Ga naar inhoud

Aanbevolen berichten

Geplaatst:

Download 51a5f5d096dae-icon_RSIT.png RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je 
hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een 

.
Geplaatst:
Logfile of random's system information tool 1.10 (written by random/random)

Run by David at 2015-06-13 13:59:15

Microsoft Windows 7 Home Premium  Service Pack 1

System drive C: has 369 GB (81%) free of 457 GB

Total RAM: 4044 MB (40% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 13:59:20, on 13/06/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17840)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe

C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\David.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll

O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Polar FlowSync] C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

O4 - HKCU\..\Run: [Mio Share] C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio\Mio Share.appref-ms

O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [CycloAgent] "C:\Program Files (x86)\CycloAgent\CycloAgent.exe"

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe

O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe

O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

O23 - Service: NI LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 13570 bytes

 

======Listing Processes======

 

 

 

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

winlogon.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe"

"C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\IDT\WDM\STacSV64.exe"

 

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

atieclxx

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b7d31818-f4d8-46e7-a182-1ebd10447548 -SystemEventPortName:HostProcess-593d0070-652b-4f92-a3ef-75607ae8e3c6 -IoCancelEventPortName:HostProcess-ddf2bff1-0cef-4cea-a2fe-6962d73c4912 -NonStateChangingEventPortName:HostProcess-e5d13e9b-64d1-425d-9a1e-64cf82d8c997 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:e46ca5b7-cce1-4dee-9651-494a7e5b34b9 -DeviceGroupId:

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe 21379280

\??\C:\Windows\system32\conhost.exe "-878726354-8759349821794385738593408915-679222591123399377316601267911606622954

taskeng.exe {1FAE1DD3-7CF5-4D9A-99B9-D560E70F6089}

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k WbioSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\IDT\WDM\AESTSr64.exe"

C:\Windows\System32\svchost.exe -k utcsvc

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe"

"C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe"

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"

"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"

"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"

C:\Windows\SysWOW64\lkcitdl.exe

C:\Windows\SysWOW64\lkads.exe

C:\Windows\SysWOW64\lktsrv.exe

"C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe"

"C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe" -s

"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"

"C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe"

"C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\servicing\TrustedInstaller.exe

"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"

"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe"

"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe"

"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\sppsvc.exe

"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\system32\rundll32.exe appraiser.dll,DoScheduledTelemetryRun

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 

"taskhost.exe"

taskeng.exe {07AC1BFF-CF0A-4F45-A2FE-55AFE9AD0F33}

"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2912

"C:\Windows\system32\Dwm.exe"

"C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe"

"C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task

C:\Windows\Explorer.EXE

"C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe" -Embedding

C:\Windows\system32\wbem\unsecapp.exe -Embedding

"C:\Windows\System32\igfxtray.exe" 

"C:\Windows\System32\hkcmd.exe" 

"C:\Windows\System32\igfxpers.exe" 

"C:\Program Files\IDT\WDM\sttray64.exe" 

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 

"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden

"C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe" 

"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto

"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe"

"C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" 

"C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe" -det

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 

"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart

"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 

"C:\Windows\system32\GWX\GWX.exe" 

"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" 

"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" 

"C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" 

taskeng.exe {348A558D-2C53-4371-B136-4FD00520C8CB}

"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" 

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 1"

C:\Windows\System32\svchost.exe -k WerSvcGroup

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5624.0.1429911666\1873509819" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,43 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x6760 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.810.4.1000 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="5624.2.1187893029\1080886859" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/AllowIdleFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StableBookmarksIndexURLsControl/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_40/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=5624 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-accelerated-video-decode --channel="5624.6.1308885637\1365781777" /prefetch:673131151

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"

"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0

C:\Windows\TEMP\917154AB-C0F5-4300-A197-37449E5CC52E\dismhost.exe {E5F96218-F674-46AC-BC69-8505482518AE}

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

"C:\Windows\system32\SearchFilterHost.exe" 0 552 556 564 65536 560 

"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden

"C:\Users\David\Downloads\RSITx64.exe" 

 

======Scheduled tasks folder======

 

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000Core.job - C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe  /c /nocrashserver 

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000UA.job - C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe  /ua /installsource scheduler 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

C:\Windows\tasks\HPCeeScheduleForDavid.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe  HPCeeScheduleForDavid (null) 

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}]

TrueSuite Website Log On - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2010-12-07 346952]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-13 460712]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-04-01 672032]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-13 172968]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]

HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-12-17 167960]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-12-17 391704]

"Persistence"=C:\Windows\system32\igfxpers.exe [2010-12-17 418328]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-12-02 524800]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-19 2799912]

"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-09-26 21720]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-11-22 2736128]

"Facebook Update"=C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-02-03 138096]

"Polar FlowSync"=C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe [2014-11-11 1125376]

"Mio Share"=C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio\Mio Share.appref-ms [2014-11-24 342]

"Advanced SystemCare 8"=C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2015-04-08 2429728]

"CycloAgent"=C:\Program Files (x86)\CycloAgent\CycloAgent.exe [2014-11-19 1752064]

"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2015-05-21 1403224]

 

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-05-20 284440]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-12-30 336384]

"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2013-10-19 113288]

"HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]

"HPOSD"=C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Snapfish PictureMover.lnk - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

 

C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.4.1.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-12-17 384000]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

"DisableTaskMgr"=0

"DisableChangePassword"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"HideFastUserSwitching"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

"EnableShellExecuteHooks"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 month======

 

2015-06-12 19:11:21 ----A---- C:\Windows\system32\diagtrack.dll

2015-06-12 19:11:20 ----A---- C:\Windows\system32\kerberos.dll

2015-06-12 19:11:19 ----A---- C:\Windows\system32\KernelBase.dll

2015-06-12 19:11:18 ----A---- C:\Windows\SYSWOW64\kerberos.dll

2015-06-12 19:11:16 ----A---- C:\Windows\system32\lsasrv.dll

2015-06-12 19:11:16 ----A---- C:\Windows\system32\kernel32.dll

2015-06-12 19:11:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2015-06-12 19:11:15 ----A---- C:\Windows\SYSWOW64\advapi32.dll

2015-06-12 19:11:15 ----A---- C:\Windows\system32\ntoskrnl.exe

2015-06-12 19:11:15 ----A---- C:\Windows\system32\advapi32.dll

2015-06-12 19:11:11 ----A---- C:\Windows\system32\ntdll.dll

2015-06-12 19:11:10 ----A---- C:\Windows\SYSWOW64\tracerpt.exe

2015-06-12 19:11:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2015-06-12 19:11:10 ----A---- C:\Windows\system32\wow64.dll

2015-06-12 19:11:10 ----A---- C:\Windows\system32\winsrv.dll

2015-06-12 19:11:10 ----A---- C:\Windows\system32\tracerpt.exe

2015-06-12 19:11:10 ----A---- C:\Windows\system32\srcore.dll

2015-06-12 19:11:10 ----A---- C:\Windows\system32\rstrui.exe

2015-06-12 19:11:10 ----A---- C:\Windows\system32\drivers\ksecpkg.sys

2015-06-12 19:11:10 ----A---- C:\Windows\system32\conhost.exe

2015-06-12 19:11:09 ----A---- C:\Windows\SYSWOW64\schannel.dll

2015-06-12 19:11:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll

2015-06-12 19:11:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll

2015-06-12 19:11:09 ----A---- C:\Windows\system32\schannel.dll

2015-06-12 19:11:09 ----A---- C:\Windows\system32\msv1_0.dll

2015-06-12 19:11:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys

2015-06-12 19:11:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll

2015-06-12 19:11:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll

2015-06-12 19:11:08 ----A---- C:\Windows\SYSWOW64\tdh.dll

2015-06-12 19:11:08 ----A---- C:\Windows\SYSWOW64\setup16.exe

2015-06-12 19:11:08 ----A---- C:\Windows\SYSWOW64\sechost.dll

2015-06-12 19:11:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll

2015-06-12 19:11:08 ----A---- C:\Windows\SYSWOW64\logman.exe

2015-06-12 19:11:08 ----A---- C:\Windows\system32\wdigest.dll

2015-06-12 19:11:08 ----A---- C:\Windows\system32\TSpkg.dll

2015-06-12 19:11:08 ----A---- C:\Windows\system32\tdh.dll

2015-06-12 19:11:08 ----A---- C:\Windows\system32\sspicli.dll

2015-06-12 19:11:08 ----A---- C:\Windows\system32\smss.exe

2015-06-12 19:11:08 ----A---- C:\Windows\system32\sechost.dll

2015-06-12 19:11:08 ----A---- C:\Windows\system32\ncrypt.dll

2015-06-12 19:11:08 ----A---- C:\Windows\system32\lsass.exe

2015-06-12 19:11:08 ----A---- C:\Windows\system32\logman.exe

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\typeperf.exe

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\srclient.dll

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\secur32.dll

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\relog.exe

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\diskperf.exe

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\credssp.dll

2015-06-12 19:11:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe

2015-06-12 19:11:07 ----A---- C:\Windows\system32\wow64win.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\wow64cpu.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\typeperf.exe

2015-06-12 19:11:07 ----A---- C:\Windows\system32\sspisrv.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\srclient.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\secur32.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\relog.exe

2015-06-12 19:11:07 ----A---- C:\Windows\system32\ntvdm64.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\diskperf.exe

2015-06-12 19:11:07 ----A---- C:\Windows\system32\csrsrv.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\credssp.dll

2015-06-12 19:11:07 ----A---- C:\Windows\system32\auditpol.exe

2015-06-12 19:11:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-06-12 19:11:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-06-12 19:11:05 ----A---- C:\Windows\SYSWOW64\wow32.dll

2015-06-12 19:11:05 ----A---- C:\Windows\SYSWOW64\kernel32.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-06-12 19:11:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-06-12 19:11:03 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-06-12 19:11:03 ----A---- C:\Windows\SYSWOW64\user.exe

2015-06-12 19:11:03 ----A---- C:\Windows\SYSWOW64\instnm.exe

2015-06-12 19:11:03 ----A---- C:\Windows\SYSWOW64\apisetschema.dll

2015-06-12 19:11:03 ----A---- C:\Windows\system32\apisetschema.dll

2015-06-12 19:11:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll

2015-06-12 19:11:02 ----A---- C:\Windows\system32\adtschema.dll

2015-06-12 19:11:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll

2015-06-12 19:11:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll

2015-06-12 19:11:01 ----A---- C:\Windows\system32\UtcResources.dll

2015-06-12 19:11:01 ----A---- C:\Windows\system32\msobjs.dll

2015-06-12 19:11:01 ----A---- C:\Windows\system32\msaudite.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\wininet.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\msrating.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\jscript.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\ieui.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2015-06-12 18:44:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\wininet.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\vbscript.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\urlmon.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2015-06-12 18:44:29 ----A---- C:\Windows\system32\msrating.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\mshtmlmedia.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\mshtmled.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\MshtmlDac.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\mshtml.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\msfeeds.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\jsproxy.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\jscript9diag.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\jscript9.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\jscript.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ieUnatt.exe

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ieui.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\iesetup.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\iertutil.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\iernonce.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ieframe.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ieetwproxystub.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ieetwcollector.exe

2015-06-12 18:44:29 ----A---- C:\Windows\system32\iedkcs32.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ieapfltr.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\ie4uinit.exe

2015-06-12 18:44:29 ----A---- C:\Windows\system32\dxtrans.dll

2015-06-12 18:44:29 ----A---- C:\Windows\system32\dxtmsft.dll

2015-06-12 18:42:44 ----A---- C:\Windows\SYSWOW64\comctl32.dll

2015-06-12 18:42:44 ----A---- C:\Windows\system32\comctl32.dll

2015-06-12 18:41:59 ----A---- C:\Windows\system32\win32k.sys

2015-06-12 18:41:37 ----A---- C:\Windows\SYSWOW64\wmploc.DLL

2015-06-12 18:41:37 ----A---- C:\Windows\SYSWOW64\wmp.dll

2015-06-12 18:41:37 ----A---- C:\Windows\SYSWOW64\spwmp.dll

2015-06-12 18:41:37 ----A---- C:\Windows\SYSWOW64\dxmasf.dll

2015-06-12 18:41:37 ----A---- C:\Windows\system32\wmploc.DLL

2015-06-12 18:41:37 ----A---- C:\Windows\system32\wmp.dll

2015-06-12 18:41:37 ----A---- C:\Windows\system32\spwmp.dll

2015-06-12 18:41:37 ----A---- C:\Windows\system32\dxmasf.dll

2015-06-12 18:39:01 ----A---- C:\Windows\SYSWOW64\wuwebv.dll

2015-06-12 18:39:01 ----A---- C:\Windows\SYSWOW64\wups.dll

2015-06-12 18:39:01 ----A---- C:\Windows\SYSWOW64\wudriver.dll

2015-06-12 18:39:01 ----A---- C:\Windows\SYSWOW64\wuapp.exe

2015-06-12 18:39:01 ----A---- C:\Windows\SYSWOW64\wuapi.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wuwebv.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wups2.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wups.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wudriver.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wucltux.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wuaueng.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wuauclt.exe

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wuapp.exe

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wuapi.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\wu.upgrade.ps.dll

2015-06-12 18:39:01 ----A---- C:\Windows\system32\WinSetupUI.dll

2015-06-12 18:37:25 ----A---- C:\Windows\system32\drivers\stream.sys

2015-06-10 16:57:48 ----D---- C:\Program Files (x86)\GameforgeLive

2015-06-05 19:19:52 ----A---- C:\Windows\system32\RtNicProp64.dll

2015-06-05 19:19:52 ----A---- C:\Windows\system32\drivers\Rt64win7.sys

2015-06-05 19:16:45 ----A---- C:\Windows\SYSWOW64\RtsPStorIcon.dll

2015-06-05 19:16:45 ----A---- C:\Windows\system32\drivers\RtsPStor.sys

2015-06-05 13:54:52 ----A---- C:\Windows\system32\invagent.dll

2015-06-05 13:54:52 ----A---- C:\Windows\system32\generaltel.dll

2015-06-05 13:54:52 ----A---- C:\Windows\system32\devinv.dll

2015-06-05 13:54:52 ----A---- C:\Windows\system32\appraiser.dll

2015-06-05 13:54:52 ----A---- C:\Windows\system32\aepic.dll

2015-06-05 13:54:52 ----A---- C:\Windows\system32\aepdu.dll

2015-06-05 13:54:52 ----A---- C:\Windows\system32\aeinv.dll

2015-06-05 13:54:52 ----A---- C:\Windows\system32\acmigration.dll

2015-06-01 19:23:53 ----D---- C:\Users\David\AppData\Roaming\Garmin

2015-06-01 19:22:58 ----D---- C:\ProgramData\Garmin

2015-06-01 19:22:35 ----D---- C:\Program Files (x86)\Garmin

2015-05-22 20:11:30 ----A---- C:\Windows\SYSWOW64\certcli.dll

2015-05-22 20:11:30 ----A---- C:\Windows\system32\certcli.dll

2015-05-21 21:50:38 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-05-21 21:50:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-05-21 21:47:51 ----A---- C:\Windows\system32\services.exe

2015-05-21 21:47:50 ----A---- C:\Windows\SYSWOW64\DWrite.dll

2015-05-21 21:47:50 ----A---- C:\Windows\system32\FntCache.dll

2015-05-21 21:47:50 ----A---- C:\Windows\system32\DWrite.dll

2015-05-21 21:47:37 ----A---- C:\Windows\SYSWOW64\InkEd.dll

2015-05-21 21:47:37 ----A---- C:\Windows\system32\InkEd.dll

2015-05-19 14:38:11 ----D---- C:\Program Files (x86)\Zwift

2015-05-15 14:23:48 ----A---- C:\Windows\SYSWOW64\poqexec.exe

2015-05-15 14:23:48 ----A---- C:\Windows\system32\poqexec.exe

2015-05-15 14:23:14 ----A---- C:\Windows\SYSWOW64\shimeng.dll

2015-05-15 14:23:14 ----A---- C:\Windows\SYSWOW64\sdbinst.exe

2015-05-15 14:23:14 ----A---- C:\Windows\SYSWOW64\apphelp.dll

2015-05-15 14:23:14 ----A---- C:\Windows\system32\shimeng.dll

2015-05-15 14:23:14 ----A---- C:\Windows\system32\sdbinst.exe

2015-05-15 14:23:14 ----A---- C:\Windows\system32\apphelp.dll

2015-05-15 14:23:14 ----A---- C:\Windows\system32\aelupsvc.dll

2015-05-15 14:23:03 ----A---- C:\Windows\SYSWOW64\dwmcore.dll

2015-05-15 14:23:03 ----A---- C:\Windows\SYSWOW64\dwmapi.dll

2015-05-15 14:23:03 ----A---- C:\Windows\system32\dwmcore.dll

2015-05-15 14:23:03 ----A---- C:\Windows\system32\dwmapi.dll

2015-05-15 14:22:38 ----A---- C:\Windows\SYSWOW64\wpdshext.dll

2015-05-15 14:22:38 ----A---- C:\Windows\system32\wpdshext.dll

 

======List of files/folders modified in the last 1 month======

 

2015-06-13 13:59:20 ----D---- C:\Windows\Temp

2015-06-13 13:59:17 ----D---- C:\Program Files\trend micro

2015-06-13 13:55:57 ----A---- C:\Windows\SYSWOW64\log.txt

2015-06-13 13:53:54 ----D---- C:\Windows\system32\config

2015-06-13 13:53:11 ----D---- C:\Windows

2015-06-12 20:45:06 ----D---- C:\Windows\System32

2015-06-12 20:45:06 ----A---- C:\Windows\system32\PerfStringBackup.INI

2015-06-12 20:45:05 ----D---- C:\Windows\inf

2015-06-12 20:44:41 ----D---- C:\Windows\Tasks

2015-06-12 20:44:41 ----D---- C:\Windows\system32\Tasks

2015-06-12 20:43:18 ----D---- C:\Windows\debug

2015-06-12 20:39:42 ----D---- C:\Windows\winsxs

2015-06-12 20:35:44 ----D---- C:\Windows\SYSWOW64\nl-NL

2015-06-12 20:35:44 ----D---- C:\Windows\SysWOW64

2015-06-12 20:35:44 ----D---- C:\Windows\system32\nl-NL

2015-06-12 20:35:43 ----D---- C:\Windows\SYSWOW64\en-US

2015-06-12 20:35:43 ----D---- C:\Windows\system32\en-US

2015-06-12 20:35:43 ----D---- C:\Windows\system32\drivers

2015-06-12 20:35:43 ----D---- C:\Windows\PolicyDefinitions

2015-06-12 20:35:43 ----D---- C:\Windows\AppPatch

2015-06-12 20:35:43 ----D---- C:\Program Files\Internet Explorer

2015-06-12 20:35:43 ----D---- C:\Program Files (x86)\Internet Explorer

2015-06-12 20:19:04 ----D---- C:\Windows\system32\MRT

2015-06-12 20:19:00 ----SHD---- C:\System Volume Information

2015-06-12 20:18:54 ----A---- C:\Windows\system32\MRT.exe

2015-06-12 19:38:46 ----D---- C:\Windows\system32\catroot

2015-06-12 19:38:40 ----SHD---- C:\Windows\Installer

2015-06-12 19:38:37 ----RD---- C:\Program Files

2015-06-12 19:38:34 ----D---- C:\Program Files (x86)

2015-06-12 19:37:16 ----RD---- C:\Program Files (x86)\Skype

2015-06-12 19:28:11 ----SHD---- C:\boot

2015-06-12 19:25:59 ----D---- C:\Program Files\Windows Media Player

2015-06-12 19:25:59 ----D---- C:\Program Files (x86)\Windows Media Player

2015-06-12 18:44:25 ----D---- C:\Windows\system32\catroot2

2015-06-12 16:11:50 ----D---- C:\Windows\system32\wfp

2015-06-12 16:11:42 ----D---- C:\Windows\system32\wbem

2015-06-12 16:09:01 ----D---- C:\Windows\system32\CodeIntegrity

2015-06-12 16:08:54 ----SD---- C:\Windows\system32\GWX

2015-06-12 16:08:54 ----D---- C:\Windows\system32\DriverStore

2015-06-12 16:08:53 ----D---- C:\Users\David\AppData\Roaming\ProductData

2015-06-12 16:08:53 ----D---- C:\Users\David\AppData\Roaming\IObit

2015-06-12 16:08:52 ----D---- C:\ProgramData\ProductData

2015-06-12 16:08:52 ----D---- C:\ProgramData\National Instruments

2015-06-12 16:08:52 ----D---- C:\Program Files\Common Files\Microsoft Shared

2015-06-12 16:08:51 ----D---- C:\Program Files (x86)\CycloAgent

2015-06-12 16:07:55 ----D---- C:\Windows\registration

2015-06-12 16:02:33 ----D---- C:\Windows\SoftwareDistribution

2015-06-10 11:51:57 ----D---- C:\Windows\Prefetch

2015-06-07 09:52:05 ----D---- C:\Windows\rescache

2015-06-05 19:19:45 ----D---- C:\Program Files (x86)\Realtek

2015-06-05 19:19:16 ----D---- C:\SwSetup

2015-06-05 19:19:16 ----A---- C:\Windows\system32\RTNUninst64.dll

2015-06-05 19:17:09 ----D---- C:\Windows\SYSWOW64\sda

2015-06-05 19:10:16 ----HD---- C:\ProgramData

2015-06-05 19:10:06 ----RSD---- C:\Windows\assembly

2015-06-05 19:10:06 ----D---- C:\Windows\Microsoft.NET

2015-06-05 19:09:27 ----D---- C:\Program Files (x86)\Intel

2015-06-05 18:35:30 ----SD---- C:\Windows\system32\CompatTel

2015-06-05 18:35:30 ----D---- C:\Windows\system32\appraiser

2015-06-01 19:24:02 ----D---- C:\Program Files\DIFX

2015-06-01 19:22:18 ----D---- C:\ProgramData\Package Cache

2015-05-26 16:06:37 ----D---- C:\ProgramData\boost_interprocess

2015-05-25 19:45:49 ----D---- C:\Windows\Logs

2015-05-22 13:47:04 ----SD---- C:\Windows\SYSWOW64\GWX

2015-05-17 19:28:15 ----D---- C:\Windows\system32\AdvancedInstallers

2015-05-17 19:28:14 ----D---- C:\Windows\system32\drivers\UMDF

2015-05-15 14:12:34 ----D---- C:\ProgramData\IObit

2015-05-15 13:59:34 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2015-05-15 13:59:34 ----D---- C:\Program Files (x86)\Tacx

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-08-12 30008]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-05-20 557848]

R0 NIPALK;NIPALK; C:\Windows\System32\drivers\nipalk.sys [2012-12-19 926992]

R0 nipbcfk;National Instruments Class Upper Filter Driver; C:\Windows\System32\drivers\nipbcfk.sys [2012-12-18 16984]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-10-08 46368]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 NiViPxiK;NI-VISA PXI Driver; C:\Windows\System32\drivers\NiViPxiKl.sys [2013-06-19 15200]

R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-08-12 43320]

R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-12-31 8281600]

R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-12-31 292864]

R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-05-18 3065408]

R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-12-10 31088]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]

R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-12-17 12256512]

R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2013-10-19 91648]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2013-10-19 208896]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2015-06-05 338536]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-06-05 428136]

R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10305; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-12-02 520192]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-10-19 1451056]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2013-09-18 14112]

R3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2014-01-26 268800]

R3 WinUsb;WinUSB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-09-26 16088]

S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2014-09-26 30424]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-12-17 12256512]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]

S3 nidimk;nidimk; \??\C:\Windows\system32\drivers\nidimkl.sys [2012-01-27 12968]

S3 niorbk;niorbk; \??\C:\Windows\system32\drivers\niorbkl.sys [2011-07-01 12952]

S3 nipalfwedl;nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [2012-12-20 13624]

S3 nipalusbedl;nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [2012-12-20 13624]

S3 NiViPciK;NI-VISA PCI Driver; C:\Windows\System32\drivers\NiViPciKl.sys [2013-06-19 15200]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-08-01 19456]

S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]

S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2013-03-06 27336]

S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2013-03-06 73216]

S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]

S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]

S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-08-01 57856]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2015-04-03 814880]

R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-12-31 203776]

R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232]

R2 FPLService;TrueSuiteService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2010-12-07 249672]

R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2015-05-21 717768]

R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]

R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-05 291896]

R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-08-12 30520]

R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]

R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2015-06-05 2413056]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-11-22 73728]

R2 LkCitadelServer;Lookout Citadel Server; C:\Windows\SysWOW64\lkcitdl.exe [2010-03-05 695136]

R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\SysWOW64\lkads.exe [2010-06-16 45168]

R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\SysWOW64\lktsrv.exe [2010-06-16 55416]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-11-23 325656]

R2 NIDomainService;National Instruments Domain Service; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [2010-06-16 360568]

R2 niLXIDiscovery;NI LXI Discovery Service; C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe [2012-11-07 236768]

R2 nimDNSResponder;NI mDNS Responder Service; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2013-05-11 260976]

R2 NiSvcLoc;NI Service Locator; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [2013-06-07 90440]

R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2010-12-02 275968]

R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2014-07-14 2253112]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-11-23 2656280]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]

R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18 116648]

S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-03-26 2585376]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-18 116648]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-12 114688]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-20 1255736]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

 

-----------------EOF-----------------
Geplaatst:

Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

  • Klik op "Gratis Java-download".
  • Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  • Het bestand jxpiinstall.exe wordt aangeboden - kies hier voor "bestand opslaan".
  • Klik op "Gratis Java-download".
  • Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  • Het bestand jxpiinstall.exe wordt aangeboden - kies hier voor "bestand opslaan".
  • Blader naar de map waar je het bestand hebt opgeslagen.
  • Klik vervolgens op jxpiinstall.exe om de nieuwste versie van Java te installeren.
  • Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.
  • Eventuele oudere java versies worden aan het einde verwijderd.


 

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
{10921475-03CE-4E04-90CE-E2E7EF20C814};c
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;
  • Klik op de knop "More options" en vink nu de onderstaande opties aan.
     
  • Do a Deep Scan
  • Installed Programs
  • Auto Clean
     
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Geplaatst:
 

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by David on ma 15/06/2015 at 14:53:46,96.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\David\Downloads\zoek (5).exe [scan all users]   [Deep Scan] [Auto Clean]

 

==== Older Logs ======================

 

C:\zoek-results2015-01-17-185440.log 130748 bytes

 

==== Empty Folders Check ======================

 

C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully

C:\Users\David\AppData\Roaming\hpqLog deleted successfully

C:\Users\David\AppData\Roaming\Mozilla deleted successfully

C:\Users\David\AppData\Local\EmieBrowserModeList deleted successfully

C:\Users\David\AppData\Local\EmieSiteList deleted successfully

C:\Users\David\AppData\Local\EmieUserList deleted successfully

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411411168} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{2A836234-186C-41A0-9863-40BECDEDED9F} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110611491169} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110611331113} deleted successfully

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

 

==== Running Processes ======================

 

C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\SysWOW64\lkcitdl.exe

C:\Windows\SysWOW64\lkads.exe

C:\Windows\SysWOW64\lktsrv.exe

C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe

C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe

C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Users\David\Downloads\zoek (5).exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

 

==== Deleting Services ======================

 

 

==== Deleting Files \ Folders ======================

 

C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found

C:\PROGRA~2\Doctor PC deleted

C:\Users\David\AppData\Roaming\ProductData deleted

C:\PROGRA~3\ProductData deleted

C:\PROGRA~3\Package Cache deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony deleted

C:\Windows\SysNative\roboot64.exe deleted

C:\Windows\SysNative\config\systemprofile\Searches deleted

 

==== System Specs ======================

 

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 4044 MB

CPU Info: Intel® Core i7-2630QM CPU @ 2.00GHz

CPU Speed: 1969,8 MHz

Sound Card: Luidsprekers en koptelefoons (I | 

Communicatie koptelefoons (IDT  | 

Display Adapters: Mobile Intel® HD Graphics | Mobile Intel® HD Graphics | Radeon HD 6490M | Radeon HD 6490M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm | 

Screen Resolution: 1600 X 900 - 32 bit

Network: Network Present

Network Adapters: Broadcom 4313 (802.11b/g/n) | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: hp      CDDVDW TS-L633R

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C:  446,5GB | D:  19,0GB

Hard Disks - Free: C:  359,4GB | D:  2,3GB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 10/05/11 | HPQOEM - 1

Time Zone: Romance (standaardtijd)

Motherboard *: Hewlett-Packard 1659

Country: Belgi‰ 

Language: NLB 

 

==== System Specs (Software) ======================

 

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 43.0.2357.124

Internet Explorer Version: 11.0.9600.17843 

Google Chrome version: 43.0.2357.124

Adobe Reader version: 9.5.5.316

Sun Java version: 1.8.0_45 (32-bit) 

Sun Java version: 1.8.0_45 (64-bit) 

Shockwave Player version: 11.5.8r612

 

==== Files Recently Created / Modified ======================

 

====== C:\Windows ====

====== C:\Users\David\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2015-06-12 17:11:18 2CA16814DA3C5B2D8C7E70DC47A45ED1 551424 ----a-w- C:\Windows\SysWOW64\kerberos.dll

2015-06-12 17:11:15 9E68E1BDEBD85FC8803707370BE0FC6E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll

2015-06-12 17:11:15 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2015-06-12 17:11:10 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2015-06-12 17:11:10 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe

2015-06-12 17:11:09 EA141596564AE0C670EDD0F2636EC29C 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll

2015-06-12 17:11:09 BBABC6702529CFADAC0EC2B28168A288 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll

2015-06-12 17:11:09 8C7635292CFF4901F058269454A1D64E 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll

2015-06-12 17:11:08 A9E8F961F7FE1EDEEF8F46EEB800F2D8 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll

2015-06-12 17:11:08 9A50B2567918BF7DDD600ECE5DB5ED76 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll

2015-06-12 17:11:08 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2015-06-12 17:11:08 65A5E27C2217D606E212B6088CCD6104 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll

2015-06-12 17:11:08 5643A88C6DA8AAEC9CE2845431942650 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2015-06-12 17:11:08 4238391DE3E3FDCD2C731C1E4E0F402C 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll

2015-06-12 17:11:08 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe

2015-06-12 17:11:07 FCA6EFFEE6D7D42E794F0E538297026C 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll

2015-06-12 17:11:07 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe

2015-06-12 17:11:07 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe

2015-06-12 17:11:07 D877133532CE090502B1166B360E9516 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll

2015-06-12 17:11:07 7A9F94E0F53C8F6E09405351AC104A3C 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2015-06-12 17:11:07 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe

2015-06-12 17:11:07 558227F567E977D71B9182013EF03E9C 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2015-06-12 17:11:07 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe

2015-06-12 17:11:07 2D23A10FBFA09DC1B61799128BBA91A2 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2015-06-12 17:11:06 F72A9953199EF5807D595AE3694B5D01 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

2015-06-12 17:11:05 F81920ADB15012CF4E9FF8238C85686A 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll

2015-06-12 17:11:05 6C730482615C97B923B88C648FF554A3 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2015-06-12 17:11:03 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2015-06-12 17:11:03 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2015-06-12 17:11:03 52C869A640B8169D7C8460FB1646ABF5 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll

2015-06-12 17:11:02 2E65BF3D85BB2C831669FBCBDE6C9879 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll

2015-06-12 17:11:01 7E7933E63BBE2BE71CC908EF140458EF 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll

2015-06-12 17:11:01 619D5101114C71E1A4A585C5E68301B7 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll

2015-06-12 16:44:29 FB5C9234E4BF6BDAF4A954763A4582BA 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll

2015-06-12 16:44:29 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2015-06-12 16:44:29 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec

2015-06-12 16:44:29 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll

2015-06-12 16:44:29 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2015-06-12 16:44:29 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2015-06-12 16:44:29 C93AE4D14AEF5169791B35D97AE7C9FC 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2015-06-12 16:44:29 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll

2015-06-12 16:44:29 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2015-06-12 16:44:29 9F6066005D8B8620598085C7499E9B70 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2015-06-12 16:44:29 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2015-06-12 16:44:29 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2015-06-12 16:44:29 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2015-06-12 16:44:29 8C8B8C78C0CCD5D36ABCB115B0B581E1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2015-06-12 16:44:29 8C3A03295F56D1FFB51D9D05DA42B12D 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2015-06-12 16:44:29 85E21CCF38166E0D6DE2E42D9D3823BD 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2015-06-12 16:44:29 81C1182A9EE7AC4D21187811DE66A7D0 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2015-06-12 16:44:29 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2015-06-12 16:44:29 7C9F8DB66A56306C5BBE97F9FC0F01EF 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2015-06-12 16:44:29 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2015-06-12 16:44:29 5C06EE62F06E990E9521EA80B8D4D4B8 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2015-06-12 16:44:29 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2015-06-12 16:44:29 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2015-06-12 16:44:29 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2015-06-12 16:44:29 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2015-06-12 16:44:29 1A628C1F5470F0AF21E37E425026F27A 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll

2015-06-12 16:44:29 185490A6C3BEDAC5EF547314F68AB07B 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-06-12 16:44:29 17B0852D8202A872C3E6D01B518B6A4E 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2015-06-12 16:42:44 58788565442368B0615DDAF1D452B843 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll

2015-06-12 16:41:37 DA27A4EA7B7C77FAFDB3F94D83E310C1 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL

2015-06-12 16:41:37 A98E8F79C738CAF23C152DBCABD978FE 11411456 ----a-w- C:\Windows\SysWOW64\wmp.dll

2015-06-12 16:41:37 605E9B2CFA3445ED7716D0B345EE21EC 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll

2015-06-12 16:41:37 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx

2015-06-12 16:41:37 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll

2015-06-12 16:39:01 C1D7451054FEDC3F96F2903B6F84A4EE 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll

2015-06-12 16:39:01 B4667963F9711C644F5E43D9A46D8680 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe

2015-06-12 16:39:01 81AE5637F2D2DE4DAF67F540F5A076AA 30208 ----a-w- C:\Windows\SysWOW64\wups.dll

2015-06-12 16:39:01 61302CE8DDB8513A4FF03CEE2A14471F 92672 ----a-w- C:\Windows\SysWOW64\wudriver.dll

2015-06-12 16:39:01 4A99665068B907CCB0EE4A5D3F2584D7 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll

2015-06-05 17:16:45 6C1EEE6FBCDD2B07398495CE7C9ECC0A 9888360 ----a-w- C:\Windows\SysWOW64\RtsPStorIcon.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2015-06-15 12:48:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Sysnative\RENDEAB.tmp

2015-06-12 17:11:21 AA5319FA8602676B5D3A2B4A1355896D 1255424 ----a-w- C:\Windows\Sysnative\diagtrack.dll

2015-06-12 17:11:20 6ECD6D92F43C2DC55099F892978D5BE7 728576 ----a-w- C:\Windows\Sysnative\kerberos.dll

2015-06-12 17:11:19 8DCA1C70AF170C3FBCE47A4F49BFC887 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll

2015-06-12 17:11:16 93A05407F8E53BC731C42AAD56163F80 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2015-06-12 17:11:16 6FDF03A3B110C5264F52F979335AE301 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll

2015-06-12 17:11:15 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe

2015-06-12 17:11:15 4FFD08A01047EF6B58F6EB4E6D001A8D 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll

2015-06-12 17:11:11 53042708C242959B3924242FBBE297B1 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll

2015-06-12 17:11:10 FF9BBFAE899091C1FF0D1A3F2C587911 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2015-06-12 17:11:10 CCB352B939B77B38983DD878C547451F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll

2015-06-12 17:11:10 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe

2015-06-12 17:11:10 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\Sysnative\conhost.exe

2015-06-12 17:11:10 2313AF8D5A9CEB4A55400A01DD311A95 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll

2015-06-12 17:11:10 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe

2015-06-12 17:11:09 996EE6571ADB880A60846DD02C8D5869 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll

2015-06-12 17:11:09 37DFCC91E419952772E02F2B3BBB2E2B 342016 ----a-w- C:\Windows\Sysnative\schannel.dll

2015-06-12 17:11:08 AD54856A16B635720B0BE5FAF44526FC 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll

2015-06-12 17:11:08 A929B9ABA1083AF35ECE7BD63AF3E42F 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll

2015-06-12 17:11:08 A5F57F4866C2DC7F8215058D7D56BD21 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2015-06-12 17:11:08 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\Sysnative\smss.exe

2015-06-12 17:11:08 7C5E375F20F639607376351A8BCC0647 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll

2015-06-12 17:11:08 66DF73B202105406602941778792FE3D 879104 ----a-w- C:\Windows\Sysnative\tdh.dll

2015-06-12 17:11:08 4F90A7A0FCBC0ED18E573917860062FF 113664 ----a-w- C:\Windows\Sysnative\sechost.dll

2015-06-12 17:11:08 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\Sysnative\logman.exe

2015-06-12 17:11:08 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\Sysnative\lsass.exe

2015-06-12 17:11:07 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe

2015-06-12 17:11:07 D68690450978D127E030FB14E9B2023B 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll

2015-06-12 17:11:07 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\Sysnative\relog.exe

2015-06-12 17:11:07 6ACD3C75BE449F039E1A4E43424D5B6F 28160 ----a-w- C:\Windows\Sysnative\secur32.dll

2015-06-12 17:11:07 5EC57AC6DC16CB8A058CA019AA2C188D 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll

2015-06-12 17:11:07 5A17FF38EDE95B2313E428BF444126D7 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll

2015-06-12 17:11:07 289D99B0879C6ED5C6D1B3A856CA6DA3 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2015-06-12 17:11:07 20BD408AC3F8576997D6A47F48A1C5B2 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll

2015-06-12 17:11:07 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe

2015-06-12 17:11:07 13DE715D959DD502CFD52DC920408B33 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll

2015-06-12 17:11:07 11D5815F0DC571CE3C72213B375860B1 50176 ----a-w- C:\Windows\Sysnative\srclient.dll

2015-06-12 17:11:07 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe

2015-06-12 17:11:03 AF557D115972A73964FC8F209300948A 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll

2015-06-12 17:11:02 6ACFCC28E4D60B5A931D8749332A14E2 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll

2015-06-12 17:11:01 8A4EB32C7C948F70EAC6F85063596A39 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll

2015-06-12 17:11:01 837BBE4170D5A75F293BD6F294A8FE34 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll

2015-06-12 17:11:01 6E882D7CA34073890107559B5A515A24 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll

2015-06-12 16:44:29 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2015-06-12 16:44:29 D202078FBA3A77B85D39669EE4110DE2 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2015-06-12 16:44:29 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll

2015-06-12 16:44:29 AFF5C12099B87FA645F8867701729894 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2015-06-12 16:44:29 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll

2015-06-12 16:44:29 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2015-06-12 16:44:29 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll

2015-06-12 16:44:29 9E2B8C0601E3D460F78F0233B509CE4F 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll

2015-06-12 16:44:29 9DB8E01D5A546FAFCACE95489E351186 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2015-06-12 16:44:29 8909A24DA8B5C426CF6595BA843B6CC5 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2015-06-12 16:44:29 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2015-06-12 16:44:29 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2015-06-12 16:44:29 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2015-06-12 16:44:29 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2015-06-12 16:44:29 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2015-06-12 16:44:29 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll

2015-06-12 16:44:29 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll

2015-06-12 16:44:29 5F8EE9311ECF078CD9426874FFAD660C 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll

2015-06-12 16:44:29 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2015-06-12 16:44:29 4BD747AAF01C480901B3E777EC48826B 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2015-06-12 16:44:29 4A5A84B457C72E79A64AE4036EC6BB0E 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2015-06-12 16:44:29 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll

2015-06-12 16:44:29 3C3E159F284F51D55DB59C3D0B843979 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2015-06-12 16:44:29 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2015-06-12 16:44:29 36F3718E67F442F54AB4A39DCDD8FD19 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2015-06-12 16:44:29 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll

2015-06-12 16:44:29 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll

2015-06-12 16:44:29 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec

2015-06-12 16:44:29 16091938F6CDBCCCBA1CBE24600121BC 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2015-06-12 16:44:29 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2015-06-12 16:44:29 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2015-06-12 16:44:29 06A8CE6C3AE6B7916F026B0EFDDCAAA5 199680 ----a-w- C:\Windows\Sysnative\msrating.dll

2015-06-12 16:42:44 51F89CE2D0FEC66070354504E6C4C3E4 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll

2015-06-12 16:41:59 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\Sysnative\win32k.sys

2015-06-12 16:41:37 9D80A82B0BB77AC3EF6A87FA0C534E20 14635008 ----a-w- C:\Windows\Sysnative\wmp.dll

2015-06-12 16:41:37 834FD7C31EA16D59CC3B2DC60F2F2620 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll

2015-06-12 16:41:37 51ECEE70F33601310DDEF3EEE39550D3 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL

2015-06-12 16:41:37 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx

2015-06-12 16:41:37 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll

2015-06-12 16:39:01 E89F94AED85BF3611F61608C26B64177 135168 ----a-w- C:\Windows\Sysnative\wuauclt.exe

2015-06-12 16:39:01 D7897C17117286A237A639209F53C51C 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll

2015-06-12 16:39:01 C8C3839305F2C4D9A4B33DE6AB83334E 191488 ----a-w- C:\Windows\Sysnative\wuwebv.dll

2015-06-12 16:39:01 A76DAC2E9CBB9595D2F806CBFB5C0BC4 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll

2015-06-12 16:39:01 803E9B4DF2E931FDB3210F342B89BE9F 36864 ----a-w- C:\Windows\Sysnative\wups.dll

2015-06-12 16:39:01 4D9BE5567F9DDC54D41907C9A95F61BF 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll

2015-06-12 16:39:01 478007800DAF83A33CECCD776E7FA734 37888 ----a-w- C:\Windows\Sysnative\wups2.dll

2015-06-12 16:39:01 4152B8E73C7198DBFBB1FD8A5FFD41F9 3147776 ----a-w- C:\Windows\Sysnative\wucltux.dll

2015-06-12 16:39:01 29F4030F3A449AAF68778C1C67603569 87040 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll

2015-06-12 16:39:01 19165E301A50829D28C27A832AD16FB0 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe

2015-06-12 16:39:01 14882A15F5CE7B8EADC8E7F54FD5B53B 2589184 ----a-w- C:\Windows\Sysnative\wuaueng.dll

2015-06-05 17:19:52 92C704590FCEDDA971B7A77945DCCDA4 74272 ----a-w- C:\Windows\Sysnative\RtNicProp64.dll

2015-06-05 11:54:52 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\Windows\Sysnative\aepic.dll

2015-06-05 11:54:52 CFF429F2234C1D1A5993E80F46C37CFB 1119232 ----a-w- C:\Windows\Sysnative\aeinv.dll

2015-06-05 11:54:52 B23AB4C401E2DE02C47B7497D41E2318 757248 ----a-w- C:\Windows\Sysnative\invagent.dll

2015-06-05 11:54:52 6F07FC190DBCB42C8A5319235F72F906 423424 ----a-w- C:\Windows\Sysnative\devinv.dll

2015-06-05 11:54:52 6E2EB5A36C3CCD917F7FF9BED7C1390E 45568 ----a-w- C:\Windows\Sysnative\acmigration.dll

2015-06-05 11:54:52 587BBA3B3959144334700EC48232712F 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll

2015-06-05 11:54:52 52DEF4C743C2EABD6BD3EDC790A0E778 1021440 ----a-w- C:\Windows\Sysnative\appraiser.dll

2015-06-05 11:54:52 2DCA988113A02EB9BCB98A5DC2D34E57 700416 ----a-w- C:\Windows\Sysnative\generaltel.dll

====== C:\Windows\Sysnative\drivers =====

2015-06-12 17:11:10 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2015-06-12 17:11:09 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

2015-06-12 16:37:25 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys

2015-06-05 17:19:52 ED5873F7DFB2F96D37F13322211B6BDC 428136 ----a-w- C:\Windows\Sysnative\drivers\Rt64win7.sys

2015-06-05 17:16:45 1F5E7AF59B390261A85F5BEDB1BB88B3 338536 ----a-w- C:\Windows\Sysnative\drivers\RtsPStor.sys

====== C:\Windows\Tasks ======

2015-06-01 17:22:32 5C28953A094C30D8BF5C8EE837DEDC0E 3554 ----a-w- C:\Windows\Sysnative\Tasks\GarminUpdaterTask

2015-05-20 10:34:49 D3965FCBB9FF3C7104FF9F101D6E1EE1 3186 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForDavid

2015-05-20 10:34:49 7A13713DB45D33837E454B0CDEFD3EF5 332 ----a-w- C:\Windows\Tasks\HPCeeScheduleForDavid.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2015-06-10 14:57:48 -------- d-----w- C:\PROGRA~2\GameforgeLive

2015-06-01 17:22:35 -------- d-----w- C:\PROGRA~2\Garmin

2015-05-19 12:38:11 -------- d-----w- C:\PROGRA~2\Zwift

======= C: =====

2015-06-12 17:28:02 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\asc_rdflag

====== C:\Users\David\AppData\Roaming ======

2015-06-15 13:05:07 -------- d-sh--w- C:\Users\David\AppData\Local\EmieUserList

2015-06-15 13:05:07 -------- d-sh--w- C:\Users\David\AppData\Local\EmieSiteList

2015-06-15 13:05:07 -------- d-sh--w- C:\Users\David\AppData\Local\EmieBrowserModeList

2015-06-13 18:07:18 -------- d-----w- C:\Users\David\AppData\Local\CycloAgent

2015-06-11 17:22:44 -------- d-----w- C:\Users\David\AppData\Local\Popcorn-Time

2015-06-11 17:20:34 -------- d-----w- C:\Users\David\AppData\Local\Popcorn Time

2015-06-10 14:58:06 -------- d-----w- C:\Users\David\AppData\Local\Gameforge4d

2015-06-02 19:02:09 -------- d-----w- C:\Users\David\AppData\Local\GWX

2015-06-01 17:23:55 -------- d-----w- C:\Users\David\AppData\Local\Garmin_Ltd._or_its_subsid

2015-06-01 17:23:53 -------- d-----w- C:\Users\David\AppData\Roaming\Garmin

2015-06-01 17:22:58 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Garmin_Ltd._or_its_subsid

2015-06-01 11:04:29 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps

====== C:\Users\David ======

2015-06-15 12:45:15 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\David\Downloads\chromeinstall-8u45.exe

2015-06-13 11:58:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\David\Downloads\RSITx64.exe

2015-06-12 14:18:37 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\Users\David\Downloads\Silverlight_x64.exe

2015-06-10 14:57:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live

2015-06-01 17:22:58 -------- d-----w- C:\ProgramData\Garmin

2015-06-01 17:22:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2015-06-01 17:18:44 74E3ACC64B1AD1E52BE9A5760B9610BA 41182032 ----a-w- C:\Users\David\Downloads\GarminExpressInstaller.exe

2015-05-19 12:38:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zwift

 

====== C: exe-files ==

2015-06-15 12:46:32 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe

2015-06-15 12:46:32 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe

2015-06-15 12:46:32 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe

2015-06-15 12:46:32 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe

2015-06-15 12:46:32 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe

2015-06-15 12:46:32 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe

2015-06-15 12:46:32 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe

2015-06-15 12:46:32 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe

2015-06-15 12:46:32 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe

2015-06-15 12:46:32 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe

2015-06-15 12:46:32 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe

2015-06-15 12:46:32 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe

2015-06-15 12:46:32 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe

2015-06-15 12:46:32 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe

2015-06-15 12:46:32 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe

2015-06-15 12:46:32 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe

2015-06-15 12:46:32 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe

2015-06-15 12:46:32 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe

2015-06-15 12:46:32 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe

2015-06-15 12:46:32 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe

2015-06-15 12:46:32 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe

2015-06-15 12:45:15 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\David\Downloads\chromeinstall-8u45.exe

2015-06-13 18:06:05 4DD98CF2C593C29DEED54834818ED160 70167842 ----a-w- C:\Program Files (x86)\CycloAgent\temp\mio_setup_1.0.132.1.exe

2015-06-13 17:54:06 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Install\{0CD806F6-8695-45CA-89CF-878B0B60C12D}\43.0.2357.124_chrome_installer.exe

2015-06-13 17:54:05 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_chrome_installer.exe

2015-06-13 11:58:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\David\Downloads\RSITx64.exe

2015-06-12 17:40:51 D171A87BC9906EFB81FEBCB929FFF806 95017400 ----a-w- C:\Users\David\Documents\Downloads\TTS41302_0.exe

2015-06-12 17:40:49 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\Users\David\Documents\Downloads\Silverlight_x64.exe

2015-06-12 17:40:48 74E3ACC64B1AD1E52BE9A5760B9610BA 41182032 ----a-w- C:\Users\David\Documents\Downloads\GarminExpressInstaller.exe

2015-06-12 17:40:47 664C1BC487D25D153235E0061208DE1B 48076576 ----a-w- C:\Users\David\Documents\Downloads\advanced-systemcare-setup.exe

2015-06-12 17:37:29 28CA7D1BB9FBFCA2B529D885E61491D8 933664 ----a-w- C:\Users\David\AppData\Roaming\IObit\IObit Uninstaller\PPUninstallertemp.exe

2015-06-12 17:11:15 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe

2015-06-12 17:11:15 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2015-06-12 17:11:10 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\System32\tracerpt.exe

2015-06-12 17:11:10 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2015-06-12 17:11:10 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\System32\conhost.exe

2015-06-12 17:11:10 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe

2015-06-12 17:11:10 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\System32\rstrui.exe

2015-06-12 17:11:08 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\System32\smss.exe

2015-06-12 17:11:08 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2015-06-12 17:11:08 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe

2015-06-12 17:11:08 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\System32\logman.exe

2015-06-12 17:11:08 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\System32\lsass.exe

2015-06-12 17:11:07 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe

2015-06-12 17:11:07 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe

2015-06-12 17:11:07 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\System32\typeperf.exe

2015-06-12 17:11:07 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\System32\relog.exe

2015-06-12 17:11:07 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe

2015-06-12 17:11:07 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe

2015-06-12 17:11:07 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\System32\diskperf.exe

2015-06-12 17:11:07 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\System32\auditpol.exe

2015-06-12 17:11:03 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2015-06-12 17:11:03 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2015-06-12 16:50:41 74D7DFE507EA48737061EA8E990157E8 2212944 ----a-w- C:\Program Files (x86)\Google\Update\Install\{1CE6E837-D028-4816-BFFC-F04383FB2D50}\43.0.2357.124_43.0.2357.81_chrome_updater.exe

2015-06-12 16:50:41 74D7DFE507EA48737061EA8E990157E8 2212944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_43.0.2357.81_chrome_updater.exe

2015-06-12 16:44:29 FF9877ABCA06D539264275321C97BB07 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2015-06-12 16:44:29 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2015-06-12 16:44:29 9F45DA24EBAE4180F70D03503580E8CA 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2015-06-12 16:44:29 8D4E75DEAA0FFBEFB5F366A4770D9644 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2015-06-12 16:44:29 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe

2015-06-12 16:44:29 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\System32\ie4uinit.exe

2015-06-12 16:44:29 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2015-06-12 16:44:29 52956B4DD1899CB09BB50FB939F6E99D 490496 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2015-06-12 16:44:29 2B3CF8F7903266E2AA5C9D9850FAA8F6 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2015-06-12 16:44:29 29874C10D7D0088CD8743EC8F5DABBE4 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2015-06-12 16:44:29 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\System32\ieUnatt.exe

2015-06-12 16:41:37 E39D7E7FCC5D4B77B8CBA52FEF8753DE 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe

2015-06-12 16:41:37 8D3316795ACCC0EC0DD6A844E046DA68 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2015-06-12 16:41:37 6F139F39295000E6301C0D08F7493CC6 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe

2015-06-12 16:41:37 5F7B628B5F10531E8DE3E711ED73AAD7 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2015-06-12 16:41:37 44854DDB738BF2C507FC2162245361D6 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe

2015-06-12 16:41:37 3505E5A7664FD84AC8AE51FE3B545AE1 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe

2015-06-12 16:39:01 E89F94AED85BF3611F61608C26B64177 135168 ----a-w- C:\Windows\System32\wuauclt.exe

2015-06-12 16:39:01 B4667963F9711C644F5E43D9A46D8680 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe

2015-06-12 16:39:01 19165E301A50829D28C27A832AD16FB0 36864 ----a-w- C:\Windows\System32\wuapp.exe

2015-06-12 14:18:37 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\Users\David\Downloads\Silverlight_x64.exe

=== C: other files ==

2015-06-15 12:46:32 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip

2015-06-13 17:59:05 C27D6272D8716360A24BE1FE4B09EAE9 53755757 ----a-w- C:\Program Files (x86)\CycloAgent\temp\mio_setup_1.0.132.1.zip

2015-06-12 17:11:10 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2015-06-12 17:11:09 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2015-06-12 16:41:59 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\System32\win32k.sys

2015-06-12 16:37:25 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\System32\drivers\stream.sys

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Facebook Update"="C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Polar FlowSync"="C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe"

"Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Facebook Update"="C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Polar FlowSync"="C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe"

"Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

 

==== Startup Registry Disabled ======================

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

 

 

==== Startup Folders ======================

 

2013-07-20 13:42:34 1235 ----a-w- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

2011-05-18 09:27:37 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000Core.job --a------ C:@C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000UA.job --a------ C:@C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/07/2013 19:05]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/07/2013 19:05]

C:\Windows\tasks\HPCeeScheduleForDavid.job --a------ [undetermined Task]

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\ASC8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe]

"C:\Windows\SysNative\tasks\ASC8_SkipUac_David" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000Core" [C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000UA" [C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForDavid" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe]

"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_David" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]

"C:\Windows\SysNative\tasks\{5D9A4FC7-5D07-47C1-ABC6-A925C461B5B3}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{5DFE2574-4F57-40F0-882C-742CE9B3A706}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{7B0FEDE2-B25D-4EA2-814C-09A75A383359}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{960A14E6-D2B9-414D-98D6-2E961A70DE5B}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{FC6A3016-9CF0-49C8-9034-598422B18E97}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

 

==== Firefox Extensions Registry ======================

 

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [16/11/2014 15:17]

 

==== Chromium Look ======================

 

Google Chrome Version: 43.0.2357.124

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nhfpefkeidlhbjljfdojcnngjbddgein - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[17/11/2010 07:36]

 

Google Slides - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Google Docs - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Embed WMPlayer inline - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bamkbfdmckphehgiafpenehgebjgdlli

Hootsuite Hootlet - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn

YouTube - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Calendar - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn

Google Sheets - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Google Maps - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh

Website Logon - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein

Facebook Notifications - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmameahlembdcigphohgiodcgjomcgeo

Google Wallet - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== Chromium Startpages ======================

 

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences

dn-photos-g-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fbcdn-profile-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fbcdn-sphotos-e-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fbcdn-sphotos-f-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fbcdn-vthumb-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fbexternal-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fbstatic-a.akamaihd.net:443":{"settings":{"4":20,"7":65536},"supports_spdy":true},"fonts.googleapis.com:443":{"network_stats":{"srtt":64660},"supports_spdy":true},"fonts.gstatic.com:443":{"supports_spdy":true},"fonts.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"gcdn.2mdn.net:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"gg.google.com:443":{"supports_spdy":true},"google-maps-utility-library-v3.googlecode.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"googleads.g.doubleclick.net:443":{"network_stats":{"srtt":136223},"supports_spdy":true},"googleads.g.doubleclick.net:80":{"network_stats":{"srtt":2334578}},"googleads4.g.doubleclick.net:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":2256394}},"graph.facebook.com:443":{"supports_spdy":true},"i.ytimg.com:443":{"supports_spdy":true},"imasdk.googleapis.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"lh3.googleusercontent.com:443":{"network_stats":{"srtt":278891},"supports_spdy":true},"lh5.googleusercontent.com:443":{"network_stats":{"srtt":54400},"supports_spdy":true},"mail-attachment.googleusercontent.com:443":{"network_stats":{"srtt":54400},"supports_spdy":true},"mail.google.com:443":{"network_stats":{"srtt":721016},"supports_spdy":true},"manifest.googlevideo.com:443":{"supports_spdy":true},"maps.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":255015},"supports_spdy":true},"maps.googleapis.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"maps.gstatic.com:443":{"supports_spdy":true},"maps.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"mt0.googleapis.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"mt1.googleapis.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"mts0.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":207784},"supports_spdy":true},"mts1.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":177456},"supports_spdy":true},"oauth.googleusercontent.com:443":{"network_stats":{"srtt":372510},"supports_spdy":true},"pagead2.googlesyndication.com:80":{"network_stats":{"srtt":2334578}},"partner.googleadservices.com:80":{"network_stats":{"srtt":325207}},"pixel.facebook.com:443":{"supports_spdy":true},"plus.google.com:443":{"supports_spdy":true},"pubads.g.doubleclick.net:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":2334578}},"r1---sn-cxab5jvh-cg0l.googlevideo.com:443":{"alternative_service":[{"port":443,"probability":0.01,"protocol_str":"quic"}]},"r4---sn-cxab5jvh-cg0s.c.2mdn.net:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"s.youtube.com:443":{"supports_spdy":true},"s.ytimg.com:443":{"supports_spdy":true},"s0.2mdn.net:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"scontent-ams2-1.xx.fbcdn.net:443":{"supports_spdy":true},"scontent-fra3-1.xx.fbcdn.net:443":{"supports_spdy":true},"securepubads.g.doubleclick.net:443":{"network_stats":{"srtt":136223},"supports_spdy":true},"ssl.google-analytics.com:443":{"supports_spdy":true},"ssl.gstatic.com:443":{"supports_spdy":true},"stats.g.doubleclick.net:443":{"network_stats":{"srtt":304894},"supports_spdy":true},"support.google.com:443":{"supports_spdy":true},"sync.liverail.com:443":{"supports_spdy":true},"syndication.twitter.com:443":{"supports_spdy":true},"t0.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"talkgadget.google.com:443":{"supports_spdy":true},"tpc.googlesyndication.com:443":{"network_stats":{"srtt":2548286},"supports_spdy":true},"tpc.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":1212216}},"translate.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"translate.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":72893},"supports_spdy":true},"video-ams2-1.xx.fbcdn.net:443":{"supports_spdy":true},"www.bt.emsecure.net:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.facebook.com:443":{"supports_spdy":true},"www.google.be:443":{"supports_spdy":true},"www.google.com:443":{"supports_spdy":true},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":48813},"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:80":{"network_stats":{"srtt":2334578}},"www.gstatic.com:443":{"supports_spdy":true},"www.youtube.com:443":{"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true}},"supports_quic":{"address":"10.0.31.49","used_quic":true},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"fullscreen":1}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"david","per_host_zoom_levels":{}},"protection":{"macs":{}},"selectfile":{"last_directory":"C:\\Users\\David\\Downloads"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13078608218934858"},"translate_accepted_count":{"en":1},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":0},"translate_last_denied_time":1434196906108.058,"translate_too_often_denied":true,"translate_whitelists":{}}

er spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"janssendavid1@gmail.com"}},"homepage":"","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"A606D58D858E7BB4898601019BA0718729BBCABC21C62B8193295A0E0E81065D"},"default_search_provider":{"keyword":"316DAE58C278D8EF4CF9643DC75E50BEBEDA518F90A74AF4E5DE4B0381C4D6A4","name":"3EAEC1642313258E7B5112EDA75E56C898AC1FF7374189AB08D9AF0AAC008EFF","search_url":"5BB14F6FD8D692C67730B0D60B3AEE3A3EA4BD88D67697A8D41FECF5715160AD"},"default_search_provider_data":{"template_url_data":"3D2F14CB2EE74B250321967817C1017CBF5E2EAA86F56414884159C82EBBF3A4"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"D2551A1FE8F34307E0AA41E2FAD8386B32B8CFBD64B05E92CFF00279CAFFD84B","ahfgeienlihckogmohjhadlkjgocpleb":"52D3E7A538EDCF8C7D69B7423A85AC9378F6A0A84E2D270743BE917021CE277F","aohghmighlieiainnegkcijnfilokake":"85D7AA841FDB984CA44159E2B076C53E71DA5EFFAAE8C4DB2674BDD23F1FF0AE","apdfllckaahabafndbhieahigkjlhalf":"87A0D727FED01D810B933197D83836448B42142DE8547F47C5F6D94F045F322E","bamkbfdmckphehgiafpenehgebjgdlli":"2788585A5F6EAA77B14BD215EF487CD3BF4B049EA4C0176F456079C948A91761","bepbmhgboaologfdajaanbcjmnhjmhfn":"67764E9257E4155645FCF7F14CA1AF2E3390CF76E9ACA7C9274C30AE6BE953ED","bjgfdlplhmndoonmofmflcbiohgbkifn":"1B36E948CD1EEE56F0F252C23853A70B593E58178999E3F7BC8FB1A5D0C77098","blpcfgokakmgnkcojhhkbfbldkacnbeo":"EDB4A678E598C8E70A62BB084631723FBA3DA0987889F2978AB1BC71F74D206A","coobgpohoikkiipiblmjeljniedjpjpf":"E4D110E8EEACA3430D61F628F31401DDA1782C8812D409176E6A69E0C0D6877C","ebjecbnjnlpimkjjbejpkpnnaikidkfn":"F0029EF04796798FC29428B1C80409601C3C2D962FD4AF730D1AA767A00009D9","eemcgdkfndhakfknompkggombfjjjeno":"5CDE183D4BC3A45EC272F3B6B2C85A7CB42A6B8B435EB6A755665AA0CFC0AD0C","ejjicmeblgpmajnghnpcppodonldlgfn":"1CFE85DE792C1F44993F46BACA270A909410BC00C73D52FDFE57AF236166FBF3","ennkphjdgehloodpbhlhldgbnhmacadg":"8B099CDF75AC959C757958D613041A94EE203ADFA6A8441FC0D86BFB66BC130B","felcaaldnbdncclmgdcncolpebgiejap":"FA1B231F932EFFCC800C3B0406E05F07E5A09CF76C4EB40F032925A61B27550B","gfdkimpbcpahaombhbimeihdjnejgicl":"5808DA2E0D1DFDCC03F3367ED633F72ED5B01CF39E41692653F6A55FD3B6D6C1","kmendfapggjehodndflmmgagdbamhnfd":"D5F2C559094B49433F8DF18440D3103E50F6F6A4C97DC212B53733FBDEDD5D55","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"529A658733419684E507A597D0B1921B1CB7393124B7E25936978275BA1D8F07","lneaknkopdijkpnocmklfnjbeapigfbh":"AB7DAF9C84050C9F8DBA89D006806D5FA13F3C08414E85C5C160BBE2C1B30A9F","mfehgcgbbipciphmccgaenjidiccnmng":"D8D3F6B747DD8E18D8CA74A0FE507BF7E8231D8C400E8F02ED9A29D84DA603F9","mfffpogegjflfpflabcdkioaeobkgjik":"573A41AFF99085E095A31210D05E51ABCC03A0D232539D0975CD450AFA6F12B2","mgndgikekgjfcpckkfioiadnlibdjbkf":"C06C2DBE01C2D80834BC4477C81F8BC44D8262531309BE83A2F88772A008D1BD","mhjfbmdgcfjbbpaeojofohoefgiehjai":"B23125DDCE3D1F57DEA9FA4B1A248971F30100B70F1A53F70A13FE4A62BBE89E","neajdppkdcdipfabeoofebfddakdcjhd":"0948EFC76C6AEB83155EE76CCF56EE8D8EB66292DAD12CDC729C42AB41C818A4","nhfpefkeidlhbjljfdojcnngjbddgein":"19889B20EC7364DBA85982A327FB81FCC8535C897A1376A3C0E06910773166A3","nkeimhogjdpnpccoofpliimaahmaaome":"1E1EB27C33A4632676354C14629B6919529A6F035E8CC4FA822D77156E7169FB","nmameahlembdcigphohgiodcgjomcgeo":"D18DAFA0B5F1094D1E6BB30F82E9F406E64D48B562263D2386E444E89F3E1B89","nmmhkkegccagdldgiimedpiccmgmieda":"F0955B95F5F636C5A20182E0474E7AF2D414B3AD2C0CE35FE0FB87225918E6DC","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"6EE7E65B8C1FA93A68EDB6AB3C967DB83750B37650BE58EA8875C97F113905AF","pjkljhegncpnkpknbcohdijeoejaedia":"77DD10460E1FCD5FB5B5C627FAC01D075DF79504C200EC8D4693D94F8C045BCD"}},"google":{"services":{"last_username":"12A0F75C19ED74C98C7A928E8D9A664EB44631D79011BCA707C31FB302CCC9C5","username":"61D54C862D2FF4C4E3EC7F3F357443EF63E4713E173C5DEF539EF4EF2B2EE56A"}},"homepage":"53F2B96F4CF9CCC97884D856DA0764AA37D62B60FA25B082DC1A07555BDBE3AB","homepage_is_newtabpage":"082D4575546FA599A86033E016E55E3B73CCF3C322E3AC0D412AEEE51183B691","pinned_tabs":"1D2CAB0C1B284689D240908EF40518AFAC10925A624FC1B673008D77046EFADC","prefs":{"preference_reset_time":"AC1BA9DF63BCC24D012602C21578615260515329AFDB86254C238BD2BFCBEFA0"},"profile":{"reset_prompt_memento":"8E2EA3616FC57D5F8AF601E3FE3CCB909DEF5136ED9BBBCFED27DEEB8C7EF87A"},"safebrowsing":{"incidents_sent":"7975353FB54E3F1807D16547F6416B00BE21E69543126A2E330BD00499E76FFA"},"search_provider_overrides":"E74DDFB0F82F9B9D37E92065D145945ECE02BB2FE3A3DB6B6D9896AF467C8E6A","session":{"restore_on_startup":"FFFCFB678E420D14C20D472FD47A516460D61873B2B89DF6CD86C07F45EFB234","startup_urls":"0A15A7EC81A60EE56EA65999A5BE122E9E363D82E4493FBB2EC8A0A520BD62BB"},"software_reporter":{"prompt_reason":"97014564BEF7D7804D21866FB9CAD8E29CE8DFE5FAD8489CADC4E4E4CE543DB4","prompt_seed":"1E46C399372C390B2EBD1157694FEBEDAC6C600A2BB9D0317241514E4D90D2A9","prompt_version":"4FC9807B2DEF3432993DAD46D463C873696AB5E91A2DCD90B74F67CB776430E9"},"sync":{"remaining_rollback_tries":"60CAD7DE37EA33CD93B6D0D786AC117F751EE75B3B79BFD6C63A5FF678B4E9D4"}},"super_mac":"FE3F2D8615196DDEC771359EB9480408A9BCB59C5BBAFFB22E2D29D7BD828C7E"},"session":{"restore_on_startup":5,"startup_urls":["https://www.google.be/"]},"sync":{"remaining_rollback_tries":0}}

 

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

 

==== HijackThis Entries ======================

 

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Polar FlowSync] C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

O4 - HKCU\..\Run: [Mio Share] C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio\Mio Share.appref-ms

O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe

O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe

O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

O23 - Service: NI LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

==== Empty IE Cache ======================

 

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TY35VO3Z will be deleted at reboot

 

==== Empty FireFox Cache ======================

 

No FireFox Profiles found

 

==== Empty Chrome Cache ======================

 

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache Emptied Successfully

 

==== Empty All Java Cache ======================

 

Java Cache cleared successfully

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=158 folders=53 98536486 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\David\AppData\Local\Temp will be emptied at reboot

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\Windows\Temp successfully emptied

C:\Users\David\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== Deleting Files / Folders ======================

 

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

"C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TY35VO3Z" not found

 

==== EOF on ma 15/06/2015 at 15:41:53,49 ======================
Geplaatst:

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
{10921475-03CE-4E04-90CE-E2E7EF20C814};c
C:\Users\David\AppData\Local\Popcorn-Time;fs
C:\Users\David\AppData\Local\Popcorn Time;fs
CHRdefaults;
autoclean;
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Geplaatst:
 

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by David on di 16/06/2015 at 15:11:03,60.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\David\Downloads\zoek (4).exe [scan all users]   [Deep Scan] [Auto Clean]

 

==== Older Logs ======================

 

C:\zoek-results2015-01-17-185440.log 130748 bytes

C:\zoek-results2015-06-15-134153.log 77038 bytes

 

==== Empty Folders Check ======================

 

C:\PROGRA~3\ProductData deleted successfully

C:\Users\David\AppData\Roaming\hpqLog deleted successfully

C:\Users\David\AppData\Local\EmieBrowserModeList deleted successfully

C:\Users\David\AppData\Local\EmieSiteList deleted successfully

C:\Users\David\AppData\Local\EmieUserList deleted successfully

 

==== Deleting CLSID Registry Keys ======================

 

 

==== Deleting CLSID Registry Values ======================

 

 

==== Running Processes ======================

 

C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\SysWOW64\lkcitdl.exe

C:\Windows\SysWOW64\lkads.exe

C:\Windows\SysWOW64\lktsrv.exe

C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe

C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe

C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\David\Downloads\zoek (4).exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

 

==== Deleting Services ======================

 

 

==== Deleting Files \ Folders ======================

 

C:\Users\David\AppData\Roaming\ProductData deleted

 

==== System Specs ======================

 

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 4044 MB

CPU Info: Intel® Core i7-2630QM CPU @ 2.00GHz

CPU Speed: 1967,4 MHz

Sound Card: Luidsprekers en koptelefoons (I | 

Communicatie koptelefoons (IDT  | 

Display Adapters: Mobile Intel® HD Graphics | Mobile Intel® HD Graphics | Radeon HD 6490M | Radeon HD 6490M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm | 

Screen Resolution: 1600 X 900 - 32 bit

Network: Network Present

Network Adapters: Broadcom 4313 (802.11b/g/n) | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: hp      CDDVDW TS-L633R

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C:  446,5GB | D:  19,0GB

Hard Disks - Free: C:  359,2GB | D:  2,3GB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 10/05/11 | HPQOEM - 1

Time Zone: Romance (standaardtijd)

Motherboard *: Hewlett-Packard 1659

Country: Belgi‰ 

Language: NLB 

 

==== System Specs (Software) ======================

 

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 43.0.2357.124

Internet Explorer Version: 11.0.9600.17843 

Google Chrome version: 43.0.2357.124

Adobe Reader version: 9.5.5.316

Sun Java version: 1.8.0_45 (32-bit) 

Sun Java version: 1.8.0_45 (64-bit) 

Shockwave Player version: 11.5.8r612

 

==== Files Recently Created / Modified ======================

 

====== C:\Windows ====

====== C:\Users\David\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2015-06-12 17:11:18 2CA16814DA3C5B2D8C7E70DC47A45ED1 551424 ----a-w- C:\Windows\SysWOW64\kerberos.dll

2015-06-12 17:11:15 9E68E1BDEBD85FC8803707370BE0FC6E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll

2015-06-12 17:11:15 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2015-06-12 17:11:10 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2015-06-12 17:11:10 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe

2015-06-12 17:11:09 EA141596564AE0C670EDD0F2636EC29C 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll

2015-06-12 17:11:09 BBABC6702529CFADAC0EC2B28168A288 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll

2015-06-12 17:11:09 8C7635292CFF4901F058269454A1D64E 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll

2015-06-12 17:11:08 A9E8F961F7FE1EDEEF8F46EEB800F2D8 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll

2015-06-12 17:11:08 9A50B2567918BF7DDD600ECE5DB5ED76 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll

2015-06-12 17:11:08 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2015-06-12 17:11:08 65A5E27C2217D606E212B6088CCD6104 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll

2015-06-12 17:11:08 5643A88C6DA8AAEC9CE2845431942650 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2015-06-12 17:11:08 4238391DE3E3FDCD2C731C1E4E0F402C 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll

2015-06-12 17:11:08 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe

2015-06-12 17:11:07 FCA6EFFEE6D7D42E794F0E538297026C 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll

2015-06-12 17:11:07 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe

2015-06-12 17:11:07 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe

2015-06-12 17:11:07 D877133532CE090502B1166B360E9516 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll

2015-06-12 17:11:07 7A9F94E0F53C8F6E09405351AC104A3C 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2015-06-12 17:11:07 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe

2015-06-12 17:11:07 558227F567E977D71B9182013EF03E9C 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2015-06-12 17:11:07 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe

2015-06-12 17:11:07 2D23A10FBFA09DC1B61799128BBA91A2 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2015-06-12 17:11:06 F72A9953199EF5807D595AE3694B5D01 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

2015-06-12 17:11:05 F81920ADB15012CF4E9FF8238C85686A 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll

2015-06-12 17:11:05 6C730482615C97B923B88C648FF554A3 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2015-06-12 17:11:03 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2015-06-12 17:11:03 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2015-06-12 17:11:03 52C869A640B8169D7C8460FB1646ABF5 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll

2015-06-12 17:11:02 2E65BF3D85BB2C831669FBCBDE6C9879 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll

2015-06-12 17:11:01 7E7933E63BBE2BE71CC908EF140458EF 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll

2015-06-12 17:11:01 619D5101114C71E1A4A585C5E68301B7 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll

2015-06-12 16:44:29 FB5C9234E4BF6BDAF4A954763A4582BA 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll

2015-06-12 16:44:29 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2015-06-12 16:44:29 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec

2015-06-12 16:44:29 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll

2015-06-12 16:44:29 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2015-06-12 16:44:29 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2015-06-12 16:44:29 C93AE4D14AEF5169791B35D97AE7C9FC 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2015-06-12 16:44:29 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll

2015-06-12 16:44:29 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2015-06-12 16:44:29 9F6066005D8B8620598085C7499E9B70 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2015-06-12 16:44:29 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2015-06-12 16:44:29 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2015-06-12 16:44:29 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2015-06-12 16:44:29 8C8B8C78C0CCD5D36ABCB115B0B581E1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2015-06-12 16:44:29 8C3A03295F56D1FFB51D9D05DA42B12D 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2015-06-12 16:44:29 85E21CCF38166E0D6DE2E42D9D3823BD 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2015-06-12 16:44:29 81C1182A9EE7AC4D21187811DE66A7D0 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2015-06-12 16:44:29 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2015-06-12 16:44:29 7C9F8DB66A56306C5BBE97F9FC0F01EF 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2015-06-12 16:44:29 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2015-06-12 16:44:29 5C06EE62F06E990E9521EA80B8D4D4B8 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2015-06-12 16:44:29 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2015-06-12 16:44:29 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2015-06-12 16:44:29 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2015-06-12 16:44:29 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2015-06-12 16:44:29 1A628C1F5470F0AF21E37E425026F27A 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll

2015-06-12 16:44:29 185490A6C3BEDAC5EF547314F68AB07B 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-06-12 16:44:29 17B0852D8202A872C3E6D01B518B6A4E 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2015-06-12 16:42:44 58788565442368B0615DDAF1D452B843 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll

2015-06-12 16:41:37 DA27A4EA7B7C77FAFDB3F94D83E310C1 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL

2015-06-12 16:41:37 A98E8F79C738CAF23C152DBCABD978FE 11411456 ----a-w- C:\Windows\SysWOW64\wmp.dll

2015-06-12 16:41:37 605E9B2CFA3445ED7716D0B345EE21EC 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll

2015-06-12 16:41:37 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx

2015-06-12 16:41:37 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll

2015-06-12 16:39:01 C1D7451054FEDC3F96F2903B6F84A4EE 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll

2015-06-12 16:39:01 B4667963F9711C644F5E43D9A46D8680 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe

2015-06-12 16:39:01 81AE5637F2D2DE4DAF67F540F5A076AA 30208 ----a-w- C:\Windows\SysWOW64\wups.dll

2015-06-12 16:39:01 61302CE8DDB8513A4FF03CEE2A14471F 92672 ----a-w- C:\Windows\SysWOW64\wudriver.dll

2015-06-12 16:39:01 4A99665068B907CCB0EE4A5D3F2584D7 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll

2015-06-05 17:16:45 6C1EEE6FBCDD2B07398495CE7C9ECC0A 9888360 ----a-w- C:\Windows\SysWOW64\RtsPStorIcon.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2015-06-15 12:48:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Sysnative\RENDEAB.tmp

2015-06-12 17:11:21 AA5319FA8602676B5D3A2B4A1355896D 1255424 ----a-w- C:\Windows\Sysnative\diagtrack.dll

2015-06-12 17:11:20 6ECD6D92F43C2DC55099F892978D5BE7 728576 ----a-w- C:\Windows\Sysnative\kerberos.dll

2015-06-12 17:11:19 8DCA1C70AF170C3FBCE47A4F49BFC887 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll

2015-06-12 17:11:16 93A05407F8E53BC731C42AAD56163F80 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2015-06-12 17:11:16 6FDF03A3B110C5264F52F979335AE301 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll

2015-06-12 17:11:15 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe

2015-06-12 17:11:15 4FFD08A01047EF6B58F6EB4E6D001A8D 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll

2015-06-12 17:11:11 53042708C242959B3924242FBBE297B1 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll

2015-06-12 17:11:10 FF9BBFAE899091C1FF0D1A3F2C587911 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2015-06-12 17:11:10 CCB352B939B77B38983DD878C547451F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll

2015-06-12 17:11:10 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe

2015-06-12 17:11:10 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\Sysnative\conhost.exe

2015-06-12 17:11:10 2313AF8D5A9CEB4A55400A01DD311A95 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll

2015-06-12 17:11:10 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe

2015-06-12 17:11:09 996EE6571ADB880A60846DD02C8D5869 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll

2015-06-12 17:11:09 37DFCC91E419952772E02F2B3BBB2E2B 342016 ----a-w- C:\Windows\Sysnative\schannel.dll

2015-06-12 17:11:08 AD54856A16B635720B0BE5FAF44526FC 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll

2015-06-12 17:11:08 A929B9ABA1083AF35ECE7BD63AF3E42F 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll

2015-06-12 17:11:08 A5F57F4866C2DC7F8215058D7D56BD21 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2015-06-12 17:11:08 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\Sysnative\smss.exe

2015-06-12 17:11:08 7C5E375F20F639607376351A8BCC0647 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll

2015-06-12 17:11:08 66DF73B202105406602941778792FE3D 879104 ----a-w- C:\Windows\Sysnative\tdh.dll

2015-06-12 17:11:08 4F90A7A0FCBC0ED18E573917860062FF 113664 ----a-w- C:\Windows\Sysnative\sechost.dll

2015-06-12 17:11:08 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\Sysnative\logman.exe

2015-06-12 17:11:08 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\Sysnative\lsass.exe

2015-06-12 17:11:07 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe

2015-06-12 17:11:07 D68690450978D127E030FB14E9B2023B 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll

2015-06-12 17:11:07 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\Sysnative\relog.exe

2015-06-12 17:11:07 6ACD3C75BE449F039E1A4E43424D5B6F 28160 ----a-w- C:\Windows\Sysnative\secur32.dll

2015-06-12 17:11:07 5EC57AC6DC16CB8A058CA019AA2C188D 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll

2015-06-12 17:11:07 5A17FF38EDE95B2313E428BF444126D7 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll

2015-06-12 17:11:07 289D99B0879C6ED5C6D1B3A856CA6DA3 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2015-06-12 17:11:07 20BD408AC3F8576997D6A47F48A1C5B2 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll

2015-06-12 17:11:07 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe

2015-06-12 17:11:07 13DE715D959DD502CFD52DC920408B33 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll

2015-06-12 17:11:07 11D5815F0DC571CE3C72213B375860B1 50176 ----a-w- C:\Windows\Sysnative\srclient.dll

2015-06-12 17:11:07 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe

2015-06-12 17:11:03 AF557D115972A73964FC8F209300948A 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll

2015-06-12 17:11:02 6ACFCC28E4D60B5A931D8749332A14E2 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll

2015-06-12 17:11:01 8A4EB32C7C948F70EAC6F85063596A39 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll

2015-06-12 17:11:01 837BBE4170D5A75F293BD6F294A8FE34 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll

2015-06-12 17:11:01 6E882D7CA34073890107559B5A515A24 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll

2015-06-12 16:44:29 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2015-06-12 16:44:29 D202078FBA3A77B85D39669EE4110DE2 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2015-06-12 16:44:29 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll

2015-06-12 16:44:29 AFF5C12099B87FA645F8867701729894 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2015-06-12 16:44:29 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll

2015-06-12 16:44:29 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2015-06-12 16:44:29 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll

2015-06-12 16:44:29 9E2B8C0601E3D460F78F0233B509CE4F 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll

2015-06-12 16:44:29 9DB8E01D5A546FAFCACE95489E351186 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2015-06-12 16:44:29 8909A24DA8B5C426CF6595BA843B6CC5 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2015-06-12 16:44:29 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2015-06-12 16:44:29 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2015-06-12 16:44:29 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2015-06-12 16:44:29 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2015-06-12 16:44:29 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2015-06-12 16:44:29 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll

2015-06-12 16:44:29 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll

2015-06-12 16:44:29 5F8EE9311ECF078CD9426874FFAD660C 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll

2015-06-12 16:44:29 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2015-06-12 16:44:29 4BD747AAF01C480901B3E777EC48826B 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2015-06-12 16:44:29 4A5A84B457C72E79A64AE4036EC6BB0E 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2015-06-12 16:44:29 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll

2015-06-12 16:44:29 3C3E159F284F51D55DB59C3D0B843979 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2015-06-12 16:44:29 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2015-06-12 16:44:29 36F3718E67F442F54AB4A39DCDD8FD19 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2015-06-12 16:44:29 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll

2015-06-12 16:44:29 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll

2015-06-12 16:44:29 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec

2015-06-12 16:44:29 16091938F6CDBCCCBA1CBE24600121BC 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2015-06-12 16:44:29 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2015-06-12 16:44:29 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2015-06-12 16:44:29 06A8CE6C3AE6B7916F026B0EFDDCAAA5 199680 ----a-w- C:\Windows\Sysnative\msrating.dll

2015-06-12 16:42:44 51F89CE2D0FEC66070354504E6C4C3E4 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll

2015-06-12 16:41:59 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\Sysnative\win32k.sys

2015-06-12 16:41:37 9D80A82B0BB77AC3EF6A87FA0C534E20 14635008 ----a-w- C:\Windows\Sysnative\wmp.dll

2015-06-12 16:41:37 834FD7C31EA16D59CC3B2DC60F2F2620 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll

2015-06-12 16:41:37 51ECEE70F33601310DDEF3EEE39550D3 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL

2015-06-12 16:41:37 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx

2015-06-12 16:41:37 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll

2015-06-12 16:39:01 E89F94AED85BF3611F61608C26B64177 135168 ----a-w- C:\Windows\Sysnative\wuauclt.exe

2015-06-12 16:39:01 D7897C17117286A237A639209F53C51C 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll

2015-06-12 16:39:01 C8C3839305F2C4D9A4B33DE6AB83334E 191488 ----a-w- C:\Windows\Sysnative\wuwebv.dll

2015-06-12 16:39:01 A76DAC2E9CBB9595D2F806CBFB5C0BC4 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll

2015-06-12 16:39:01 803E9B4DF2E931FDB3210F342B89BE9F 36864 ----a-w- C:\Windows\Sysnative\wups.dll

2015-06-12 16:39:01 4D9BE5567F9DDC54D41907C9A95F61BF 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll

2015-06-12 16:39:01 478007800DAF83A33CECCD776E7FA734 37888 ----a-w- C:\Windows\Sysnative\wups2.dll

2015-06-12 16:39:01 4152B8E73C7198DBFBB1FD8A5FFD41F9 3147776 ----a-w- C:\Windows\Sysnative\wucltux.dll

2015-06-12 16:39:01 29F4030F3A449AAF68778C1C67603569 87040 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll

2015-06-12 16:39:01 19165E301A50829D28C27A832AD16FB0 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe

2015-06-12 16:39:01 14882A15F5CE7B8EADC8E7F54FD5B53B 2589184 ----a-w- C:\Windows\Sysnative\wuaueng.dll

2015-06-05 17:19:52 92C704590FCEDDA971B7A77945DCCDA4 74272 ----a-w- C:\Windows\Sysnative\RtNicProp64.dll

2015-06-05 11:54:52 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\Windows\Sysnative\aepic.dll

2015-06-05 11:54:52 CFF429F2234C1D1A5993E80F46C37CFB 1119232 ----a-w- C:\Windows\Sysnative\aeinv.dll

2015-06-05 11:54:52 B23AB4C401E2DE02C47B7497D41E2318 757248 ----a-w- C:\Windows\Sysnative\invagent.dll

2015-06-05 11:54:52 6F07FC190DBCB42C8A5319235F72F906 423424 ----a-w- C:\Windows\Sysnative\devinv.dll

2015-06-05 11:54:52 6E2EB5A36C3CCD917F7FF9BED7C1390E 45568 ----a-w- C:\Windows\Sysnative\acmigration.dll

2015-06-05 11:54:52 587BBA3B3959144334700EC48232712F 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll

2015-06-05 11:54:52 52DEF4C743C2EABD6BD3EDC790A0E778 1021440 ----a-w- C:\Windows\Sysnative\appraiser.dll

2015-06-05 11:54:52 2DCA988113A02EB9BCB98A5DC2D34E57 700416 ----a-w- C:\Windows\Sysnative\generaltel.dll

====== C:\Windows\Sysnative\drivers =====

2015-06-12 17:11:10 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2015-06-12 17:11:09 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

2015-06-12 16:37:25 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys

2015-06-05 17:19:52 ED5873F7DFB2F96D37F13322211B6BDC 428136 ----a-w- C:\Windows\Sysnative\drivers\Rt64win7.sys

2015-06-05 17:16:45 1F5E7AF59B390261A85F5BEDB1BB88B3 338536 ----a-w- C:\Windows\Sysnative\drivers\RtsPStor.sys

====== C:\Windows\Tasks ======

2015-06-01 17:22:32 5C28953A094C30D8BF5C8EE837DEDC0E 3554 ----a-w- C:\Windows\Sysnative\Tasks\GarminUpdaterTask

2015-05-20 10:34:49 9A0A09DBD8ABAC972A9957AADDC5FD38 3186 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForDavid

2015-05-20 10:34:49 30A479732E31C88094F53925C3EB0CA5 332 ----a-w- C:\Windows\Tasks\HPCeeScheduleForDavid.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2015-06-10 14:57:48 -------- d-----w- C:\PROGRA~2\GameforgeLive

2015-06-01 17:22:35 -------- d-----w- C:\PROGRA~2\Garmin

2015-05-19 12:38:11 -------- d-----w- C:\PROGRA~2\Zwift

======= C: =====

2015-06-12 17:28:02 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\asc_rdflag

====== C:\Users\David\AppData\Roaming ======

2015-06-15 13:32:58 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2015-06-15 13:32:58 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2015-06-15 13:32:57 -------- d-----w- C:\Users\David\AppData\Local\Temp

2015-06-13 18:07:18 -------- d-----w- C:\Users\David\AppData\Local\CycloAgent

2015-06-11 17:22:44 -------- d-----w- C:\Users\David\AppData\Local\Popcorn-Time

2015-06-11 17:20:34 -------- d-----w- C:\Users\David\AppData\Local\Popcorn Time

2015-06-10 14:58:06 -------- d-----w- C:\Users\David\AppData\Local\Gameforge4d

2015-06-02 19:02:09 -------- d-----w- C:\Users\David\AppData\Local\GWX

2015-06-01 17:23:55 -------- d-----w- C:\Users\David\AppData\Local\Garmin_Ltd._or_its_subsid

2015-06-01 17:23:53 -------- d-----w- C:\Users\David\AppData\Roaming\Garmin

2015-06-01 17:22:58 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Garmin_Ltd._or_its_subsid

2015-06-01 11:04:29 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps

====== C:\Users\David ======

2015-06-16 13:36:22 -------- d-----w- C:\ProgramData\ProductData

2015-06-15 12:45:15 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\David\Downloads\chromeinstall-8u45.exe

2015-06-13 11:58:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\David\Downloads\RSITx64.exe

2015-06-12 14:18:37 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\Users\David\Downloads\Silverlight_x64.exe

2015-06-10 14:57:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live

2015-06-01 17:22:58 -------- d-----w- C:\ProgramData\Garmin

2015-06-01 17:22:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

2015-05-19 12:38:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zwift

 

====== C: exe-files ==

2015-06-15 12:46:32 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe

2015-06-15 12:46:32 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe

2015-06-15 12:46:32 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe

2015-06-15 12:46:32 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe

2015-06-15 12:46:32 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe

2015-06-15 12:46:32 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe

2015-06-15 12:46:32 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe

2015-06-15 12:46:32 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe

2015-06-15 12:46:32 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe

2015-06-15 12:46:32 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe

2015-06-15 12:46:32 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe

2015-06-15 12:46:32 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe

2015-06-15 12:46:32 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe

2015-06-15 12:46:32 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe

2015-06-15 12:46:32 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe

2015-06-15 12:46:32 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe

2015-06-15 12:46:32 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe

2015-06-15 12:46:32 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe

2015-06-15 12:46:32 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe

2015-06-15 12:46:32 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe

2015-06-15 12:46:32 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe

2015-06-15 12:45:15 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\David\Downloads\chromeinstall-8u45.exe

2015-06-13 18:06:05 4DD98CF2C593C29DEED54834818ED160 70167842 ----a-w- C:\Program Files (x86)\CycloAgent\temp\mio_setup_1.0.132.1.exe

2015-06-13 17:54:06 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Install\{0CD806F6-8695-45CA-89CF-878B0B60C12D}\43.0.2357.124_chrome_installer.exe

2015-06-13 17:54:05 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_chrome_installer.exe

2015-06-13 11:58:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\David\Downloads\RSITx64.exe

2015-06-12 17:40:51 D171A87BC9906EFB81FEBCB929FFF806 95017400 ----a-w- C:\Users\David\Documents\Downloads\TTS41302_0.exe

2015-06-12 17:40:49 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\Users\David\Documents\Downloads\Silverlight_x64.exe

2015-06-12 17:40:48 74E3ACC64B1AD1E52BE9A5760B9610BA 41182032 ----a-w- C:\Users\David\Documents\Downloads\GarminExpressInstaller.exe

2015-06-12 17:40:47 664C1BC487D25D153235E0061208DE1B 48076576 ----a-w- C:\Users\David\Documents\Downloads\advanced-systemcare-setup.exe

2015-06-12 17:37:29 28CA7D1BB9FBFCA2B529D885E61491D8 933664 ----a-w- C:\Users\David\AppData\Roaming\IObit\IObit Uninstaller\PPUninstallertemp.exe

2015-06-12 17:11:15 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe

2015-06-12 17:11:15 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2015-06-12 17:11:10 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\System32\tracerpt.exe

2015-06-12 17:11:10 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2015-06-12 17:11:10 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\System32\conhost.exe

2015-06-12 17:11:10 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe

2015-06-12 17:11:10 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\System32\rstrui.exe

2015-06-12 17:11:08 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\System32\smss.exe

2015-06-12 17:11:08 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2015-06-12 17:11:08 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe

2015-06-12 17:11:08 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\System32\logman.exe

2015-06-12 17:11:08 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\System32\lsass.exe

2015-06-12 17:11:07 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe

2015-06-12 17:11:07 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe

2015-06-12 17:11:07 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\System32\typeperf.exe

2015-06-12 17:11:07 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\System32\relog.exe

2015-06-12 17:11:07 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe

2015-06-12 17:11:07 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe

2015-06-12 17:11:07 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\System32\diskperf.exe

2015-06-12 17:11:07 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\System32\auditpol.exe

2015-06-12 17:11:03 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2015-06-12 17:11:03 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2015-06-12 16:50:41 74D7DFE507EA48737061EA8E990157E8 2212944 ----a-w- C:\Program Files (x86)\Google\Update\Install\{1CE6E837-D028-4816-BFFC-F04383FB2D50}\43.0.2357.124_43.0.2357.81_chrome_updater.exe

2015-06-12 16:50:41 74D7DFE507EA48737061EA8E990157E8 2212944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_43.0.2357.81_chrome_updater.exe

2015-06-12 16:44:29 FF9877ABCA06D539264275321C97BB07 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2015-06-12 16:44:29 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2015-06-12 16:44:29 9F45DA24EBAE4180F70D03503580E8CA 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2015-06-12 16:44:29 8D4E75DEAA0FFBEFB5F366A4770D9644 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2015-06-12 16:44:29 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe

2015-06-12 16:44:29 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\System32\ie4uinit.exe

2015-06-12 16:44:29 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2015-06-12 16:44:29 52956B4DD1899CB09BB50FB939F6E99D 490496 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2015-06-12 16:44:29 2B3CF8F7903266E2AA5C9D9850FAA8F6 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2015-06-12 16:44:29 29874C10D7D0088CD8743EC8F5DABBE4 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2015-06-12 16:44:29 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\System32\ieUnatt.exe

2015-06-12 16:41:37 E39D7E7FCC5D4B77B8CBA52FEF8753DE 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe

2015-06-12 16:41:37 8D3316795ACCC0EC0DD6A844E046DA68 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2015-06-12 16:41:37 6F139F39295000E6301C0D08F7493CC6 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe

2015-06-12 16:41:37 5F7B628B5F10531E8DE3E711ED73AAD7 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2015-06-12 16:41:37 44854DDB738BF2C507FC2162245361D6 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe

2015-06-12 16:41:37 3505E5A7664FD84AC8AE51FE3B545AE1 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe

2015-06-12 16:39:01 E89F94AED85BF3611F61608C26B64177 135168 ----a-w- C:\Windows\System32\wuauclt.exe

2015-06-12 16:39:01 B4667963F9711C644F5E43D9A46D8680 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe

2015-06-12 16:39:01 19165E301A50829D28C27A832AD16FB0 36864 ----a-w- C:\Windows\System32\wuapp.exe

2015-06-12 14:18:37 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\Users\David\Downloads\Silverlight_x64.exe

=== C: other files ==

2015-06-15 12:46:32 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip

2015-06-13 17:59:05 C27D6272D8716360A24BE1FE4B09EAE9 53755757 ----a-w- C:\Program Files (x86)\CycloAgent\temp\mio_setup_1.0.132.1.zip

2015-06-12 17:11:10 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2015-06-12 17:11:09 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2015-06-12 16:41:59 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\System32\win32k.sys

2015-06-12 16:37:25 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\System32\drivers\stream.sys

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Facebook Update"="C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Polar FlowSync"="C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe"

"Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Facebook Update"="C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Polar FlowSync"="C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe"

"Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

 

==== Startup Registry Disabled ======================

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

 

 

==== Startup Folders ======================

 

2013-07-20 13:42:34 1235 ----a-w- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

2011-05-18 09:27:37 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000Core.job --a------ C:@C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000UA.job --a------ C:@C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:.6C:\ProgramC:FilesC:x86\Google\Update\GoogleUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/07/2013 19:05]

C:\Windows\tasks\HPCeeScheduleForDavid.job --a------ [undetermined Task]

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\ASC8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe]

"C:\Windows\SysNative\tasks\ASC8_SkipUac_David" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000Core" [C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000UA" [C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForDavid" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe]

"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_David" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]

"C:\Windows\SysNative\tasks\{5D9A4FC7-5D07-47C1-ABC6-A925C461B5B3}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{5DFE2574-4F57-40F0-882C-742CE9B3A706}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{7B0FEDE2-B25D-4EA2-814C-09A75A383359}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{960A14E6-D2B9-414D-98D6-2E961A70DE5B}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{FC6A3016-9CF0-49C8-9034-598422B18E97}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

 

==== Firefox Extensions Registry ======================

 

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [16/11/2014 15:17]

 

==== Chromium Look ======================

 

Google Chrome Version: 43.0.2357.124

 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nhfpefkeidlhbjljfdojcnngjbddgein - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[17/11/2010 07:36]

 

Google Slides - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Google Docs - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Embed WMPlayer inline - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bamkbfdmckphehgiafpenehgebjgdlli

Hootsuite Hootlet - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn

YouTube - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Calendar - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn

Google Sheets - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Google Maps - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh

Website Logon - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein

Facebook Notifications - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmameahlembdcigphohgiodcgjomcgeo

Google Wallet - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== Chromium Startpages ======================

 

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences

ve_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.com:443":{"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":73298},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":90895}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":48813},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":196772}},"www.gstatic.com:443":{"supports_spdy":true},"www.youtube-nocookie.com:443":{"supports_spdy":true},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube.com:443":{"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true}},"supports_quic":{"address":"10.0.31.49","used_quic":true},"version":3}},"ntp":{"app_page_names":["Apps"]},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"fullscreen":1}},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"david","per_host_zoom_levels":{}},"protection":{"macs":{}},"selectfile":{"last_directory":"C:\\Users\\David\\Downloads"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13078608218934858"},"translate_accepted_count":{"en":1},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":0},"translate_last_denied_time":1434196906108.058,"translate_too_often_denied":true,"translate_whitelists":{}}

er spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"janssendavid1@gmail.com"}},"homepage":"","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"A606D58D858E7BB4898601019BA0718729BBCABC21C62B8193295A0E0E81065D"},"default_search_provider":{"keyword":"316DAE58C278D8EF4CF9643DC75E50BEBEDA518F90A74AF4E5DE4B0381C4D6A4","name":"3EAEC1642313258E7B5112EDA75E56C898AC1FF7374189AB08D9AF0AAC008EFF","search_url":"5BB14F6FD8D692C67730B0D60B3AEE3A3EA4BD88D67697A8D41FECF5715160AD"},"default_search_provider_data":{"template_url_data":"3D2F14CB2EE74B250321967817C1017CBF5E2EAA86F56414884159C82EBBF3A4"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"CC1AE5EC7CD57F098FC54E9DFF88C0ECA14B3381BA9C6527209E60A3F63D0095","ahfgeienlihckogmohjhadlkjgocpleb":"52D3E7A538EDCF8C7D69B7423A85AC9378F6A0A84E2D270743BE917021CE277F","aohghmighlieiainnegkcijnfilokake":"B0280F247E451F6282201C654C527F2B2F334F1EB00740CFAC5E1F431C31515A","apdfllckaahabafndbhieahigkjlhalf":"01C8833AA1459FEA6893B4832EC87A913E3D7441B17F5A49F4EDF3C4569BB0EB","bamkbfdmckphehgiafpenehgebjgdlli":"98ED2F2F839E7424EF45927BD7408FCB383CC5E03D831F8C3BC706A0DC5CA701","bepbmhgboaologfdajaanbcjmnhjmhfn":"67764E9257E4155645FCF7F14CA1AF2E3390CF76E9ACA7C9274C30AE6BE953ED","bjgfdlplhmndoonmofmflcbiohgbkifn":"4A7F3B1A0BBEE13C550593BEEBC4CA16D2246F408B94CCA01867E557C13F8168","blpcfgokakmgnkcojhhkbfbldkacnbeo":"7156E2F23D1E8C531B1B83572E60570DEDABE85D05991C4BE89DDB61B6CFAF97","coobgpohoikkiipiblmjeljniedjpjpf":"32A8262B3BEBDB196AFEA194EA936E57EC49E9B7F90EABE710CA068585A1E001","ebjecbnjnlpimkjjbejpkpnnaikidkfn":"F0029EF04796798FC29428B1C80409601C3C2D962FD4AF730D1AA767A00009D9","eemcgdkfndhakfknompkggombfjjjeno":"5CDE183D4BC3A45EC272F3B6B2C85A7CB42A6B8B435EB6A755665AA0CFC0AD0C","ejjicmeblgpmajnghnpcppodonldlgfn":"10381AFD14442675F847348BFD00039065C8AC58A64396344BD99F7A2499F284","ennkphjdgehloodpbhlhldgbnhmacadg":"8B099CDF75AC959C757958D613041A94EE203ADFA6A8441FC0D86BFB66BC130B","felcaaldnbdncclmgdcncolpebgiejap":"4D4AB2233C173E360F74452EFA19E9EEA538D7A48C6E62F9D6A5D7D6A1212DB3","gfdkimpbcpahaombhbimeihdjnejgicl":"5808DA2E0D1DFDCC03F3367ED633F72ED5B01CF39E41692653F6A55FD3B6D6C1","kmendfapggjehodndflmmgagdbamhnfd":"D5F2C559094B49433F8DF18440D3103E50F6F6A4C97DC212B53733FBDEDD5D55","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"529A658733419684E507A597D0B1921B1CB7393124B7E25936978275BA1D8F07","lneaknkopdijkpnocmklfnjbeapigfbh":"0CD6EFF866144D18E8D20D2C121E53FEF1BB2091B85B8207960FCBA10CBD4EC6","mfehgcgbbipciphmccgaenjidiccnmng":"D8D3F6B747DD8E18D8CA74A0FE507BF7E8231D8C400E8F02ED9A29D84DA603F9","mfffpogegjflfpflabcdkioaeobkgjik":"573A41AFF99085E095A31210D05E51ABCC03A0D232539D0975CD450AFA6F12B2","mgndgikekgjfcpckkfioiadnlibdjbkf":"C06C2DBE01C2D80834BC4477C81F8BC44D8262531309BE83A2F88772A008D1BD","mhjfbmdgcfjbbpaeojofohoefgiehjai":"B23125DDCE3D1F57DEA9FA4B1A248971F30100B70F1A53F70A13FE4A62BBE89E","neajdppkdcdipfabeoofebfddakdcjhd":"0948EFC76C6AEB83155EE76CCF56EE8D8EB66292DAD12CDC729C42AB41C818A4","nhfpefkeidlhbjljfdojcnngjbddgein":"A95C49E7874B02D0647ABAEAA1E2CCC1A7DA95279D870A33AD98C38F364C1D0C","nkeimhogjdpnpccoofpliimaahmaaome":"1E1EB27C33A4632676354C14629B6919529A6F035E8CC4FA822D77156E7169FB","nmameahlembdcigphohgiodcgjomcgeo":"6C8518A02BBEEC9CB9957F4083EE3338E169495B5340EE9F13D29907CA356387","nmmhkkegccagdldgiimedpiccmgmieda":"FBF02775B0DAABCB37BED19CEE30BF320CF49CF673299995FB9382FDA9EB5C7D","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"6EE7E65B8C1FA93A68EDB6AB3C967DB83750B37650BE58EA8875C97F113905AF","pjkljhegncpnkpknbcohdijeoejaedia":"DFBE4218953E572DD7BB58E97DE4315721820077CF1D9CFBADE6EC105AC40B70"}},"google":{"services":{"last_username":"12A0F75C19ED74C98C7A928E8D9A664EB44631D79011BCA707C31FB302CCC9C5","username":"61D54C862D2FF4C4E3EC7F3F357443EF63E4713E173C5DEF539EF4EF2B2EE56A"}},"homepage":"53F2B96F4CF9CCC97884D856DA0764AA37D62B60FA25B082DC1A07555BDBE3AB","homepage_is_newtabpage":"082D4575546FA599A86033E016E55E3B73CCF3C322E3AC0D412AEEE51183B691","pinned_tabs":"1D2CAB0C1B284689D240908EF40518AFAC10925A624FC1B673008D77046EFADC","prefs":{"preference_reset_time":"AC1BA9DF63BCC24D012602C21578615260515329AFDB86254C238BD2BFCBEFA0"},"profile":{"reset_prompt_memento":"8E2EA3616FC57D5F8AF601E3FE3CCB909DEF5136ED9BBBCFED27DEEB8C7EF87A"},"safebrowsing":{"incidents_sent":"7975353FB54E3F1807D16547F6416B00BE21E69543126A2E330BD00499E76FFA"},"search_provider_overrides":"E74DDFB0F82F9B9D37E92065D145945ECE02BB2FE3A3DB6B6D9896AF467C8E6A","session":{"restore_on_startup":"FFFCFB678E420D14C20D472FD47A516460D61873B2B89DF6CD86C07F45EFB234","startup_urls":"0A15A7EC81A60EE56EA65999A5BE122E9E363D82E4493FBB2EC8A0A520BD62BB"},"software_reporter":{"prompt_reason":"97014564BEF7D7804D21866FB9CAD8E29CE8DFE5FAD8489CADC4E4E4CE543DB4","prompt_seed":"1E46C399372C390B2EBD1157694FEBEDAC6C600A2BB9D0317241514E4D90D2A9","prompt_version":"4FC9807B2DEF3432993DAD46D463C873696AB5E91A2DCD90B74F67CB776430E9"},"sync":{"remaining_rollback_tries":"60CAD7DE37EA33CD93B6D0D786AC117F751EE75B3B79BFD6C63A5FF678B4E9D4"}},"super_mac":"E6064223A0AE37606AB607BAEF696BE3124FA71B455E6791E346FDDABFA7B8B1"},"session":{"restore_on_startup":5,"startup_urls":["https://www.google.be/"]},"sync":{"remaining_rollback_tries":0}}

 

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

 

==== HijackThis Entries ======================

 

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Polar FlowSync] C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

O4 - HKCU\..\Run: [Mio Share] C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio\Mio Share.appref-ms

O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe

O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe

O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

O23 - Service: NI LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

==== Empty IE Cache ======================

 

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

 

==== Empty FireFox Cache ======================

 

No FireFox Profiles found

 

==== Empty Chrome Cache ======================

 

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache Emptied Successfully

 

==== Empty All Java Cache ======================

 

Java Cache cleared successfully

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=158 folders=53 98536581 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\David\AppData\Local\Temp will be emptied at reboot

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\Windows\Temp successfully emptied

C:\Users\David\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== EOF on di 16/06/2015 at 15:52:42,12 ======================
Geplaatst:

Je voert de instructies niet correct uit en daardoor krijgen we ook niet het gewenste resultaat.

Volg aub de instructies correct op, zowel voor het uitvoeren van zoek.exe als voor het plaatsen van het log bestand.

 

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  • Selecteer en kopieer nu onderstaande code.
{10921475-03CE-4E04-90CE-E2E7EF20C814};c
C:\Users\David\AppData\Local\Popcorn-Time;fs
C:\Users\David\AppData\Local\Popcorn Time;fs
CHRdefaults;
autoclean;
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik op de knop Paste from clipboard.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Geplaatst:

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by David on do 18/06/2015 at 15:07:04,08.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\David\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-01-17-185440.log 130748 bytes

C:\zoek-results2015-06-15-134153.log 77038 bytes

C:\zoek-results2015-06-16-135242.log 70044 bytes

==== Empty Folders Check ======================

C:\PROGRA~3\ProductData deleted successfully

C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully

C:\Users\David\AppData\Roaming\hpqLog deleted successfully

C:\Users\David\AppData\Local\EmieBrowserModeList deleted successfully

C:\Users\David\AppData\Local\EmieSiteList deleted successfully

C:\Users\David\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX

Adobe Reader 9.5.5 MUI

Adobe Shockwave Player 11.5

Advanced SystemCare 8

ANT Drivers Installer x64

ATI Catalyst Install Manager

Broadcom 802.11 Wireless LAN Adapter

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCleaner

Col du Glandon 2014 (Marmotte 1) - FR

Contr“le ActiveX Windows Live Mesh pour connexions … distance

CyberLink DVD Suite

CyberLink YouCam

CycloAgent

Elevated Installer

Energy Star Digital Logo

ESU for Microsoft Windows 7

Facebook Video Calling 3.1.0.521

ffdshow [rev 3154] [2009-12-09]

Free YouTube to MP3 Converter version 3.12.50.1111

Galerie de photos Windows Live

Garmin Express

Garmin Express Tray

Google Chrome

Google Earth

Google Update Helper

Hewlett-Packard ACLM.NET v1.2.2.3

HP 3D DriveGuard

HP Auto

HP Client Services

HP CloudDrive

HP Customer Experience Enhancements

HP Documentation

HP On Screen Display

HP Power Manager

HP Quick Launch

HP Setup

HP Setup Manager

HP SimplePass 2011

HP Software Framework

HP Support Assistant

HP Wireless Assistant

IDT Audio

Intel® Control Center

Intel® Display Audio Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

IQO2

Java 8 Update 45

Java Auto Updater

LabelPrint

LightScribe System Software

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4.5.1

Microsoft .NET Framework 4.5.1 (Nederlands)

Microsoft .NET Framework 4.5.1 (NLD)

Microsoft Application Error Reporting

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030

Microsoft XNA Framework Redistributable 3.0

Microsoft XNA Framework Redistributable 3.1

Mio Share

MP3jam 1.1.1.2

National Instruments Software

NavDesk 7.50

NI-DIM 1.13.0f0

NI-DIM 1.13.0f0 for 64 Bit Windows

NI-ORB 1.10.0f0

NI-ORB 1.10.0f0 for 64 Bit Windows

NI-PAL 2.9.1 64-Bit Error Files

NI-PAL 2.9.1 Error Files

NI-PAL 2.9.1f0

NI-PAL 2.9.1f0 for 64 Bit Windows

NI-RPC 4.3.0f0

NI-RPC 4.3.0f0 for 64 Bit Windows

NI-VISA Runtime 5.4.0

NI-VISA x64 support 5.4.0

NI Certificates Deployment Support

NI EulaDepot

NI LabVIEW Run-Time Engine 2010

NI LabVIEW Run-Time Engine Interop 2010

NI LabVIEW Web Server for Run-Time Engine

NI LabWindows/CVI 2010 SP1 Low-Level Driver (Original)

NI LabWindows/CVI 2010 SP1 Low-Level Driver (Updated)

NI Logos 5.2.0

NI Logos XT Support

NI Logos64 5.2.0

NI Logos64 XT Support

NI Math Kernel Libraries

NI Math Kernel Libraries (64-bit)

NI MDF Support

NI mDNS Responder 2.2 for Windows 64-bit

NI mDNS Responder 2.2.0

NI Security Update (KB 67L8LCQW)

NI Security Update (KB 67L8LCQW) (64-bit)

NI Security Update (KB5Q5FJ4QW) - LabVIEW Run-Time Engine 2010

NI Security Update (KB67L8L0QW)

NI Service Locator 13.0

NI System State Publisher

NI System State Publisher (64-bit)

NI Trace Engine

NI Trace Engine (64-bit)

NI Uninstaller

NI VC2008MSMs x64

NI VC2008MSMs x86

NI Xerces Delay Load 2.7.3

NI Xerces Delay Load 2.7.3 64-bit

OpenOffice.org 3.4.1

PictureMover

Polar FlowSync versie 2.3.8

PX Profile Update

RadioSure

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

Recovery Manager

Renesas Electronics USB 3.0 Host Controller Driver

Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)

Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)

Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)

Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)

Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)

Security Update for Microsoft .NET Framework 4.5.1 (KB3023224)

Security Update for Microsoft .NET Framework 4.5.1 (KB3035490)

Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)

SkypeT 7.0

Speccy

Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)

Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)

Surfing Protection

Synaptics TouchPad Driver

Tacx System Requirements Tester

Tacx Trainer software 4

Tacx Video Installation Support

TrainingPeaks Device Agent

TTS Launcher

Unity Web Player

Validity WBF DDK

Virtual COM Port Driver

VISA Shared Components 64-Bit

Visual Studio 2012 x64 Redistributables

Visual Studio 2012 x86 Redistributables

Windows Driver Package - Silicon Laboratories (silabenm) Ports (12/10/2012 6.6.1.0)

Windows Live Fotogalerie

Windows Live Mail

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh

Windows Live Mesh ActiveX control for remote connections

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live Remote Client Resources

Windows Live Remote Service Resources

Windows Live Writer

Windows Live Writer Resources

Zwift version 1.0.3

==== Running Processes ======================

C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe

C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\SysWOW64\lkcitdl.exe

C:\Windows\SysWOW64\lkads.exe

C:\Windows\SysWOW64\lktsrv.exe

C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe

C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe

C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\David\Downloads\zoek.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found

C:\Users\David\AppData\Local\Popcorn-Time deleted

C:\Users\David\AppData\Local\Popcorn Time deleted

C:\Users\David\AppData\Roaming\ProductData deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 4044 MB

CPU Info: Intel® Core i7-2630QM CPU @ 2.00GHz

CPU Speed: 1969,3 MHz

Sound Card: Luidsprekers en koptelefoons (I |

Communicatie koptelefoons (IDT |

Display Adapters: Mobile Intel® HD Graphics | Mobile Intel® HD Graphics | Radeon HD 6490M | Radeon HD 6490M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1600 X 900 - 32 bit

Network: Network Present

Network Adapters: Broadcom 4313 (802.11b/g/n) | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: hp CDDVDW TS-L633R

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C: 446,5GB | D: 19,0GB

Hard Disks - Free: C: 360,9GB | D: 2,3GB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 10/05/11 | HPQOEM - 1

Time Zone: Romance (standaardtijd)

Motherboard *: Hewlett-Packard 1659

Country: Belgi‰

Language: NLB

==== System Specs (Software) ======================

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 43.0.2357.124

Internet Explorer Version: 11.0.9600.17843

Google Chrome version: 43.0.2357.124

Adobe Reader version: 9.5.5.316

Sun Java version: 1.8.0_45 (32-bit)

Sun Java version: 1.8.0_45 (64-bit)

Shockwave Player version: 11.5.8r612

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\David\AppData\Local\Temp ====

2015-06-18 12:34:57 7F5AB14271F9813AAB9D431F1C836C12 126264 ----a-w- C:\Users\David\AppData\Local\Temp\TUUUninstallHelper.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2015-06-18 12:52:48 C4ECB9E46DD3B7B3E1E8FEBDBBD00B6C 98811 ----a-w- C:\Windows\SysWOW64\_m.dmp

2015-06-12 17:11:18 2CA16814DA3C5B2D8C7E70DC47A45ED1 551424 ----a-w- C:\Windows\SysWOW64\kerberos.dll

2015-06-12 17:11:15 9E68E1BDEBD85FC8803707370BE0FC6E 641536 ----a-w- C:\Windows\SysWOW64\advapi32.dll

2015-06-12 17:11:15 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2015-06-12 17:11:10 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2015-06-12 17:11:10 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe

2015-06-12 17:11:09 EA141596564AE0C670EDD0F2636EC29C 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll

2015-06-12 17:11:09 BBABC6702529CFADAC0EC2B28168A288 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll

2015-06-12 17:11:09 8C7635292CFF4901F058269454A1D64E 1310744 ----a-w- C:\Windows\SysWOW64\ntdll.dll

2015-06-12 17:11:08 A9E8F961F7FE1EDEEF8F46EEB800F2D8 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll

2015-06-12 17:11:08 9A50B2567918BF7DDD600ECE5DB5ED76 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll

2015-06-12 17:11:08 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2015-06-12 17:11:08 65A5E27C2217D606E212B6088CCD6104 92160 ----a-w- C:\Windows\SysWOW64\sechost.dll

2015-06-12 17:11:08 5643A88C6DA8AAEC9CE2845431942650 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll

2015-06-12 17:11:08 4238391DE3E3FDCD2C731C1E4E0F402C 635392 ----a-w- C:\Windows\SysWOW64\tdh.dll

2015-06-12 17:11:08 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe

2015-06-12 17:11:07 FCA6EFFEE6D7D42E794F0E538297026C 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll

2015-06-12 17:11:07 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe

2015-06-12 17:11:07 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe

2015-06-12 17:11:07 D877133532CE090502B1166B360E9516 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll

2015-06-12 17:11:07 7A9F94E0F53C8F6E09405351AC104A3C 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll

2015-06-12 17:11:07 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe

2015-06-12 17:11:07 558227F567E977D71B9182013EF03E9C 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll

2015-06-12 17:11:07 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe

2015-06-12 17:11:07 2D23A10FBFA09DC1B61799128BBA91A2 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll

2015-06-12 17:11:06 F72A9953199EF5807D595AE3694B5D01 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll

2015-06-12 17:11:05 F81920ADB15012CF4E9FF8238C85686A 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll

2015-06-12 17:11:05 6C730482615C97B923B88C648FF554A3 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll

2015-06-12 17:11:03 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2015-06-12 17:11:03 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2015-06-12 17:11:03 52C869A640B8169D7C8460FB1646ABF5 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll

2015-06-12 17:11:02 2E65BF3D85BB2C831669FBCBDE6C9879 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll

2015-06-12 17:11:01 7E7933E63BBE2BE71CC908EF140458EF 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll

2015-06-12 17:11:01 619D5101114C71E1A4A585C5E68301B7 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll

2015-06-12 16:44:29 FB5C9234E4BF6BDAF4A954763A4582BA 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll

2015-06-12 16:44:29 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll

2015-06-12 16:44:29 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\Windows\SysWOW64\html.iec

2015-06-12 16:44:29 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\Windows\SysWOW64\wininet.dll

2015-06-12 16:44:29 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2015-06-12 16:44:29 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2015-06-12 16:44:29 C93AE4D14AEF5169791B35D97AE7C9FC 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2015-06-12 16:44:29 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll

2015-06-12 16:44:29 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll

2015-06-12 16:44:29 9F6066005D8B8620598085C7499E9B70 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll

2015-06-12 16:44:29 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2015-06-12 16:44:29 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2015-06-12 16:44:29 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2015-06-12 16:44:29 8C8B8C78C0CCD5D36ABCB115B0B581E1 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2015-06-12 16:44:29 8C3A03295F56D1FFB51D9D05DA42B12D 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll

2015-06-12 16:44:29 85E21CCF38166E0D6DE2E42D9D3823BD 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll

2015-06-12 16:44:29 81C1182A9EE7AC4D21187811DE66A7D0 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2015-06-12 16:44:29 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll

2015-06-12 16:44:29 7C9F8DB66A56306C5BBE97F9FC0F01EF 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2015-06-12 16:44:29 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2015-06-12 16:44:29 5C06EE62F06E990E9521EA80B8D4D4B8 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2015-06-12 16:44:29 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2015-06-12 16:44:29 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2015-06-12 16:44:29 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2015-06-12 16:44:29 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2015-06-12 16:44:29 1A628C1F5470F0AF21E37E425026F27A 478208 ----a-w- C:\Windows\SysWOW64\ieui.dll

2015-06-12 16:44:29 185490A6C3BEDAC5EF547314F68AB07B 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-06-12 16:44:29 17B0852D8202A872C3E6D01B518B6A4E 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll

2015-06-12 16:42:44 58788565442368B0615DDAF1D452B843 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll

2015-06-12 16:41:37 DA27A4EA7B7C77FAFDB3F94D83E310C1 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL

2015-06-12 16:41:37 A98E8F79C738CAF23C152DBCABD978FE 11411456 ----a-w- C:\Windows\SysWOW64\wmp.dll

2015-06-12 16:41:37 605E9B2CFA3445ED7716D0B345EE21EC 8192 ----a-w- C:\Windows\SysWOW64\spwmp.dll

2015-06-12 16:41:37 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\msdxm.ocx

2015-06-12 16:41:37 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\Windows\SysWOW64\dxmasf.dll

2015-06-12 16:39:01 C1D7451054FEDC3F96F2903B6F84A4EE 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll

2015-06-12 16:39:01 B4667963F9711C644F5E43D9A46D8680 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe

2015-06-12 16:39:01 81AE5637F2D2DE4DAF67F540F5A076AA 30208 ----a-w- C:\Windows\SysWOW64\wups.dll

2015-06-12 16:39:01 61302CE8DDB8513A4FF03CEE2A14471F 92672 ----a-w- C:\Windows\SysWOW64\wudriver.dll

2015-06-12 16:39:01 4A99665068B907CCB0EE4A5D3F2584D7 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll

2015-06-05 17:16:45 6C1EEE6FBCDD2B07398495CE7C9ECC0A 9888360 ----a-w- C:\Windows\SysWOW64\RtsPStorIcon.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2015-06-15 12:48:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Sysnative\RENDEAB.tmp

2015-06-12 17:11:21 AA5319FA8602676B5D3A2B4A1355896D 1255424 ----a-w- C:\Windows\Sysnative\diagtrack.dll

2015-06-12 17:11:20 6ECD6D92F43C2DC55099F892978D5BE7 728576 ----a-w- C:\Windows\Sysnative\kerberos.dll

2015-06-12 17:11:19 8DCA1C70AF170C3FBCE47A4F49BFC887 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll

2015-06-12 17:11:16 93A05407F8E53BC731C42AAD56163F80 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll

2015-06-12 17:11:16 6FDF03A3B110C5264F52F979335AE301 1162752 ----a-w- C:\Windows\Sysnative\kernel32.dll

2015-06-12 17:11:15 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe

2015-06-12 17:11:15 4FFD08A01047EF6B58F6EB4E6D001A8D 879104 ----a-w- C:\Windows\Sysnative\advapi32.dll

2015-06-12 17:11:11 53042708C242959B3924242FBBE297B1 1728960 ----a-w- C:\Windows\Sysnative\ntdll.dll

2015-06-12 17:11:10 FF9BBFAE899091C1FF0D1A3F2C587911 243712 ----a-w- C:\Windows\Sysnative\wow64.dll

2015-06-12 17:11:10 CCB352B939B77B38983DD878C547451F 503808 ----a-w- C:\Windows\Sysnative\srcore.dll

2015-06-12 17:11:10 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\Sysnative\tracerpt.exe

2015-06-12 17:11:10 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\Sysnative\conhost.exe

2015-06-12 17:11:10 2313AF8D5A9CEB4A55400A01DD311A95 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll

2015-06-12 17:11:10 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\Sysnative\rstrui.exe

2015-06-12 17:11:09 996EE6571ADB880A60846DD02C8D5869 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll

2015-06-12 17:11:09 37DFCC91E419952772E02F2B3BBB2E2B 342016 ----a-w- C:\Windows\Sysnative\schannel.dll

2015-06-12 17:11:08 AD54856A16B635720B0BE5FAF44526FC 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll

2015-06-12 17:11:08 A929B9ABA1083AF35ECE7BD63AF3E42F 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll

2015-06-12 17:11:08 A5F57F4866C2DC7F8215058D7D56BD21 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll

2015-06-12 17:11:08 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\Sysnative\smss.exe

2015-06-12 17:11:08 7C5E375F20F639607376351A8BCC0647 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll

2015-06-12 17:11:08 66DF73B202105406602941778792FE3D 879104 ----a-w- C:\Windows\Sysnative\tdh.dll

2015-06-12 17:11:08 4F90A7A0FCBC0ED18E573917860062FF 113664 ----a-w- C:\Windows\Sysnative\sechost.dll

2015-06-12 17:11:08 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\Sysnative\logman.exe

2015-06-12 17:11:08 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\Sysnative\lsass.exe

2015-06-12 17:11:07 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\Sysnative\typeperf.exe

2015-06-12 17:11:07 D68690450978D127E030FB14E9B2023B 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll

2015-06-12 17:11:07 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\Sysnative\relog.exe

2015-06-12 17:11:07 6ACD3C75BE449F039E1A4E43424D5B6F 28160 ----a-w- C:\Windows\Sysnative\secur32.dll

2015-06-12 17:11:07 5EC57AC6DC16CB8A058CA019AA2C188D 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll

2015-06-12 17:11:07 5A17FF38EDE95B2313E428BF444126D7 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll

2015-06-12 17:11:07 289D99B0879C6ED5C6D1B3A856CA6DA3 22016 ----a-w- C:\Windows\Sysnative\credssp.dll

2015-06-12 17:11:07 20BD408AC3F8576997D6A47F48A1C5B2 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll

2015-06-12 17:11:07 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\Sysnative\diskperf.exe

2015-06-12 17:11:07 13DE715D959DD502CFD52DC920408B33 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll

2015-06-12 17:11:07 11D5815F0DC571CE3C72213B375860B1 50176 ----a-w- C:\Windows\Sysnative\srclient.dll

2015-06-12 17:11:07 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe

2015-06-12 17:11:03 AF557D115972A73964FC8F209300948A 6656 ----a-w- C:\Windows\Sysnative\apisetschema.dll

2015-06-12 17:11:02 6ACFCC28E4D60B5A931D8749332A14E2 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll

2015-06-12 17:11:01 8A4EB32C7C948F70EAC6F85063596A39 36864 ----a-w- C:\Windows\Sysnative\UtcResources.dll

2015-06-12 17:11:01 837BBE4170D5A75F293BD6F294A8FE34 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll

2015-06-12 17:11:01 6E882D7CA34073890107559B5A515A24 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll

2015-06-12 16:44:29 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2015-06-12 16:44:29 D202078FBA3A77B85D39669EE4110DE2 389840 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2015-06-12 16:44:29 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\Windows\Sysnative\jscript9.dll

2015-06-12 16:44:29 AFF5C12099B87FA645F8867701729894 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2015-06-12 16:44:29 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\Windows\Sysnative\ieframe.dll

2015-06-12 16:44:29 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2015-06-12 16:44:29 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\Windows\Sysnative\mshtml.dll

2015-06-12 16:44:29 9E2B8C0601E3D460F78F0233B509CE4F 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll

2015-06-12 16:44:29 9DB8E01D5A546FAFCACE95489E351186 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll

2015-06-12 16:44:29 8909A24DA8B5C426CF6595BA843B6CC5 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll

2015-06-12 16:44:29 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll

2015-06-12 16:44:29 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\Windows\Sysnative\jscript.dll

2015-06-12 16:44:29 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll

2015-06-12 16:44:29 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe

2015-06-12 16:44:29 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2015-06-12 16:44:29 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll

2015-06-12 16:44:29 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll

2015-06-12 16:44:29 5F8EE9311ECF078CD9426874FFAD660C 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll

2015-06-12 16:44:29 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe

2015-06-12 16:44:29 4BD747AAF01C480901B3E777EC48826B 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll

2015-06-12 16:44:29 4A5A84B457C72E79A64AE4036EC6BB0E 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll

2015-06-12 16:44:29 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\Windows\Sysnative\wininet.dll

2015-06-12 16:44:29 3C3E159F284F51D55DB59C3D0B843979 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2015-06-12 16:44:29 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll

2015-06-12 16:44:29 36F3718E67F442F54AB4A39DCDD8FD19 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll

2015-06-12 16:44:29 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\Windows\Sysnative\ieui.dll

2015-06-12 16:44:29 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll

2015-06-12 16:44:29 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\Windows\Sysnative\html.iec

2015-06-12 16:44:29 16091938F6CDBCCCBA1CBE24600121BC 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll

2015-06-12 16:44:29 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2015-06-12 16:44:29 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2015-06-12 16:44:29 06A8CE6C3AE6B7916F026B0EFDDCAAA5 199680 ----a-w- C:\Windows\Sysnative\msrating.dll

2015-06-12 16:42:44 51F89CE2D0FEC66070354504E6C4C3E4 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll

2015-06-12 16:41:59 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\Sysnative\win32k.sys

2015-06-12 16:41:37 9D80A82B0BB77AC3EF6A87FA0C534E20 14635008 ----a-w- C:\Windows\Sysnative\wmp.dll

2015-06-12 16:41:37 834FD7C31EA16D59CC3B2DC60F2F2620 9728 ----a-w- C:\Windows\Sysnative\spwmp.dll

2015-06-12 16:41:37 51ECEE70F33601310DDEF3EEE39550D3 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL

2015-06-12 16:41:37 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\msdxm.ocx

2015-06-12 16:41:37 1A8C5D4BE449E4A9D8667A341E535E22 5120 ----a-w- C:\Windows\Sysnative\dxmasf.dll

2015-06-12 16:39:01 E89F94AED85BF3611F61608C26B64177 135168 ----a-w- C:\Windows\Sysnative\wuauclt.exe

2015-06-12 16:39:01 D7897C17117286A237A639209F53C51C 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll

2015-06-12 16:39:01 C8C3839305F2C4D9A4B33DE6AB83334E 191488 ----a-w- C:\Windows\Sysnative\wuwebv.dll

2015-06-12 16:39:01 A76DAC2E9CBB9595D2F806CBFB5C0BC4 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll

2015-06-12 16:39:01 803E9B4DF2E931FDB3210F342B89BE9F 36864 ----a-w- C:\Windows\Sysnative\wups.dll

2015-06-12 16:39:01 4D9BE5567F9DDC54D41907C9A95F61BF 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll

2015-06-12 16:39:01 478007800DAF83A33CECCD776E7FA734 37888 ----a-w- C:\Windows\Sysnative\wups2.dll

2015-06-12 16:39:01 4152B8E73C7198DBFBB1FD8A5FFD41F9 3147776 ----a-w- C:\Windows\Sysnative\wucltux.dll

2015-06-12 16:39:01 29F4030F3A449AAF68778C1C67603569 87040 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll

2015-06-12 16:39:01 19165E301A50829D28C27A832AD16FB0 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe

2015-06-12 16:39:01 14882A15F5CE7B8EADC8E7F54FD5B53B 2589184 ----a-w- C:\Windows\Sysnative\wuaueng.dll

2015-06-05 17:19:52 92C704590FCEDDA971B7A77945DCCDA4 74272 ----a-w- C:\Windows\Sysnative\RtNicProp64.dll

2015-06-05 11:54:52 E87D4371B24BC9E5BAE95AEA60FFD959 193536 ----a-w- C:\Windows\Sysnative\aepic.dll

2015-06-05 11:54:52 CFF429F2234C1D1A5993E80F46C37CFB 1119232 ----a-w- C:\Windows\Sysnative\aeinv.dll

2015-06-05 11:54:52 B23AB4C401E2DE02C47B7497D41E2318 757248 ----a-w- C:\Windows\Sysnative\invagent.dll

2015-06-05 11:54:52 6F07FC190DBCB42C8A5319235F72F906 423424 ----a-w- C:\Windows\Sysnative\devinv.dll

2015-06-05 11:54:52 6E2EB5A36C3CCD917F7FF9BED7C1390E 45568 ----a-w- C:\Windows\Sysnative\acmigration.dll

2015-06-05 11:54:52 587BBA3B3959144334700EC48232712F 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll

2015-06-05 11:54:52 52DEF4C743C2EABD6BD3EDC790A0E778 1021440 ----a-w- C:\Windows\Sysnative\appraiser.dll

2015-06-05 11:54:52 2DCA988113A02EB9BCB98A5DC2D34E57 700416 ----a-w- C:\Windows\Sysnative\generaltel.dll

====== C:\Windows\Sysnative\drivers =====

2015-06-12 17:11:10 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys

2015-06-12 17:11:09 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys

2015-06-12 16:37:25 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\Sysnative\drivers\stream.sys

2015-06-05 17:19:52 ED5873F7DFB2F96D37F13322211B6BDC 428136 ----a-w- C:\Windows\Sysnative\drivers\Rt64win7.sys

2015-06-05 17:16:45 1F5E7AF59B390261A85F5BEDB1BB88B3 338536 ----a-w- C:\Windows\Sysnative\drivers\RtsPStor.sys

====== C:\Windows\Tasks ======

2015-06-01 17:22:32 5C28953A094C30D8BF5C8EE837DEDC0E 3554 ----a-w- C:\Windows\Sysnative\Tasks\GarminUpdaterTask

2015-05-20 10:34:49 E042D370278A4892FFE77E1288A0485F 3186 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForDavid

2015-05-20 10:34:49 D832AE985D8E87F1F7EA4EB141936169 332 ----a-w- C:\Windows\Tasks\HPCeeScheduleForDavid.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2015-06-10 14:57:48 -------- d-----w- C:\PROGRA~2\GameforgeLive

2015-06-01 17:22:35 -------- d-----w- C:\PROGRA~2\Garmin

======= C: =====

2015-06-12 17:28:02 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\asc_rdflag

====== C:\Users\David\AppData\Roaming ======

2015-06-18 13:33:35 -------- d-----w- C:\Users\David\AppData\Roaming\ProductData

2015-06-16 13:49:49 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2015-06-16 13:49:49 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2015-06-16 13:49:49 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2015-06-16 13:49:48 -------- d-----w- C:\Users\David\AppData\Local\Temp

2015-06-13 18:07:18 -------- d-----w- C:\Users\David\AppData\Local\CycloAgent

2015-06-10 14:58:06 -------- d-----w- C:\Users\David\AppData\Local\Gameforge4d

2015-06-02 19:02:09 -------- d-----w- C:\Users\David\AppData\Local\GWX

2015-06-01 17:23:55 -------- d-----w- C:\Users\David\AppData\Local\Garmin_Ltd._or_its_subsid

2015-06-01 17:23:53 -------- d-----w- C:\Users\David\AppData\Roaming\Garmin

2015-06-01 17:22:58 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Garmin_Ltd._or_its_subsid

2015-06-01 11:04:29 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps

====== C:\Users\David ======

2015-06-18 13:33:35 -------- d-----w- C:\ProgramData\ProductData

2015-06-18 13:04:51 F0EE0FE6CC055FCEBE2B417D6ACAEF57 5239920 ----a-w- C:\Users\David\Downloads\ParetoLogic PC Health Advisor_nl.exe

2015-06-15 12:45:15 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\David\Downloads\chromeinstall-8u45.exe

2015-06-13 11:58:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\David\Downloads\RSITx64.exe

2015-06-10 14:57:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live

2015-06-01 17:22:58 -------- d-----w- C:\ProgramData\Garmin

2015-06-01 17:22:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

====== C: exe-files ==

2015-06-18 13:04:51 F0EE0FE6CC055FCEBE2B417D6ACAEF57 5239920 ----a-w- C:\Users\David\Downloads\ParetoLogic PC Health Advisor_nl.exe

2015-06-18 12:34:57 7F5AB14271F9813AAB9D431F1C836C12 126264 ----a-w- C:\Users\David\AppData\Local\Temp\TUUUninstallHelper.exe

2015-06-16 14:13:27 56597D4709034A024A6645B49358E10B 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$IYYSFYD.exe

2015-06-16 14:13:09 E9E7E64C58FAF86AE04CF669E876534A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$IHC8OB5.exe

2015-06-16 14:13:09 BFC3054057E1B8861EB91C9632DE42AE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$IH1BT6T.exe

2015-06-16 14:13:09 9A7B6CAB127C70DCBA0D41C460858B98 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$I0HT5UX.exe

2015-06-16 14:13:09 85F7B42F170C71BF67145DE2963E3BED 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$I96A66O.exe

2015-06-16 14:13:09 4BEA70B7A1FBB1972B4CBD588BBEED31 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$IKU1O0J.exe

2015-06-16 14:13:09 2CBCD44EDEC03AEB3932A8328D04AE54 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$I6TNGX1.exe

2015-06-15 12:53:27 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$R0HT5UX.exe

2015-06-15 12:53:09 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$R96A66O.exe

2015-06-15 12:52:52 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$RKU1O0J.exe

2015-06-15 12:52:36 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$RH1BT6T.exe

2015-06-15 12:52:30 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$R6TNGX1.exe

2015-06-15 12:52:27 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$RHC8OB5.exe

2015-06-15 12:46:32 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe

2015-06-15 12:46:32 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe

2015-06-15 12:46:32 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe

2015-06-15 12:46:32 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe

2015-06-15 12:46:32 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe

2015-06-15 12:46:32 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe

2015-06-15 12:46:32 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe

2015-06-15 12:46:32 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe

2015-06-15 12:46:32 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe

2015-06-15 12:46:32 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe

2015-06-15 12:46:32 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe

2015-06-15 12:46:32 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe

2015-06-15 12:46:32 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe

2015-06-15 12:46:32 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe

2015-06-15 12:46:32 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe

2015-06-15 12:46:32 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe

2015-06-15 12:46:32 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe

2015-06-15 12:46:32 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe

2015-06-15 12:46:32 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe

2015-06-15 12:46:32 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe

2015-06-15 12:46:32 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe

2015-06-15 12:45:15 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\David\Downloads\chromeinstall-8u45.exe

2015-06-13 18:06:05 4DD98CF2C593C29DEED54834818ED160 70167842 ----a-w- C:\Program Files (x86)\CycloAgent\temp\mio_setup_1.0.132.1.exe

2015-06-13 17:54:06 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Install\{0CD806F6-8695-45CA-89CF-878B0B60C12D}\43.0.2357.124_chrome_installer.exe

2015-06-13 17:54:05 E9E39FDA16E98FFB4722A24D572E0250 42089552 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_chrome_installer.exe

2015-06-13 11:58:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\David\Downloads\RSITx64.exe

2015-06-12 17:40:51 D171A87BC9906EFB81FEBCB929FFF806 95017400 ----a-w- C:\Users\David\Documents\Downloads\TTS41302_0.exe

2015-06-12 17:40:49 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\Users\David\Documents\Downloads\Silverlight_x64.exe

2015-06-12 17:40:48 74E3ACC64B1AD1E52BE9A5760B9610BA 41182032 ----a-w- C:\Users\David\Documents\Downloads\GarminExpressInstaller.exe

2015-06-12 17:40:47 664C1BC487D25D153235E0061208DE1B 48076576 ----a-w- C:\Users\David\Documents\Downloads\advanced-systemcare-setup.exe

2015-06-12 17:37:29 28CA7D1BB9FBFCA2B529D885E61491D8 933664 ----a-w- C:\Users\David\AppData\Roaming\IObit\IObit Uninstaller\PPUninstallertemp.exe

2015-06-12 17:11:15 9E2A2028228645DD57EF45A02CAC0CCE 5569984 ----a-w- C:\Windows\System32\ntoskrnl.exe

2015-06-12 17:11:15 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe

2015-06-12 17:11:10 6703266C1E56157B5965F9AC868A20AC 404992 ----a-w- C:\Windows\System32\tracerpt.exe

2015-06-12 17:11:10 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe

2015-06-12 17:11:10 48C30C54194142910FB6B86D308220ED 338432 ----a-w- C:\Windows\System32\conhost.exe

2015-06-12 17:11:10 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\Windows\SysWOW64\tracerpt.exe

2015-06-12 17:11:10 16154A6682B1552DEAB953BFA4B8E955 296960 ----a-w- C:\Windows\System32\rstrui.exe

2015-06-12 17:11:08 9BBEA639884C0338DD78654277BD188A 112640 ----a-w- C:\Windows\System32\smss.exe

2015-06-12 17:11:08 6C06D2B1CF88AB83F1CFB24928F63107 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe

2015-06-12 17:11:08 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\Windows\SysWOW64\logman.exe

2015-06-12 17:11:08 210E7D1EA34369194BE09493784E27BE 104448 ----a-w- C:\Windows\System32\logman.exe

2015-06-12 17:11:08 17A6A9AAD04CCC6EE53290585BFC43AF 31232 ----a-w- C:\Windows\System32\lsass.exe

2015-06-12 17:11:07 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\Windows\SysWOW64\diskperf.exe

2015-06-12 17:11:07 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe

2015-06-12 17:11:07 E20BF3FA89DE67B00ED713B5254C0BF0 47104 ----a-w- C:\Windows\System32\typeperf.exe

2015-06-12 17:11:07 858F04B3C39239972959E9EE97CACAE4 43008 ----a-w- C:\Windows\System32\relog.exe

2015-06-12 17:11:07 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\Windows\SysWOW64\typeperf.exe

2015-06-12 17:11:07 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\Windows\SysWOW64\relog.exe

2015-06-12 17:11:07 1B93381366141875D8EE7EC1085236B9 19456 ----a-w- C:\Windows\System32\diskperf.exe

2015-06-12 17:11:07 03BA5D20751137F3A705B389C52DB8D6 64000 ----a-w- C:\Windows\System32\auditpol.exe

2015-06-12 17:11:03 EEA17E843EE2EE50D623BEACF50BD815 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe

2015-06-12 17:11:03 EC6E5AE2ECFE7A335B370865A1158EF8 2048 ----a-w- C:\Windows\SysWOW64\user.exe

2015-06-12 16:50:41 74D7DFE507EA48737061EA8E990157E8 2212944 ----a-w- C:\Program Files (x86)\Google\Update\Install\{1CE6E837-D028-4816-BFFC-F04383FB2D50}\43.0.2357.124_43.0.2357.81_chrome_updater.exe

2015-06-12 16:50:41 74D7DFE507EA48737061EA8E990157E8 2212944 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_43.0.2357.81_chrome_updater.exe

2015-06-12 16:44:29 FF9877ABCA06D539264275321C97BB07 814288 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2015-06-12 16:44:29 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2015-06-12 16:44:29 9F45DA24EBAE4180F70D03503580E8CA 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2015-06-12 16:44:29 8D4E75DEAA0FFBEFB5F366A4770D9644 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe

2015-06-12 16:44:29 73509D13542A90E260F45D1D6D4100A8 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe

2015-06-12 16:44:29 70D24021ED327CE7FFA9DEE327BB4C6B 720384 ----a-w- C:\Windows\System32\ie4uinit.exe

2015-06-12 16:44:29 57DFACB53ED16190EF732E2430B39741 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2015-06-12 16:44:29 52956B4DD1899CB09BB50FB939F6E99D 490496 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2015-06-12 16:44:29 2B3CF8F7903266E2AA5C9D9850FAA8F6 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe

2015-06-12 16:44:29 29874C10D7D0088CD8743EC8F5DABBE4 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2015-06-12 16:44:29 0EDA3219FA027A486AA11269355AB279 144384 ----a-w- C:\Windows\System32\ieUnatt.exe

2015-06-12 16:41:37 E39D7E7FCC5D4B77B8CBA52FEF8753DE 102912 ----a-w- C:\Program Files\Windows Media Player\wmpshare.exe

2015-06-12 16:41:37 8D3316795ACCC0EC0DD6A844E046DA68 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2015-06-12 16:41:37 6F139F39295000E6301C0D08F7493CC6 101888 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpconfig.exe

2015-06-12 16:41:37 5F7B628B5F10531E8DE3E711ED73AAD7 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2015-06-12 16:41:37 44854DDB738BF2C507FC2162245361D6 102400 ----a-w- C:\Program Files\Windows Media Player\wmpconfig.exe

2015-06-12 16:41:37 3505E5A7664FD84AC8AE51FE3B545AE1 102400 ----a-w- C:\Program Files (x86)\Windows Media Player\wmpshare.exe

2015-06-12 16:39:01 E89F94AED85BF3611F61608C26B64177 135168 ----a-w- C:\Windows\System32\wuauclt.exe

2015-06-12 16:39:01 B4667963F9711C644F5E43D9A46D8680 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe

2015-06-12 16:39:01 19165E301A50829D28C27A832AD16FB0 36864 ----a-w- C:\Windows\System32\wuapp.exe

2015-06-12 14:18:37 054DD4C30B92E21AA06487112BE34B93 13095136 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-244821173-3068459867-560851451-1000\$RYYSFYD.exe

=== C: other files ==

2015-06-15 12:46:32 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip

2015-06-13 17:59:05 C27D6272D8716360A24BE1FE4B09EAE9 53755757 ----a-w- C:\Program Files (x86)\CycloAgent\temp\mio_setup_1.0.132.1.zip

2015-06-12 17:11:10 272C27711C8AA6E7815EE33F8ACA9C66 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2015-06-12 17:11:09 BF69D973523D539A35807946C6DA7E16 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2015-06-12 16:41:59 1EE2DBA5AD2E5EB618C7FB187C2CFDF4 3206144 ----a-w- C:\Windows\System32\win32k.sys

2015-06-12 16:37:25 36E0DDD19038C92B7C7709BFA03F813F 69888 ----a-w- C:\Windows\System32\drivers\stream.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-244821173-3068459867-560851451-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Facebook Update"="C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Polar FlowSync"="C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe"

"Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Facebook Update"="C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"Polar FlowSync"="C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe"

"Advanced SystemCare 8"="C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe /Auto"

"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"Adobe Reader Speed Launcher"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Folders ======================

2013-07-20 13:42:34 1235 ----a-w- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

2011-05-18 09:27:37 2029 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000Core.job --a------ C:@C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000UA.job --a------ C:@C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/07/2013 19:05]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/07/2013 19:05]

C:\Windows\tasks\HPCeeScheduleForDavid.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\ASC8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe]

"C:\Windows\SysNative\tasks\ASC8_SkipUac_David" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000Core" [C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-244821173-3068459867-560851451-1000UA" [C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForDavid" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_David" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]

"C:\Windows\SysNative\tasks\{5D9A4FC7-5D07-47C1-ABC6-A925C461B5B3}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{5DFE2574-4F57-40F0-882C-742CE9B3A706}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{7B0FEDE2-B25D-4EA2-814C-09A75A383359}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{960A14E6-D2B9-414D-98D6-2E961A70DE5B}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\{FC6A3016-9CF0-49C8-9034-598422B18E97}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask" [C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [16/11/2014 15:17]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

nhfpefkeidlhbjljfdojcnngjbddgein - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[17/11/2010 07:36]

Google Slides - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek

Google Docs - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

Embed WMPlayer inline - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bamkbfdmckphehgiafpenehgebjgdlli

Hootsuite Hootlet - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn

YouTube - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Calendar - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn

Google Sheets - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap

Google Maps - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh

Website Logon - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein

Facebook Notifications - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmameahlembdcigphohgiodcgjomcgeo

Google Wallet - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences

om:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":559635},"supports_spdy":true},"tpc.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":81270}},"translate.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"translate.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":72893},"supports_spdy":true},"video-ams2-1.xx.fbcdn.net:443":{"supports_spdy":true},"video-fra3-1.xx.fbcdn.net:443":{"supports_spdy":true},"www.bt.emsecure.net:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"supports_spdy":true},"www.google-analytics.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.be:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":95844},"supports_spdy":true},"www.google.be:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":124649},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":114046},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":94362}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":48813},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":474060}},"www.gstatic.com:443":{"supports_spdy":true},"www.youtube-nocookie.com:443":{"supports_spdy":true},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube.com:443":{"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true}},"supports_quic":{"address":"10.0.31.102","used_quic":true},"version":3}},"ntp":{"app_page_names":["Apps"]},"password_bubble":{"nopes":0},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"fullscreen":1}},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"david","per_host_zoom_levels":{}},"protection":{"macs":{}},"selectfile":{"last_directory":"C:\\Users\\David\\Downloads"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13078608218934858"},"translate_accepted_count":{"en":1},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":0},"translate_last_denied_time":1434196906108.058,"translate_too_often_denied":true,"translate_whitelists":{}}

er spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"janssendavid1@gmail.com"}},"homepage":"","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"A606D58D858E7BB4898601019BA0718729BBCABC21C62B8193295A0E0E81065D"},"default_search_provider":{"keyword":"316DAE58C278D8EF4CF9643DC75E50BEBEDA518F90A74AF4E5DE4B0381C4D6A4","name":"3EAEC1642313258E7B5112EDA75E56C898AC1FF7374189AB08D9AF0AAC008EFF","search_url":"5BB14F6FD8D692C67730B0D60B3AEE3A3EA4BD88D67697A8D41FECF5715160AD"},"default_search_provider_data":{"template_url_data":"3D2F14CB2EE74B250321967817C1017CBF5E2EAA86F56414884159C82EBBF3A4"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"CC1AE5EC7CD57F098FC54E9DFF88C0ECA14B3381BA9C6527209E60A3F63D0095","ahfgeienlihckogmohjhadlkjgocpleb":"52D3E7A538EDCF8C7D69B7423A85AC9378F6A0A84E2D270743BE917021CE277F","aohghmighlieiainnegkcijnfilokake":"B0280F247E451F6282201C654C527F2B2F334F1EB00740CFAC5E1F431C31515A","apdfllckaahabafndbhieahigkjlhalf":"01C8833AA1459FEA6893B4832EC87A913E3D7441B17F5A49F4EDF3C4569BB0EB","bamkbfdmckphehgiafpenehgebjgdlli":"98ED2F2F839E7424EF45927BD7408FCB383CC5E03D831F8C3BC706A0DC5CA701","bepbmhgboaologfdajaanbcjmnhjmhfn":"67764E9257E4155645FCF7F14CA1AF2E3390CF76E9ACA7C9274C30AE6BE953ED","bjgfdlplhmndoonmofmflcbiohgbkifn":"4A7F3B1A0BBEE13C550593BEEBC4CA16D2246F408B94CCA01867E557C13F8168","blpcfgokakmgnkcojhhkbfbldkacnbeo":"7156E2F23D1E8C531B1B83572E60570DEDABE85D05991C4BE89DDB61B6CFAF97","coobgpohoikkiipiblmjeljniedjpjpf":"32A8262B3BEBDB196AFEA194EA936E57EC49E9B7F90EABE710CA068585A1E001","ebjecbnjnlpimkjjbejpkpnnaikidkfn":"F0029EF04796798FC29428B1C80409601C3C2D962FD4AF730D1AA767A00009D9","eemcgdkfndhakfknompkggombfjjjeno":"5CDE183D4BC3A45EC272F3B6B2C85A7CB42A6B8B435EB6A755665AA0CFC0AD0C","ejjicmeblgpmajnghnpcppodonldlgfn":"10381AFD14442675F847348BFD00039065C8AC58A64396344BD99F7A2499F284","ennkphjdgehloodpbhlhldgbnhmacadg":"8B099CDF75AC959C757958D613041A94EE203ADFA6A8441FC0D86BFB66BC130B","felcaaldnbdncclmgdcncolpebgiejap":"4D4AB2233C173E360F74452EFA19E9EEA538D7A48C6E62F9D6A5D7D6A1212DB3","gfdkimpbcpahaombhbimeihdjnejgicl":"5808DA2E0D1DFDCC03F3367ED633F72ED5B01CF39E41692653F6A55FD3B6D6C1","kmendfapggjehodndflmmgagdbamhnfd":"D5F2C559094B49433F8DF18440D3103E50F6F6A4C97DC212B53733FBDEDD5D55","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"529A658733419684E507A597D0B1921B1CB7393124B7E25936978275BA1D8F07","lneaknkopdijkpnocmklfnjbeapigfbh":"0CD6EFF866144D18E8D20D2C121E53FEF1BB2091B85B8207960FCBA10CBD4EC6","mfehgcgbbipciphmccgaenjidiccnmng":"D8D3F6B747DD8E18D8CA74A0FE507BF7E8231D8C400E8F02ED9A29D84DA603F9","mfffpogegjflfpflabcdkioaeobkgjik":"573A41AFF99085E095A31210D05E51ABCC03A0D232539D0975CD450AFA6F12B2","mgndgikekgjfcpckkfioiadnlibdjbkf":"C06C2DBE01C2D80834BC4477C81F8BC44D8262531309BE83A2F88772A008D1BD","mhjfbmdgcfjbbpaeojofohoefgiehjai":"B23125DDCE3D1F57DEA9FA4B1A248971F30100B70F1A53F70A13FE4A62BBE89E","neajdppkdcdipfabeoofebfddakdcjhd":"0948EFC76C6AEB83155EE76CCF56EE8D8EB66292DAD12CDC729C42AB41C818A4","nhfpefkeidlhbjljfdojcnngjbddgein":"A95C49E7874B02D0647ABAEAA1E2CCC1A7DA95279D870A33AD98C38F364C1D0C","nkeimhogjdpnpccoofpliimaahmaaome":"1E1EB27C33A4632676354C14629B6919529A6F035E8CC4FA822D77156E7169FB","nmameahlembdcigphohgiodcgjomcgeo":"6C8518A02BBEEC9CB9957F4083EE3338E169495B5340EE9F13D29907CA356387","nmmhkkegccagdldgiimedpiccmgmieda":"FBF02775B0DAABCB37BED19CEE30BF320CF49CF673299995FB9382FDA9EB5C7D","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"6EE7E65B8C1FA93A68EDB6AB3C967DB83750B37650BE58EA8875C97F113905AF","pjkljhegncpnkpknbcohdijeoejaedia":"DFBE4218953E572DD7BB58E97DE4315721820077CF1D9CFBADE6EC105AC40B70"}},"google":{"services":{"last_username":"12A0F75C19ED74C98C7A928E8D9A664EB44631D79011BCA707C31FB302CCC9C5","username":"61D54C862D2FF4C4E3EC7F3F357443EF63E4713E173C5DEF539EF4EF2B2EE56A"}},"homepage":"53F2B96F4CF9CCC97884D856DA0764AA37D62B60FA25B082DC1A07555BDBE3AB","homepage_is_newtabpage":"082D4575546FA599A86033E016E55E3B73CCF3C322E3AC0D412AEEE51183B691","pinned_tabs":"1D2CAB0C1B284689D240908EF40518AFAC10925A624FC1B673008D77046EFADC","prefs":{"preference_reset_time":"AC1BA9DF63BCC24D012602C21578615260515329AFDB86254C238BD2BFCBEFA0"},"profile":{"reset_prompt_memento":"8E2EA3616FC57D5F8AF601E3FE3CCB909DEF5136ED9BBBCFED27DEEB8C7EF87A"},"safebrowsing":{"incidents_sent":"7975353FB54E3F1807D16547F6416B00BE21E69543126A2E330BD00499E76FFA"},"search_provider_overrides":"E74DDFB0F82F9B9D37E92065D145945ECE02BB2FE3A3DB6B6D9896AF467C8E6A","session":{"restore_on_startup":"FFFCFB678E420D14C20D472FD47A516460D61873B2B89DF6CD86C07F45EFB234","startup_urls":"0A15A7EC81A60EE56EA65999A5BE122E9E363D82E4493FBB2EC8A0A520BD62BB"},"software_reporter":{"prompt_reason":"97014564BEF7D7804D21866FB9CAD8E29CE8DFE5FAD8489CADC4E4E4CE543DB4","prompt_seed":"1E46C399372C390B2EBD1157694FEBEDAC6C600A2BB9D0317241514E4D90D2A9","prompt_version":"4FC9807B2DEF3432993DAD46D463C873696AB5E91A2DCD90B74F67CB776430E9"},"sync":{"remaining_rollback_tries":"60CAD7DE37EA33CD93B6D0D786AC117F751EE75B3B79BFD6C63A5FF678B4E9D4"}},"super_mac":"E6064223A0AE37606AB607BAEF696BE3124FA71B455E6791E346FDDABFA7B8B1"},"session":{"restore_on_startup":5,"startup_urls":["https://www.google.be/"]},"sync":{"remaining_rollback_tries":0}}

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences.bad was reset successfully

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data.ReadOnly was reset successfully

==== HijackThis Entries ======================

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll

O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\David\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [Polar FlowSync] C:\Program Files (x86)\Polar\Polar FlowSync\flowsync.exe

O4 - HKCU\..\Run: [Mio Share] C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mio\Mio Share.appref-ms

O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: Snapfish PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O10 - Unknown file in Winsock LSP: c:\program files (x86)\national instruments\shared\mdns responder\nimdnsnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: TrueSuiteService (FPLService) - HP - C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\SysWOW64\lkcitdl.exe

O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\SysWOW64\lkads.exe

O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\SysWOW64\lktsrv.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe

O23 - Service: NI LXI Discovery Service (niLXIDiscovery) - National Instruments Corporation - C:\Program Files (x86)\IVI Foundation\VISA\WinNT\NIvisa\niLxiDiscovery.exe

O23 - Service: NI mDNS Responder Service (nimDNSResponder) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe

O23 - Service: NI Service Locator (NiSvcLoc) - National Instruments Corporation - C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1848 folders=652 124459995 bytes)

==== Empty Temp Folders ======================

C:\Users\David\AppData\Local\Temp will be emptied at reboot

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\David\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 18/06/2015 at 18:54:58,94 ======================

Geplaatst:

Dit ziet er prima uit ... dan mag je nu het volgende doen:

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Als de link naar AdwCleaner niet werkt, probeer dan deze link.

De download start automatisch na enkele seconden.

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK
Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.