
Zoek.exe v5.0.0.0 Updated 13-February-2015
Tool run by Kaat on za 14/02/2015 at 17:45:35,26.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kaat\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-02-13-083701.log	80906 bytes

==== Empty Folders Check ======================

C:\Users\Administrator\AppData\Local\Comodo deleted successfully
C:\Users\Administrator\AppData\Local\Google deleted successfully
C:\Users\Gast\AppData\Local\Comodo deleted successfully
C:\Users\Gast\AppData\Local\Google deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google deleted successfully
C:\Users\Kaat\AppData\Local\Comodo deleted successfully
C:\Users\Kaat\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C8C03A6-8A03-4F40-ADD6-EAC07FB1F2FB} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{265017A3-39B6-4180-842F-9D68EA7B8A0} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{484a745c-0640-4d4e-8539-cd0e70cfa354} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{512C9FE1-4148-421C-86F4-329412EFFD9} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A6F52B3-6BE5-4125-8597-CCF2FA37AC8} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708A9E3-3ADB-4E98-BB83-264328F2B544} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f99b118-7d97-4e3a-9d31-850282ec9226} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AC0233-519-4177-96ED-2B374BEAF464} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ce58766-139b-4a94-9748-4ba937f0f5e7} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEAFA9E5-D0B4-4CC3-81AA-8BCC90E924A} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BED7F2C9-7998-408A-BD3C-567C1C6584E2} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7B3AA3D-BA81-4427-B4B1-24DFA3D7DD6} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD0EF7CF-1442-4CB7-B02C-E57B60271D71} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDA6171B-35-4426-99DD-3E4C7557AD6} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFA9F41B-73D5-4D45-ADAA-B695368C323A} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3B9169-C11D-4BC9-B864-5C0B6C246A2} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E47F01B1-2376-4249-81E1-EBB568A4FD4E} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E513367D-36C5-47CB-943-ABA2C4309340} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E55D4BBE-F634-4A26-B5AD-C34B339CE538} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ef5b9eeb-ddd4-427a-b329-577cacf3465f} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAE0E2B5-EF17-4249-8CCF-B8749EEC87B} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC6DE0C4-4FF3-4929-A083-E0263398216B} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCD18952-2F6B-41F4-BB91-68F71112ED32} deleted successfully
HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF068495-2D84-40B0-A1B9-AD33C9DCA25} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{484a745c-0640-4d4e-8539-cd0e70cfa354} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f99b118-7d97-4e3a-9d31-850282ec9226} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9ce58766-139b-4a94-9748-4ba937f0f5e7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ef5b9eeb-ddd4-427a-b329-577cacf3465f} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Adobe Reader XI (11.0.10) - Nederlands  
AMD APP SDK Runtime  
AMD Media Foundation Decoders  
ANT Drivers Installer x64  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ATI Catalyst Install Manager  
AVG 2015  
BitTorrent  
Bonjour  
Catalyst Control Center - Branding  
Catalyst Control Center  
Catalyst Control Center Graphics Previews Common  
Catalyst Control Center InstallProxy  
Catalyst Control Center Localization All  
Catalyst Control Center Profiles Mobile  
ccc-utility64  
CCC Help Chinese Standard  
CCC Help Chinese Traditional  
CCC Help Czech  
CCC Help Danish  
CCC Help Dutch  
CCC Help English  
CCC Help Finnish  
CCC Help French  
CCC Help German  
CCC Help Greek  
CCC Help Hungarian  
CCC Help Italian  
CCC Help Japanese  
CCC Help Korean  
CCC Help Norwegian  
CCC Help Polish  
CCC Help Portuguese  
CCC Help Russian  
CCC Help Spanish  
CCC Help Swedish  
CCC Help Thai  
CCC Help Turkish  
CCleaner  
De SimsT 4  
Definition Update for Microsoft Office 2010 (KB2956079) 32-Bit Edition  
Driver Robot  
Elevated Installer  
Garmin Express  
Garmin Express Tray  
Google Chrome  
Google Update Helper  
Google+ Auto Backup  
Intel PROSet Wireless  
Intel(R) Display Audio Driver  
Intel(R) PROSet/Wireless WiFi Software  
iTunes  
KUx86  
Microsoft .NET Framework 4.5.1  
Microsoft Office Access MUI (Dutch) 2010  
Microsoft Office Excel MUI (Dutch) 2010  
Microsoft Office Home and Student 2010  
Microsoft Office Office 64-bit Components 2010  
Microsoft Office OneNote MUI (Dutch) 2010  
Microsoft Office Outlook MUI (Dutch) 2010  
Microsoft Office PowerPoint MUI (Dutch) 2010  
Microsoft Office Proof (Dutch) 2010  
Microsoft Office Proof (English) 2010  
Microsoft Office Proof (French) 2010  
Microsoft Office Proof (German) 2010  
Microsoft Office Proofing (Dutch) 2010  
Microsoft Office Publisher MUI (Dutch) 2010  
Microsoft Office Shared 64-bit MUI (Dutch) 2010  
Microsoft Office Shared MUI (Dutch) 2010  
Microsoft Office Single Image 2010  
Microsoft Office Word MUI (Dutch) 2010  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005  
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD  
Origin  
Picasa 3  
PX Profile Update  
Realtek Ethernet Controller Driver  
Realtek PCIE Card Reader  
Renesas Electronics USB 3.0 Host Controller Driver  
Samsung Kies3  
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)  
Security Update for Microsoft Excel 2010 (KB2956081) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2553154) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition  
Security Update for Microsoft Word 2010 (KB2956066) 32-Bit Edition  
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition  
SkypeT 7.1  
Speccy  
Spotify  
Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)  
Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)  
Synaptics Pointing Device Driver  
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD  
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition  
Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition  
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition  
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2597089) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2910896) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2956054) 32-Bit Edition  
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition  
Update for Microsoft Outlook 2010 (KB2956128) 32-Bit Edition  
Update for Microsoft PowerPoint 2010 (KB2880517) 32-Bit Edition  
Update for Microsoft PowerPoint 2010 (KB2956129) 32-Bit Edition  
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition  
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition  
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition  
VAIO Control Center  
VASCO Card Reader Plug-In (64-Bit)  
VASCO Smart Card Reader Plug-In (User)  
VCCx64  
VCCx86  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
VLC media player 2.1.3  
VPMx64  
WinRAR 5.10 (32-bit)  

==== Running Processes ======================

C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\setup.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Vizor32\VizorHtmlDialog.exe
C:\Users\Kaat\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4012 MB
CPU Info: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
CPU Speed: 2520,3 MHz
Sound Card: Luidsprekers (High Definition A | 
Display Adapters: Intel(R) HD Graphics 3000 | Intel(R) HD Graphics 3000 | AMD Radeon(TM) HD 6470M | AMD Radeon(TM) HD 6470M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Digitaal LCD-scherm (1920x1080 60Hz) | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | Bluetooth-apparaat (Personal Area Network) | Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Advanced-N 6230
CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ8A2AS
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  448,7GB
Hard Disks - Free: C:  378,8GB
Manufacturer *: INSYDE
BIOS Info: AT/AT COMPATIBLE | 11/23/11 | Sony - 20111123
Time Zone: Romance (standaardtijd)
Motherboard *: Sony Corporation VAIO
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: AVG Internet Security 2015 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG Internet Security 2015 disabled (Outdated)
Default Browser: Google Chrome	40.0.2214.111
Internet Explorer Version: 11.0.9600.17633 
Google Chrome version: 40.0.2214.111
Adobe Reader version: 11.0.10.32

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-02-12 09:17:28	D2E9F258AD0B577FB244CE1665C03DC6	539302716	----a-w-	C:\Windows\MEMORY.DMP
====== C:\Users\Kaat\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-02-13 17:54:03	4FD3763F3917201856B0CBCE310003EA	4300800	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-02-13 17:54:03	01BD2653F2185218837CF4A175617F8A	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-02-11 15:03:03	9A91F9B5035F54C2D0BA92CF9B16EE34	2277888	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-02-11 15:03:03	6F10743069DFFC56DEE079204960844E	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-02-11 15:03:03	3B9EF1B8E154D202D32A7765E2F33554	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 15:03:02	FD6AF61AF029B9BC2CF4EFF57CDD5821	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 15:03:02	74EA6C792F57E453261DA210C1BCEB53	342712	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 15:03:01	F285D499EC42969D963CA49EADA63218	1888256	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-02-11 15:03:01	94B1F7CE1AAA5542923E0AD63C4D0050	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 15:03:01	55A84600EAAF8F1D3F0E6206E2EF6D48	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 15:02:54	AD3F5926EC2C1F21FB45D1CDED6E2A47	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 15:02:54	8E8137569741D3693F88DDF94CC38C20	1307136	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-02-11 15:02:53	9DEE691C8FDBC2DE6957F1AE873C78FC	503296	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-02-11 15:02:48	994E7459260D315573DD72783D1B78A7	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-02-11 15:02:47	E1A4D24281526DDFEA418F729CDA9DC6	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-02-11 15:02:47	B0F7BD3492C2D60A70F15AEADCE1E2A6	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 15:02:47	78A1A938D51D4F83A772123B93EE1612	12829184	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-02-11 15:02:47	5FB7E9786F70F4072663746072C9E6CE	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-02-11 15:02:47	47B26D89EF9973E2DD586D0C827F61A9	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 15:02:47	28B2D3CB1B4306D476200D80AF7D87AD	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 15:02:46	EF05E63ACC834470A07A2E73D519B5FA	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 15:02:46	D87759889FE7BCAE4461439139E62BAA	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 15:02:46	8FBC9680719ACDA9351B67D906C682F4	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 15:02:46	6FA05244FD2E40A3DC08337146B3C425	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 15:02:46	61C74D794C14E9FC94D93F5F0F72A3F9	19740160	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-02-11 15:02:46	180168942E4A133C55E7BBF17DA3C142	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 15:00:51	793F6658ED65839FDB2957A4884CB63C	1230336	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 15:00:13	F2A743912D404A8866362836CFE7A648	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-02-11 15:00:13	4E6934926B4C923CC0FF61C6D77814EF	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-02-11 15:00:13	43791D2F736C4E9BE9FE0B33A1E92A5D	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-02-11 15:00:13	36F152AE2F64B12771A44EA77124332B	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-02-11 15:00:07	F312300F29620F74E3AF3AF018151935	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-02-11 15:00:07	F29BC66CE4A5507A49FB20744A056E61	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-02-11 14:59:09	E365C7B3EBB96451D3C9DF6B6B6900C2	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-02-11 14:59:09	623E143F2DF17C0106A9988F5D7DC878	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 14:59:08	0C96A745A76C7DD75C5503E86D968E49	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-02-11 14:58:43	A208DAC2932649CFF82A6A684D8BB1F6	571904	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:58:24	F5142E9A99F44F9CC19A8AF31761F7F9	3221504	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-02-11 14:58:24	B3AC14EA18DD0EE517703A86963AED18	131584	----a-w-	C:\Windows\SysWOW64\aaclient.dll
2015-02-11 14:57:04	B3BC38B886CA53C92D52EF724A9F0D45	308224	----a-w-	C:\Windows\SysWOW64\scesrv.dll
2015-02-11 08:53:20	6D227897A458DA8A9518DACDC88F1947	3917760	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 08:53:20	62C93E47A424A8EC79F3CF1719A2DCC6	3972544	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 08:53:19	97B7E7E3356F7F7FE5B948AB3ED707DD	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-02-11 08:52:27	B63A6FF4339C9B701A93D3973C7FB6D2	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-02-11 08:52:27	7C893DBA0A58855A99DA68B751FD223B	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-02-11 08:52:26	7D94A9161E8432B8521E60E064B1D737	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 08:52:25	F3F6BE20A03215209B61CA85B4A83E1F	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 08:52:25	C256EFD3655EC782F8094E96094E8F9E	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-02-11 08:52:25	A12D64A94EC57079C2D96A741CB4FF53	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-02-11 08:52:25	3BB446DE24501FEA5FDB9A9DB23A22AE	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-02-03 09:42:00	1C0E369575F387460E2A5F28269B2CC4	1247744	----a-w-	C:\Windows\SysWOW64\DWrite.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-02-13 17:54:03	16ACAA0C01F31B39F39446188F6A3593	6041600	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-02-13 17:54:02	D363FBB2D0223956FF61ADBDBF5499B1	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-02-11 15:04:12	5632EB9633EACCC323CEA2C03A0B4133	762368	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-02-11 15:04:10	EF4FA1D31D146EA0C04D16E75FCA6BCF	192000	----a-w-	C:\Windows\Sysnative\aepic.dll
2015-02-11 15:04:10	B5746809407BDEB18D9D4769CD9FF24E	414720	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-02-11 15:04:10	7F2F9AACF457CE48CDDBD643FC53487C	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-02-11 15:04:10	7150E809474BBD4D4AD24B13FA2454E5	1239720	----a-w-	C:\Windows\Sysnative\aitstatic.exe
2015-02-11 15:04:10	64EAD6C9D342E7E0CFCA3559FCBFDDAC	894976	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-02-11 15:04:10	5C09611AB8D508CC252BB2D5A069D1AC	1098752	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-02-11 15:04:09	47709F1B718859ED8AB5EA3EA3974BEB	609280	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-02-11 15:02:45	BF57C911895454A8874E9DFA5716C624	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-02-11 15:02:43	E0F76B5B904E4F448641B2B506496351	14401024	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-02-11 15:02:43	CA3F410410DE9E5234217D33B9628224	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-02-11 15:02:43	97F037E09A706ACDA681D740DEE16AE4	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-02-11 15:02:40	F42B1DAAB5B7621341243878180446CD	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-02-11 15:02:40	8076BB31004C1D763D5D4AEF9F0BDD4B	718848	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-02-11 15:02:40	512DD29CE6CDCB22EA615286DA7022E7	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-02-11 15:02:39	A7A3775B0014B165D75A00A1F632E4B5	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-02-11 15:02:39	A7814E76ED4ACE0694A83F6E4B6A7272	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-02-11 15:02:39	47162151E35EA0B7152B7C841FA21FDB	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-02-11 15:02:39	4701399F7BA312353ADE8225F6EB512B	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-02-11 15:02:38	71EBA93C5322A52A7E177E03E1AE7161	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-02-11 15:02:38	2E4F8664B54426C2F5523665B279E984	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-02-11 15:02:37	CD726C899BD9A398E8420564A957320B	25056256	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-02-11 15:02:37	A04F0C4A0B80C92F92E854E7157D6466	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-02-11 15:02:37	76DB5845E168173BBA2D3CCC4B363E42	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-02-11 15:02:37	68A2B96528F58D995882FBEB4D9658A5	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-02-11 15:02:37	4CE68D160D80AF6C9FDB5C60BA087DA5	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-02-11 15:02:37	01A314677CC80041A63ED109B56A76B0	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-02-11 15:02:32	DF39C79DFC1C063493D2DB9B3237B29F	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-02-11 15:02:32	D7922F3AC6BF1EA77240E0061D648174	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-02-11 15:02:32	7A388AFC6885D22F4D988EE9B8D1291A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-02-11 15:02:32	1D824B5A200C284E1A546C2C50704471	389808	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-02-11 15:02:27	9DFE41A69DF70AAB75CB5BA8C1109EA2	2358272	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-02-11 15:02:27	92BD5080B81EDFA32B0CEE8B923D62C3	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-02-11 15:02:27	6916B0663357B183B120D1A4DD7DDAB0	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-02-11 15:02:19	CB2528D522FF1F5A7BF9B27D2FB250FF	1548288	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-02-11 15:02:19	15842FB41A3BF2A2F5071518B38C957A	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-02-11 15:00:47	4861B9AF67E1B0154A55FDE4B3A61EB9	1424384	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2015-02-11 14:59:52	BE4927689BA39E18A104986CB1363C97	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-02-11 14:59:52	6EAD88B508E4785F4AFDFD24F76E8839	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-02-11 14:59:52	51BB93FF96AE3882B4AF7CA11000D3A3	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-02-11 14:59:52	1798826FE9FFEA9E93E74A5868559D4A	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-02-11 14:59:46	E0105F3B5B1C4B0F5B3D788A13504EC6	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-02-11 14:59:46	C97662B6752BFEF07C565D96E8ECC98F	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-02-11 14:59:46	94C6BCF9212E20866AC1558A32E9F228	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-02-11 14:59:46	857CED230A6B87E84FCA04B472A3CB1A	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-02-11 14:59:46	2EE57F4491A402C04FCAA7D012493884	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-02-11 14:58:57	7FC292D1527EDFEBA2576B6789DE6AB5	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-02-11 14:58:56	E5AF792AB409F600D416CB257C84305D	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-02-11 14:58:56	19D511CC455C19DE1ADF60E6C39C85B6	187904	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-02-11 14:58:42	AE4FEDD98096C09A8A86E021FC5E9D67	861696	----a-w-	C:\Windows\Sysnative\oleaut32.dll
2015-02-11 14:58:16	2A25F5ACA9DCAF9AE9570DED13A8E078	3722752	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-02-11 14:57:03	FE72C89986E1BA32AD926A820491F23F	406528	----a-w-	C:\Windows\Sysnative\scesrv.dll
2015-02-11 14:40:18	DF07110F77639E73D0537188703F44F6	3201536	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-02-11 08:53:21	9819614CA9EFB5A96493B379170B9D89	5554112	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-02-11 08:53:19	F7A3018D8F1825427BC11E912D5287CD	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-02-11 08:53:19	D6CDCAF84810641D1D2B455750825ACA	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-02-11 08:53:19	0147AA370862201A443752351F135D31	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-02-11 08:52:27	DDACB408E607655EC64269706BFD504C	341504	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-02-11 08:52:27	C1F9E139B8AE80803CE44DC0377CA342	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-02-11 08:52:25	A46A6C5AD462071B718EBF3C9E117849	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-02-11 08:52:25	8F33880F1863BE3925D3A0121FAC5E8F	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-02-11 08:52:25	6A06BCED1DF1CFE8A32E7D10ABAA7188	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-02-11 08:52:25	5350A548BEC957978B7014CDFF091542	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-02-11 08:52:25	22E30E28865C32C3CF4F4E0E7E277FDC	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-02-03 09:42:00	DD85F00EC31F77315AE992B7B0411D65	1643520	----a-w-	C:\Windows\Sysnative\DWrite.dll
====== C:\Windows\Sysnative\drivers =====
2015-02-11 14:59:46	E45CDE1C8340DFEDF1D6724263F39E5B	458824	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-02-11 14:59:46	C60C6B9A2E50B0404F6789C62B428C03	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-02-11 14:59:46	78D152A9FD5747FF6AA89C79F0346F62	155072	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
2015-02-14 08:01:26	5023E46E39F4BD6A3A32860FE7FF3D0E	3258	----a-w-	C:\Windows\Sysnative\Tasks\TitaniumInstaller
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-13 12:37:06	--------	d-----w-	C:\Program Files\trend micro
2015-02-13 08:27:06	--------	d-----w-	C:\Program Files\Speccy
======= C:\PROGRA~2 =====
2015-01-29 17:12:29	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-01-29 17:12:29	--------	d-----r-	C:\PROGRA~2\Skype
======= C: =====
====== C:\Users\Kaat\AppData\Roaming ======
2015-02-13 08:35:24	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-02-13 08:35:24	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-02-13 08:35:24	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-02-13 08:35:24	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-02-13 08:35:23	--------	d-----w-	C:\Users\Kaat\AppData\Local\Temp
2015-02-12 09:21:46	--------	d-----w-	C:\Users\Kaat\AppData\Local\Trend Micro
2015-02-12 02:13:43	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps
2015-02-11 15:11:12	B9A970D2A9D0644C498E6BC76DAD68A7	7632	----a-w-	C:\Users\Kaat\AppData\Local\Resmon.ResmonCfg
2015-02-04 13:48:45	--------	d-----w-	C:\Users\Kaat\AppData\Local\NPE
2015-02-04 10:07:46	--------	d-sh--w-	C:\Users\Kaat\AppData\Local\EmieBrowserModeList
2015-01-29 17:12:41	--------	d-----w-	C:\Users\Kaat\AppData\Local\Skype
2015-01-29 17:12:36	--------	d-----w-	C:\Users\Kaat\AppData\Roaming\Skype
====== C:\Users\Kaat ======
2015-02-13 12:36:51	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Kaat\Downloads\RSITx64.exe
2015-02-13 08:27:07	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-02-13 08:19:02	F5042B046AE92B0B0F978E65BC3CE62B	5135288	----a-w-	C:\Users\Kaat\Downloads\spsetup128.exe
2015-02-12 07:45:00	F38A535277E39079EF7682D657F4EB02	6630816	----a-w-	C:\Users\Kaat\Downloads\TrendMicro_MAX_8.0_US-en_Downloader (1).exe
2015-02-11 15:08:04	C0CE91058D7CB43692DD3B23284AE854	187145104	----a-w-	C:\Users\Public\Desktop\TrendMicro_MAX_8.0_US-en_64bit.exe
2015-02-11 15:07:50	--------	d-----w-	C:\ProgramData\Trend Micro Installer
2015-02-11 15:01:54	F38A535277E39079EF7682D657F4EB02	6630816	----a-w-	C:\Users\Kaat\Downloads\TrendMicro_MAX_8.0_US-en_Downloader.exe
2015-02-04 13:48:33	035E8BC9483AE4186CBEECFCA76B0032	3078800	------w-	C:\Users\Kaat\Downloads\NPE.exe
2015-02-04 09:56:02	712E61B9E470C86414F0AE63BD856A74	5514784	----a-w-	C:\Users\Kaat\Downloads\RegistryReviverSetup.exe
2015-01-29 17:56:12	--------	d-----w-	C:\Users\Kaat\Tracing
2015-01-29 17:12:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-29 17:12:14	--------	d-----w-	C:\ProgramData\Skype

====== C: exe-files ==
2015-02-13 12:37:07	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Kaat.exe
2015-02-13 12:36:51	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Kaat\Downloads\RSITx64.exe
2015-02-13 08:19:02	F5042B046AE92B0B0F978E65BC3CE62B	5135288	----a-w-	C:\Users\Kaat\Downloads\spsetup128.exe
2015-02-12 07:45:00	F38A535277E39079EF7682D657F4EB02	6630816	----a-w-	C:\Users\Kaat\Downloads\TrendMicro_MAX_8.0_US-en_Downloader (1).exe
2015-02-11 16:16:04	8DFC12E3C4D279C73E8FCD6A056BCCFA	368392	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Vizor64\TmSetACL.exe
2015-02-11 16:16:04	2A8F0EA65365660360277C0CB23FD204	333088	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Vizor64\WSCTool.exe
2015-02-11 16:16:04	15F40F83DD1CA24A8047AAEF53CA61B4	414200	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Vizor64\TiPreAU.exe
2015-02-11 16:16:03	D1DAAD63F83312AF90F1A967F679F44D	231896	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Vizor64\InstallSettingMigrate.exe
2015-02-11 16:16:03	19908EE457A038EEBE7614D49D5280D3	1171768	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Vizor64\InstallUCWrapper.exe
2015-02-11 16:16:02	A71629195CD09379D798913B81F4E02A	1811904	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\setup.exe
2015-02-11 16:16:02	5C831D082EFC573FA9A28F0467B3A85E	1052288	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\TmRhea.exe
2015-02-11 16:16:02	48AFDA70D6435788AF5EB338720CA144	3685992	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SSE2CheckTool.exe
2015-02-11 16:16:01	35E9336B47FDAE035083E2FE6DD0B291	2539096	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Vizor32\TisEzIns.exe
2015-02-11 16:15:40	FB706E6D64294E3E4FDC825E78072857	215168	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OE64\TMAS_OEMon.exe
2015-02-11 16:15:40	ED9EE96C41FD37D340ACCB360B69232B	237576	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\TiMiniService.exe
2015-02-11 16:15:40	ED253BC058D902F4BC330D703FB6A4A5	334384	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\TiResumeSrv.exe
2015-02-11 16:15:40	E2CB67129329C1A45D8E7A7DFED97963	424024	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\ShorcutLauncher.exe
2015-02-11 16:15:40	D4F6AC8B1ECEB839B4955F486352976C	1257776	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c11t1104v0.0.0l1p5889r1o1\uiSeAgnt.exe
2015-02-11 16:15:40	BF618D3F2C5B3DBB6D0A5BEFD9B75181	246304	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c11t1104v0.0.0l1p5889r1o1\uiWatchDog.exe
2015-02-11 16:15:40	BB82F54A761A595AB4AED1989C98B533	1522992	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2015-02-11 16:15:40	AC40860D0F44B62EB350AD6188430121	234184	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL\TMAS_OLImp.exe
2015-02-11 16:15:40	9D54F7DE11E82574DB10DA1A428093B8	577216	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OE64\TMAS_OEImp.exe
2015-02-11 16:15:40	979032A2A30AC691E200E8F30EDFCF5D	290840	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c11t1104v0.0.0l1p5889r1o1\WSCStatusController.exe
2015-02-11 16:15:40	91AD6492AD69332D1235FB1BE63D608B	486336	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c11t1104v0.0.0l1p5889r1o1\uiUpdateTray.exe
2015-02-11 16:15:40	83993387DD828625ADA12CABB910AD54	1136976	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OE64\TMAS_OE.exe
2015-02-11 16:15:40	75B5F215EC7D5E0F081307854198BC88	820520	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1708v0.0.0l1p5889r1o1\TmUpgrade.exe
2015-02-11 16:15:40	6E45BAF0913D645AF5B71C1D8F5718F5	1112256	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL64\TMAS_OL.exe
2015-02-11 16:15:40	600E393DABB4148C0E1C46D690D8773D	597816	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL64\TMAS_OLImp.exe
2015-02-11 16:15:40	5E4B809D39ED0EB758B4A7F07F63879B	509224	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\WLM\TMAS_WLM.exe
2015-02-11 16:15:40	592C3C2CE64B4D7BBA956DD36CA0E82F	45712	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\WLM\TMAS_WLMMon.exe
2015-02-11 16:15:40	4C1E4D120DE523D4A8DAFEF34198D5C5	324072	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1784v0.0.0l1p5889r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2015-02-11 16:15:40	42D7023856200D7DF2075069C96E55CF	508176	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL\TMAS_OL.exe
2015-02-11 16:15:40	3F0E29C0BE652F1C6CC8709BCFBD5D5B	695136	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCHandler.exe
2015-02-11 16:15:40	2A8F0EA65365660360277C0CB23FD204	333088	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\WSCTool.exe
2015-02-11 16:15:40	1FE0052F64333DC66FD3BC4E50DC5315	182744	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL64\TMAS_OLSentry.exe
2015-02-11 16:15:40	15F40F83DD1CA24A8047AAEF53CA61B4	414200	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\TiPreAU.exe
2015-02-11 16:15:40	092970886D481DCB82451DDF6067784D	47272	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1718v0.0.0l1p5889r1o1\OL\TMAS_OLSentry.exe
2015-02-11 16:15:39	D9B2312D6C4050048FFC00D6D87BD107	163920	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\OEMConsole.exe
2015-02-11 16:15:39	D7D7F68031ED719F004F7812CD05FB5C	1109552	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1786v0.0.0l1p5889r1o1\x64\product\PtUserSessionWrapper.exe
2015-02-11 16:15:39	BB98B2A92A1E9B4C3DE7D2114B691113	1787440	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1786v0.0.0l1p5889r1o1\x64\product\win32\inspect\Inspect.exe
2015-02-11 16:15:39	B360193A4101AEB1E947DE60531CB088	79456	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\PackageRemover.exe
2015-02-11 16:15:39	B0ACF3743EAE531DA3311A411008F8C5	1062376	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\Remove.exe
2015-02-11 16:15:39	AA8540AB5DEE146E4E02E08284FEC3A6	4555872	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\RescueHelper.exe
2015-02-11 16:15:39	96B08A917D5FC924BE3EBBA6D8C27C78	1266224	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1786v0.0.0l1p5889r1o1\x64\product\PtSessionAgent.exe
2015-02-11 16:15:39	847F4D1509038D7E1FA4FE1003B4BE57	376368	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1786v0.0.0l1p5889r1o1\x64\product\win32\inspect\PerfMonitor.exe
2015-02-11 16:15:39	3EA0264869E01B2A0F9D8E00EF6CAF89	459824	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1786v0.0.0l1p5889r1o1\x64\product\PtWatchDog.exe
2015-02-11 16:15:39	205F598A0765258E918DD8DA42ED03CE	1187376	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1786v0.0.0l1p5889r1o1\x64\product\PtSvcHost.exe
2015-02-11 16:15:31	EFFB589835260EAA33B16253055DB705	4727864	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\SupportTool.exe
2015-02-11 16:15:31	81867E5CCB5DC2473D0134B51E67A257	265368	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\TMSToolEx.exe
2015-02-11 16:15:31	2A8F0EA65365660360277C0CB23FD204	333088	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\WSCTool.exe
2015-02-11 16:15:24	EAA8ACC4131E2E1F3D6F06B85ABCF792	326192	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t679739392l1p5889r1o1\6.8.1125\TmExtIns.exe
2015-02-11 16:15:24	E68BBA60DDC6DC756780F2BF87E9455F	55856	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959830l1p5889r1o1\2.0.1039\TmopHookMgrHelper32.exe
2015-02-11 16:15:24	C96E43C6A34E3242B0E721A170298918	231984	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959830l1p5889r1o1\2.0.1039\TmopExtIns32.exe
2015-02-11 16:15:24	BF470EFC699380AFEA0316587D23B5C9	141360	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t679493632l1p5889r1o1\6.8.1125\tdiins.exe
2015-02-11 16:15:24	A580FCE17B3F0114B4EB996D12F8B0ED	328240	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959830l1p5889r1o1\2.0.1039\TmopExtIns.exe
2015-02-11 16:15:24	5E9D4507449588882153DF9D7D6A7B27	191024	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t679739392l1p5889r1o1\6.8.1125\ChromeExtension\TmopChromeMsgHost32.exe
2015-02-11 16:15:24	5AC2BE65E30BD8E709FC06974C6197A4	26648	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959572l-1p5889r-1o-1\1.7.1008\DREBoot64.exe
2015-02-11 16:15:24	5787768D624B2F813990394E1D6F57A0	238064	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\utilRollback.exe
2015-02-11 16:15:24	54770203D31FC76FA66D06AF8DB497FB	1038896	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959830l1p5889r1o1\2.0.1039\chromeextension\TmopChromeMsgHost32.exe
2015-02-11 16:15:24	539D5F87F802CB3E113BD1886A8182D0	308344	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\coreServiceShell.exe
2015-02-11 16:15:24	4CF4D68B065C6D7A74F2D3147598FB7C	16432	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959865l1p5889r1o1\2.5.1042\CheckUI.exe
2015-02-11 16:15:24	392E8AC85313485518C4F4E57D1EE560	832048	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959553l1p1r1o1\9.0.1069\chrome_extension2\host\chrome_native_msg_host.exe
2015-02-11 16:15:24	1D8B974A053CEC6472FC2220A1062F80	55856	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t679739392l1p5889r1o1\6.8.1125\TmopHookMgrHelper32.exe
2015-02-11 16:15:24	02AD74044BF5A3C569B2EA017AC56D34	227888	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t679739392l1p5889r1o1\6.8.1125\TmExtIns32.exe
2015-02-11 16:15:24	02AD74044BF5A3C569B2EA017AC56D34	227888	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959569l1p5889r1o1\6.8.1125\TmExtIns32.exe
2015-02-11 16:15:18	781693B7A254663E35E50FADDC2AF84A	41247152	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Components\DirectPass\TrendMicro_TMIDS_Download.exe
2015-02-11 15:08:04	C0CE91058D7CB43692DD3B23284AE854	187145104	----a-w-	C:\Users\Public\Desktop\TrendMicro_MAX_8.0_US-en_64bit.exe
2015-02-11 15:04:11	B62B7F2ACDEDF61F4DAA1FF2A6BB247A	67240	----a-w-	C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-02-11 15:04:10	7150E809474BBD4D4AD24B13FA2454E5	1239720	----a-w-	C:\Windows\System32\aitstatic.exe
2015-02-11 15:04:09	8D06AAF1723B514C412187C5B8B67EEF	46752	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2015-02-11 15:04:09	4AC38FC4C6894B21698A99B9129B1EA4	161952	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2015-02-11 15:03:04	8111C559DAD3A40200AE916874E7E62A	468992	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-02-11 15:03:03	D674809F9EC7D6A409F553C0DF91E825	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-02-11 15:02:47	28B2D3CB1B4306D476200D80AF7D87AD	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 15:02:46	363BC25BACB34E9D40441968B1B3D5BE	815288	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-02-11 15:02:43	97F037E09A706ACDA681D740DEE16AE4	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-02-11 15:02:43	3FB445C7BF7E342391FF3875413CCC33	484352	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-02-11 15:02:40	8076BB31004C1D763D5D4AEF9F0BDD4B	718848	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-02-11 15:02:39	A7814E76ED4ACE0694A83F6E4B6A7272	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-02-11 15:02:38	4089C6F953C024E16BC2361F471864D7	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-02-11 15:02:37	01A314677CC80041A63ED109B56A76B0	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-02-11 15:02:19	2D4AB594AABBEBA938F36BA1BC71C3F6	813744	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-02-11 15:01:54	F38A535277E39079EF7682D657F4EB02	6630816	----a-w-	C:\Users\Kaat\Downloads\TrendMicro_MAX_8.0_US-en_Downloader.exe
2015-02-11 15:00:13	4E6934926B4C923CC0FF61C6D77814EF	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-02-11 14:59:52	51BB93FF96AE3882B4AF7CA11000D3A3	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-02-11 14:59:46	E0105F3B5B1C4B0F5B3D788A13504EC6	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-02-11 14:38:11	FD98434B6A06FE31A35E4BFBC827B290	52040	----atw-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
2015-02-11 14:38:11	5F0A3AA68785C49454F56C9F2DDA0237	52040	----atw-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
2015-02-11 14:38:10	4C02536F4CA35911FB3EA5715F300C57	52040	----atw-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
2015-02-11 14:37:54	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
2015-02-11 14:37:39	F3B6470DA7CE34E559D3BA7365CC909C	115528	----atw-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
2015-02-11 14:37:30	323CFFFDAF253AC65CD194A101BE6231	287048	----atw-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
2015-02-11 14:37:23	83BB030C71C9727DCFB2737005772C4E	232264	----atw-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleCrashHandler.exe
2015-02-11 14:35:25	E1B44A75947137F4143308D566889837	107848	----atw-	C:\Users\Kaat\AppData\Local\Google\Update\1.3.26.9\GoogleUpdate.exe
2015-02-11 14:35:16	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Users\Kaat\AppData\Local\Google\Update\Install\{283C80B0-E843-4596-A735-BDF76090BBCC}\GoogleUpdateSetup.exe
2015-02-11 14:35:16	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Users\Kaat\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
2015-02-11 08:53:21	9819614CA9EFB5A96493B379170B9D89	5554112	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-02-11 08:53:20	6D227897A458DA8A9518DACDC88F1947	3917760	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 08:53:20	62C93E47A424A8EC79F3CF1719A2DCC6	3972544	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 08:53:19	F7A3018D8F1825427BC11E912D5287CD	296960	----a-w-	C:\Windows\System32\rstrui.exe
=== C: other files ==
2015-02-11 16:15:37	AD994C2B242EEFC565451B34E4D9BA12	3381	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\AMSPForceRemove.bat
2015-02-11 16:15:37	A250838A4FB04698F397D80E09D58B23	79	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\tool\AMSP_processes_list.bat
2015-02-11 16:15:37	804EFB9D45EE29E8429B767D9DC824BF	177	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\tool\AMSP_systeminfo.bat
2015-02-11 16:15:37	4D032D7AE1BF541DE6291D523E4DD661	70	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\tool\AMSP_registry.bat
2015-02-11 16:15:37	30F85507993D81F4D5144CD3D3493702	196	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\tool\AMSP_copy_config.bat
2015-02-11 16:15:37	1E6C1B2E400B83F6B93480C9757651D4	36	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\tool\AMSP_ipconfig.bat
2015-02-11 16:15:37	177F0C8C1ED5DA0D30D7D3476ACB7908	51	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\tool\AMSP_folder_tree.bat
2015-02-11 16:15:37	0CD79E398FCCA25546554D37EE04F4EC	3770	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\ForceRemove.bat
2015-02-11 16:15:37	0852D10B59DA00A42D0DE0CE88332857	120	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\UCPlugin\c17t1706v0.0.0l1p5889r1o1\tool\mk_debug_dir.bat
2015-02-11 16:15:30	AD994C2B242EEFC565451B34E4D9BA12	3381	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\AMSPForceRemove.bat
2015-02-11 16:15:30	A250838A4FB04698F397D80E09D58B23	79	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\tool\AMSP_processes_list.bat
2015-02-11 16:15:30	804EFB9D45EE29E8429B767D9DC824BF	177	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\tool\AMSP_systeminfo.bat
2015-02-11 16:15:30	4D032D7AE1BF541DE6291D523E4DD661	70	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\tool\AMSP_registry.bat
2015-02-11 16:15:30	30F85507993D81F4D5144CD3D3493702	196	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\tool\AMSP_copy_config.bat
2015-02-11 16:15:30	1E6C1B2E400B83F6B93480C9757651D4	36	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\tool\AMSP_ipconfig.bat
2015-02-11 16:15:30	177F0C8C1ED5DA0D30D7D3476ACB7908	51	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\tool\AMSP_folder_tree.bat
2015-02-11 16:15:30	0CD79E398FCCA25546554D37EE04F4EC	3770	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\ForceRemove.bat
2015-02-11 16:15:30	0852D10B59DA00A42D0DE0CE88332857	120	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\SupportTool\64bit\tool\mk_debug_dir.bat
2015-02-11 16:15:28	F465495492A2D40705E6590B35AEE858	107536	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t679493632l1p5889r1o1\6.8.1125\tmtdi.sys
2015-02-11 16:15:28	9A142A6AF0F9C3343D28F79340BC67B3	305832	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t570425600l1p5889r1o1\6.50.1041\tmcomm.sys
2015-02-11 16:15:28	99591D7E6D321C01EFA5A8BD89015377	37904	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959816l1p5889r1o1\1.5.1021\tmel.sys
2015-02-11 16:15:28	92DD6DB96B6119B7B0135990B61BAD64	106296	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959620l1p5889r1o1\2.0.1009\tmeevw.sys
2015-02-11 16:15:28	8DBD165ADC77EC371D51AFE06993085F	407864	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959585l1p5889r1o1\3.0.1050\tmnciesc.sys
2015-02-11 16:15:28	7CFF1C6F9471CB60DE99192A636E3EC1	106296	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959832l1p5889r1o1\2.0.1039\tmusa.sys
2015-02-11 16:15:28	6194AAA9ED24DE34F324D539E78A3E7F	108344	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959680l1p5889r1o1\2.0.1009\tmeext.sys
2015-02-11 16:15:28	5D4B89059450C580DC3DFF0FA4F59ADC	93664	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t570425600l1p5889r1o1\6.50.1041\tmevtmgr.sys
2015-02-11 16:15:28	5AD72500ABEB2DBCB35789ABA0318ECD	121944	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t570425600l1p5889r1o1\6.50.1041\tmactmon.sys
2015-02-11 16:15:28	4068D01A407C5F3B9AD3DF523E6BCEF6	50976	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\update\engine\c2t1207959844l1p5889r1o1\1.5.1017\TMEBC64.sys
2015-02-11 16:15:21	E8213D15469B2457C4178CBE9F8AF38A	170	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\debug\script\AMSP_copy_config.bat
2015-02-11 16:15:21	D94DA6C34EB7385F346FCA15EC85F212	245	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\debug\script\AMSP_registry.bat
2015-02-11 16:15:21	B113F6999C5139FEA922611AB5940529	20	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\debug\script\AMSP_ipconfig.bat
2015-02-11 16:15:21	83729C698248980FA0A016DE7E0D5CE2	91	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\debug\script\CollectICRCPerfmon.bat
2015-02-11 16:15:21	592F188323683FC4F2497C9BCDB31E04	60	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\debug\script\AMSP_processes_list.bat
2015-02-11 16:15:21	0FAA7EB13610A9BAA9C643019694FF12	159	----a-w-	C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\Setup64\AMSP\debug\script\AMSP_systeminfo.bat
2015-02-11 14:59:46	E45CDE1C8340DFEDF1D6724263F39E5B	458824	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-02-11 14:59:46	C60C6B9A2E50B0404F6789C62B428C03	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-02-11 14:59:46	78D152A9FD5747FF6AA89C79F0346F62	155072	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-02-11 14:40:18	DF07110F77639E73D0537188703F44F6	3201536	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3639994207-1689070493-774309011-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Kaat\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Kaat\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AVG_UI"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\AVG\\AVG2015\\avgui.exe\" /TRAYONLY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EADM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EADM"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Origin\\Origin.exe\" -AutoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GarminExpressTrayApp"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Kaat\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google+ Auto Backup]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google+ Auto Backup"
"hkey"="HKCU"
"command"="\"C:\\Users\\Kaat\\AppData\\Local\\Programs\\Google\\Google+ Auto Backup\\Google+ Auto Backup.exe\" /autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelPAN]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IntelPAN"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Intel\\WirelessCommon\\iFrmewrk.exe\" /tf Intel PAN Tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NUSB3MON]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NUSB3MON"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\nusb3mon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Kaat\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Kaat\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMPPALR3]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BTHSSecurityMgr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\EvtEng]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Garmin Core Update Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IconMan_R]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MyWiFiDHCPDNS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RegSrvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VAIO Event Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VAIO Power Management]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Driver Robot.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13/11/2014 08:50]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13/11/2014 08:50]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3639994207-1689070493-774309011-1000Core.job --a------ C:\Users\Kaat\AppData\Local\Google\Update\GoogleUpdate.exe [30/12/2014 17:22]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3639994207-1689070493-774309011-1000UA.job --a------ C:\Users\Kaat\AppData\Local\Google\Update\GoogleUpdate.exe [30/12/2014 17:22]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Driver Robot" [C:\Program Files (x86)\Driver Robot\Driver Robot.lnk]
"C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3639994207-1689070493-774309011-1000Core" [C:\Users\Kaat\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3639994207-1689070493-774309011-1000UA" [C:\Users\Kaat\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\TitaniumInstaller" ["C:\ProgramData\Trend Micro Installer\TrendMicro_MAX_8.0_US-en_64bit_1423671313\setup.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Logon Start" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe]
"C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Session Change" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe]
"C:\Windows\SysNative\tasks\Sony Corporation\VAIO Power Management\VPM Unlock" [C:\Program Files\Sony\VAIO Power Management\SPMgr.exe]

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111)


Google Drive - Kaat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Kaat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Kaat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Rebecca Taylor - Kaat\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahpkkfpjpdcfdkbpeoibdhfadicnhdj
AdBlock - Kaat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Kaat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo  Url="http://www.google.com/search?q={sear"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kaat\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{87801408-2EDD-4EE4-9F53-471BF1F508AB}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE0D9F3F-67BB-45DE-86C7-ABBE79AE78DE}: NameServer = 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kaat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kaat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Kaat\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=98 folders=45 56966969 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kaat\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Kaat\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on za 14/02/2015 at 18:10:09,70 ======================