:05 ED7C0A11E655CD8B89BE499F99D56098 486912 ----a-w- C:\WINDOWS\Sysnative\winspool.drv

2014-05-14 16:59:05 E369C59F2C0852DDD090C07E0DDE0051 1436160 ----a-w- C:\WINDOWS\Sysnative\VSSVC.exe

2014-05-14 16:59:05 E2C26EECF60D9DF94706DF981D074B98 721408 ----a-w- C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll

2014-05-14 16:59:05 DC61194C93DE9E5D549AEC5064A06BD4 872448 ----a-w- C:\WINDOWS\Sysnative\SkyDrive.exe

2014-05-14 16:59:05 D872C6095AACC13AD897DB5E4D2B5D91 805376 ----a-w- C:\WINDOWS\Sysnative\win32spl.dll

2014-05-14 16:59:05 CB79B5D367376E7B49E2D95BFFB0BEEB 364640 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll

2014-05-14 16:59:05 C2A06D6E746C42E6CE6CA020EE67FFA2 4269056 ----a-w- C:\WINDOWS\Sysnative\SyncEngine.dll

2014-05-14 16:59:05 BF6FBC9D97A24FABB0AE8B878279CF0B 244880 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe

2014-05-14 16:59:05 B24960B79BDE7D5ED1EA638027F9E8F0 143872 ----a-w- C:\WINDOWS\Sysnative\BootMenuUX.dll

2014-05-14 16:59:05 AF3FF97AC2A73E70F8A8D11FB694175B 449536 ----a-w- C:\WINDOWS\Sysnative\defragsvc.dll

2014-05-14 16:59:05 AE7D8835A29FADB39C0D095BA32A9462 21268952 ----a-w- C:\WINDOWS\Sysnative\shell32.dll

2014-05-14 16:59:05 AE210430A150FF20A58E3C6B381A832F 1025024 ----a-w- C:\WINDOWS\Sysnative\localspl.dll

2014-05-14 16:59:05 977D67467950D8048E94651EE6081B99 370176 ----a-w- C:\WINDOWS\Sysnative\wlanmsm.dll

2014-05-14 16:59:05 9654DE19551093CD73874281E1573C94 135168 ----a-w- C:\WINDOWS\Sysnative\wscsvc.dll

2014-05-14 16:59:05 95471DDCB3B3FF70015FD9AA13404F44 281600 ----a-w- C:\WINDOWS\Sysnative\resutils.dll

2014-05-14 16:59:05 88BCAEABEB2A46DB7B336B8432720AC8 443904 ----a-w- C:\WINDOWS\Sysnative\wlansec.dll

2014-05-14 16:59:05 88ACBA95BB55B8226D52117462B76CD4 307304 ----a-w- C:\WINDOWS\Sysnative\wintrust.dll

2014-05-14 16:59:05 886767FD022213F7885416134E9082E5 201216 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll

2014-05-14 16:59:05 850EBB87584484DC16F917E7B6F4A304 718336 ----a-w- C:\WINDOWS\Sysnative\swprv.dll

2014-05-14 16:59:05 82FE5F302FD7C7EF0E41465BB873EFC7 11264 ----a-w- C:\WINDOWS\Sysnative\wlanhlp.dll

2014-05-14 16:59:05 7B3255A0B833908E4A7ACEA6245D344E 426496 ----a-w- C:\WINDOWS\Sysnative\clusapi.dll

2014-05-14 16:59:05 7B12172CCE581F76C9335D7A47E0AD50 130144 ----a-w- C:\WINDOWS\Sysnative\gpapi.dll

2014-05-14 16:59:05 79B134ECE836B406B212E28C24011538 834048 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll

2014-05-14 16:59:05 78D26F162E015FF644785C8836B617CA 1287168 ----a-w- C:\WINDOWS\Sysnative\mispace.dll

2014-05-14 16:59:05 626D19F1771E1AE72208AE9A8F3082F7 491520 ----a-w- C:\WINDOWS\Sysnative\GeofenceMonitorService.dll

2014-05-14 16:59:05 46378ECCB4A29AA81BF296641C2501EF 323072 ----a-w- C:\WINDOWS\Sysnative\srvsvc.dll

2014-05-14 16:59:05 383DA813409316D69603C1D849834D24 1308160 ----a-w- C:\WINDOWS\Sysnative\gpsvc.dll

2014-05-14 16:59:05 2A4177EE5446877BD24DD72504105603 191488 ----a-w- C:\WINDOWS\Sysnative\rpchttp.dll

2014-05-14 16:59:05 1697E09CDA4DD8741B8276F48A8514DE 32600 ----a-w- C:\WINDOWS\Sysnative\ploptin.dll

2014-05-14 16:59:05 0BBD7EDAEA54D0E30445E9FC1179C60A 1411584 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll

2014-05-14 16:59:05 01851563CB6FB986A4C0221C15AB6ADC 463256 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll

2014-05-14 16:59:04 CFB353B4E33AFE922C3A62DBC9C9B0A8 7425368 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe

2014-05-14 16:59:04 067CB90C277DB4A737D5DEABA3055972 407016 ----a-w- C:\WINDOWS\Sysnative\services.exe

2014-05-14 16:54:17 326715361A7D1C65983BFE920990E4EF 308224 ----a-w- C:\WINDOWS\Sysnative\wusa.exe

2014-05-14 16:53:28 D178F55D53B9A10FFBDC134C95517846 28320 ----a-w- C:\WINDOWS\Sysnative\mrt100.dll

2014-05-14 16:53:28 A750229C96A406EE123F43916053F142 86688 ----a-w- C:\WINDOWS\Sysnative\mrt_map.dll

2014-05-14 16:51:04 A920E1336F9FEA95477763E2CC15891B 84992 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll

2014-05-14 16:51:04 797E2E5C309AFF76990D5B7AF457EACA 23544320 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll

====== C:\WINDOWS\Sysnative\drivers =====

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\WINDOWS\Sysnative\drivers\RTWlanU.sys

2014-05-14 16:59:07 F152D55E497E12256290C43B31C7D0CE 589656 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys

2014-05-14 16:59:05 FD163F487CBA9C98AFFEB546C80F49A2 677376 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys

2014-05-14 16:59:05 DBA635C6398782C549E3BE45CF1D0411 206848 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys

2014-05-14 16:59:05 78514B073CC5775800A65BFB82A0D66B 443904 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys

2014-05-14 16:59:05 716059F37BCCB1ABEDE99EBE82E8E362 246272 ----a-w- C:\WINDOWS\Sysnative\drivers\srvnet.sys

2014-05-14 16:59:05 4C1E71E37B56C768900B1FCF81205027 372568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys

2014-05-14 16:59:05 0696F66E4D423793951A60562F794D14 402432 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys

2014-05-14 16:59:04 D90AB68D0FAC9F357F663670FDBB511E 275800 -c--a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys

2014-05-14 16:59:04 D7566BE560B040C47F6F35EB980D8377 2518360 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys

2014-05-14 16:59:04 CADCE0D6C30427F70A4BFA426256F68C 337240 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys

2014-05-14 16:59:04 92370F46AF28D54B67C135FA8C2AFCFC 1200128 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys

2014-05-14 16:59:04 8FCE57F7E5CDA5751FDE01A316180488 428888 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS

2014-05-14 16:59:04 7C7BE474915166B61B84C025F1F10157 563200 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys

2014-05-14 16:59:04 6592D192E2823C043EDBC010E7774053 360792 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys

2014-05-14 16:59:04 4BB9BC49DEE1A319EC58274A7BBED663 310616 -c--a-w- C:\WINDOWS\Sysnative\drivers\volsnap.sys

2014-05-14 16:59:04 498288DD5CA42C2D36D125893E968C53 77312 -c--a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys

2014-05-14 16:59:04 33977549C2CED09936E05BEE7659EAFF 384856 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys

2014-05-14 16:53:58 F5D4FA3E1F4879C361FFF3855259D2C2 35856 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys

2014-05-14 16:53:57 6CC1BB8F6851A262E2E824F0E92D5EEF 123224 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys

2014-05-14 16:53:57 019CC610AD95FF47EAD7C08B7A683B96 257880 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys

====== C:\WINDOWS\Tasks ======

2014-05-23 15:40:38 E80D4D44AD923FD6F764795DAB00E0B5 292 ----a-w- C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job

2014-05-23 15:40:38 D44A1AD9ECA9BD7E07CE80C2EE40A8E8 2392 ----a-w- C:\WINDOWS\Sysnative\Tasks\Uninstaller_SkipUac_Administrator

2014-05-23 15:40:31 CC0919C0C3A136AC30CD9D379F17EF4E 2356 ----a-w- C:\WINDOWS\Sysnative\Tasks\ASC7_SkipUac_Dolly

2014-05-23 15:40:30 30043A71317757CD719A363B01E0A889 256 ----a-w- C:\WINDOWS\Tasks\ASC7_SkipUac_Dolly.job

2014-05-17 19:15:38 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\GenericSettingsHandler

2014-05-06 07:38:18 18C6C93EE9DCDBF3A26FE10D94C8E305 3094 ----a-w- C:\WINDOWS\Sysnative\Tasks\ASC7_PerformanceMonitor

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2014-05-09 18:13:30 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-05-24 09:14:22 -------- d-----w- C:\PROGRA~2\TP-LINK

2014-05-23 16:31:47 -------- d-----w- C:\PROGRA~2\trend micro

======= C: =====

2014-05-24 05:49:06 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\asc_rdflag

====== C:\Users\Dolly\AppData\Roaming ======

2014-05-24 09:14:37 -------- d-----w- C:\Users\Dolly\AppData\Roaming\TP-LINK

2014-05-23 15:41:41 -------- d-----w- C:\Users\Dolly\AppData\Roaming\ProductData

2014-05-10 06:03:52 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google

2014-05-08 10:15:18 2A2BF8661ED6D8D80F2D7698261D5A14 2407624 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat

2014-05-04 08:13:38 A0B3FDD4C95251DCC30B1C88C80F32E4 7597 ----a-w- C:\Users\Dolly\AppData\Local\resmon.resmoncfg

====== C:\Users\Dolly ======

2014-05-24 09:14:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK

2014-05-23 15:40:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

2014-05-06 07:37:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7

====== C: exe-files ==

2014-05-24 09:14:24 51AF618755360539B4C6063C440E1187 846848 ----a-w- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win8\RTLDHCP.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe

2014-05-24 09:14:23 EF1AD771B2C773CEBA4C2E70097F1168 221184 ----a-w- C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe

2014-05-24 09:14:22 8F31B58478EC96EA61E86CFCD9DE9C25 196608 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{EA5B1A46-2A5F-42E0-94D0-66C54DFED8B2}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RTLDHCP.exe

2014-05-24 09:14:21 6F58A1D8E7B031C6F2A60BA04D1A0B7D 372736 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{319D91C6-3D44-436C-9F79-36C0D22372DC}\setup.exe

2014-05-24 09:14:11 6F58A1D8E7B031C6F2A60BA04D1A0B7D 372736 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{852E893E-E4FD-45BB-8B17-72ADDF686974}\setup.exe

2014-05-24 09:13:39 6F58A1D8E7B031C6F2A60BA04D1A0B7D 372736 ------r- C:\Windows\Temp\temp\Utility\setup.exe

2014-05-23 16:31:47 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Dolly.exe

2014-05-23 15:40:37 F0D13521B4723FD213ED9CDCB5A50F6E 7664928 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

2014-05-23 15:40:35 C098B4EA64D8C957486ACD736031435C 588608 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Install_PintoStartMenu.exe

2014-05-23 15:40:35 5D4ACF36CF6B3E2453C2E39216BD173B 629568 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe

2014-05-23 15:40:34 78148DC7BA8C46551929FF7E47FA4133 1114944 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe

2014-05-23 15:40:32 497AF28F6231FA74DE734C9628F30FAD 1362240 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\SPUpdate.exe

2014-05-23 15:40:31 FFFE93851E1DB6B112007AE6077BA2A5 1270080 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\PluginInstall.exe

2014-05-23 15:40:31 F1A522373D76B164ED357FD60314854D 1195808 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe

2014-05-23 15:40:31 88B7F951A2DD14BFF31AD74B4E624E98 2130720 ----a-w- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallPromote.exe

2014-05-23 15:40:27 D2F7C7DD5828AD6AA1BD74A336833E2A 24384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\win7_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 CB89633C0495D54654FC5A6441EB3894 23872 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wnet_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 9689B85C7E3C33F6C7788BC72C31C8B4 24384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wlh_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 78282F48B994EB1A2E9F942DF0749052 27456 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wlh_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:27 30E954BC3C98E9419DEA06F42D861010 23872 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wxp_x86\RegistryDefragBootTime.exe

2014-05-23 15:40:27 2BA0E72EEB74142DEE05D80392DD21AB 26432 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wnet_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:27 2A99F3410342F2B058109CFEEDF45F64 27456 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\win7_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:27 16BE2D88119757E7B32E12901E35E58A 26432 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wxp_amd64\RegistryDefragBootTime.exe

2014-05-23 15:40:23 FB095D321D05F7B9999829650B059FC6 949024 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo12_StartupManager.exe

2014-05-23 15:40:23 D68B87B1F80E8C15C969B88F7BF08D4E 544544 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe

2014-05-23 15:40:23 B7600792B16CA0D6811D4297BE8BDDA5 1852192 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo11_InternetBooster.exe

2014-05-23 15:40:23 9EFC08CE346349C6BFA3B25A63FF286A 838432 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Reinforce.exe

2014-05-23 15:40:23 9100EA060BA3D3EEC330CE791E9BACA9 243488 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\TbAppCaller.exe

2014-05-23 15:40:23 85CC4370FBA31C5B98719A791D63603C 580384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suc12_DiskCleaner.exe

2014-05-23 15:40:23 743E8C8E1A56B6065DB83BD3EE2A7901 2229024 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suc11_RegistryCleaner.exe

2014-05-23 15:40:23 5AE7353BCD47D0C04A377844A9C9AC6F 900384 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Sur13_WinFix.exe

2014-05-23 15:40:23 28D0247314629C67AB7F6AA2D99E1DAE 5422184 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SPSetup.exe

2014-05-23 15:40:23 21DB3A2FEA6E43EA830925331778A980 1900832 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Sua11_DiskExplorer.exe

2014-05-23 15:40:22 F0D13521B4723FD213ED9CDCB5A50F6E 7664928 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\IObitUninstaller.exe

2014-05-23 15:40:22 EE1F12BFCCFE1526CCBDBABB88493DF4 1082144 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Wizard.exe

2014-05-23 15:40:22 A2D598483C3D21ABC0B41C56704BB6C7 578336 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\UpgradeTip.exe

2014-05-23 15:40:22 5C74AD321FDD45D4562F6F67D9A75C84 1145120 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProjectOnUninstall.exe

2014-05-23 15:40:22 212BE27E48344EFD78BF173C5CA27C4A 167712 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe

2014-05-23 15:40:22 1157313BE0C81895F49B1D25CE77826A 687392 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProgramDeactivator.exe

2014-05-23 15:40:22 093CE9D2C6E64F23107DFB07DA1721B6 703776 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Homepage.exe

2014-05-23 15:40:21 88B7F951A2DD14BFF31AD74B4E624E98 2130720 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\UninstallPromote.exe

2014-05-23 15:40:21 7B44D4796E929393EC9B330AD52DFF4F 562464 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SendBugReportNew.exe

2014-05-23 15:40:21 3EF183CD81F9792303812714D883FBF6 1264928 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SPInit.exe

2014-05-23 15:40:21 13D946D32A1E816341D7FA3D48F5B468 947488 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\SendBugReport.exe

2014-05-23 15:40:20 D2F3674FB4BCB1244E6028755B90AC27 603424 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Report.exe

2014-05-23 15:40:20 BE6DAB0C8CCB34AF60FCC907EF371346 2042144 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Register.exe

2014-05-23 15:40:20 3B74149C570AD751B377132D7C28411F 1084192 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RescueCenter.exe

2014-05-23 15:40:20 0C2F9B66D80EE02A51D0CB15E2F61864 1214240 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe

2014-05-23 15:40:19 DFBA16F3983B2FB5C9B479B577BCDE67 92960 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\PerformUpdate.exe

2014-05-23 15:40:19 D3029F71E7F453C833D28AA8CD08D14A 1873184 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\QuickSettings.exe

2014-05-23 15:40:19 99E9041F77D7988C2851153E3E0F5EBF 236320 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProTip.exe

2014-05-23 15:40:18 FA149A9A6DDDCC222865077D07DD1C51 2152736 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\LiveUpdate.exe

2014-05-23 15:40:18 8E13CA0B48A1298F46F8739B95DBE4BF 781600 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

2014-05-23 15:40:18 3EB3B7885DD64FB1E360710790320D22 323360 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Nfeatures.exe

2014-05-23 15:40:18 32AE2F1A4CEB3588F50611FD27BFA7E8 441120 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\MonitorDisk.exe

2014-05-23 15:40:17 FBC25AE0FF76FFFE0FCC7F4CEC5E6489 44320 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DiskScan.exe

2014-05-23 15:40:17 F5ADB51BC6EBF55B052B581FBC23C1E1 1107744 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\CheckDevice.exe

2014-05-23 15:40:17 E94D75A9D6E4724075BB6E6CC6FE3DD3 548128 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCUpgrade.exe

2014-05-23 15:40:17 E382AF1BEBEAB8CA249E0064E0B2F161 1141536 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoSweep.exe

2014-05-23 15:40:17 CC6B26C922B4480FCBDFF565C9ABFB6F 36640 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCFixer.exe

2014-05-23 15:40:17 6C856C581ACE1785CE3FC2414E9859A3 881952 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

2014-05-23 15:40:17 6A30A6E6164C1AC03B4F00356DED9607 645408 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCDownload.exe

2014-05-23 15:40:17 67CD9833ECFE329A35892321E71E9FE8 1327392 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoUpdate.exe

2014-05-23 15:40:17 66ED963FBA998E887C88FE6FCA46E2B9 43808 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DiskDefrag.exe

2014-05-23 15:40:17 49F4367F0885E9A77210EA9AC5835A16 468768 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\DelayLoad.exe

2014-05-23 15:40:17 350E1CE270A22CF8D9584D508F0DC850 1863456 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoCare.exe

2014-05-23 15:40:17 22B9972EB524057C8CDE6168845C579C 580896 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCInit.exe

2014-05-23 15:40:17 1F98172C060A5328459A56CB7ECDA779 96032 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Display.exe

2014-05-23 15:40:17 127687F1D171D0820D02851A9FA62525 2295584 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

2014-05-23 15:40:16 E13E1FC432E031C164B241E38C214949 1757472 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ActionCenterDownloader.exe

2014-05-23 15:40:16 E0EB7A942405BB5A0CAAB5CFF2C78D0C 4474144 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

2014-05-23 15:40:16 37E24A946C409B7A0F7BE1FBC02218ED 1198368 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe

2014-05-23 15:40:00 A6A93CE12CF1B7840B20008260CCF336 36530832 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCPatch.exe

2014-05-23 15:09:26 29198D93029027C9BB4DA8E9C70AF13E 26832976 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.114\35.0.1916.114_34.0.1847.137_chrome_updater.exe

2014-05-23 15:08:22 29198D93029027C9BB4DA8E9C70AF13E 26832976 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{35B36F02-0A66-418C-A605-E835983FBA3F}-35.0.1916.114_34.0.1847.137_chrome_updater.exe

2014-05-23 15:02:27 C59A1CF77A3B68AB38C21369F0EC4C72 1087296 ----a-w- C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe

=== C: other files ==

2014-05-24 09:14:14 B0A0260A3C03156937ECDB67CE5C6FE5 1975000 ----a-w- C:\Windows\LastGood.Tmp\system32\DRIVERS\RTWlanU.sys

2014-05-24 09:14:12 7461D3DA1AABB5F703504E958455A900 926824 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_7_64bit\rtl8192cu.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Windows\System32\rtwlanu.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Windows\System32\drivers\RTWlanU.sys

2014-05-24 09:14:12 4D6804B13B7AC399A2011C51BBED3550 1578128 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_8_64bit\rtwlanu.sys

2014-05-24 09:14:12 25C503FF283E95FFC5EB5F177C21AD5E 882792 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_Vista_64bit\rtl8192cu.sys

2014-05-24 09:14:11 A2DA4EC9EB6E7EFB7C0EE0C3834EB35A 1138280 ----a-w- C:\Users\Dolly\AppData\Local\Temp\{FF72A9A0-92EC-46A2-AC62-BE4233E71B79}\{852E893E-E4FD-45BB-8B17-72ADDF686974}\Driver\Windows_XP_64bit\rtl8192cu.sys

2014-05-23 15:40:33 032694B0FE8D2AE6EC544B989E1CBF75 341164 ----a-w- C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"

==== Startup Folders ======================

2014-05-14 19:26:51 1101 ----a-w- C:\Users\Dolly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

2014-05-24 09:14:24 2349 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\ASC7_SkipUac_Dolly.job --a-------- [undetermined Task]

C:\WINDOWS\tasks\Driver Booster SkipUAC (SYSTEM).job --a-------- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [14-03-2014 19:06]

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001Core.job --a-------- C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe [13-11-2013 22:56]

C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001UA.job --a-------- C:@C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-01-2014 17:42]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-01-2014 17:42]

C:\WINDOWS\tasks\Uninstaller_SkipUac_Administrator.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [06-05-2014 17:52]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe]

"C:\WINDOWS\SysNative\tasks\ASC7_SkipUac_Dolly" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\WINDOWS\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]

"C:\WINDOWS\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]

"C:\WINDOWS\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe]

"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001Core" [C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1535316386-195622087-1994388212-1001UA" [C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe]

"C:\WINDOWS\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe]

"C:\WINDOWS\SysNative\tasks\StartMenuAutoupdate" [C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe]

"C:\WINDOWS\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{ED9A2423-8CA0-46AC-A48C-B69DD8D1A3BA}" [C:\WINDOWS\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{f42e79d6-6717-4fa6-84a9-2825d86075b2}"="C:\Program Files (x86)\ViewPassword\150.xpi" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

kdfbddbdpnahdahmamlolacimfdbeckk - C:\Users\Dolly\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11-04-2014 19:46]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

kdfbddbdpnahdahmamlolacimfdbeckk - C:\Users\Dolly\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx[]

Google Docs - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

ViewPassword - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc

Advanced SystemCare Surfing Protection - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

Google Wallet - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Google Docs - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Advanced SystemCare Surfing Protection - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd

Uitzending Gemist - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkpcnaghidjmebljggjmdplpckcngnfm

YouTube - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Bubble Shooter Level Pack - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cclpcbfoiabkkbhlcdlkkjhledodjakp

World Maps Puzzle - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfncnllmafkmjkelmocbaapmppjflkne

Google Search - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google News - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dllkocilcinkggkchnjgegijklcililc

Facebook For Chrome - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\embepdkgnofhjnlpeeefkmicaiigpioe

NOS Video - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iggmbjghgeahcopdibklblgfkfendefg

Convert PDF to Word - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kclbidlajocjmicnpgpfmkblhdhjelfe

entrusted - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk

Skype Click to Call - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Google Wallet - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_kdfbddbdpnahdahmamlolacimfdbeckk_0.localstorage deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_kdfbddbdpnahdahmamlolacimfdbeckk_0.localstorage-journal deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\databases\chrome-extension_kdfbddbdpnahdahmamlolacimfdbeckk_0 deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com"

"Default_Page_URL"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Unknown Url="Not_Found"

{A1CE9B07-0688-4147-A0DC-C8AB49B86425} Google Url="http://www.google.com/search?q={searchTerms}"

{A1CE9B07-0688-4147-A0DC-C8AB49B86425} Google Url="http://www.google.com/search?q={searchTerms}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1535316386-195622087-1994388212-1001\Software\Mozilla\Firefox\Extensions\{f42e79d6-6717-4fa6-84a9-2825d86075b2} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{32FF8E03-4332-44D3-B5E5-A04F1D69D0E1} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\30E8FF2323343D445B5E0AF4D1960D1E deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Dolly\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - Startup: Dropbox.lnk = Dolly\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll

O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Dolly\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\Dolly\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Dolly\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=625 folders=148 65313374 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Dolly\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\Dolly\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on zo 25-05-2014 at 16:19:34,46 ======================

Geplaatst:

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Geplaatst:

# Gebruikersnaam : Dolly - DOLLY2

# Gestart vanuit : C:\Users\Dolly\Desktop\adwcleaner_3.211.exe

# Optie : Scannen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Bestand Gevonden : C:\WINDOWS\System32\Tasks\Driver Booster Update

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Gevonden : HKCU\Software\APNDTX

Sleutel Gevonden : HKCU\Software\AppDataLow\Software

Sleutel Gevonden : HKCU\Software\AppDataLow\Software\ViewPassword

Sleutel Gevonden : HKCU\Software\IM

Sleutel Gevonden : HKCU\Software\ImInstaller

Sleutel Gevonden : HKCU\Software\Linkey

Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}

Sleutel Gevonden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Sleutel Gevonden : HKCU\Software\ParetoLogic

Sleutel Gevonden : HKCU\Software\Softonic

Sleutel Gevonden : HKCU\Software\SystemK

Sleutel Gevonden : HKCU\Software\systweak

Sleutel Gevonden : HKCU\Software\UpdaterEX

Sleutel Gevonden : [x64] HKCU\Software\APNDTX

Sleutel Gevonden : [x64] HKCU\Software\IM

Sleutel Gevonden : [x64] HKCU\Software\ImInstaller

Sleutel Gevonden : [x64] HKCU\Software\Linkey

Sleutel Gevonden : [x64] HKCU\Software\ParetoLogic

Sleutel Gevonden : [x64] HKCU\Software\Softonic

Sleutel Gevonden : [x64] HKCU\Software\SystemK

Sleutel Gevonden : [x64] HKCU\Software\systweak

Sleutel Gevonden : [x64] HKCU\Software\UpdaterEX

Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}

Sleutel Gevonden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Sleutel Gevonden : HKLM\Software\InstallCore

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32

Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS

Sleutel Gevonden : HKLM\Software\ParetoLogic

Sleutel Gevonden : HKLM\Software\systweak

Sleutel Gevonden : HKLM\Software\Uniblue

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Sleutel Gevonden : [x64] HKLM\SOFTWARE\Linkey

Sleutel Gevonden : [x64] HKLM\SOFTWARE\ParetoLogic

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17037

Instelling Gevonden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuyCzztCyBtBzyyCyC0Fzy0AtAzyyC0E0BtN0D0Tzu0CyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1346938204&ir=

-\\ Google Chrome v35.0.1916.114

*************************

AdwCleaner[R0].txt - [16097 octets] - [13/01/2014 15:22:30]

AdwCleaner[R1].txt - [2851 octets] - [27/05/2014 18:10:46]

AdwCleaner[s0].txt - [13681 octets] - [13/01/2014 15:25:37]

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.