Zoek.exe v5.0.0.0 Updated 05-September-2014 Tool run by Bea on vr 05-09-2014 at 19:57:34,29. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Bea\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 5-9-2014 20:02:24 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\P4G deleted successfully C:\Users\Bea\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Anne\AppData\Local\VirtualStore deleted successfully C:\Users\Bea\AppData\Local\calibre-cache deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Windows\SysWOW64\NLSSRV32.EXE C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Users\Bea\AppData\Local\Mixesoft\AppNHost\appnhost.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Users\Bea\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Windows\AutoKMS deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Windows\tasks\AutoKMS.job" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4096 MB CPU Info: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz CPU Speed: 1791,6 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: NVIDIA GeForce GT 220M | NVIDIA GeForce GT 220M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Realtek RTL8168B/8111B Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) | Atheros AR9285 Wireless Network Adapter CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT10N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 151,0GB | D: 147,1GB Hard Disks - Free: C: 108,2GB | D: 147,0GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 06/23/10 | _ASUS_ - 20100623 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer Inc. K70IC Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: COMODO Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: COMODO Antivirus disabled (Outdated) Firewall: COMODO Firewall disabled Default Browser: Google Chrome 37.0.2062.103 Internet Explorer Version: 11.0.9600.17239 Mozilla Firefox version: 27.0.1 (x86 nl) Google Chrome version: 37.0.2062.103 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Bea\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-08-31 09:21:30 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll 2014-08-31 09:21:28 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll 2014-08-31 09:21:26 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll 2014-08-31 09:20:19 3F299D8D47CAFB55E458D72EE84D14C2 1291280 ----a-w- C:\Windows\SysWOW64\nvspbridge.dll 2014-08-31 09:20:18 6BBE4C08EB40319FD17DDFDFF8DEB9E5 1126480 ----a-w- C:\Windows\SysWOW64\nvspcap.dll 2014-08-31 09:17:39 11996C1FD2D437347654E660DE9144A7 609240 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-08-31 09:10:40 74673E3D9BF4A1614C82D8B7D3C0113F 34760 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll 2014-08-31 09:10:39 4D6F7551FB12933266F6E1BBEA4E453A 11283344 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2014-08-31 09:10:37 9612B7E76DEFD8CB389298F36888B813 869152 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2014-08-31 09:10:37 772574C6F76CE4B05B218AB7D79013F6 907096 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2014-08-31 09:10:37 3FF8A77AA2A15EED5407DD743A1421B4 24196896 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2014-08-31 09:10:36 81824D6C7CE97C546F782004D165A3D5 3989960 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2014-08-31 09:10:36 3E138A354D89E1A93B3BE628AE8A59E4 11222048 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2014-08-31 09:10:36 3D2E7265AD67051462086E48D4AAE65A 14498552 ----a-w- C:\Windows\SysWOW64\nvd3dum.dll 2014-08-31 09:10:31 B76EDB073E28A340485F5C2808A0CE8D 2814656 ----a-w- C:\Windows\SysWOW64\nvapi.dll 2014-08-31 09:10:31 6115718AF9E1C6CF5F15F9B9E3B6C927 15294296 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2014-08-29 13:36:21 AF6655214DEBB2C8446DE843A02AAEBA 99480 ----a-w- C:\Windows\SysWOW64\infocardapi.dll 2014-08-29 13:36:21 8D466B36076BCD7997838C0DDB69764C 619672 ----a-w- C:\Windows\SysWOW64\icardagt.exe 2014-08-29 13:35:58 370FC4421ADE62FC89AC93B345570388 8856 ----a-w- C:\Windows\SysWOW64\icardres.dll 2014-08-29 13:33:36 28A8B99DE70F376B18709E6B07D6A352 35480 ----a-w- C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-29 13:06:37 C212A43AA83A717AD38505F23ACDCB33 2363392 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-08-29 13:06:36 9DA1CCDBBF8136AC2383C2624CA8CD14 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll 2014-08-29 13:06:36 43CD23B65CBF04D6F8ACA984B0EF93FE 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll 2014-08-29 13:06:23 4D59F470985D08139E42D15842816C47 3969984 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2014-08-29 13:06:22 31FA2485DFC773F1E718A4D19F443FA9 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2014-08-29 13:06:18 995B39A08421C7725D1DF8DACEBBFC89 538112 ----a-w- C:\Windows\SysWOW64\objsel.dll 2014-08-29 13:06:16 461B713DE7F353C6447B744F1A049930 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2014-08-29 13:06:12 62C0798CC68EBF42F29C92E6CD6DC3D6 36864 ----a-w- C:\Windows\SysWOW64\dimsroam.dll 2014-08-29 13:06:11 FBC78B5D12A4F5A62D9C91E0E0E46D46 49664 ----a-w- C:\Windows\SysWOW64\adprovider.dll 2014-08-29 13:06:11 38A30B8E4216BE24D30F766EF3BAC2C7 48128 ----a-w- C:\Windows\SysWOW64\capiprovider.dll 2014-08-29 13:06:11 335FA669FC952BC4888CEDBDB42607E2 51200 ----a-w- C:\Windows\SysWOW64\cngprovider.dll 2014-08-29 13:06:10 834A859BB331B0B2CCAE25BB1986F80D 47616 ----a-w- C:\Windows\SysWOW64\dpapiprovider.dll 2014-08-29 13:06:09 5E11C55CC4D9330E55CCB22B1F20BB33 35328 ----a-w- C:\Windows\SysWOW64\wincredprovider.dll 2014-08-29 13:05:27 492FF9C530EC0352B3C904CE9898269D 509440 ----a-w- C:\Windows\SysWOW64\qedit.dll 2014-08-29 13:05:25 4F8CCD3E7D9F17A7C60FA0AE2466CACF 381440 ----a-w- C:\Windows\SysWOW64\wer.dll 2014-08-29 13:04:28 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2014-08-29 13:04:27 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-08-29 13:04:26 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2014-08-29 13:04:26 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-08-29 13:04:20 C6A991D7DF17EBD8DE4739CD1F283133 646144 ----a-w- C:\Windows\SysWOW64\osk.exe 2014-08-29 13:04:05 D08819FEE0CDB8A8A58E2B34D05E7A11 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2014-08-29 13:04:00 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll 2014-08-29 12:58:52 1A0BE0092646F564FAF204E678AF8E03 550912 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2014-08-29 12:58:51 8BA721F76C97A219599E88722AA48875 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2014-08-29 12:58:50 C71CC796F0E2E9BD542C87532706FCFE 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2014-08-29 12:58:49 6CB2616152ADCDF39F05B08E4858F476 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2014-08-29 12:58:47 F95E1E9D97D25C11F29CA34C843A6F4D 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2014-08-29 12:58:46 C61DDFE40204F3BE3DF111981D91560E 220160 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2014-08-29 12:58:44 E3ECF5FFE3DEDF61DC6877B6A99ACBBF 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2014-08-29 12:56:30 386BF6FD9FC562B1A5558C49E1C3A6FB 12874240 ----a-w- C:\Windows\SysWOW64\shell32.dll 2014-08-29 12:55:45 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2014-08-29 12:55:44 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2014-08-29 12:55:43 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2014-08-29 12:55:36 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2014-08-29 12:55:35 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2014-08-29 12:55:35 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2014-08-29 12:55:15 D8BED6BA298DBAAF6F3D746739FCD333 664064 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2014-08-29 12:55:08 41A3A54603686FD437FA4E8EB95025F9 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-29 12:55:07 444EB30B1610A35FC99D62A91B2BCAA7 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-08-29 12:55:07 24FA5F74D3B4BA62539DF87285BA934E 597504 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-08-29 12:55:06 6D017C0E499443ACDE3D9B5DCD753F32 1169920 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-08-29 12:55:06 478824EC0BCE9968C0DC787164B1753B 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-08-29 12:55:05 FEE3E022B00A5165ED645E38C1E6C776 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-29 12:55:04 E9B28B60C0272E2E1E462E6FB38E6B55 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-08-29 12:55:04 1A05CFA45B6AEBFCCC835DCF68CBD1D0 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-08-29 12:55:03 8453DDF167CE2986AA4AB04BC6824925 17524224 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-08-29 12:55:01 7B051C4A70F23A84A09366999FE63CBD 307384 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-08-29 12:55:01 4D0E91438CE181AF94C653B3BBE3C65A 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-08-29 12:55:00 E70C00791A18866BB23B3A652E3390A0 2001920 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-08-29 12:54:59 FF4A917DD7C387BD2715A5F67307FED1 2184704 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-08-29 12:54:59 36B67392AFB8901CC442EA988AD4603D 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-08-29 12:54:57 F48A1A114382AB4EF8000E1943E6CF1F 438784 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-08-29 12:54:57 239575F9EA0D227516843EEE8B7342CA 239616 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-08-29 12:54:56 E8D46F442AB53A52BDBB3EA0C51BDABD 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-08-29 12:54:56 90FF511B751A0327D07C4073760F1578 11772928 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-08-29 12:54:54 49FFD37673BD20279A8BF27CC20040B3 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-29 12:54:53 87C2B5010779DF6BE4732751C5DB5D64 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-08-29 12:54:53 7C1BFC2ABE297BCA1A7BA77A8292C088 4204032 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-08-29 12:54:52 9D16B568E318F49535AD72539C9997C2 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-08-29 12:54:52 18A3154606E3F8945956948A4E708007 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-08-29 12:54:51 B945BAA81B4805AD6BDDF4D026DCFB47 1792512 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-08-29 12:54:50 B91AA3BC8083E66925FAE29FDA485CEA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-08-29 12:54:50 272420427EB96EA052C719AA796C09F2 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-29 12:53:40 A0E053D8D97ED0F913D56E6AF21DD26F 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2014-08-29 12:53:40 230AAF45031E87638CA4053C0399C1E6 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2014-08-29 12:53:31 A054EA8FBE16D4D34F06D81A4F0088E2 1230336 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2014-08-29 12:53:29 980305AC3AF53C1964A11190451ABB32 311808 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2014-08-29 12:35:53 867148EBF47E7E7E7B21C07B4A981929 581600 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2014-08-29 12:35:53 372218B80DEF827063049EBEE76B7501 92672 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2014-08-29 12:35:53 255F0417EC31C71585824269522EC8E9 36320 ----a-w- C:\Windows\SysWOW64\wups.dll 2014-08-29 12:35:30 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2014-08-29 12:35:30 5AA2CAD923E9E647276A61387E83DDD0 179656 ----a-w- C:\Windows\SysWOW64\wuwebv.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-08-31 09:21:30 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll 2014-08-31 09:21:28 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll 2014-08-31 09:21:26 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll 2014-08-31 09:20:19 D1F381088C35FC46AD01CE60A4B739BC 1715224 ----a-w- C:\Windows\Sysnative\nvspbridge64.dll 2014-08-31 09:20:19 030CECF9B3C0414DC524BF4E02E13BC1 1283136 ----a-w- C:\Windows\Sysnative\nvspcap64.dll 2014-08-31 09:16:17 B55FA6AD6C4A74AFC85433490E97C0DE 3826628 ----a-w- C:\Windows\Sysnative\nvcoproc.bin 2014-08-31 09:10:40 9156467C3BEF1820A8ADF6A02D755927 37320 ----a-w- C:\Windows\Sysnative\nvaudcap64v.dll 2014-08-31 09:10:39 F604AE1332421138D469435379C941F0 13922752 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2014-08-31 09:10:39 DF2393DCDA345251F6CC0F59D5AE6DBF 31520 ----a-w- C:\Windows\Sysnative\nvhdap64.dll 2014-08-31 09:10:39 1675579489A3CC59B0A2ED3C1514E883 74016 ----a-w- C:\Windows\Sysnative\nvapo64v.dll 2014-08-31 09:10:38 8E8C648748CEE5DEE4EB67B72873C8CE 31512520 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2014-08-31 09:10:37 D3FD99DBAD44F786331A21C7DB4FC6A7 26353 ----a-w- C:\Windows\Sysnative\nvinfo.pb 2014-08-31 09:10:37 A5FA73A696788810DBA88E4100BD9E66 903624 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2014-08-31 09:10:37 6670FCA907690044166597B2A4AFAD3D 1539928 ----a-w- C:\Windows\Sysnative\nvdispgenco6434052.dll 2014-08-31 09:10:37 5D0CB01028819025524E463781CD5791 944928 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2014-08-31 09:10:37 3166E2388D12BD4050F757644D608F34 1890080 ----a-w- C:\Windows\Sysnative\nvdispco6434052.dll 2014-08-31 09:10:36 F015F1DDBDC95B334355CADC2D1F4E46 4247000 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2014-08-31 09:10:36 DDDE661AD6D0D2E16FF87CE267469C07 13835208 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2014-08-31 09:10:31 EF6A1FA396C854B4F6B9A22C0C988DCF 22994208 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2014-08-29 13:36:21 9C44FB5B3A8A192FCE1103AC9BA4E576 171160 ----a-w- C:\Windows\Sysnative\infocardapi.dll 2014-08-29 13:36:21 8A08BB0D12BE40DC09632CD5D04A48A0 1389208 ----a-w- C:\Windows\Sysnative\icardagt.exe 2014-08-29 13:35:58 EE415EC9288182BCFB6E6896A376EA53 8856 ----a-w- C:\Windows\Sysnative\icardres.dll 2014-08-29 13:33:36 E4312738B500577BABC232A49F67A67D 35480 ----a-w- C:\Windows\Sysnative\TsWpfWrp.exe 2014-08-29 13:07:56 04F82965C09CBDF646B487E145060301 228864 ----a-w- C:\Windows\Sysnative\wwansvc.dll 2014-08-29 13:06:38 3B39F9D51E4D8BAABDA6518955B58C13 3241984 ----a-w- C:\Windows\Sysnative\msi.dll 2014-08-29 13:06:37 5DFFC12BF7DB53BDB401804A3C3A475E 1941504 ----a-w- C:\Windows\Sysnative\authui.dll 2014-08-29 13:06:36 B0F8CCA08DBC392442E27377B98DD0CD 112064 ----a-w- C:\Windows\Sysnative\consent.exe 2014-08-29 13:06:36 A6D0DC3B30F6BB1421DAA92537424822 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll 2014-08-29 13:06:21 89EF1CE0CE43AB8F55247D746739A321 722944 ----a-w- C:\Windows\Sysnative\objsel.dll 2014-08-29 13:06:20 6B47CF5C27865DDF6680E4D834FBE34F 5550016 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2014-08-29 13:06:17 851BB346CD59D9B3BC8854384C7DD5C3 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2014-08-29 13:06:12 CF13522172342AD8196B329C15D68E23 44544 ----a-w- C:\Windows\Sysnative\dimsroam.dll 2014-08-29 13:06:12 9D942180B5B6CE1C882B9CC54EA1F275 57344 ----a-w- C:\Windows\Sysnative\cngprovider.dll 2014-08-29 13:06:12 692E9886B2A475684F7E3294BF66E97D 56832 ----a-w- C:\Windows\Sysnative\adprovider.dll 2014-08-29 13:06:11 BDA8B14AFE99A0C52BFEA64C5AC62171 52736 ----a-w- C:\Windows\Sysnative\dpapiprovider.dll 2014-08-29 13:06:11 4959DE74643CBC4B83E5BC99486A4FC9 53760 ----a-w- C:\Windows\Sysnative\capiprovider.dll 2014-08-29 13:06:09 9A3C6D8593F29A9F66744A3D4E6309B2 39936 ----a-w- C:\Windows\Sysnative\wincredprovider.dll 2014-08-29 13:05:35 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-08-29 13:05:35 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-08-29 13:05:28 D6AFBAA93169E6772565A1BC896D666B 624128 ----a-w- C:\Windows\Sysnative\qedit.dll 2014-08-29 13:05:25 1075AB2C077B415760C0E948856B5126 484864 ----a-w- C:\Windows\Sysnative\wer.dll 2014-08-29 13:04:29 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll 2014-08-29 13:04:28 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-08-29 13:04:26 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2014-08-29 13:04:26 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-08-29 13:04:20 A064A1D9CBD7F6959AAEAEAFF96DB2E9 692736 ----a-w- C:\Windows\Sysnative\osk.exe 2014-08-29 13:04:05 EBFEF789E32279C2ED7C81260B186AD7 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2014-08-29 13:04:01 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2014-08-29 12:58:53 A805B5E68262302D1A60BE3DED5846C9 728064 ----a-w- C:\Windows\Sysnative\kerberos.dll 2014-08-29 12:58:52 7D1017ED11B7C3B162628069742B5E58 314880 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2014-08-29 12:58:51 BFC98590EAB40C785D6134B1FA818A62 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll 2014-08-29 12:58:51 79EE13A5A406E4603874686B8005DA72 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2014-08-29 12:58:49 E8E98B3B7A6E1250F4AA7AF8FA17D5BB 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2014-08-29 12:58:47 E23BA7A7BD97FC6B8AB5EA32A46D05CD 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2014-08-29 12:58:45 C9DD5C0D5AF2D7A54BA32E8FBD3B67F1 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2014-08-29 12:56:31 AE57F6C7AB3ED244B5F14151C4EA0057 14175744 ----a-w- C:\Windows\Sysnative\shell32.dll 2014-08-29 12:55:46 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2014-08-29 12:55:45 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2014-08-29 12:55:44 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2014-08-29 12:55:43 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2014-08-29 12:55:43 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2014-08-29 12:55:16 F947D57534E01E3CA597BCF2AD8AE65B 1216000 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2014-08-29 12:55:05 19FA60D3AE1804A559306DE931A5B415 72704 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-08-29 12:55:05 08C5E6033786C1E41B63FD38CA22917A 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-08-29 12:55:01 6598F2A876E13B6FFA5AE418D41CE7D6 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-08-29 12:55:01 5574B09C4676E8E2EBE125C18BDF9FBF 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-08-29 12:55:01 52D2151908C2A6388B6561A373488F6F 692736 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-08-29 12:55:00 FE7D99399F7761AA2695A7B1AD30DAAF 1431040 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-08-29 12:54:59 13A852B606F3644A7A35EDD99F74A685 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-08-29 12:54:58 FCF5C8BB9AFD8D15B324B702F9B186B7 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-08-29 12:54:57 F00D0AE7648CA45C6434E2885485BE0B 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-08-29 12:54:57 1FD1F16C35946BA28FDEB40F18B7729D 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-08-29 12:54:55 DF485877CCE229776E6B8BB9116B67FE 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-08-29 12:54:55 9C9FE69902CD45A7D9AB1F0C4EDE646C 348856 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-08-29 12:54:54 DB382D89D8004F40BD2C55BAE6A15B30 2774528 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-08-29 12:54:54 39A85C005BCDEEF4092646EBBC2526AA 2087936 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-08-29 12:54:51 FCC86367BB0FB6DEB6614885CBE74FD5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-08-29 12:54:49 1DE8B71A1C7D8943034188556AF50B07 292864 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-08-29 12:54:48 72B7D166D1B0D353330A34FDED3F5AA6 598016 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-08-29 12:54:48 1B26610C1659EF54ED000233FB96F20C 13547008 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-08-29 12:54:47 2639E152D246F2A651F09764807CA153 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-08-29 12:54:47 1F02286D001AB5EA5719540C587224FE 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-08-29 12:54:47 1EEF9FE30DBE458A89B5F7A16FC68397 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-08-29 12:54:46 920F690FC7424DE71888AA2E46E917EA 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-08-29 12:54:46 472C409F9B0FF67C1015F511C73E1889 5824512 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-08-29 12:54:45 BAC44396088ECC1C9021ED3E3345337C 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-08-29 12:54:45 8E71A5CB5312B8392D4DA4CA37BB5868 2266624 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-08-29 12:54:45 6ED6DA2A04F8F0C9BDAD647284BAEFB6 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-08-29 12:54:44 EDF22FBAE75ACB48BF51D099C6808B39 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-08-29 12:54:44 C02C78DE9BB4E68F6C78B1588ADD6ADC 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-08-29 12:54:43 ECA387DCD57F683C52171C766CF400F0 23645696 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-08-29 12:54:43 1C660588CFFB3A17BCF0F6B4779BF985 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-08-29 12:54:18 9D455E3049B7F93483D7165422B7D0AF 529920 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-08-29 12:54:17 349CF386805783D2E6810A767642F1B8 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-08-29 12:53:46 D4CCE15190269486A5E6D4D4E597F798 1460736 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2014-08-29 12:53:41 C072064F95579C0D6D86AF5B3DC53192 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2014-08-29 12:53:41 8098627D0AA1706D69C5AF3F74332ABB 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2014-08-29 12:53:41 204F3F58212B3E422C90BD9691A2DF28 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2014-08-29 12:53:40 39312B37C5FE5138F99680A49ACD3AEA 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2014-08-29 12:53:32 AFCA5C1ECEAF948FC815178BC077680E 1424384 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2014-08-29 12:53:30 A347EF56B7CD8360B3EF7772FEA597B9 3163648 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-08-29 12:53:30 860528C9E50AB84935843B23A80E665E 404480 ----a-w- C:\Windows\Sysnative\gdi32.dll 2014-08-29 12:36:07 EAD9E413A6CEB9FD8E2AD9DC0716C061 58336 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2014-08-29 12:36:07 E76F105AD039B9E4DA9ECE839298C4A2 44512 ----a-w- C:\Windows\Sysnative\wups2.dll 2014-08-29 12:36:07 6335F8B4B89F002A3801473C1A799237 2620928 ----a-w- C:\Windows\Sysnative\wucltux.dll 2014-08-29 12:36:07 61FF576450CCC80564B850BC3FB6713A 2477536 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2014-08-29 12:35:54 7EC6617005F76714C7E16605E7A8AB06 38880 ----a-w- C:\Windows\Sysnative\wups.dll 2014-08-29 12:35:54 1180B5ADFB507258DA10F51B46681A33 97792 ----a-w- C:\Windows\Sysnative\wudriver.dll 2014-08-29 12:35:53 0DB2758CF1BAFE22E0970FDA0785B74C 700384 ----a-w- C:\Windows\Sysnative\wuapi.dll 2014-08-29 12:35:30 45D4BDEA136E72E75CF008D3C38D949A 198600 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2014-08-29 12:35:30 29FE783F75362AD6D2D9C0555BA83BD2 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe ====== C:\Windows\Sysnative\drivers ===== 2014-08-31 18:21:06 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-08-31 18:20:27 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-08-31 18:20:27 15E8ABC06843672955CE26A009533BAD 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-08-31 10:07:22 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2014-08-31 09:10:41 75034A4D7C02327D150B617571D4196A 40392 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys 2014-08-31 09:10:39 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2014-08-31 09:10:37 2232AE1BB51A96A7381A2CA17DF12E24 12866008 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2014-08-29 13:05:31 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2014-08-29 13:04:40 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-08-29 13:04:39 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-08-29 13:03:59 87CE5C8965E101CCCED1F4675557E868 985536 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2014-08-29 12:56:48 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-08-29 12:56:48 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-08-29 12:56:48 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-08-29 12:55:13 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-08-29 12:53:43 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-08-29 12:53:42 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-08-29 12:49:59 8C47262B582523BDA1D5B1E3732434C7 4184 ----a-w- C:\Windows\Sysnative\drivers\fvstore.dat ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-05 12:24:24 -------- d-----w- C:\Program Files\trend micro 2014-09-05 09:24:14 -------- d-----w- C:\Program Files\Speccy 2014-09-02 20:25:05 -------- d-----w- C:\Program Files\Easeware 2014-08-29 17:23:27 -------- d-----w- C:\Program Files\Common Files\DESIGNER ======= C:\PROGRA~2 ===== 2014-09-01 06:57:41 -------- d-----w- C:\PROGRA~2\TomTom HOME 2 2014-09-01 06:56:10 -------- d-----w- C:\PROGRA~2\TomTom International B.V 2014-08-31 09:17:33 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation ======= C: ===== ====== C:\Users\Bea\AppData\Roaming ====== 2014-09-05 07:41:49 -------- d-----w- C:\Users\Bea\AppData\Local\Diagnostics 2014-09-02 20:26:06 -------- d-----w- C:\Users\Bea\AppData\Roaming\Easeware 2014-09-01 06:54:59 -------- d-----w- C:\Users\Bea\AppData\Local\Downloaded Installations 2014-09-01 06:52:17 -------- d-----w- C:\Users\Bea\AppData\Roaming\TomTom 2014-09-01 06:52:17 -------- d-----w- C:\Users\Bea\AppData\Local\TomTom 2014-08-31 19:42:26 -------- d-----w- C:\Users\Bea\AppData\Roaming\calibre 2014-08-31 18:04:15 -------- d-sh--w- C:\Users\Bea\AppData\Locallow\EmieUserList 2014-08-31 18:04:05 -------- d-sh--w- C:\Users\Bea\AppData\Local\EmieUserList 2014-08-31 18:04:05 -------- d-sh--w- C:\Users\Bea\AppData\Local\EmieSiteList 2014-08-31 18:03:57 -------- d-sh--w- C:\Users\Bea\AppData\Locallow\EmieSiteList 2014-08-31 09:20:16 -------- d-----w- C:\Users\Bea\AppData\Local\NVIDIA Corporation 2014-08-31 09:20:16 -------- d-----w- C:\Users\Bea\AppData\Local\NVIDIA 2014-08-30 08:42:40 -------- d-----w- C:\Users\Anne\AppData\Roaming\Adobe 2014-08-30 08:42:21 -------- d-----r- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-08-30 08:42:21 -------- d-----r- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-08-30 08:42:08 -------- d-----w- C:\Users\Anne\AppData\Roaming\Identities 2014-08-30 08:41:49 -------- d-s---w- C:\Users\Anne\AppData\Roaming\Microsoft 2014-08-30 08:41:49 -------- d-----w- C:\Users\Anne\AppData\Roaming\Media Center Programs 2014-08-30 08:41:49 -------- d-----w- C:\Users\Anne\AppData\Local\Temp 2014-08-30 08:41:49 -------- d-----w- C:\Users\Anne\AppData\Local\Microsoft Help 2014-08-30 08:41:49 -------- d-----w- C:\Users\Anne\AppData\Local\Microsoft 2014-08-30 08:41:49 -------- d-----w- C:\Users\Anne\AppData\Local\Google 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-30 00:31:17 0C4B1ACB72943D8D024DABD9CDC37F85 7605 ----a-w- C:\Users\Bea\AppData\Local\Resmon.ResmonCfg 2014-08-29 20:33:36 -------- d-----w- C:\Users\Bea\AppData\Local\Mixesoft 2014-08-29 12:55:43 -------- d-----w- C:\Users\Default\AppData\Local\Google 2014-08-29 12:55:43 -------- d-----w- C:\Users\Default User\AppData\Local\Google 2014-08-29 12:44:20 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google ====== C:\Users\Bea ====== 2014-09-05 12:24:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bea\Downloads\RSITx64 (1).exe 2014-09-05 12:23:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bea\Downloads\RSITx64.exe 2014-09-05 11:32:23 955B519235602DD43D20B0312E9A3AC2 4901352 ----a-w- C:\Users\Bea\Downloads\ccsetup417.exe 2014-09-05 09:22:39 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Bea\Downloads\spsetup126.exe 2014-09-01 19:49:47 065B9F528580B2C8A54E9A14C6890685 1361309 ----a-w- C:\Users\Bea\Desktop\adwcleaner_3.302.exe 2014-09-01 06:57:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-08-31 09:18:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-08-30 08:42:21 -------- d-----r- C:\Users\Anne\Searches 2014-08-30 08:42:03 -------- d-----r- C:\Users\Anne\Contacts 2014-08-30 08:41:50 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\Anne\ntuser.ini 2014-08-30 08:41:49 -------- d--h--w- C:\Users\Anne\AppData 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Videos 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Saved Games 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Pictures 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Music 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Links 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Favorites 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Downloads 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Documents 2014-08-30 08:41:49 -------- d-----r- C:\Users\Anne\Desktop ====== C: exe-files == 2014-09-05 17:53:06 27BD87D23170E599E6EE334F27EB9435 4005520 ----a-w- C:\Users\Bea\AppData\Local\NVIDIA\NvBackend\Packages\000061b3\DAO.18850839.exe 2014-09-05 12:24:45 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bea\Downloads\RSITx64 (1).exe 2014-09-05 12:24:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Bea.exe 2014-09-05 12:23:47 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bea\Downloads\RSITx64.exe 2014-09-05 11:32:23 955B519235602DD43D20B0312E9A3AC2 4901352 ----a-w- C:\Users\Bea\Downloads\ccsetup417.exe 2014-09-05 09:22:39 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Bea\Downloads\spsetup126.exe 2014-09-04 22:53:29 29DA99B398CDD1B42D2CD49CAC5BA4B8 39915088 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\37.0.2062.103\37.0.2062.103_chrome_installer.exe 2014-09-04 22:50:14 A25437F7A68D6B15F0554545000389A5 768592 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.103\37.0.2062.103_37.0.2062.102_chrome_updater.exe 2014-09-04 22:45:20 93E81A0931CD47FB4C8C155E1A056CF8 3955713 ----a-w- C:\Users\Bea\AppData\Local\NVIDIA\NvBackend\Packages\00006186\DAO.18842956.exe 2014-09-01 19:49:47 065B9F528580B2C8A54E9A14C6890685 1361309 ----a-w- C:\Users\Bea\Desktop\adwcleaner_3.302.exe 2014-09-01 07:41:48 A02762F944EE4E86655CFCAB84FA6BD7 1329744 ----a-w- C:\Users\Bea\AppData\Roaming\uTorrent\updates\3.4.2_32239.exe 2014-09-01 06:52:42 8CFF70961577F64E08E55897DD025C64 31119112 ----a-w- C:\Users\Bea\AppData\Roaming\TomTom\HOME\Profiles\yvhbdsfh.default\Updates\v2_9_8_3423_win.exe 2014-08-31 09:23:32 2A1ACE54BF2F24B142D8A5A054DD9856 3929488 ----a-w- C:\Users\Bea\AppData\Local\NVIDIA\NvBackend\Packages\00006156\DAO.18829147.exe 2014-08-31 09:23:26 A2DD3E8F04E57772762F47BC35F2781C 313152 ----a-w- C:\Users\Bea\AppData\Local\NVIDIA\NvBackend\Packages\00005fed\drsupdate.18761999_RUNASUSER.exe 2014-08-31 09:20:19 EAB90042941666D177D11D15308427CB 3327264 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe 2014-08-31 09:20:12 6C38D2A61BDA508EBC022702EA4DCEC8 88520 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe 2014-08-31 09:20:10 E73A40952F344ECCBB77714BA64297E1 127264 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedVisualizer.exe 2014-08-31 09:20:07 21C697BD5F926032A4478BC5D2A11C09 639944 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2014-08-31 09:20:05 AEC2796DF28AB7494A0C688E40D7B38C 18956064 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 2014-08-31 09:20:04 72DF425E58F9D1321E971A07F2A8536C 4364064 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe 2014-08-31 09:19:42 D61072D0F6F9E96424BC1A905374D836 4306208 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe 2014-08-31 09:19:37 6DA40999B56EAD8C716904E6F2199373 596768 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe 2014-08-31 09:19:34 E8E3E94262EDFC918000E093139A04B9 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe 2014-08-31 09:19:33 C56AEF21A76A6E2BB36A384B2C96389F 2403104 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 2014-08-31 09:17:41 5A24C202959C2DD97E77A4636455738F 8351520 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2014-08-31 09:17:40 76992822377CD0DC5A69FC369C01D6B2 1900888 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2014-08-31 09:17:40 343B4C1204C4E408E9DF81966D218B98 2604544 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2014-08-31 09:17:39 D2230317777033CD0456990BFC4994E5 411936 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2014-08-31 09:17:39 C8269C7833D0ABA2AE2B36F9207D84A0 826712 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2014-08-31 09:17:39 707702343B93391C062A38C4A2CBBEEB 438744 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2014-08-31 09:17:39 64EB581A5C3A9283AF627C3E6CBCF433 896344 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2014-08-31 09:17:39 11996C1FD2D437347654E660DE9144A7 609240 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-08-31 09:17:39 0E0218E558F87B4326EA3500BC704F54 1101088 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2014-08-31 09:17:34 D6310F79E51D1F997E964E81DD368AEA 1720608 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2014-08-31 09:16:14 A9004AE582ED6FD7A7CED3B21479B564 3424728 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe 2014-08-31 09:15:42 FF1D400BC82C8DBB7C51556B3F979A04 413472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{45C1D92E-00C2-4E7A-BBFE-768897EA608F}\setup.exe 2014-08-31 09:10:40 7980739C2109119050292A3A04294105 18747472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{0D089D5A-1750-44A2-AC98-F058A368485E}\3DVision.exe 2014-08-31 09:10:31 FB0AB686FE8958620E892CBFA7893B8C 83141328 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F4D24B02-5326-4FBD-BE64-0EF056C8CCBB}\NvCplSetupInt.exe 2014-08-31 09:10:30 583D93BDCCAB390ED24EC2684B806CE7 441120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F4D24B02-5326-4FBD-BE64-0EF056C8CCBB}\dbInstaller.exe 2014-08-31 09:10:30 583D93BDCCAB390ED24EC2684B806CE7 441120 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2014-08-31 09:06:14 305F85887F567FA223744DFE36E683FD 413984 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{7A3FB426-8551-42BB-A276-40D64408092D}\setup.exe === C: other files == 2014-09-02 20:54:59 C7718159CF3E52BF826876027A5BDF74 6881445 ----a-w- C:\Users\Bea\AppData\Roaming\Easeware\DriverEasy\drivers\mc42ewj2.j30\Wifi_DriverOnly.zip 2014-09-02 20:37:21 1F81A20C220091E7D21C915EADF4E354 32523844 ----a-w- C:\Users\Bea\AppData\Roaming\Easeware\DriverEasy\drivers\une0gpkd.cgj\NVidiaChipset64.zip 2014-09-02 20:16:38 016FEF4AA089ED9243B1803598A20C0B 633682 ----a-w- C:\Users\Bea\Downloads\WLAN_AW_NE762_PNP_Win7_64_3071.zip 2014-08-31 18:21:06 8A50D5304E6AE48664CF5838EC32F647 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-08-31 18:20:27 9D9ED48F841EA37AA5310D54B9E5D3C7 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-08-31 18:20:27 15E8ABC06843672955CE26A009533BAD 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-08-31 09:20:05 0FB368E71D9F178BCFC7F0BBA317FECA 20256 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 2014-08-31 09:10:41 FA3B7E6BD974251CE1160A471B497072 34080 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{3FAC1E17-E68F-4D72-B5A4-73BC87EFB602}\nvvad32v.sys 2014-08-31 09:10:41 75034A4D7C02327D150B617571D4196A 40392 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys 2014-08-31 09:10:41 75034A4D7C02327D150B617571D4196A 40392 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{3FAC1E17-E68F-4D72-B5A4-73BC87EFB602}\nvvad64v.sys 2014-08-31 09:10:39 F4992A26D629288ADBBDC3A715629FA1 163104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{825D7440-AC14-4025-8FEC-262B9314FE0C}\nvhda64.sys 2014-08-31 09:10:39 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2014-08-31 09:10:39 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{825D7440-AC14-4025-8FEC-262B9314FE0C}\nvhda64v.sys 2014-08-31 09:10:39 9F8EE4948B7ADD9D12F778F61A2758A4 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{825D7440-AC14-4025-8FEC-262B9314FE0C}\nvhda32v.sys 2014-08-31 09:10:39 47FEB587AAE06F6717FCABF8BCF184FD 129312 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{825D7440-AC14-4025-8FEC-262B9314FE0C}\nvhda32.sys 2014-08-31 09:10:37 2232AE1BB51A96A7381A2CA17DF12E24 12866008 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2014-08-31 09:06:14 18DBC26FBC4DC5EC4BB93785E2140487 15648 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{7A3FB426-8551-42BB-A276-40D64408092D}\NVI2SystemService32.sys 2014-08-31 09:06:14 181C28575B9977A0659A8F30ADB97770 16672 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{7A3FB426-8551-42BB-A276-40D64408092D}\NVI2SystemService64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-667490413-3519791514-1701384228-1001\Software\Microsoft\Windows\CurrentVersion\Run] "appnhost"="C:\Users\Bea\AppData\Local\Mixesoft\AppNHost\appnhost.exe" "GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "appnhost"="C:\Users\Bea\AppData\Local\Mixesoft\AppNHost\appnhost.exe" "GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "COMODO Internet Security"="C:\Program Files\COMODO\COMODO Internet Security\cistray.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ADSMTray] "command"="C:\\Program Files (x86)\\ASUS\\ASUS Data Security Manager\\ADSMTray.exe" "hkey"="HKLM" "item"="ADSMTray" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKMEDIA] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ATKMEDIA" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ATK Media\\DMedia.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKOSD2] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ATKOSD2" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ATKOSD2\\ATKOSD2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\emsisoft anti-malware] "command"="\"C:\\Program Files (x86)\\Emsisoft Anti-Malware\\a2guard.exe\" /d=60" "hkey"="HKLM" "item"="emsisoft anti-malware" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2] "command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window" "hkey"="HKCU" "item"="GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HControlUser] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HControlUser" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\ASUS\\ATK Hotkey\\HControlUser.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk] "backup"="C:\\Windows\\pss\\SRS Premium Sound.lnk.CommonStartup" "command"="C:\\Windows\\INSTAL~1\\{E5CF6~1\\NEWSHO~4.EXE /f=srs_premium_sound_nopreset.zip /h" "item"="SRS Premium Sound" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\SRS Premium Sound.lnk" "backupExtension"=".CommonStartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-03-2014 18:58] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-03-2014 18:58] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\P4GIntlCtrl" [\IntlCtrl.exe] "C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe] "C:\Windows\SysNative\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"] "C:\Windows\SysNative\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"] "C:\Windows\SysNative\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"] "C:\Windows\SysNative\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Bea\AppData\Roaming\TomTom\HOME\Profiles\yvhbdsfh.default - Undetermined - D:\tomtom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - D:\tomtom\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chrome Look ====================== Google Translate - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb Google Slides - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Magic Actions for YouTube - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif CookiesOK - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni Send using Gmail no button - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahldefgplekckalfcolhhnljbbgaiboc Facebook Notifications - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainkhhbgcdbenmmbaoacambbhjfgnmmm Check It Later Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\amcmidlnbalnbkilajedfgiibhcfmbkh Delibookmarks (Delicious Bookmarks) - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\animchmhhndbcfahoigdpelodbhnhepg TechSmith Snagit Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce Google Docs - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Embed WMPlayer inline - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamkbfdmckphehgiafpenehgebjgdlli Open with Google Drive™ Viewer - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan Show the YouTube Channel bar or the name. - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn HootSuite Hootlet - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn Web2PDFConverter - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkanhckocooacphbnclgcndnpfpoppdk YouTube - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo RSS Subscription Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmjffnfcokiodbeiamclanljnaheeoke Google Notifications - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi SmoothScroll - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cccpiddacjljmfbbgeimpelpndgpoknn OpenDyslexic - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnapgfjopgaggbmfgbiinmmbdcglnam Last updated at time on date - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Pushbullet - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd Webpage Screenshot - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki Symbaloo Bookmarker 0.4.2 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnjfgbikbkcmickdalamlmpmkhmbollm Send to Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppogeekogbladboceekjeiibihnkbhp Read Later Fast - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji Swap My Cookies - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhipnliikkblkhpjapbecpmoilcama Symbaloo - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfnbdccaiknlpdgabdgjijniolkgmoeh Gmelius - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dheionainndbbpoacpnopgmnihkcmnkl PicMonkey Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl Category Tabs for Google Keep™ - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlahcjmefibiedeecoegjilekaebchhl KeyRocket for Gmail - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmocchgkijnbjdjkmlglaemjhhdiobbp Gmail Offline Sync Optimizer - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\dncjnngcblhgeeocnhmmihpanahkjbmi *Auto Logout Google Accounts* - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecobfildhmfjnalpfhjagnoldllommec Search All - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\eekjldapjblgadclklmgolijbagmdnfk HTTP Captive Portal Test - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc VIEWER_GENDERselectfemaleLooking for your photos...maleLooking for your photos...otherLooking for your photos... - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjnaogkjbogokcnohkmnjdojkikgobo Black Menu for Google™ - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke Gmail Offline - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk Google Calendar - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Silver Bird - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\encaiiljifbdbjlphpgpiimidegddhic Chrome Notepad - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp Replies and more for Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea Presentation Remote for Google Drive™ - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjdgmdaaacgdbfdohoidfjiipmbnbnho PowerInbox - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmgljeemhhajnponhffhpjioiclpmbh Office Editing for Docs Sheets and Slides - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj Facebook for Chrome - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp ClickClean - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod Desktop Notifications for Android - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\giicnncicnopjohcpamieklkiacdoeni Pin It Button - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic TweetDeck by Twitter - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl SearchPreview - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo LastPass - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Refresh for Twitter - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp Where to delete an account - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfpofkfbabpbbmchmiekfnlcgaedbgcf feedly - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob Google Keep - notes and lists - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki Bitly | Unleash the power of the link - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic goo.gl URL Shortener - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk Power Twitter for Google Chrome™ - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\iieehhjfejnoljbnnhfnhibcjhmifffo Dropbox - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl Google Translate for Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfppgkomfopklagggkjiaddgndkgopgl History Eraser App - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjolhjmdgbhebcdnfjhngobjggghoipa Speed Dial 2 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik Calculator - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao TweetDeck Launcher - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmjdnkpkpnjblbgbnkeedepgnomafojk Flesko - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmojdmekcdboadplelnedhjajmciboed Phone 2 Google Chrome™ - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnlgojabfogikedjanecphloghlegpdm Lazarus Form Recovery - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno Boomerang for Gmail - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll LinkedIn Notifications - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\menceeiihdbmfffpmgeokellaigfjcdm A simple extension for lazy man: Open Chrome Download Manager directly by one click from the toolbar. - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe Google Drawings - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme Ghostery - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij Screencastify - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn MultiLogin - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nccllfnllopfpcbjdgjdlfmomnfgnnbk feedly Mini - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja Atomic Bookmarks 2 - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\njacljdblagcjdmljcgpjkcinfflmgdk RSS Subscription Extension by Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd Google Wallet - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Docs PDFPowerPoint Viewer by Google - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn Weeronline actueel Nederland - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgafdngocgnaincgfbpeblbeaadkpfa Google Chrome to Phone Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco Checker Plus for Gmail™ - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj Are you sure you want to delete folderName folder and subFolderCount sub-folders in it? - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi Chrome Apps & Extensions Developer Tool - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc Twitter Preview URLs - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijgblonhcagdhfbgjilnpjipmijimmn Google Quick Scroll - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc Diigo Web Collector - Capture and Annotate - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole RealtimeBoard Whiteboard for Collaboration - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfmbdmhambgleempeofcjjhjclimccg Scoop.it - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjkhfahjokocpjfihcbfkmipdhcaknn Instagram for Chrome - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb None - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcgnkmbeodkmiijjfnliicelkjfcldg ClickClean App - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp SpeakIt - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak Appie - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pidjpfnhaidmahnblgikaaadclebmoio Evernote Web Clipper - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc Chrome Update Notifier Plus - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfbafagepmnjfhgoaakiobjffddcnbd App Launcher Customizer for Google™ - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponjkmladgjfjgllmhnkhgbgocdigcjm iReader - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppelffpjgkifjfgnbaaldcehkpajlmbc Netvibes Chrome Extension - Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppfnnghflmcnehkalpghfnidkpcjclbm Google Slides - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek TechSmith Snagit Extension - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce Google Docs - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Black Menu for Google™ - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eignhdfgaldabilaaegmdfbajngjmoke Google Calendar - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Collavate - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\feabbfjgiecneijbnmfileadcjfmbbpb Google Sheets - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Office Editing for Docs Sheets and Slides - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj ClickClean - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgabhipcejejjmhhchfonmamedcbeod AdBlock - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom History Eraser - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gjieilkfnnjoihjjonajndjldjoagffm LastPass - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd Bitly | Unleash the power of the link - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic goo.gl URL Shortener - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk Google Wallet - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Checker Plus for Gmail™ - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj ClickClean App - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp Gmail - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia App Launcher Customizer for Google™ - Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ponjkmladgjfjgllmhnkhgbgocdigcjm Google Slides - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf Loupe Collage - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhaonknplhhecdgjpphnooeomecgipkc YouTube - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo GeoGebra - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee ScootPad - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boihgpoojeingjbbdjmoocbdibophjap Google Search - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Sumo Paint - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod Gmail Offline - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk Google Sheets - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap Readium - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fepbnnnkkadjhjahcafoaglimekefifl Haiku Learning - Solo Teacher Account - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fgpoakifbipnkhifgabffhdkdnloobhm Stupeflix Video Maker - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fkdmcfnoimoilncpjchamnenebopocem AdBlock - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom VocabularySpellingCity - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gnbihkjgkedgkepcakdjcnbicklpgfpm Pictico - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gndkeamlgkegbmmoheplcndpopglacgf LastPass - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd CK-12 - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ilmbnmigihncgeckjgmkehcgkdeohkhl MeeGenius Children's Books - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jhfhmaajajcjoijfaceafiembkmhcddc LearnBoost - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lfbigbedbdencpbioocekehcblgokpno Google Wallet - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda TypingClub - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah Checker Plus for Gmail™ - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj WeVideo - Video Editor and Maker - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb Khan Academy - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pahdiadnidmaaoohjmlkcjffbfcapgko DOGOnews - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pcolnnhmiknpeonnnmoadeficjagocgf Gmail - Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Calendar - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Google Sheets - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap Allin1Convert - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gcncagkkhfoombgbihckkccmkjemhohl Pin It Button - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic LastPass - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Wallet - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "https://www.google.nl/", "startup_urls": [ "https://www.google.nl/" ], C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences "startup_urls": [ "https://www.google.nl/" ], C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences "homepage": "https://sites.google.com/a/tweemaster.info/leerkracht/home?pli=1", "startup_urls": [ "https://sites.google.com/a/tweemaster.info?tab=33", "https://sites.google.com/a/tweemaster.info/leerlingen/", "https://sites.google.com/a/tweemaster.info/leerkracht/planning?pli=1" ], C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences "homepage": "https://drive.google.com/#home", "startup_urls": [ "http://vsmart.zebi.nl/vsmart/Client.csp?Server=&Language=&Stylesheet=&Debug=0&NoCookies=0&DeepLink=&PortId=", "http://opac.zebi.nl/webopac/Vubis.csp", "https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http://mail.google.com/mail/&scc=1<mpl=default<mplcache=2" ], ==== Chrome Fix ====================== C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhaaapflafeapcmgbphlmealldkomfbe deleted successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik deleted successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj deleted successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj deleted successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gbkeegbaiigmenfmjfclcdgdpimamgkj_0.localstorage deleted successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gbkeegbaiigmenfmjfclcdgdpimamgkj_0.localstorage-journal deleted successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gbkeegbaiigmenfmjfclcdgdpimamgkj_0.localstorage deleted successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gbkeegbaiigmenfmjfclcdgdpimamgkj_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?ocid=U219DHP&pc=U219" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.msn.com/?ocid=U219DHP&pc=U219" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences was reset successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O4 - HKCU\..\Run: [appnhost] C:\Users\Bea\AppData\Local\Mixesoft\AppNHost\appnhost.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Anne\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Bea\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully C:\Users\Bea\AppData\Local\Google\Chrome\User Data\Profile 3\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1627 folders=350 27648437 bytes) ==== Empty Temp Folders ====================== C:\Users\Anne\AppData\Local\Temp emptied successfully C:\Users\Bea\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Bea\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 06-09-2014 at 9:12:07,38 ======================