Zoek.exe v5.0.0.0 Updated 17-December-2014
Tool run by Niven De Weerdt on do 18/12/2014 at 20:08:36,08.
Microsoft Windows 8.1 Pro 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Niven De Weerdt\Desktop\zoek.exe.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

18/12/2014 20:11:47 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\BlazeVideo deleted successfully
C:\Users\Niven De Weerdt\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Niven De Weerdt\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Niven De Weerdt\AppData\Roaming\WinRAR deleted successfully
C:\Users\Niven De Weerdt\AppData\Local\Adobe deleted successfully
C:\Users\Niven De Weerdt\AppData\Local\CrashDumps deleted successfully
C:\Users\Niven De Weerdt\AppData\Local\PackageStaging deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSMonitorServicePDVD14.exe
C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\SysWOW64\vmnat.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
C:\WINDOWS\SysWOW64\vmnetdhcp.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Ashampoo\Ashampoo Office 2012\Smash.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Medion\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe
C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
C:\Program Files (x86)\VMware\VMware Player\vmware.exe
C:\Program Files (x86)\VMware\VMware Player\vmware-unity-helper.exe
C:\Program Files (x86)\VMware\VMware Player\vprintproxy.exe
C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe
C:\Users\Niven De Weerdt\Desktop\zoek.exe.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Niven De Weerdt\AppData\Roaming\MAGIX deleted
C:\PROGRA~3\MAGIX deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Niven De Weerdt\Downloads\Your Software Deals.url deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 16323 MB
CPU Info: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
CPU Speed: 3193,3 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek Digital Output (Realtek | 
S24C570-4 (NVIDIA High Definiti | 
Display Adapters: NVIDIA GeForce GTX 650 | NVIDIA GeForce GTX 650 | NVIDIA GeForce GTX 650
Monitors: 2x; Generic PnP Monitor | Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | VirtualBox Host-Only Ethernet Adapter | VMware Virtual Ethernet Adapter for VMnet1 | VMware Virtual Ethernet Adapter for VMnet8
CD / DVD Drives: 2x (D: | H: | ) D: HL-DT-STBD-RE  BH10LS38  | H: PIONEER BD-RW   BDR-TD03
Ports: COM1 LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  465,5GB | E:  209,2GB | F:  1356,4GB | G:  3726,0GB | J:  2794,5GB | K:  1863,0GB | L:  1863,0GB | N:  1397,3GB | O:  1138,9GB | P:  258,4GB
Hard Disks - Free: C:  229,5GB | E:  59,9GB | F:  13,7GB | G:  3335,0GB | J:  6,1GB | K:  21,7GB | L:  14,6GB | N:  18,0GB | O:  23,6GB | P:  8,9GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE |  | ALASKA - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. H87M-E
Country: België 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: G DATA TOTAL PROTECTION On-access scanning disabled (Outdated)
Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Spyware: G DATA TOTAL PROTECTION disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: G DATA Personal Firewall disabled
Default Browser: Firefox	34.0
Internet Explorer Version: 11.0.9600.17498 
Mozilla Firefox version: 34.0 (x86 nl)
Sun Java version: 1.8.0_25 (32-bit) 
Sun Java version: 1.8.0_25 (64-bit) 
Flash Player version: 15.0.0.246

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-12-14 20:53:02	7826082B93262AB6460E77B91C61EA30	128512	----a-w-	C:\WINDOWS\splwow64.exe
2014-11-29 17:41:47	D405B2BD75340E5244BF1E17B174E6BF	4321136	----a-w-	C:\WINDOWS\PE_File.dll
2014-11-29 17:41:41	54218516AAFD834CC0AA4548F348DEB9	4261840	----a-w-	C:\WINDOWS\PE_Rom.dll
2014-11-20 04:44:32	85D47EB257B06094F052E0C8AEFA3BEE	2501368	----a-w-	C:\WINDOWS\explorer.exe
2014-11-20 04:43:59	80E856B1AFAEB6195EADAAD65945147C	1001472	----a-w-	C:\WINDOWS\HelpPane.exe
2014-11-20 04:43:19	959A31D0CD013CEA0C66DB7C03BCBDDF	221184	----a-w-	C:\WINDOWS\notepad.exe
2014-11-20 04:43:00	B67DB709F5FDAA89CA6C2CB6C1E39B3B	154624	----a-w-	C:\WINDOWS\regedit.exe
2014-11-20 04:42:59	727B4519FE9919447108CBEC4768F34A	54272	----a-w-	C:\WINDOWS\twain_32.dll
2014-11-20 04:42:41	B934411DFE7DEACFA95A1255A48133C9	17408	----a-w-	C:\WINDOWS\hh.exe
2014-11-20 04:42:41	73E19BE0E0ECD88616B5762F621B0226	11264	----a-w-	C:\WINDOWS\write.exe
2014-11-20 04:42:41	335C38783B3F1B383ECAC17DB3705895	9728	----a-w-	C:\WINDOWS\winhlp32.exe
====== C:\Users\NIVEND~1\AppData\Local\Temp ====
2014-12-18 02:13:00	E0DC8C6BBC787B972A9A468648DBFD85	1008128	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\libiconv2.dll
2014-12-18 02:13:00	D202BAA425176287017FFE1FB5D1B77C	103424	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\libintl3.dll
2014-12-18 02:13:00	57CAC848FA14AE38F14F9441F8933282	140288	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\pcre3.dll
2014-12-18 02:13:00	547C43567AB8C08EB30F6C6BACB479A3	79360	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\regex2.dll
2014-12-18 02:13:00	2E0323A94915FAAB10A25F3BABF82584	157696	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-12-18 01:55:12	9B443CC5819EE4A667CAACA10E8BC552	1499384	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\dllnt_dump.dll
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-12-14 20:53:09	806D838C066E2FBDB30D0CA22C23314A	790528	----a-w-	C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-14 20:53:06	FE21D836EE5C90F2EFCBDE2F52E25482	19731824	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2014-12-14 20:53:05	1302567D8675E358C60C59601D0334BF	15158784	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-14 20:53:04	75914C685DE3539F3A621B27B9D9F919	1127976	----a-w-	C:\WINDOWS\SysWOW64\msctf.dll
2014-12-14 20:53:03	F96956BBED66937350B360497AAA4EE2	507392	----a-w-	C:\WINDOWS\SysWOW64\untfs.dll
2014-12-14 20:53:03	A9957240537BEE1988B03A6B1E135773	885760	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-12-14 20:53:03	94743D320BA649382829A5FE8C12DDF1	801584	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2014-12-14 20:53:03	6E9C931731AB16217D3A5472B9B442EB	94208	----a-w-	C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2014-12-14 20:53:03	54091BD386579A661A012D5E77120B2C	786120	----a-w-	C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-12-14 20:53:03	001E1E3546EA80D1A97E7E2BF6F72969	555520	----a-w-	C:\WINDOWS\SysWOW64\WSDApi.dll
2014-12-14 20:53:02	F7A9D2E57D357B36C11F1C8269F2B05F	25600	----a-w-	C:\WINDOWS\SysWOW64\setup16.exe
2014-12-14 20:53:02	B98F9F25D0CCA83E1CA79D1F8BAA1075	465408	----a-w-	C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-12-14 20:53:02	ACC85159376F84F49F8FE6D860E39A4F	8704	----a-w-	C:\WINDOWS\SysWOW64\instnm.exe
2014-12-14 20:53:02	A81265C9CF12A9CA3F436024C1793936	624640	----a-w-	C:\WINDOWS\SysWOW64\rasapi32.dll
2014-12-14 20:53:02	A2CCF16BF1C4F60914EA2DF0BF484A6E	561664	----a-w-	C:\WINDOWS\SysWOW64\nshwfp.dll
2014-12-14 20:53:02	A2530DC44EB8083A63EB83798E7BBB72	162304	----a-w-	C:\WINDOWS\SysWOW64\rascfg.dll
2014-12-14 20:53:02	9B443CC5819EE4A667CAACA10E8BC552	1499384	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-14 20:53:02	92937F1A41E6EC1D89BC4D89AC99035B	1142272	----a-w-	C:\WINDOWS\SysWOW64\vssapi.dll
2014-12-14 20:53:02	887DBBE8CF300A6AE9D0B5D8FF7C0915	143360	----a-w-	C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-12-14 20:53:02	85D880636B8246BD4EF4061F25D84C18	155648	----a-w-	C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2014-12-14 20:53:02	8091A1E1F4205EED9C17D17DAB055C81	124928	----a-w-	C:\WINDOWS\SysWOW64\wuwebv.dll
2014-12-14 20:53:02	7DCD4205BEDA8892BBA5755805E74047	723968	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2014-12-14 20:53:02	7CC0DD976389300196B2DB4E3F77662C	33280	----a-w-	C:\WINDOWS\SysWOW64\rasmxs.dll
2014-12-14 20:53:02	7AB08744F06F0BDC87DC124F4276A08E	15360	----a-w-	C:\WINDOWS\SysWOW64\eventcls.dll
2014-12-14 20:53:02	75692538076B0402E7236A314A027299	55296	----a-w-	C:\WINDOWS\SysWOW64\vsstrace.dll
2014-12-14 20:53:02	6F57859B54404D350E525413322F7AA2	169984	----a-w-	C:\WINDOWS\SysWOW64\WinSCard.dll
2014-12-14 20:53:02	699B5B6ACA78B2380F33478EE8CE4287	29696	----a-w-	C:\WINDOWS\SysWOW64\wuapp.exe
2014-12-14 20:53:02	3C908C70D5876D6B55D742A665DC88C7	14336	----a-w-	C:\WINDOWS\SysWOW64\ntvdm64.dll
2014-12-14 20:53:02	29A35A031EC84D7D9E393A59BEE37888	39424	----a-w-	C:\WINDOWS\SysWOW64\kmddsp.tsp
2014-12-14 20:53:02	210642D9D287AEDED8BB3123580177D4	22528	----a-w-	C:\WINDOWS\SysWOW64\rasser.dll
2014-12-14 20:53:02	20FE9408E23EC6486CD995759B0BE02B	5632	----a-w-	C:\WINDOWS\SysWOW64\wow32.dll
2014-12-14 20:53:02	205BDB00F4C032AF45A6BFD18EA7886C	498688	----a-w-	C:\WINDOWS\SysWOW64\dnsapi.dll
2014-12-14 20:53:02	1D4E9DD1CF2B3A280FCF26693FBBD299	4096	----a-w-	C:\WINDOWS\SysWOW64\user.exe
2014-12-14 20:53:02	1112C09E14A9824908818944BF026392	81920	----a-w-	C:\WINDOWS\SysWOW64\wudriver.dll
2014-12-14 20:53:02	05761DCCF02CEE514DC3B8E3A7F38DF5	272384	----a-w-	C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-12-14 20:53:02	017E4B714298435849AC02F32A1C6BDA	61440	----a-w-	C:\WINDOWS\SysWOW64\rasdiag.dll
2014-12-10 04:09:24	98C136EA9D0CA9C010FE49D863D29C6D	1612992	----a-w-	C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 04:09:23	C4FB74C1E96142E0A9E5DE78E3A0B494	28672	----a-w-	C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 04:09:16	220505B0B3E96C857DD01729AF0CD369	19749376	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 04:09:14	F728E7E9937117E0F32F39840EB6D737	4299264	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 04:09:14	F34F6DC38A21FCDBB50CDD1EE97B1EA3	1307136	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 04:09:14	B59E370277EDB6643083B62297175628	12836864	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 04:09:14	5E4E0E43E0A5BF9F089696DFA7A3D677	1888256	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 04:09:14	01777AB557997E98691E322225314E57	2277888	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 04:09:12	D7A98A4CEA2E89F544065A00BF37FC10	688640	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 04:09:12	543ADCEA31CF9C2B4EEB900D4AAFD0F9	2052096	----a-w-	C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 04:09:12	41AFA61E061E98E97272AC02184C8C2C	710144	----a-w-	C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 04:09:12	37F078B5B435AFC6BF316F2AD14B469A	501248	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 04:09:11	F25284C763E728E4DAC248C211D1FC5B	76288	----a-w-	C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 04:09:11	86181845803967FC51B64119E80FC18C	340992	----a-w-	C:\WINDOWS\SysWOW64\html.iec
2014-12-10 04:09:11	713407DA59A9DBE5BD64A17D7A267DA1	326656	----a-w-	C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 04:09:11	69AC6FD5B0B4DC963723E1EBDEE10A2C	285696	----a-w-	C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 04:09:11	476900A8699F5C3D954ADD4A35D33F89	230400	----a-w-	C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 04:09:11	29CED1A4777A43526A4ED8A7B6936883	64000	----a-w-	C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 04:09:11	0E4D9A13C7C6C8FC3ACCF1C8C28DE200	128000	----a-w-	C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 04:09:10	C6941899E6B0A1893D2D5A89241A43B6	661504	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 04:09:10	98F2784FC4A4A80CE20016C6281834EE	880128	----a-w-	C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 04:06:55	A9B598B04606F9869C42728FE95CBC7C	1489072	----a-w-	C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 04:06:52	7EAC336CFB845753DE556D8EEDD8BD58	129536	----a-w-	C:\WINDOWS\SysWOW64\poqexec.exe
====== C:\WINDOWS\SysWOW64\drivers =====
2014-11-29 17:41:39	1392B92179B07B672720763D9B1028A5	14464	----a-w-	C:\WINDOWS\SysWOW64\drivers\AsUpIO.sys
====== C:\WINDOWS\Sysnative =====
2014-12-14 20:53:09	E36BF37396A26C40E40DFF65F4CD4568	463872	----a-w-	C:\WINDOWS\Sysnative\SystemSettings.Handlers.dll
2014-12-14 20:53:09	DD6861B05CF8BF95A458D3D808AD0693	2171904	----a-w-	C:\WINDOWS\Sysnative\SystemSettingsAdminFlowUI.dll
2014-12-14 20:53:09	B5D6CFC7CD3FA63070286A4FC594B9A1	1091072	----a-w-	C:\WINDOWS\Sysnative\MrmCoreR.dll
2014-12-14 20:53:09	A709D50BD3125B53283220BA44B78690	116736	----a-w-	C:\WINDOWS\Sysnative\SystemSettingsDatabase.dll
2014-12-14 20:53:09	9E61E1B68E7004D126C6DB297EC39293	2819584	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers.dll
2014-12-14 20:53:09	947C7EDC9BB17733CCC530489B6A2FFA	273240	----a-w-	C:\WINDOWS\Sysnative\SystemSettingsAdminFlows.exe
2014-12-14 20:53:09	64EEDEF2642AD68A3F3791D7346E8FEC	672984	----a-w-	C:\WINDOWS\Sysnative\MDMAgent.exe
2014-12-14 20:53:07	ABDB7997BC550C3B9A5075F6799A86E3	22290560	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2014-12-14 20:53:07	2F92532B7C872394AA9DEB5CE43B3FDB	18823168	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2014-12-14 20:53:06	4AABC3D611EEB92FDEDD1C741D63C437	4837376	----a-w-	C:\WINDOWS\Sysnative\SyncEngine.dll
2014-12-14 20:53:04	FCF3912833E1B7F4EE61F07E79A7BBAC	3558400	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2014-12-14 20:53:04	F3D051ABE7D5A29B16BC9F8A7A306341	1390928	----a-w-	C:\WINDOWS\Sysnative\msctf.dll
2014-12-14 20:53:04	A7F1BC7115123D2F17A4251149984080	962216	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2014-12-14 20:53:04	69C0304BE8E4C58026A0D162AD04BF10	1154048	----a-w-	C:\WINDOWS\Sysnative\SkyDrive.exe
2014-12-14 20:53:04	29A707BE7BCD9A0233BB6435B8E45ACB	7473472	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2014-12-14 20:53:03	E9AE4FAE83FB38A2962F9032B24CEB3C	252416	----a-w-	C:\WINDOWS\Sysnative\dnsrslvr.dll
2014-12-14 20:53:03	E8F017472DAB8350583526184F8FE478	166912	----a-w-	C:\WINDOWS\Sysnative\AppxAllUserStore.dll
2014-12-14 20:53:03	E66D01726D7B12302CBF3BBF847C9B05	1027584	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2014-12-14 20:53:03	D64D99672845B76D67B1C6419A9E39B2	1733952	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2014-12-14 20:53:03	9925BE7849D66AF04F778B41C9D5C7C1	952896	----a-w-	C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
2014-12-14 20:53:03	75B6AD9F2BFDFE7E7C7E38F4FDD2FF1E	658432	----a-w-	C:\WINDOWS\Sysnative\WSDApi.dll
2014-12-14 20:53:03	605CC8C83761219B45B1EF271B2A9E0C	420864	----a-w-	C:\WINDOWS\Sysnative\vpnike.dll
2014-12-14 20:53:03	57C10952ED978E2BF24D904B291C8C0C	558080	----a-w-	C:\WINDOWS\Sysnative\untfs.dll
2014-12-14 20:53:03	57322EBB67A59FB64E228F31A84CA43D	1084416	----a-w-	C:\WINDOWS\Sysnative\IKEEXT.DLL
2014-12-14 20:53:03	3F0D403D47A27134F490B0951826FC37	242176	----a-w-	C:\WINDOWS\Sysnative\WinSCard.dll
2014-12-14 20:53:03	2E3976C857D7230EC8D2B2276E688255	827392	----a-w-	C:\WINDOWS\Sysnative\spoolsv.exe
2014-12-14 20:53:03	2DA3DF504868C941D7EFAE6099B73A65	309760	----a-w-	C:\WINDOWS\Sysnative\WSDMon.dll
2014-12-14 20:53:03	0B07D6E59605DB58B780655192D7387C	128000	----a-w-	C:\WINDOWS\Sysnative\QSVRMGMT.DLL
2014-12-14 20:53:02	F7CEA12E6D22FD6BD303EBF9E08F6AF3	140288	----a-w-	C:\WINDOWS\Sysnative\wuwebv.dll
2014-12-14 20:53:02	F0FD2757C9975EC62C3AFF9DE3415830	514048	----a-w-	C:\WINDOWS\Sysnative\DevicePairing.dll
2014-12-14 20:53:02	E9E186B76AF8F2B705F003CEFE7A4410	1714176	----a-w-	C:\WINDOWS\Sysnative\wucltux.dll
2014-12-14 20:53:02	D64719E25966885AA991513A66A1A20F	16896	----a-w-	C:\WINDOWS\Sysnative\eventcls.dll
2014-12-14 20:53:02	D06E9DE27BBB41F8AE2A0A2D6FC0F598	422400	----a-w-	C:\WINDOWS\Sysnative\FWPUCLNT.DLL
2014-12-14 20:53:02	CCB7FDAA07F104128D5332CD6EF04D97	48128	----a-w-	C:\WINDOWS\Sysnative\kmddsp.tsp
2014-12-14 20:53:02	BC9E947C4B1E166CE2237871CAA4BDC0	16896	----a-w-	C:\WINDOWS\Sysnative\ntvdm64.dll
2014-12-14 20:53:02	A7D9C835222913507340E379F6C0E798	894976	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2014-12-14 20:53:02	A5F199F33C2A919AE9A15997FA7A07FD	77824	----a-w-	C:\WINDOWS\Sysnative\rasdiag.dll
2014-12-14 20:53:02	9FAF67CE7452215ACEDDB517A663454F	43008	----a-w-	C:\WINDOWS\Sysnative\rasmxs.dll
2014-12-14 20:53:02	9B1133CA54B4A3E852756EA174682EC8	211968	----a-w-	C:\WINDOWS\Sysnative\QSHVHOST.DLL
2014-12-14 20:53:02	9766BC2BC08F4ABEA83908B11C154529	182784	----a-w-	C:\WINDOWS\Sysnative\rascfg.dll
2014-12-14 20:53:02	63274242700279852B5CFFE4E2E0C6D1	13312	----a-w-	C:\WINDOWS\Sysnative\wow64cpu.dll
2014-12-14 20:53:02	591FB3A6559C393235F6D8A573E4E1B3	1574400	----a-w-	C:\WINDOWS\Sysnative\vssapi.dll
2014-12-14 20:53:02	57D55B8D3387C51758C785C425922C0E	285184	----a-w-	C:\WINDOWS\Sysnative\wow64.dll
2014-12-14 20:53:02	3C4FF4AD2F023865F63017F0E6A9C649	30208	----a-w-	C:\WINDOWS\Sysnative\rasser.dll
2014-12-14 20:53:02	3B7F9612439EA47151EC5EAB232C1C3F	1454080	----a-w-	C:\WINDOWS\Sysnative\VSSVC.exe
2014-12-14 20:53:02	35375E7F42B28163E689B1CF84243DA2	390841	----a-w-	C:\WINDOWS\Sysnative\ApnDatabase.xml
2014-12-14 20:53:02	2C67494BD2CB71CEE84E3DA4B9DEE979	733696	----a-w-	C:\WINDOWS\Sysnative\SkyDriveTelemetry.dll
2014-12-14 20:53:02	25AE2DD8E6F6BBD922C5F6971F124BBD	74752	----a-w-	C:\WINDOWS\Sysnative\vsstrace.dll
2014-12-14 20:53:02	22A5582ACF0CEE97268D7868C69F35CE	845312	----a-w-	C:\WINDOWS\Sysnative\BFE.DLL
2014-12-14 20:53:02	1D5D2F632E6DB073F44DACE1859B9039	407552	----a-w-	C:\WINDOWS\Sysnative\WUSettingsProvider.dll
2014-12-14 20:53:02	17EB5520615744EE8190861C120DFF93	55776	----a-w-	C:\WINDOWS\Sysnative\wuauclt.exe
2014-12-14 20:53:02	15CCD57C3F2CE870910C2DB4AE418D22	95744	----a-w-	C:\WINDOWS\Sysnative\wudriver.dll
2014-12-14 20:53:02	0B082D6D7A53D91678E7409DD145E89C	657920	----a-w-	C:\WINDOWS\Sysnative\dnsapi.dll
2014-12-14 20:53:02	0416FE95E0DC01042B46D9F6B1A1EE61	702464	----a-w-	C:\WINDOWS\Sysnative\rasapi32.dll
2014-12-14 20:53:02	03880AB54F6C9A449B9F8AC8B21472AA	713216	----a-w-	C:\WINDOWS\Sysnative\nshwfp.dll
2014-12-14 20:53:02	0296B6D45A9D582DF0B6B4E6061CE024	35840	----a-w-	C:\WINDOWS\Sysnative\wuapp.exe
2014-12-10 04:09:24	F5BA843DE3475B8D7FD5AFC21857A7C1	1970432	----a-w-	C:\WINDOWS\Sysnative\crypt32.dll
2014-12-10 04:09:23	83AEDC4636606B145851723AE7385781	34304	----a-w-	C:\WINDOWS\Sysnative\DeviceSetupStatusProvider.dll
2014-12-10 04:09:17	D478A4CF07FB8ADF72FB16B88E8030B8	25059840	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2014-12-10 04:09:15	556D271F4243B273EDA353512BF3608A	14412800	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2014-12-10 04:09:14	E7A2061ADF0F4D430FECDA1E8D6B7BA6	1548288	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2014-12-10 04:09:14	982B871A25B5078093FAD82D0AB0E3FC	2885120	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2014-12-10 04:09:14	8D64466AD12CA5677CD0099C43C58569	6039552	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2014-12-10 04:09:14	4AF089160FE082E5EA5C4AA72782DCA2	2358272	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2014-12-10 04:09:12	EFBA893429814EA3244C87C2D1256618	800768	----a-w-	C:\WINDOWS\Sysnative\ieapfltr.dll
2014-12-10 04:09:12	DDE455CF1B9F43775A53A4E577DFDC54	373760	----a-w-	C:\WINDOWS\Sysnative\iedkcs32.dll
2014-12-10 04:09:12	3FE71E2A5BD3EC652E64FC8BCEFEDD2C	2125312	----a-w-	C:\WINDOWS\Sysnative\inetcpl.cpl
2014-12-10 04:09:12	39B512C643812FC2D4843C0D4206C759	718848	----a-w-	C:\WINDOWS\Sysnative\ie4uinit.exe
2014-12-10 04:09:12	14BA910E7731FC84EB85328BD0F1EE81	800768	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2014-12-10 04:09:11	DB10D681314714E0D4623E4C0CF6654A	92160	----a-w-	C:\WINDOWS\Sysnative\mshtmled.dll
2014-12-10 04:09:11	D248949FCF2B72C1FD4EC15DA92065C0	262144	----a-w-	C:\WINDOWS\Sysnative\webcheck.dll
2014-12-10 04:09:11	62CFEE2A516C68540486EBF26F18ED4C	145408	----a-w-	C:\WINDOWS\Sysnative\iepeers.dll
2014-12-10 04:09:11	284070B045F8B11B4A1FB32F72023038	417280	----a-w-	C:\WINDOWS\Sysnative\html.iec
2014-12-10 04:09:11	1D294810D3A8A8F722E86AA001F54DCC	580096	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2014-12-10 04:09:11	17A157A4225CF562202AC71DB8103177	88064	----a-w-	C:\WINDOWS\Sysnative\MshtmlDac.dll
2014-12-10 04:09:11	0AF0AEF0BA9EF6169E61C78504DCAE55	316928	----a-w-	C:\WINDOWS\Sysnative\dxtrans.dll
2014-12-10 04:09:10	A41AC7E8D142FD0ECF6EF7F1BB63D478	812544	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2014-12-10 04:09:10	507DC5EE1363EEB7D986B1026DF4E39D	1032704	----a-w-	C:\WINDOWS\Sysnative\inetcomm.dll
2014-12-10 04:06:55	418B5117F187DFFD96C52325CA0DF153	1762840	----a-w-	C:\WINDOWS\Sysnative\WindowsCodecs.dll
2014-12-10 04:06:52	E4A75F7BA48F4281405C782E3DB9F828	146432	----a-w-	C:\WINDOWS\Sysnative\poqexec.exe
====== C:\WINDOWS\Sysnative\drivers =====
2014-12-14 20:53:04	7EC9376D245D734791AD46738712E7D8	473408	----a-w-	C:\WINDOWS\Sysnative\drivers\netio.sys
2014-12-14 20:53:04	1BD3022FD6E450B00DE560265638FD2A	112640	----a-w-	C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2014-12-14 20:53:03	F6ECFD6128A16A4851CFE98D4E01B011	551232	----a-w-	C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2014-12-14 20:53:03	DC64B02CD5E21D16215AC20D393D5CE4	153920	----a-w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2014-12-14 20:53:03	B41F3E5780D97CFD44A717153AD9CF2C	80896	----a-w-	C:\WINDOWS\Sysnative\drivers\wanarp.sys
2014-12-14 20:53:03	715ABA3DD164D06457A2A3C92F6EA9D5	136512	----a-w-	C:\WINDOWS\Sysnative\drivers\wfplwfs.sys
2014-12-14 20:53:03	49EE0AE9E5B64FFBBD06D55C4984B598	108544	----a-w-	C:\WINDOWS\Sysnative\drivers\i8042prt.sys
2014-12-14 20:53:03	389C998C64319CD97625B0550E52ECFA	58176	----a-w-	C:\WINDOWS\Sysnative\drivers\dam.sys
2014-12-14 20:53:03	27FF998504DEF8D29A771FBB41707C5E	238912	----a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2014-12-14 20:53:02	ED54A75050211DC77F9B98C41E026858	86336	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2014-12-14 20:53:02	DC1D9F692C2AD84C214584C28501C1F7	24576	----a-w-	C:\WINDOWS\Sysnative\drivers\ndistapi.sys
2014-12-14 20:53:02	AD7F69237480F6CB6294EFD9EE4CD04C	428864	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2014-12-14 20:53:02	8CD840A062F6BDF41DDE3ACB96164B72	32256	----a-w-	C:\WINDOWS\Sysnative\drivers\kbdhid.sys
2014-12-14 20:53:02	7AA01AB1C110916825E6E1389F1B9AF2	39744	----a-w-	C:\WINDOWS\Sysnative\drivers\intelpep.sys
2014-12-14 20:53:02	5FCBAB60598AE119E02B4C27DE6B99EA	30208	----a-w-	C:\WINDOWS\Sysnative\drivers\mouhid.sys
2014-12-14 20:53:02	5917AFE4A3F695A54B99C1849C8207FE	59712	----a-w-	C:\WINDOWS\Sysnative\drivers\kbdclass.sys
2014-12-14 20:53:02	3EE5097945A7F680E320953271EB2D4F	96768	----a-w-	C:\WINDOWS\Sysnative\drivers\agilevpn.sys
2014-12-14 20:53:02	3C2DF97A21A9BBE6355B0A51F288EFFF	2485056	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2014-12-14 20:53:02	148195AE95D9BC7375A08846439FDAC1	26112	----a-w-	C:\WINDOWS\Sysnative\drivers\sermouse.sys
2014-12-14 20:53:02	0BBE2FA30BAD58C9ADC01E4F84A3D2A1	72192	----a-w-	C:\WINDOWS\Sysnative\drivers\ndproxy.sys
2014-12-14 20:53:02	08374E4E5B8914DE6067CBA99F61E930	51008	----a-w-	C:\WINDOWS\Sysnative\drivers\mouclass.sys
2014-12-05 05:19:56	2F7A6F88A9516EB47B0BF13024434244	304416	----a-w-	C:\WINDOWS\Sysnative\drivers\snapman.sys
2014-11-29 17:26:44	742186A23B9B3E7F90FAA4595291ED0C	25504	----a-w-	C:\WINDOWS\Sysnative\drivers\rspLLL64.sys
2014-11-27 05:00:13	2A801DFB1C278104D6AFB23C456C0E89	916024	----a-w-	C:\WINDOWS\Sysnative\drivers\VBoxDrv.sys
2014-11-27 05:00:11	46970F66C3F19421C37CCCDC7C2F176A	128080	----a-w-	C:\WINDOWS\Sysnative\drivers\VBoxUSBMon.sys
2014-11-24 11:07:02	16F38B18F51DBD2D32A77B3649CFC55A	141440	----a-w-	C:\WINDOWS\Sysnative\drivers\VBoxNetAdp.sys
2014-11-24 11:06:12	AD45D3E222E66550B734725CCCCF0E1C	156360	----a-w-	C:\WINDOWS\Sysnative\drivers\VBoxNetFlt.sys
2014-11-22 13:55:28	28BEF2E6CCB3BA4AB67B832FF6F82BF6	874712	----a-w-	C:\WINDOWS\Sysnative\drivers\Rt630x64.sys
2014-11-20 04:44:45	65454187E0F8B6C0DCECB0287D06EC43	14144	-c--a-w-	C:\WINDOWS\Sysnative\drivers\swenum.sys
2014-11-20 04:44:32	13EFD41E351F31E087283CF66C29A25E	373568	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2014-11-20 04:44:32	00C594D5A1DBD22AD8B2902B9F6EFF94	14528	-c--a-w-	C:\WINDOWS\Sysnative\drivers\drmkaud.sys
2014-11-20 04:44:31	7F68063A5A0461E02BC860CE0E6BFDDC	2025792	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2014-11-20 04:44:11	21FE65E2E67C4E31EE95CBD1F91C4B24	1114432	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2014-11-20 04:44:06	E1BB0B6F00F470B451AB45EA13EBA0B3	1552704	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2014-11-20 04:43:58	E796AE43DDD1844281DB4D57294D17C0	533824	-c--a-w-	C:\WINDOWS\Sysnative\drivers\acpi.sys
2014-11-20 04:43:58	982B9495F70FEEA269C48F18E960EFDE	389952	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2014-11-20 04:43:57	00D8AC8E3053290BDE6EA2FB6810D2FC	678400	----a-w-	C:\WINDOWS\Sysnative\drivers\srv2.sys
2014-11-20 04:43:52	31233271EDE50D1BBB220F78AFA60486	405504	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2014-11-20 04:43:45	114AAF528D3D87D306F3682E618E8091	563976	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2014-11-20 04:43:42	D24B1945ED1F9C96DA786DBBF1E983CE	415040	-c--a-w-	C:\WINDOWS\Sysnative\drivers\spaceport.sys
2014-11-20 04:43:41	9DBC32A45CFA67074432D2AF6C2832B6	559104	----a-w-	C:\WINDOWS\Sysnative\drivers\csc.sys
2014-11-20 04:43:40	2787A73C848128C950385CB3A63A6B91	337728	----a-w-	C:\WINDOWS\Sysnative\drivers\Classpnp.sys
2014-11-20 04:43:38	6276AC2AA203CF47811F6EFBBD214FBF	202752	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys
2014-11-20 04:43:37	C1FB505A73FA2E9019D32444AB33B75A	354112	----a-w-	C:\WINDOWS\Sysnative\drivers\fltMgr.sys
2014-11-20 04:43:34	D7B4859227B02BCC1055B279A63C937F	226304	----a-w-	C:\WINDOWS\Sysnative\drivers\WUDFRd.sys
2014-11-20 04:43:32	FAA564A13576F9284546BF016D27B551	467776	-c--a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2014-11-20 04:43:14	481286719402E4BAEFEA0604AB1B5113	113664	----a-w-	C:\WINDOWS\Sysnative\drivers\WUDFPf.sys
2014-11-20 04:43:13	C76097CA941FA7CAFEDB1E557969025C	272384	-c--a-w-	C:\WINDOWS\Sysnative\drivers\portcls.sys
2014-11-20 04:43:10	4E829B18D5BAEC29893792A3C671A847	100672	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecdd.sys
2014-11-20 04:43:08	BAFF6122CFC9F95CA175AD8C348179A4	88896	----a-w-	C:\WINDOWS\Sysnative\drivers\partmgr.sys
2014-11-20 04:43:03	CA3F19E4B0765135B0F3C99384C535B9	177472	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2014-11-20 04:43:01	FC0141B4A5AD6D637D883C1A89FC45C5	151040	----a-w-	C:\WINDOWS\Sysnative\drivers\pacer.sys
2014-11-20 04:43:01	D1D82F007A079A4D623DBD1F36EF30A1	102208	----a-w-	C:\WINDOWS\Sysnative\drivers\mountmgr.sys
2014-11-20 04:43:01	41F631007A158FEBB67F0E2AD1601BBA	93696	----a-w-	C:\WINDOWS\Sysnative\drivers\rassstp.sys
2014-11-20 04:43:01	008F7CED69FD5B30CBDE1E03C6F36A27	445440	----a-w-	C:\WINDOWS\Sysnative\drivers\nwifi.sys
2014-11-20 04:43:00	F00B189ECA74DDF408AD934ADDC72477	89088	-c--a-w-	C:\WINDOWS\Sysnative\drivers\drmk.sys
2014-11-20 04:43:00	A7C31B168F371E8E6796219F23E354DB	61248	----a-w-	C:\WINDOWS\Sysnative\drivers\fsdepends.sys
2014-11-20 04:42:59	A53E798C06D729CCF8459968B4372F6E	89368	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbkmcl.sys
2014-11-20 04:42:58	615DFD97DEA56CE1C3A52185A3038FF8	921920	----a-w-	C:\WINDOWS\Sysnative\drivers\refs.sys
2014-11-20 04:42:51	EF31713EE4C7CCFE4049F7E7F15645A2	69952	----a-w-	C:\WINDOWS\Sysnative\drivers\vpci.sys
2014-11-20 04:42:51	8B9486B64E5FC17FB9CC04CA10B77A34	49944	----a-w-	C:\WINDOWS\Sysnative\drivers\vmstorfl.sys
2014-11-20 04:42:51	511AD3FF957A0127E6BD336FF6F89C38	97048	----a-w-	C:\WINDOWS\Sysnative\drivers\vmbus.sys
2014-11-20 04:42:51	269882812E9A68FFF1AFE1283D428322	126464	----a-w-	C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys
2014-11-20 04:42:51	10A78656BF6126245631705E45F9B9CF	61208	----a-w-	C:\WINDOWS\Sysnative\drivers\winhv.sys
2014-11-20 04:42:50	F3C060444777A59FC63D920719E43CCD	115712	----a-w-	C:\WINDOWS\Sysnative\drivers\bridge.sys
2014-11-20 04:42:50	A2468CC3509394A33C4C32F99563D845	54784	----a-w-	C:\WINDOWS\Sysnative\drivers\wpcfltr.sys
2014-11-20 04:42:50	807F8CF3E973305FC435C61CBBEE2A49	189248	-c--a-w-	C:\WINDOWS\Sysnative\drivers\UCX01000.SYS
2014-11-20 04:42:50	6FC047578785B0435F4E2660946D1ADC	74240	----a-w-	C:\WINDOWS\Sysnative\drivers\mpsdrv.sys
2014-11-20 04:42:50	5F66B7BB330AA80067FC66149A692620	33600	----a-w-	C:\WINDOWS\Sysnative\drivers\wimmount.sys
2014-11-20 04:42:50	1A20F03700D2B2ED775E38D751EF2F63	324928	-c--a-w-	C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2014-11-20 04:42:50	0E046FF5823B95326D10CF1B4AF23541	39424	----a-w-	C:\WINDOWS\Sysnative\drivers\nsiproxy.sys
2014-11-20 04:42:49	BC8A79C625568DDB7DCA49D0C2741A64	27456	----a-w-	C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys
2014-11-20 04:42:49	A57A897E3F87B8E9F30A627C42779A76	21824	----a-w-	C:\WINDOWS\Sysnative\drivers\tbs.sys
2014-11-20 04:42:49	5C8F604F6DC74177CDD8372D7B1ADFF0	212736	-c--a-w-	C:\WINDOWS\Sysnative\drivers\usbvideo.sys
2014-11-20 04:42:42	D4DCE03870314D3354F3501F9DDD4123	87040	----a-w-	C:\WINDOWS\Sysnative\drivers\netvsc63.sys
2014-11-20 04:42:42	415DD71628795197F7AFC176CBADC74E	82944	----a-w-	C:\WINDOWS\Sysnative\drivers\appid.sys
2014-11-20 04:42:41	42FF4975D032CAE558AE4BB8448F6E5A	48128	----a-w-	C:\WINDOWS\Sysnative\drivers\netbios.sys
2014-11-20 04:42:40	D7A41959BB3A8510F1BAC36F5CEC1874	144384	----a-w-	C:\WINDOWS\Sysnative\drivers\rmcast.sys
2014-11-20 04:42:40	B337B1F1E82A83E20A1743E008E25C0F	17408	----a-w-	C:\WINDOWS\Sysnative\drivers\rasacd.sys
2014-11-20 04:42:40	9746BA79DE0CA5EB5104406A9ED62D01	11776	----a-w-	C:\WINDOWS\Sysnative\drivers\rootmdm.sys
2014-11-20 04:42:40	8CECC8DA55F3274181FD1EA28AD76664	43008	----a-w-	C:\WINDOWS\Sysnative\drivers\ndiscap.sys
2014-11-20 04:42:40	83868EB2924E6BC21A54337C65D614D1	47104	----a-w-	C:\WINDOWS\Sysnative\drivers\qwavedrv.sys
2014-11-20 04:42:40	67343511D80BF3D6D9EEDB5BA8D0B06B	57856	-c--a-w-	C:\WINDOWS\Sysnative\drivers\bthhfenum.sys
2014-11-20 04:42:40	58035FD3369879E02D65989C44D27450	23040	----a-w-	C:\WINDOWS\Sysnative\drivers\WSDScan.sys
2014-11-20 04:42:40	51B3AC0560848CD6D65AC2033E293113	66560	----a-w-	C:\WINDOWS\Sysnative\drivers\mslldp.sys
2014-11-20 04:42:40	3083926D1CC5B56EA0786527B557DD1B	103424	----a-w-	C:\WINDOWS\Sysnative\drivers\Ndu.sys
2014-11-20 04:42:40	20185BEB7512EDE4EFECDFA148AC9F99	29696	-c--a-w-	C:\WINDOWS\Sysnative\drivers\TsUsbGD.sys
2014-11-20 04:42:40	13BEA6C882D4D877A5A85CA149C86BC1	40960	----a-w-	C:\WINDOWS\Sysnative\drivers\scfilter.sys
2014-11-20 04:42:40	0139248F6B95CF0D837B5B46A2722D40	98304	-c--a-w-	C:\WINDOWS\Sysnative\drivers\usbcir.sys
2014-11-19 17:29:49	185B4FFECD886A424B57B58AE173FBBE	13213512	----a-w-	C:\WINDOWS\Sysnative\drivers\nvlddmkm.sys
====== C:\WINDOWS\Tasks ======
2014-11-22 18:51:59	9C7E55B8D7CC630730BF9EEFBB16444E	3714	----a-w-	C:\WINDOWS\Sysnative\Tasks\klcp_update
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-12-16 23:47:55	--------	d-----w-	C:\Program Files\7-Zip
2014-12-14 04:47:19	--------	d-----w-	C:\Program Files\WDCSAM
2014-11-29 17:26:44	--------	d-----w-	C:\Program Files\LatencyMon
2014-11-27 05:00:08	--------	d-----w-	C:\Program Files\Oracle
======= C:\PROGRA~2 =====
2014-11-22 19:01:46	--------	d-----w-	C:\PROGRA~2\AviSynth 2.5
2014-11-22 18:51:08	--------	d-----w-	C:\PROGRA~2\K-Lite Codec Pack
======= C: =====
====== C:\Users\Niven De Weerdt\AppData\Roaming ======
2014-12-17 19:15:35	--------	d-----w-	C:\Users\Niven De Weerdt\AppData\Local\SuperEasy_Software
2014-12-05 18:58:24	--------	d-----w-	C:\Users\Niven De Weerdt\AppData\Roaming\SoftMaker
2014-12-05 05:19:57	--------	d-----w-	C:\Users\Niven De Weerdt\AppData\Roaming\21E36622-6A6E-4177-B76D-BAA0A99EF225
2014-11-27 17:21:20	--------	d-----w-	C:\Users\Niven De Weerdt\AppData\Local\Ashampoo Movie Shrink & Burn 4
2014-11-23 03:39:43	--------	d-----w-	C:\Users\Niven De Weerdt\AppData\Local\Nero
2014-11-22 19:01:47	--------	d-----w-	C:\Users\Niven De Weerdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-11-22 17:56:49	--------	d-----w-	C:\Users\Niven De Weerdt\AppData\Local\Plex Media Server
2014-11-22 15:19:14	--------	d-sh--w-	C:\Users\Niven De Weerdt\AppData\Local\EmieBrowserModeList
2014-11-22 15:19:06	--------	d-sh--w-	C:\Users\Niven De Weerdt\AppData\Locallow\EmieBrowserModeList
====== C:\Users\Niven De Weerdt ======
2014-12-18 05:13:08	7AC98BE8593253FDDF8293E1C60B04BA	2166272	----a-w-	C:\Users\Niven De Weerdt\Desktop\AdwCleaner.exe
2014-12-17 19:13:04	4230D0C67ED6DB47029A983EDA6D57DB	2008920	----a-w-	C:\Users\Niven De Weerdt\Desktop\supereasy_video_converter_3_dl.exe
2014-12-16 23:47:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-12-06 06:35:19	2F5BB97F76B81782EC81513E18473FE2	148100944	----a-w-	C:\Users\Niven De Weerdt\Documents\PowerDVD_14.0.4704.58_Patch_DVD140911-04.exe
2014-11-29 17:26:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2014-11-27 05:00:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-11-22 19:12:05	--------	d-----w-	C:\Users\Niven De Weerdt\.config
2014-11-22 19:01:46	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2014-11-22 18:51:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-11-19 17:40:18	--------	d-s---w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3

====== C: exe-files ==
2014-12-18 05:13:08	7AC98BE8593253FDDF8293E1C60B04BA	2166272	----a-w-	C:\Users\Niven De Weerdt\Desktop\AdwCleaner.exe
2014-12-18 02:29:35	61A87FCE639038D07A2C91DD99C757A2	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3874325224-3051171625-3370539540-1001\$IMYT0VX.exe
2014-12-18 02:13:00	2E0323A94915FAAB10A25F3BABF82584	157696	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-12-18 01:49:28	7B09EAF613CEAD79F808B55DE12840DD	2650408	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3874325224-3051171625-3370539540-1001\$RMYT0VX.exe
2014-12-17 19:13:04	4230D0C67ED6DB47029A983EDA6D57DB	2008920	----a-w-	C:\Users\Niven De Weerdt\Desktop\supereasy_video_converter_3_dl.exe
2014-12-17 18:40:00	FC6E5B19202BF78457710BE0D0C09CDF	1278743	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
2014-12-17 18:17:14	9ACA04B7B089EBF2F51DFEE4CFE98A4A	4504112	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\NVIDIA\NvBackend\Packages\000069b1\DAO.19147186.exe
2014-12-16 17:47:58	18CFDA3F1C1C17EE4E79AD83E0AC46FD	4472136	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\NVIDIA\NvBackend\Packages\000069a3\DAO.19143293.exe
2014-12-15 12:26:35	4E429B3FFB76C3EABC748ED3AFE54CF8	1794840	----a-w-	C:\Program Files (x86)\Maxthon\_AppData\Maxthon3\Public\MxUp\MxUp.exe
2014-12-15 12:15:10	4E429B3FFB76C3EABC748ED3AFE54CF8	1794840	----a-w-	C:\Users\Niven De Weerdt\AppData\Roaming\Maxthon3\Public\MxUp\MxUp.exe
2014-12-14 20:53:09	E022185998E5BC0F2EBD8F5875747D3E	87296	----a-w-	C:\Windows\ImmersiveControlPanel\SystemSettings.exe
2014-12-14 20:53:09	947C7EDC9BB17733CCC530489B6A2FFA	273240	----a-w-	C:\Windows\System32\SystemSettingsAdminFlows.exe
2014-12-14 20:53:09	64EEDEF2642AD68A3F3791D7346E8FEC	672984	----a-w-	C:\Windows\System32\MDMAgent.exe
2014-12-14 20:53:04	69C0304BE8E4C58026A0D162AD04BF10	1154048	----a-w-	C:\Windows\System32\SkyDrive.exe
2014-12-14 20:53:04	29A707BE7BCD9A0233BB6435B8E45ACB	7473472	----a-w-	C:\Windows\System32\ntoskrnl.exe
2014-12-14 20:53:03	2E3976C857D7230EC8D2B2276E688255	827392	----a-w-	C:\Windows\System32\spoolsv.exe
2014-12-14 20:53:02	F7A9D2E57D357B36C11F1C8269F2B05F	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2014-12-14 20:53:02	EFC236C98B6FC47C05FC3F817CED574D	21696	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
2014-12-14 20:53:02	C8B6FD0CE93013F606F2AA4BABF763B8	372408	----a-w-	C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
2014-12-14 20:53:02	ACC85159376F84F49F8FE6D860E39A4F	8704	----a-w-	C:\Windows\SysWOW64\instnm.exe
2014-12-14 20:53:02	7826082B93262AB6460E77B91C61EA30	128512	----a-w-	C:\Windows\splwow64.exe
2014-12-14 20:53:02	699B5B6ACA78B2380F33478EE8CE4287	29696	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2014-12-14 20:53:02	3B7F9612439EA47151EC5EAB232C1C3F	1454080	----a-w-	C:\Windows\System32\VSSVC.exe
2014-12-14 20:53:02	1D4E9DD1CF2B3A280FCF26693FBBD299	4096	----a-w-	C:\Windows\SysWOW64\user.exe
2014-12-14 20:53:02	17EB5520615744EE8190861C120DFF93	55776	----a-w-	C:\Windows\System32\wuauclt.exe
2014-12-14 20:53:02	0296B6D45A9D582DF0B6B4E6061CE024	35840	----a-w-	C:\Windows\System32\wuapp.exe
2014-12-12 17:45:29	06B790BA384EB7322E45611365C5B4B6	4466648	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\NVIDIA\NvBackend\Packages\00006980\DAO.19134170.exe
=== C: other files ==
2014-12-18 02:13:00	F56A319979F631C141F5FF02DF87FDB1	43563	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\prelim.bat
2014-12-18 02:13:00	EBAA7BD799FC68980A6A8594BB14A950	190569	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\misc.bat
2014-12-18 02:13:00	DD1E4D974B1672ABD09EFFB225791C4A	1230	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\TDL4.bat
2014-12-18 02:13:00	BC28D90D34DB7AC6BB5789BF3C9E8FDB	14957	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\get.bat
2014-12-18 02:13:00	AD2F52DC72B10AF331692E4A4DD80DFC	18670	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\medfos.bat
2014-12-18 02:13:00	AA0C656F898523BEDF2DA6923197BB80	1264	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\surfvox.bat
2014-12-18 02:13:00	8E6020C14F982CF11B3FE7DBB0CB8EDE	24738	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\searchlnk.bat
2014-12-18 02:13:00	86707BCE5CBB65D9B1C41E249B4423BA	152733	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\firefox.bat
2014-12-18 02:13:00	83F691D8398F0E37E71E9355BF730DB9	719	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\ev_clear.bat
2014-12-18 02:13:00	813FA9E2180EE3BB5EFCE744009B5611	10880	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\runvalues.bat
2014-12-18 02:13:00	38A0BDF322ACCC968B0A824C38D50157	29635	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\ask.bat
2014-12-18 02:13:00	335DFF8F23E5EC02B5426362F0F8509B	31401	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\iexplore.bat
2014-12-18 02:13:00	0C4649A62845AB5D5DBCC4998477FF6D	1813	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\delfolders.bat
2014-12-18 02:13:00	080CFDE64F31E7B50EECF4552033E84D	9937	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\mws.bat
2014-12-18 02:13:00	048407135C9B1FB6A355E256BD96160D	14192	----a-w-	C:\Users\Niven De Weerdt\AppData\Local\Temp\jrt\chrome.bat
2014-12-17 18:40:02	9C41DE96339224A51AB950A3E74FBDA4	28	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\reg_lp.bat
2014-12-15 12:26:58	EA5AAFCBC6F0D0E940F3E92DFD94EEE4	1793	----a-w-	C:\Users\Niven De Weerdt\AppData\Roaming\Maxthon3\Temp\ueip\ueipdata.zip
2014-12-15 12:24:21	A8F2A442E544A0F3EFFD405DCA695A25	1446450	----a-w-	C:\Users\Niven De Weerdt\Desktop\emailverzenden20140613081223973_000120140613081223973_.zip
2014-12-14 20:53:04	7EC9376D245D734791AD46738712E7D8	473408	----a-w-	C:\Windows\System32\drivers\netio.sys
2014-12-14 20:53:04	1BD3022FD6E450B00DE560265638FD2A	112640	----a-w-	C:\Windows\System32\drivers\rasl2tp.sys
2014-12-14 20:53:03	F6ECFD6128A16A4851CFE98D4E01B011	551232	----a-w-	C:\Windows\System32\drivers\vhdmp.sys
2014-12-14 20:53:03	DC64B02CD5E21D16215AC20D393D5CE4	153920	----a-w-	C:\Windows\System32\drivers\dumpsd.sys
2014-12-14 20:53:03	B41F3E5780D97CFD44A717153AD9CF2C	80896	----a-w-	C:\Windows\System32\drivers\wanarp.sys
2014-12-14 20:53:03	715ABA3DD164D06457A2A3C92F6EA9D5	136512	----a-w-	C:\Windows\System32\drivers\wfplwfs.sys
2014-12-14 20:53:03	49EE0AE9E5B64FFBBD06D55C4984B598	108544	----a-w-	C:\Windows\System32\drivers\i8042prt.sys
2014-12-14 20:53:03	389C998C64319CD97625B0550E52ECFA	58176	----a-w-	C:\Windows\System32\drivers\dam.sys
2014-12-14 20:53:03	27FF998504DEF8D29A771FBB41707C5E	238912	----a-w-	C:\Windows\System32\drivers\sdbus.sys
2014-12-14 20:53:02	ED54A75050211DC77F9B98C41E026858	86336	----a-w-	C:\Windows\System32\drivers\pdc.sys
2014-12-14 20:53:02	DC1D9F692C2AD84C214584C28501C1F7	24576	----a-w-	C:\Windows\System32\drivers\ndistapi.sys
2014-12-14 20:53:02	AD7F69237480F6CB6294EFD9EE4CD04C	428864	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-12-14 20:53:02	8CD840A062F6BDF41DDE3ACB96164B72	32256	----a-w-	C:\Windows\System32\drivers\kbdhid.sys
2014-12-14 20:53:02	7AA01AB1C110916825E6E1389F1B9AF2	39744	----a-w-	C:\Windows\System32\drivers\intelpep.sys
2014-12-14 20:53:02	5FCBAB60598AE119E02B4C27DE6B99EA	30208	----a-w-	C:\Windows\System32\drivers\mouhid.sys
2014-12-14 20:53:02	5917AFE4A3F695A54B99C1849C8207FE	59712	----a-w-	C:\Windows\System32\drivers\kbdclass.sys
2014-12-14 20:53:02	3EE5097945A7F680E320953271EB2D4F	96768	----a-w-	C:\Windows\System32\drivers\agilevpn.sys
2014-12-14 20:53:02	3C2DF97A21A9BBE6355B0A51F288EFFF	2485056	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2014-12-14 20:53:02	148195AE95D9BC7375A08846439FDAC1	26112	----a-w-	C:\Windows\System32\drivers\sermouse.sys
2014-12-14 20:53:02	0BBE2FA30BAD58C9ADC01E4F84A3D2A1	72192	----a-w-	C:\Windows\System32\drivers\ndproxy.sys
2014-12-14 20:53:02	08374E4E5B8914DE6067CBA99F61E930	51008	----a-w-	C:\Windows\System32\drivers\mouclass.sys
2014-12-14 04:46:19	6551768E0961BA2D965B955342A9E74E	378553	----a-w-	C:\Users\Niven De Weerdt\Desktop\WD_SES_Driver_Setup_x64.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3874325224-3051171625-3370539540-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress9"="C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe /Startup"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"SMASH"="C:\Program Files (x86)\Ashampoo\Ashampoo Office 2012\SMASH.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"
"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE"
"HipServ Agent"="C:\Program Files (x86)\Medion\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe"
"Memeo Instant Backup"="C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui"
"CLMLServer_For_P2G9"="C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe"
"CLVirtualDrive9"="C:\Program Files (x86)\CyberLink\Power2Go9\VirtualDrive9.exe /R"
"GDFirewallTray"="C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe"
"TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"AcronisTibMounterMonitor"="C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"PowerDVD14Agent"="C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"vmware-tray.exe"="C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress9"="C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe /Startup"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"SMASH"="C:\Program Files (x86)\Ashampoo\Ashampoo Office 2012\SMASH.EXE"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/12/2014 18:46]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
"C:\WINDOWS\SysNative\tasks\Maxthon Update" ["C:\Program Files (x86)\Maxthon\Bin\mxup.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{A2027BB5-8385-420A-977E-D5639E283BDC}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Niven De Weerdt\AppData\Roaming\Mozilla\Firefox\Profiles\v1yslza9.Standaardgebruiker
9860727E477F17B88E39AF8B69B0407A	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll -	Shockwave Flash


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1 deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [HipServ Agent] C:\Program Files (x86)\Medion\LifeCloud Desktop Applications\HipServAgent\HipServAgent.exe
O4 - HKLM\..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
O4 - HKLM\..\Run: [CLMLServer_For_P2G9] "C:\Program Files (x86)\CyberLink\Power2Go9\CLMLSvc_P2G9.exe"
O4 - HKLM\..\Run: [CLVirtualDrive9] "C:\Program Files (x86)\CyberLink\Power2Go9\VirtualDrive9.exe" /R
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [PowerDVD14Agent] "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Player\vmware-tray.exe"
O4 - HKCU\..\Run: [Power2GoExpress9] "C:\Program Files (x86)\CyberLink\Power2Go9\Power2GoExpress9.exe" /Startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SMASH] "C:\Program Files (x86)\Ashampoo\Ashampoo Office 2012\SMASH.EXE"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink PowerDVD 14 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSMonitorServicePDVD14.exe
O23 - Service: CyberLink PowerDVD 14 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
O23 - Service: Defragmentatie-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: G DATA Backup Service (GDBackupSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: G DATA Tuner Service (GDTunerSvc) - G Data Software AG - C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: G DATA Datasafeservice (TSNxGService) - G DATA Software - C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) - Unknown owner - C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Niven De Weerdt\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Niven De Weerdt\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Niven De Weerdt\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Niven De Weerdt\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Niven De Weerdt\AppData\Local\Mozilla\Firefox\Profiles\v1yslza9.Standaardgebruiker\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=955 folders=113 305736521 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Niven De Weerdt\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\NIVEND~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 18/12/2014 at 20:27:38,38 ======================