
Zoek.exe v5.0.0.0 Updated 05-March-2015
Tool run by ikke on wo 11/03/2015 at  9:47:39,73.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\ikke\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-03-08-172138.log	48054 bytes
C:\zoek-results2015-03-09-114212.log	34309 bytes

==== Empty Folders Check ======================

C:\Program Files\Bitdefender deleted successfully
C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\ikke\AppData\Roaming\QuickScan deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\VyprVPN\VyprVPN.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\ikke\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default

---- Lines zonealarm removed from prefs.js ----
user_pref("browser.search.selectedEngine", "Search By ZoneAlarm");
user_pref("extensions.dntp.addonId", "ffxtlbr@zonealarm.com");
user_pref("extensions.ffxtlbr@zonealarm.com.conflict.checked", "true");
user_pref("extensions.zonealarm.admin", false);
user_pref("extensions.zonealarm.aflt", "1001");
user_pref("extensions.zonealarm.appId", "{C56C48A0-DA4E-46F6-9859-1553DC865F84}");
user_pref("extensions.zonealarm.autoRvrt", "false");
user_pref("extensions.zonealarm.cntry", "NL");
user_pref("extensions.zonealarm.dfltLng", "EN");
user_pref("extensions.zonealarm.dfltSrch", true);
user_pref("extensions.zonealarm.dnsErr", true);
user_pref("extensions.zonealarm.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,7
user_pref("extensions.zonealarm.dspFFXOld", "");
user_pref("extensions.zonealarm.excTlbr", false);
user_pref("extensions.zonealarm.ffxUnstlRst", false);
user_pref("extensions.zonealarm.hdrMd5", "EC74FFF0210195E360DAAFBFE275B800");
user_pref("extensions.zonealarm.hmpg", true);
user_pref("extensions.zonealarm.hmpgUrl", "http://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=760532e846594f7e907ec5f4568a01ec&tu=10G9y00Im2D33N0
user_pref("extensions.zonealarm.hpFFXOld", "google.com");
user_pref("extensions.zonealarm.hpOld0", "google.com");
user_pref("extensions.zonealarm.id", "0a0a578d00000000000018a9052ed067");
user_pref("extensions.zonealarm.instlDay", "16504");
user_pref("extensions.zonealarm.instlRef", "ZLN127242541656776-1001");
user_pref("extensions.zonealarm.kw_url", "http://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&gu=760532e846594f7e907ec5f4568a01ec&tu=10G9y00Im2
user_pref("extensions.zonealarm.lastB", "google.com");
user_pref("extensions.zonealarm.lastVrsnTs", "1.8.29.1712:09:10");
user_pref("extensions.zonealarm.newTab", true);
user_pref("extensions.zonealarm.newTabUrl", "http://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=EN&gu=760532e846594f7e907ec5f4568a01ec&tu=10G9y00Im2D33
user_pref("extensions.zonealarm.prdct", "zonealarm");
user_pref("extensions.zonealarm.prtnrId", "checkpoint");
user_pref("extensions.zonealarm.rvrt", "false");
user_pref("extensions.zonealarm.sg", "NewUSR");
user_pref("extensions.zonealarm.smplGrp", "NewUSR");
user_pref("extensions.zonealarm.srchPrvdr", "Search By ZoneAlarm");
user_pref("extensions.zonealarm.tlbrId", "HFA5");
user_pref("extensions.zonealarm.tlbrSrchUrl", "http://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=760532e846594f7e907ec5f4568a01ec&t
user_pref("extensions.zonealarm.vrsn", "1.8.29.17");
user_pref("extensions.zonealarm.vrsnTs", "1.8.29.1712:09:10");
user_pref("extensions.zonealarm.vrsni", "1.8.29.17");
---- Lines zonealarm removed from user.js ----

user_pref("extensions.zonealarm.hpOld0", "google.com");
user_pref("extensions.zonealarm.tlbrSrchUrl", "http://search.zonealarm.com/search?src=tb&tbid=HFA5&Lan={dfltLng}&gu=760532e846594f7e907ec5f4568a01ec&tu=10G9y00Im2D33N0&sku=&tstsId=&ver=&&q=");
user_pref("extensions.zonealarm.id", "0a0a578d00000000000018a9052ed067");
user_pref("extensions.zonealarm.appId", "{C56C48A0-DA4E-46F6-9859-1553DC865F84}");
user_pref("extensions.zonealarm.instlDay", "16504");
user_pref("extensions.zonealarm.vrsn", "1.8.29.17");
user_pref("extensions.zonealarm.vrsni", "1.8.29.17");
user_pref("extensions.zonealarm.vrsnTs", "1.8.29.1712:09:10");
user_pref("extensions.zonealarm.prtnrId", "checkpoint");
user_pref("extensions.zonealarm.prdct", "zonealarm");
user_pref("extensions.zonealarm.aflt", "1001");
user_pref("extensions.zonealarm.smplGrp", "NewUSR");
user_pref("extensions.zonealarm.tlbrId", "HFA5");
user_pref("extensions.zonealarm.instlRef", "ZLN127242541656776-1001");
user_pref("extensions.zonealarm.dfltLng", "EN");
user_pref("extensions.zonealarm.excTlbr", false);
user_pref("extensions.zonealarm.ffxUnstlRst", false);
user_pref("extensions.zonealarm.admin", false);
user_pref("extensions.zonealarm.autoRvrt", "false");
user_pref("extensions.zonealarm.rvrt", "false");
user_pref("extensions.zonealarm.hmpg", true);
user_pref("extensions.zonealarm.hmpgUrl", "http://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=760532e846594f7e907ec5f4568a01ec&tu=10G9y00Im2D33N0&sku=&tstsId=&ver=&");
user_pref("extensions.zonealarm.dfltSrch", true);
user_pref("extensions.zonealarm.srchPrvdr", "Search By ZoneAlarm");
user_pref("extensions.zonealarm.kw_url", "http://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&gu=760532e846594f7e907ec5f4568a01ec&tu=10G9y00Im2D33N0&sku=&tstsId=&ver=&&q=");
user_pref("extensions.zonealarm.dnsErr", true);
user_pref("extensions.zonealarm.newTab", true);
user_pref("extensions.zonealarm.newTabUrl", "http://search.zonealarm.com/?src=nt&tbid=HFA5&Lan=EN&gu=760532e846594f7e907ec5f4568a01ec&tu=10G9y00Im2D33N0&sku=&tstsId=&ver=&");

---- FireFox user.js and prefs.js backups ---- 

user_20151103_1007_.backup
prefs_20151103_1007_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
C:\windows\SysNative\Tasks\avast! Emergency Update deleted
"C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default\searchplugins\zonealarm.xml" deleted
"C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default\searchplugins\zonealarm.xml" deleted
"C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default\searchplugins\zonealarm.xml" deleted
"C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default\searchplugins\zonealarm.xml" deleted
"C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default\searchplugins\zonealarm.xml" deleted

==== System Specs ======================

Operating System: Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 64-bit
Manufacturer: Compaq-Presario - Model: WC692AA-UUG CQ5340BE
Install Date: 31/01/2015 18:40:19
Last Boot: 11/03/2015 9:34:20
Processor: Intel(R) Celeron(R) CPU        E3300  @ 2.50GHz
Number of Processors: 2
Work Station
Bootmode: Normal boot
Total RAM: 4061 MB (free 2448 MB - 60)
Computername: IKKE-PC
Domain: WORKGROUP
User: ikke (Administrator account)
Local Disk:        C:\ - NTFS - 931 GB (free 480 GB)
CD \ DVD Drive:    D:\ 
Removable Disk:    E:\ -  -  GB (free  GB)
Bootdevice: \Device\HarddiskVolume1
Windows update: 
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Firewall: ZoneAlarm Free Firewall Firewall disabled
Default Browser: Firefox	36.0.1
Internet Explorer Version: 10.0.9200.17267 
Mozilla Firefox version: 36.0.1 (x86 nl)
Google Chrome version: 41.0.2272.76
Sun Java version: 1.8.0_40 (32-bit) 
Sun Java version: 1.8.0_40 (64-bit) 
Flash Player version: 16.0.0.305

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-03-10 11:10:53	C4B680AA8A352611D0C70E680A87E367	43112	----a-w-	C:\Windows\avastSS.scr
2015-03-09 23:20:27	9130CCE19B5DB3D2E31F9F789263FC4A	511328	----a-w-	C:\Windows\capicom.dll
2015-02-11 16:44:23	3F535687772ABD0F4A953F75E0711CDD	525508562	----a-w-	C:\Windows\MEMORY.DMP
====== C:\Users\ikke\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-03-11 08:01:58	ABB358777FDF4AF51B2FE26137D2B8D4	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-03-11 08:01:58	965D6A2B30A95A9F7EF13653988D3D9F	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:01:58	55273844B66D77A2F1A2213C17A9EA4A	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:01:58	274F0540FD4C88FC845C94CA1569688A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-03-11 08:01:58	01D9C9A70323BC7E5835B92442DD7EC2	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-03-11 08:01:46	DCC148408770F2D55B201F8FC26438A1	988160	----a-w-	C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 08:01:46	003C51B9FE38287BA4E0E58D3AE080BD	744960	----a-w-	C:\Windows\SysWOW64\blackbox.dll
2015-03-11 08:01:44	B378B6A865C28CE5C1E23C35760A1199	11411968	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-03-11 08:01:44	833FCABCB5D95B1911BA6E62FC82AC04	617984	----a-w-	C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 08:01:44	5B0C6247027FCF5A2E2F150E298D2FFA	3209728	----a-w-	C:\Windows\SysWOW64\mf.dll
2015-03-11 08:01:43	BB73C907D1BD437B6C30F2C23BB089FC	406016	----a-w-	C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 08:01:43	74264B7F57A16D25CB581C07964D324A	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-03-11 08:01:42	6C2D4DC5D2E271F4AE4016FD4587B0B2	3973048	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 08:01:42	2CFE69A0A8AFDA8DB9A773D728000BB7	3917760	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 08:01:41	96DB6A923DEDB58FC7CBBF5CFF73314D	1329664	----a-w-	C:\Windows\SysWOW64\quartz.dll
2015-03-11 08:01:41	2D4814D567E5A85C473228BA772A7AFB	489984	----a-w-	C:\Windows\SysWOW64\evr.dll
2015-03-11 08:01:40	C5667EE72D7364BE81516C0707FEF724	354816	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2015-03-11 08:01:40	B7D2BB84C590F0AE9DA51DBB065A780E	1005056	----a-w-	C:\Windows\SysWOW64\cryptui.dll
2015-03-11 08:01:40	B54FD1991E659FD61EF1D34EC27AAECD	81408	----a-w-	C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 08:01:39	98C1191C862B44567FCF3C18BAEE859E	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2015-03-11 08:01:38	D5EC42139D6A6158CF188975C50B6A60	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-03-11 08:01:38	70E96EBE87A38857619671FCB9C8EC7B	265216	----a-w-	C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 08:01:38	49474B3E37969AF4B5C076F42B623AFF	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 08:01:38	3BAA4BAE71460C5CEB40D5E9339A61BC	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 08:01:38	320A8699369C43CF53B2DB4538D17C52	504320	----a-w-	C:\Windows\SysWOW64\msscp.dll
2015-03-11 08:01:38	2D21189858856316D55EAD55DF4964C2	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 08:01:37	FCD5137A10C8943B34C9BE891C50159F	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 08:01:37	E0AB9CA912398BE1AAD14FF7AD75C397	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2015-03-11 08:01:37	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 08:01:37	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 08:01:37	AF47EAA4ADDA9AA221FB7647EE22BF53	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2015-03-11 08:01:37	A56F4029FDCF4F817E78953CDA953E28	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 08:01:37	A4A2EFB40015B76467F09E6DC388BC26	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-03-11 08:01:37	8B07DBA0D77346545C6359AC67DCB980	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-03-11 08:01:37	50B8937A81360D16A5C772302BD32CFE	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 08:01:37	49F4EE8DF752CFA159B99046CD1FDD2B	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 08:01:37	08FF727297A97907AADED4BA86CF44E9	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 08:01:36	7C1CADCA0E674212412559B0EAD0919A	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 08:01:34	2F3CE58D8C276570EEB69C99CFBAFD58	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2015-03-11 08:00:49	B804EAA9E037580F96C22537C2ECB62A	171520	----a-w-	C:\Windows\SysWOW64\ubpm.dll
2015-03-11 08:00:47	340EECB781E6C06A6171B3068DA208AD	12875264	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-03-11 08:00:42	D5063B86DC3F85B93D02AF68099F4C9A	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:00:42	C7D334A01C66BF07B92D04CD7A981B7F	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 08:00:42	69925A266D265DAD96C6FCBB861FA5CD	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-03-11 08:00:41	B06A4105DD22E91A1D922D7310803140	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 08:00:41	ACD0CA819E279E1C17BE5C8A077EF448	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-03-11 08:00:41	84974782ED5D108DA2EFAF3C6534A760	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-03-11 08:00:41	7A71DA6D6F75AB73475128F787DD8EAD	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 08:00:41	7407DDA27838C393DE67A0BDCDD044D0	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-03-11 08:00:41	5E76C26CAE2810EA71C161ED9A2CF0D1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-03-11 08:00:41	4E15E2D20AE755FDEACD96F359F732DB	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-03-11 08:00:41	30F5B3E28636009A0B194057AAE4392A	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-03-11 08:00:41	04934912B1317F2F8816208067A32B96	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-03-11 08:00:41	0485899A035E02C53014C0545D912405	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-03-11 08:00:22	836E4983088DD3723F0B3D9BABA63E97	14380544	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-03-11 08:00:20	E7AFA1051FBD3069F26B5049F146EBB2	13768704	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-03-11 08:00:19	D5E47A6DAAAEFDF998D7680ED2EA86DF	2055680	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-03-11 08:00:19	A83DD99122386F1368D93D7A733E3302	523776	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-03-11 08:00:19	990E995A16A9C2BA88CA0E60E7894AA9	1181696	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-03-11 08:00:19	7FBC8607D89C3EA54A764C6331C99D6D	1763328	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-03-11 08:00:18	1EB6F9DBD04FFDFCF5B93909901560AC	493056	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 08:00:17	E8A033B53086430DA6B48F28B6EC63A2	226816	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 08:00:17	B8E5AA21DEDCBB962DF5F04C6D134DA6	391168	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-03-11 08:00:17	A4FBF52C79893152D57C7F6A2AAC0C83	1441280	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 08:00:17	423DFEDEE363F06C05AC593B6205F4A3	2864640	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-03-11 08:00:17	23A43E791BB4B8D702DE37E718B515A8	163840	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-03-11 08:00:17	000D418931B930BE6769712F86CC6B60	109056	----a-w-	C:\Windows\SysWOW64\iesysprep.dll
2015-03-11 08:00:16	F63F71027A4A57A69DFEE2E9F920747B	80384	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 08:00:16	EBE016639BF5BDB2E7226483B700E7EE	61440	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-03-11 08:00:16	DDF5BC96A7BC55971952CCEB5F92A736	357888	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 08:00:16	8D0494E8410852943FF43A368217FF66	690688	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-03-11 08:00:16	7492246CF5E309E7B9B1EA3354819C0E	33280	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-03-11 08:00:16	4ABDF4F6DF951160F95D5A45D7355C34	226816	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 08:00:16	0ED74EEC57380E673FF9F2604DFC00B0	39936	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 08:00:15	E1F65EEE4C839DDAF133392E14B0AF72	71680	----a-w-	C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-11 08:00:15	CD38AFE2191248AAFAEECCE0A8E1B58E	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 08:00:15	96563FAC4ABF52A16BF6668B7399D6B7	361984	----a-w-	C:\Windows\SysWOW64\html.iec
2015-03-11 07:56:07	84B460BB65567ED42DD605FA044DB370	828928	----a-w-	C:\Windows\SysWOW64\msctf.dll
2015-03-11 07:56:05	5F3628DCF926C4499BE1DC74431DFBC8	1230848	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 07:53:40	9566C8BBD2271A7962D4432A624762AD	417792	----a-w-	C:\Windows\SysWOW64\WMPhoto.dll
2015-03-09 23:20:27	CA8ADEB78507D4507B6F4B1F8D9B7827	74512	----a-w-	C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-03-06 17:14:32	3546C72E1711407A491C67F32314BCC3	765656	----a-w-	C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-25 19:21:53	E51B539FEC6A6485289F650E5E7D5156	701616	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-25 19:21:53	4713ED2510365E9102172816D2CFB832	71344	----a-w-	C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-25 19:08:08	383E47A28061BC24CE486FE02726524C	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-25 18:38:24	3B9E2AB1F3ABC53D4A423E699EB625C8	419936	----a-w-	C:\Windows\SysWOW64\locale.nls
2015-02-25 18:14:57	DDE994E9159497D0D5AB2CDF66D1EAD6	76800	----a-w-	C:\Windows\SysWOW64\wdi.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-11 08:01:58	F351B0E520502552734BE70AA5940784	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-03-11 08:01:58	DB0BD8B8D68D8211CA23FBE52DACE549	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-03-11 08:01:58	85D3E918658C2766780F7DEE5F8FBE57	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-03-11 08:01:58	39A108604F51821F6F4E2001E9A1CB60	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-03-11 08:01:58	1307814243F21EB129852D59B5AB37FB	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-03-11 08:01:46	DF6104DCED89E13A78BA5539CEF5100A	1202176	----a-w-	C:\Windows\Sysnative\drmv2clt.dll
2015-03-11 08:01:46	A53A63831185FF5339E76221BE45E6B9	842240	----a-w-	C:\Windows\Sysnative\blackbox.dll
2015-03-11 08:01:45	BD311BB00DD0D656C091AC8888C2369D	14632960	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-03-11 08:01:45	7F4D59E70DD6E757E96B40570B498D5C	782848	----a-w-	C:\Windows\Sysnative\wmdrmsdk.dll
2015-03-11 08:01:44	FDA5F186596288F0B9ECE9DC7A5AA868	5554104	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-03-11 08:01:43	B2F02AB28864B6D5B5B9BEDA565D41BB	497664	----a-w-	C:\Windows\Sysnative\drmmgrtn.dll
2015-03-11 08:01:43	8DFDB70E3E56C2F1AE09CB3C03E266E5	1574400	----a-w-	C:\Windows\Sysnative\quartz.dll
2015-03-11 08:01:43	3FECBED0EACABD22E024EF4E50CF987B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-03-11 08:01:42	5FFEE6CA63E27CBA1F32002743E58F3C	631808	----a-w-	C:\Windows\Sysnative\evr.dll
2015-03-11 08:01:42	410F6B1BE785F3630B4782F8E3D85A24	1069056	----a-w-	C:\Windows\Sysnative\cryptui.dll
2015-03-11 08:01:41	73D81B5B4B2655CB1B5662E770F755D5	532176	----a-w-	C:\Windows\Sysnative\winresume.exe
2015-03-11 08:01:41	6AEEC5677AD522786CED371A7BEE620C	616360	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-03-11 08:01:41	0BC72EA80234382701EAFC1BE0ECD7E4	432128	----a-w-	C:\Windows\Sysnative\mfplat.dll
2015-03-11 08:01:40	F88B4A9EA1A956F09D5001D08B546228	641024	----a-w-	C:\Windows\Sysnative\msscp.dll
2015-03-11 08:01:40	DB2D62AA2DF6B1F3D690A9EC9701AA2C	188416	----a-w-	C:\Windows\Sysnative\pcasvc.dll
2015-03-11 08:01:40	94BC902494AFC9F5EBC5FBB61445D73F	82432	----a-w-	C:\Windows\Sysnative\cryptsp.dll
2015-03-11 08:01:40	29143C7827F9F2AC543E792A8C63FBB0	4121600	----a-w-	C:\Windows\Sysnative\mf.dll
2015-03-11 08:01:39	B7E752FFD95DC61FCB7A6E70E37175E5	693176	----a-w-	C:\Windows\Sysnative\winload.efi
2015-03-11 08:01:39	AE66D26930CA536706078537CB5AC840	325632	----a-w-	C:\Windows\Sysnative\msnetobj.dll
2015-03-11 08:01:39	7A4064169FBA91F39DB1FDC094A18DA8	619056	----a-w-	C:\Windows\Sysnative\winload.exe
2015-03-11 08:01:38	C0AE7ABD87254B2789C8CB34AF274A65	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2015-03-11 08:01:38	999A7FD4D9F8B1656F1167D94743E50A	457400	----a-w-	C:\Windows\Sysnative\ci.dll
2015-03-11 08:01:38	93C7D1C3941086162B433107D9E8BCE3	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-03-11 08:01:38	7BC64DEEFD0E6812E21DE89F0CF50A49	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2015-03-11 08:01:38	72D4757510FDA69D729169C00AFC211E	32256	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2015-03-11 08:01:38	6E974F1C384615DEB0710E44F4847351	126464	----a-w-	C:\Windows\Sysnative\audiodg.exe
2015-03-11 08:01:38	6968D02DC38757C3FBE7ED7C2F9670AA	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-03-11 08:01:38	577D0B947B49DB83E2054FA169B2ECBF	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-03-11 08:01:38	483221CC1AAC288368292899E32B6B9B	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-03-11 08:01:38	3A7BC2DC99D3C5B172465E890B3C3B14	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2015-03-11 08:01:38	3029D8E78E4BF18A0551E22CD4CB892C	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
2015-03-11 08:01:38	27793FE3FF2D0123896D1A01A2D222C7	37376	----a-w-	C:\Windows\Sysnative\pcadm.dll
2015-03-11 08:01:38	1CD76A83B9E8E9A5A3519B39E28354D9	187904	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-03-11 08:01:38	1BE9877B199184D7657BC4CFCB7B4A99	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-03-11 08:01:37	FE03B35A22C3D2714B494FC2AB32AC5B	8704	----a-w-	C:\Windows\Sysnative\pcaevts.dll
2015-03-11 08:01:37	F43B09E257121ADC501ABE9367FAA850	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-03-11 08:01:37	ED6BF1E1C4F40F600DFEC0CB101A1789	9728	----a-w-	C:\Windows\Sysnative\pcalua.exe
2015-03-11 08:01:37	EA285B947EE48103697CDA53D76C9EEC	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2015-03-11 08:01:37	DBCD54B841F2B216B2F0F86E18205C22	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-03-11 08:01:37	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-03-11 08:01:37	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-03-11 08:01:37	CBE684883A45E5B047DA6B4AC46C2112	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2015-03-11 08:01:37	C4937B9D6EF4D309A60054D4D00EE9DB	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2015-03-11 08:01:37	BE7DA70C9F4A97CCA9ED78B70BCFC9AC	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-03-11 08:01:37	A84C94CF795E08BBB99E4E145F9E81A3	11264	----a-w-	C:\Windows\Sysnative\pcawrk.exe
2015-03-11 08:01:37	947938F265D7CB99653CDFF2B3C0468D	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2015-03-11 08:01:37	84DB8EB3C184BB549ED90A842020F278	58880	----a-w-	C:\Windows\Sysnative\appidapi.dll
2015-03-11 08:01:37	63D3C30B497347495B8EA78A38188969	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-03-11 08:01:37	589852B65C91F574E980ABDB8205080A	146944	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2015-03-11 08:01:37	56FD1BC602EE0E7949F92EE2EE327B72	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2015-03-11 08:01:37	29088A5723C81BF75AD909AAB6A91610	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-03-11 08:01:37	0F79883E27BB1AFE2D9BB4656A1CEFCD	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-03-11 08:01:37	00EE5D3E16D42F25F7813ACFA10EC803	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2015-03-11 08:01:36	77D49942BD5DC97723ABC8A6D2757B6E	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-03-11 08:01:34	8364A0F7633414DC5C50A37295B1FAFF	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2015-03-11 08:00:49	1FB81632476857E8451DDA8A456EF3CE	215552	----a-w-	C:\Windows\Sysnative\ubpm.dll
2015-03-11 08:00:47	01F9FEB7F0C84EA1AC6A9B4D7C6B0435	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-03-11 08:00:42	DB2904A4CEBC39DF8892A613BEC71512	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-03-11 08:00:42	9B644AC070576AAE701910874C241DBD	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-03-11 08:00:42	6536829F6EA1149527728A210F493B79	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-03-11 08:00:42	3807605BDA83C0DA729A5219CEBB9041	341504	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-03-11 08:00:42	28CC69865D5DC458EDDCEA35F01D71DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-03-11 08:00:42	1DB278E5834B08F9A184F953F2D31FF7	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-03-11 08:00:41	FB95F6E11AAD62F24C2DB01E6E9D7BE7	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-03-11 08:00:41	E1404987DCD392AF9D67F6A26CE21175	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-03-11 08:00:41	B6C7729936AAF8E0697F0A7DCA82CED8	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-03-11 08:00:41	92F920EE9EAF7306B4AB8124D474AB52	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-03-11 08:00:41	7BC39275661EA7DEE54135AA26DF733E	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-03-11 08:00:41	65CF54B1D8CB1B085B6D8BC210E2C45F	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-03-11 08:00:41	54CD467B3A6DA02E9449DB7FB1830612	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-03-11 08:00:41	543553AD3E30CB261C8B436DF644F23E	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-03-11 08:00:41	473BCBFFC55C9FE33D502035322E759D	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-03-11 08:00:41	378B175D0F0A1C38026F280BF6C8D0C6	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-03-11 08:00:24	43818B5022CC69DC3B12D6A0C4235304	19301888	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-03-11 08:00:21	A45BCDB46E58247B36CA1D9DF23A60F1	15410688	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-03-11 08:00:20	D1E29FA71121ADE78838A95A807964FC	2237952	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-03-11 08:00:19	F6EDC01117DDAD4D4925F7DEFFA9339C	2656256	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-03-11 08:00:19	EE9AEAB0D63C7B0BD0BA50D708ECD85E	1409024	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-03-11 08:00:18	5AA9114471A1DBA082C33D8BA9564B09	97280	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-03-11 08:00:18	53084CFC7B132AAFD36CE20D12D7D398	603136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-03-11 08:00:18	30831F39E8643EEF33DDEAD63A19260A	855552	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-03-11 08:00:18	0850B24B9C722F47BEF12E0B42F38F98	600576	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-03-11 08:00:17	E70E0FC6912E9F36A85DFF3DD15594DA	255488	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-03-11 08:00:17	58A053AB6D70B72FF984D85BD317FBD1	526336	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-03-11 08:00:17	42500995A17983A275267340C13E664D	136704	----a-w-	C:\Windows\Sysnative\iesysprep.dll
2015-03-11 08:00:17	385EC6885C3D750DC88CC6AF2520B2F0	1509376	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-03-11 08:00:17	29912ECBB0D697221072F7B602765B9F	281600	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-03-11 08:00:16	E029990E88DC9D793FB10EB2082FDADD	51712	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-03-11 08:00:16	C09B740E2615F410BC6D7A337565E33F	3959296	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-03-11 08:00:16	B0A544DC31E911712A99A55EC22820F5	39936	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-03-11 08:00:16	8A719F1DC93B17F97DE4CAFF38B3405D	67072	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-03-11 08:00:16	7C6FAE780C49FE64E077367155C1E4AE	53760	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-03-11 08:00:16	2AF78B1E4D2FBED75F19612860EA91AD	197120	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-03-11 08:00:16	27718CAB1BE0A9370203F0E7FAF54117	451584	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-03-11 08:00:15	F7DB69348051F72F7C41F090AC4D3038	89600	----a-w-	C:\Windows\Sysnative\RegisterIEPKEYs.exe
2015-03-11 08:00:15	C326640B06C255C123AEFD15A3C5A974	441856	----a-w-	C:\Windows\Sysnative\html.iec
2015-03-11 08:00:15	424D3CEBF9C34C556CB477BE22C4DAA7	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-03-11 07:56:07	E88A78273D429554B6B2D2BDA945ED9B	1067520	----a-w-	C:\Windows\Sysnative\msctf.dll
2015-03-11 07:56:05	0A4D03A4C0F908B15B8A4C48FB18F197	1424896	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2015-03-11 07:56:03	A0DEE06D68F210CA090FD4D9A33CDC12	3204096	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-03-11 07:53:40	CBA2694BFC61F371181F2BE2BCD66C40	465920	----a-w-	C:\Windows\Sysnative\WMPhoto.dll
2015-03-10 11:11:04	6568873240CDAA472C936B1EB92154E8	364472	----a-w-	C:\Windows\Sysnative\aswBoot.exe
2015-03-09 23:51:27	FC0D46CEDD512BD18BC055D2AF6CEB2C	74000	----a-w-	C:\Windows\Sysnative\bdsandboxuiskin32.dll
2015-03-09 23:51:20	8612E569F2C1AE5D6DAC60B86AB8732E	84848	----a-w-	C:\Windows\Sysnative\bdsandboxuiskin.dll
2015-03-09 23:20:56	4E8F2BB3A5A87E75C35533723B50E685	385	----a-w-	C:\Windows\Sysnative\user_gensett.xml
2015-03-09 23:20:35	4DA5DA193E0E4F86F6F8FD43EF25329A	1721576	----a-w-	C:\Windows\Sysnative\WdfCoInstaller01009.dll
2015-03-09 23:17:48	2A45EA035B498EFF282658D15D3A11AC	33360	----a-w-	C:\Windows\Sysnative\bdsandboxuh.dll
2015-02-25 18:38:24	3B9E2AB1F3ABC53D4A423E699EB625C8	419936	----a-w-	C:\Windows\Sysnative\locale.nls
2015-02-25 18:14:59	AA7079AD52B8BFBAE94167D54C32F84F	29696	----a-w-	C:\Windows\Sysnative\powertracker.dll
2015-02-25 18:14:58	D713D6446DDBB474D801F361B4B186EA	950272	----a-w-	C:\Windows\Sysnative\perftrack.dll
2015-02-25 18:14:57	C6F7473B55510F0B93961DA03D8E3B38	91136	----a-w-	C:\Windows\Sysnative\wdi.dll
====== C:\Windows\Sysnative\drivers =====
2015-03-11 08:01:43	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-11 08:01:40	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-11 08:01:38	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-03-11 08:00:42	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-11 08:00:42	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-03-11 08:00:42	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-03-10 11:11:14	8CDA894FA86D03FB43063D5FD85EFCAE	136752	----a-w-	C:\Windows\Sysnative\drivers\aswStm.sys
2015-03-10 11:11:13	11644D8399F4AC8BB12C2364DCB87CB4	268640	----a-w-	C:\Windows\Sysnative\drivers\aswVmm.sys
2015-03-10 11:11:12	3A145C94A519E52FE7E99460DD0DF53C	441728	----a-w-	C:\Windows\Sysnative\drivers\aswSP.sys
2015-03-10 11:11:11	713AFFD4E38553AEF04617C985B4030B	65736	----a-w-	C:\Windows\Sysnative\drivers\aswRvrt.sys
2015-03-10 11:11:10	245D3A0670491E1F88759EC45C9F7314	88408	----a-w-	C:\Windows\Sysnative\drivers\aswMonFlt.sys
2015-03-10 11:11:09	BC18D5B42B19564BA09156410E1FB9BE	93528	----a-w-	C:\Windows\Sysnative\drivers\aswRdr2.sys
2015-03-10 11:11:09	BA4B999D245287608A79C92CDAE6F3C1	29168	----a-w-	C:\Windows\Sysnative\drivers\aswHwid.sys
2015-03-10 11:11:06	669F6B37965756E407B447272B5EE39F	1047320	----a-w-	C:\Windows\Sysnative\drivers\aswSnx.sys
2015-03-10 11:10:21	E12DB53A9457CA44FC4C93AAE0C3BCCE	431395	----a-w-	C:\Windows\Sysnative\drivers\vsconfig.xml
2015-03-10 11:05:18	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-03-10 11:04:59	CA43F8904E24BBE49982E4C0B29E6579	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-03-10 11:04:59	A646C2DDB8C46E9B20A326FAF566646C	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-03-10 11:04:59	0307CF4184F4F22DB75F36ACCCEF7ED1	107736	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-03-09 23:20:39	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf
2015-02-24 19:12:58	DF56B9F206B99020D79AC560622F8F91	44896	----a-w-	C:\Windows\Sysnative\drivers\tapvyprvpn.sys
====== C:\Windows\Tasks ======
2015-02-26 12:33:38	7262B151C5C2B140FFF0666AC0405A6D	4048	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2015-02-26 12:33:38	6024FBD7E02AEF7FE5D30D19D9CD5EBE	1052	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-26 12:33:37	92D547CEEF9F0066D9CC79A8C47DBF5E	3796	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2015-02-26 12:33:36	D2F00F142E45548C4AFC4ABFB07900C1	1048	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-25 19:21:55	8FFBA54DC328E88E2ED78F18F23FFE50	830	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-25 19:21:55	1D92BFD850526ABDC2D0B5252F332538	3768	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-03-09 21:59:57	--------	d-----w-	C:\Program Files\Common Files\Bitdefender
2015-03-06 11:44:08	--------	d-----w-	C:\Program Files\trend micro
2015-03-04 11:38:44	--------	d-----w-	C:\Program Files\Realtek
2015-03-01 16:22:32	--------	d-----w-	C:\Program Files\Adobe
2015-03-01 16:15:45	--------	d-----w-	C:\Program Files\Common Files\Adobe
2015-02-27 13:19:34	--------	d-----w-	C:\Program Files\CamStudio 2.7
2015-02-25 19:36:27	--------	d-----w-	C:\Program Files\Visicom Media
2015-02-20 21:46:35	--------	d-----w-	C:\Program Files\Sonic Charge
2015-02-20 12:28:36	--------	d-----w-	C:\Program Files\iPod
2015-02-20 12:28:35	--------	d-----w-	C:\Program Files\iTunes
======= C:\PROGRA~2 =====
2015-03-11 07:40:22	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-03-10 11:09:02	--------	d-----w-	C:\PROGRA~2\CheckPoint
2015-03-06 17:07:52	--------	d-----w-	C:\PROGRA~2\VyprVPN
2015-03-01 16:20:46	--------	d-----w-	C:\PROGRA~2\Adobe
2015-03-01 16:10:58	--------	d-----w-	C:\PROGRA~2\COMMON~1\Adobe
2015-02-28 16:56:22	--------	d-----w-	C:\PROGRA~2\XviD
2015-02-28 16:56:02	--------	d-----w-	C:\PROGRA~2\Screen Recorder
2015-02-28 10:01:31	--------	d--h--w-	C:\PROGRA~2\Temp
2015-02-26 12:33:30	--------	d-----w-	C:\PROGRA~2\Google
2015-02-25 19:36:57	--------	d-----w-	C:\PROGRA~2\ManyCam
2015-02-25 19:07:36	--------	d-----w-	C:\PROGRA~2\Java
2015-02-25 19:03:38	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-02-25 19:03:36	--------	d-----r-	C:\PROGRA~2\Skype
2015-02-20 12:28:37	--------	d-----w-	C:\PROGRA~2\iTunes
2015-02-20 10:26:39	--------	d-----w-	C:\PROGRA~2\Origin
2015-02-16 19:36:33	--------	d-----w-	C:\PROGRA~2\GMT-MAX.ORG
2015-02-13 11:23:39	--------	d-----w-	C:\PROGRA~2\Audacity
2015-02-10 12:27:27	--------	d-----w-	C:\PROGRA~2\Reveal Sound
======= C: =====
====== C:\Users\ikke\AppData\Roaming ======
2015-03-11 07:40:16	--------	d-----w-	C:\Users\ikke\AppData\Locallow\Oracle
2015-03-09 23:20:53	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan
2015-03-09 11:24:20	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-03-09 11:24:20	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-03-09 11:24:20	--------	d-----w-	C:\Users\ikke\AppData\Local\Temp
2015-03-09 11:24:20	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-03-09 11:24:20	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-03-06 17:41:10	--------	d-----w-	C:\Users\ikke\AppData\Local\Golden_Frog,_GmbH
2015-03-06 17:40:37	--------	d-----w-	C:\Users\ikke\AppData\Local\Golden Frog, GmbH
2015-03-06 17:30:46	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Golden_Frog,_GmbH
2015-03-02 13:57:56	--------	d-----w-	C:\Users\ikke\AppData\Locallow\Adobe
2015-02-28 18:04:51	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Rylstim Screen Recorder
2015-02-28 16:56:23	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
2015-02-27 18:29:08	9B1D1C1C1FDD98F1369A67A4E1B1DF6E	408	----a-w-	C:\Users\ikke\AppData\Roaming\CamShapes.ini
2015-02-27 18:29:08	53EBD09A73D82DD916A0E78EFB87F308	408	----a-w-	C:\Users\ikke\AppData\Roaming\CamLayout.ini
2015-02-27 18:29:08	17C59CBE8CE682CEC5F22A6A7C979A2E	65616	----a-w-	C:\Users\ikke\AppData\Roaming\Camdata.ini
2015-02-27 16:10:44	C5FBB0674FB6259D98B84F4C19A8575C	4538	----a-w-	C:\Users\ikke\AppData\Roaming\CamStudio.cfg
2015-02-27 13:28:16	9E3D46FEA2CB93CF7CBA1E216DC5E68A	96	----a-w-	C:\Users\ikke\AppData\Roaming\version2.xml
2015-02-26 12:53:13	--------	d-----w-	C:\Users\ikke\AppData\Local\Mikogo
2015-02-26 12:38:45	--------	d-----w-	C:\Users\ikke\AppData\Local\Screenleap
2015-02-26 12:33:20	--------	d-----w-	C:\Users\ikke\AppData\Local\Google
2015-02-25 20:02:41	--------	d-----w-	C:\Users\ikke\AppData\Local\QuickScreenShare
2015-02-25 19:38:59	--------	d-----w-	C:\Users\ikke\AppData\Local\ManyCam
2015-02-25 19:37:20	--------	d-----w-	C:\Users\ikke\AppData\Roaming\ManyCam
2015-02-25 19:21:19	--------	d-----w-	C:\Users\ikke\AppData\Local\Adobe
2015-02-25 19:06:57	--------	d-----w-	C:\Users\ikke\AppData\Locallow\Sun
2015-02-25 19:03:56	--------	d-----w-	C:\Users\ikke\AppData\Local\Skype
2015-02-25 19:03:51	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Skype
2015-02-24 16:20:52	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samples Share
2015-02-24 12:36:43	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Teragon Audio
2015-02-20 21:57:20	--------	d-----w-	C:\Users\ikke\AppData\Local\Sonic Charge
2015-02-20 10:30:06	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Origin
2015-02-20 10:30:04	--------	d-----w-	C:\Users\ikke\AppData\Local\Origin
2015-02-16 13:11:47	--------	d-----w-	C:\Users\ikke\AppData\Local\Quickscope_Simulator
2015-02-13 11:25:40	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Audacity
2015-02-10 12:27:09	--------	d-----w-	C:\Users\ikke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reveal Sound
====== C:\Users\ikke ======
2015-03-10 11:14:41	56A375A83CED75C331A67882D0C0F9DA	16502728	----a-w-	C:\Users\ikke\Downloads\mbar-1.09.1.1004.exe
2015-03-10 11:10:02	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2015-03-10 11:07:47	B80DB9616972AD1E00E2E9DBAB79F7D9	5475064	----a-w-	C:\Users\ikke\Downloads\avast_free_antivirus_setup_online.exe
2015-03-10 11:03:00	71A92B4F338B7A3C9F034CFCE5D64D79	32368	----a-w-	C:\ProgramData\1425985046.bdinstall.bin
2015-03-10 10:54:58	07F8620142BFA91661CB2175A4E32299	263665	----a-w-	C:\ProgramData\1425943757.bdinstall.bin
2015-03-10 10:54:51	7E5DA98FDC65E9BE6C2CFF5E7798A94C	49277	----a-w-	C:\ProgramData\1425984872.bdinstall.bin
2015-03-09 23:20:30	--------	d-----w-	C:\ProgramData\BDLogging
2015-03-09 23:17:48	--------	d-----w-	C:\ProgramData\Bitdefender
2015-03-09 12:59:23	4DB5909D450AE68CC11DC865B9B84F71	2126848	----a-w-	C:\Users\ikke\Desktop\adwcleaner_4.111.exe
2015-03-06 17:30:46	--------	d-----w-	C:\ProgramData\Golden Frog, GmbH
2015-03-06 17:07:04	4C874DCC40A4BCE7432017A121221624	4264256	----a-w-	C:\Users\ikke\Downloads\VyprVPN-2.7.0.4852-installer.exe
2015-03-06 11:42:05	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\ikke\Desktop\RSITx64.exe
2015-03-06 11:34:00	C78EEFBC22F5507BFF4A0CF83567DB22	980480	----a-w-	C:\Users\ikke\Desktop\WIGI.exe
2015-03-06 11:33:30	F4BC9F24AB2389F0D18812865157E97A	549426	----a-w-	C:\Users\ikke\Desktop\WhyIGotInfected.exe
2015-03-04 11:33:33	6868295CA1A0950B9D6B8531738D23EE	159144	----a-w-	C:\Users\ikke\Downloads\WindowsActivationUpdate.exe
2015-03-01 16:23:35	--------	d-----w-	C:\ProgramData\regid.1986-12.com.adobe
2015-03-01 16:10:56	--------	d-----w-	C:\ProgramData\Adobe
2015-02-28 16:56:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD
2015-02-28 16:56:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screen Recorder
2015-02-28 16:54:58	F523A2C27DB893620054A8F05AB0E237	1482743	----a-w-	C:\Users\ikke\Downloads\Rylstim-Screen-Recorder.exe
2015-02-28 09:58:01	B6FD7C933D4D24CD0C51E1EC00DF3BC8	111172669	----a-w-	C:\Users\ikke\Downloads\0001-32bit_Win7_Win8_Win81_R275.exe
2015-02-27 13:19:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2015-02-27 13:17:46	8DD5374D5991AC01706F1BE41343BE2A	767872	----a-w-	C:\Users\ikke\Downloads\CamStudioSetup_v2.7.2.exe
2015-02-27 11:50:30	57C00B223B639EFE253AF598F1841023	44	----a-w-	C:\Users\ikke\.screenleap
2015-02-26 12:34:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-26 12:33:09	1A6A345D0CF74C4E17DA141F7E54221F	880208	----a-w-	C:\Users\ikke\Downloads\ChromeSetup.exe
2015-02-25 19:49:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
2015-02-25 19:47:46	14146C17D988AABD7553E1C48D7FD976	691576	----a-w-	C:\Users\ikke\Downloads\msgr11us.exe
2015-02-25 19:38:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2015-02-25 19:36:58	--------	d-----w-	C:\ProgramData\ManyCam
2015-02-25 19:36:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2015-02-25 19:36:30	--------	d-----w-	C:\ProgramData\Visicom Media
2015-02-25 19:35:25	F5F46BBD587843F3F3142606F4F4B616	295960	----a-w-	C:\Users\ikke\Downloads\ManyCamWebInstaller.exe
2015-02-25 19:24:28	--------	d-----w-	C:\Users\ikke\Tracing
2015-02-25 19:08:13	--------	d-----w-	C:\ProgramData\Sun
2015-02-25 19:07:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-25 19:07:41	--------	d-----w-	C:\ProgramData\Oracle
2015-02-25 19:06:52	6713E17AFCB3A28191A747DC8C475721	639912	----a-w-	C:\Users\ikke\Downloads\jxpiinstall.exe
2015-02-25 19:03:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-25 19:03:24	--------	d-----w-	C:\ProgramData\Skype
2015-02-25 19:02:29	563B164F49F6A3FD88178B0266648A3D	1548384	----a-w-	C:\Users\ikke\Downloads\SkypeSetup.exe
2015-02-24 14:50:01	--------	dc-h--w-	C:\ProgramData\{C2A88E6D-FA3D-462B-BDFF-A09B1EFA8FBE}
2015-02-24 14:37:50	--------	dc-h--w-	C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
2015-02-20 21:46:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Charge
2015-02-20 12:29:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-02-20 12:28:35	--------	d-----w-	C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-20 10:27:15	--------	d-----w-	C:\ProgramData\Origin
2015-02-20 10:27:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-02-20 10:27:13	--------	d-----w-	C:\ProgramData\Electronic Arts
2015-02-16 20:09:02	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMT-MAX.ORG
2015-02-11 22:59:29	--------	d-----w-	C:\ProgramData\CheckPoint

====== C: exe-files ==
2015-03-11 08:01:37	FEB8566E798B2F6BA40AC39C90E354B3	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2015-03-11 08:01:37	E357783E1561251E25513247B534D423	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-03-11 08:01:37	D1D03ED0A40B9EA7D45CD09E585415ED	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2015-03-11 08:01:37	733F15A545DCB45295EEB1E409F2D63A	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2015-03-11 08:01:37	3CB513A4E2D3666282725B09FF66D2B1	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-03-11 08:01:37	201283E93160A0EBBA8CC9F3F2388FDA	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-03-11 08:00:18	F5891766C8E79D1301105344518F076E	775312	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-03-11 08:00:18	C58005A0D0BB045A6674689643C62BD5	222208	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-03-11 08:00:18	81982EE07CBF75F377A17E0D6C6AE3A3	470528	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-03-11 08:00:18	80CC5CE51C6FCDF0BBF7FB43D5B88DE0	223744	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-03-11 08:00:18	333A31AD13A3BB850D93AEFAE4472574	770712	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-03-11 08:00:18	191A9F4A2710E75A65ADB68583D0FEA5	485888	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-03-11 07:39:48	F340F09E5124455FA81AB8EFE04DCCC3	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe
2015-03-11 07:39:48	EF59DABB7C9789B9335841A595748C0B	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-03-11 07:39:48	E57ED773B6CB41DE8225A10AFE149510	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe
2015-03-11 07:39:48	E2E61790688574F5F058AD01145E0473	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe
2015-03-11 07:39:48	CE2F700CA51229054C9A03D96646DE51	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe
2015-03-11 07:39:48	CBE5D74B4ECC80BF2C792C18CCEA92BF	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe
2015-03-11 07:39:48	C96C6041829212284EFB5A85B08B1536	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe
2015-03-11 07:39:48	C731C96456335BDAA2F58220AE25A202	191400	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe
2015-03-11 07:39:48	C126BE266A4D76737EEDD0CFB436D7E3	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe
2015-03-11 07:39:48	B189CEE3C0CB5C9EABBF70329E0F4195	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe
2015-03-11 07:39:48	9DAEE38424615751379400964713D6D7	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe
2015-03-11 07:39:48	9A97AB583FB5BD6FFFCE8C47E6DCCA62	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe
2015-03-11 07:39:48	8C71D92983B9BBB5B8D823D8C0FDD129	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe
2015-03-11 07:39:48	879578D2FAE8E10DBE30FD0B829313DE	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe
2015-03-11 07:39:48	6F4EB294ACF731771AFE3EF6F7EE812D	190888	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe
2015-03-11 07:39:48	5D5801D096F9F362F442673632013727	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe
2015-03-11 07:39:48	5BF6CD8A5984AA5F2607364B5BEBBA11	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe
2015-03-11 07:39:48	32F50E7E4D45A38E60EA7D6D701A08C9	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe
2015-03-11 07:39:48	30791C426723A4D76ADE3EF276F3F9FC	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe
2015-03-11 07:39:48	228AAF84B541C80BCFE7C1EE57502B61	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe
2015-03-11 07:39:48	113298AC181C026AB425E38CB7F963A3	76712	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-03-10 11:14:50	FE9BD656A5F251D2BB90151325DA1B14	54072	----a-w-	C:\Users\ikke\Desktop\mbar\mbamdor.exe
2015-03-10 11:14:50	7CBC1070E51238E59F7535C8F2344FB6	821560	----a-w-	C:\Users\ikke\Desktop\mbar\Plugins\fixdamage.exe
2015-03-10 11:14:50	5E29C495F48A9CFED856D097FED6ECE4	170296	----a-w-	C:\Users\ikke\Desktop\mbar\mbar.exe
2015-03-10 11:14:41	56A375A83CED75C331A67882D0C0F9DA	16502728	----a-w-	C:\Users\ikke\Downloads\mbar-1.09.1.1004.exe
2015-03-10 11:08:19	E21634343EBA5D754A318695C8161D99	2849392	----a-w-	C:\Program Files (x86)\CheckPoint\Install\Install.exe
2015-03-10 11:08:19	C7D74C58B999B8BCF8685DE01AE03CDA	59392	----a-w-	C:\Program Files (x86)\CheckPoint\Install\vsdrinst64.exe
2015-03-10 11:08:19	B8096F92F896E11462F7E9D4F811CBE4	68288	----a-w-	C:\Program Files (x86)\CheckPoint\Install\CUninstallerZA.exe
2015-03-10 11:08:19	B55245CEDEDB97492AE6DCBBA68D0F81	18040	----a-w-	C:\Program Files (x86)\CheckPoint\Install\Clean_tool64.exe
2015-03-10 11:08:19	B358697CC505A0996747CAF3B0C57807	16504	----a-w-	C:\Program Files (x86)\CheckPoint\Install\Clean_tool.exe
2015-03-10 11:08:19	AE83394A24D17A6D672A90B1908CAD63	437872	----a-w-	C:\Program Files (x86)\CheckPoint\Install\Launcher.exe
2015-03-10 11:08:19	674CE74F6511382F534D6AA2B4B37B75	62568	----a-w-	C:\Program Files (x86)\CheckPoint\Install\handlecmsg.exe
2015-03-10 11:08:19	47480F068389CF68CED679E8CA4DEC4D	745600	----a-w-	C:\Program Files (x86)\CheckPoint\Install\Uninst.exe
2015-03-10 11:08:19	2A2397F12C1CAB12B50300B2B3E70D34	65424	----a-w-	C:\Program Files (x86)\CheckPoint\Install\vsdrinst.exe
2015-03-10 11:07:47	B80DB9616972AD1E00E2E9DBAB79F7D9	5475064	----a-w-	C:\Users\ikke\Downloads\avast_free_antivirus_setup_online.exe
2015-03-10 11:04:03	DC9861AF6AE33154363846E0C47229FE	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-755594152-3724653302-3261122093-1000\$I41B94K.exe
2015-03-10 11:04:03	9409DDF580E942723C70E52E40549207	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-755594152-3724653302-3261122093-1000\$IGJ0GZX.exe
2015-03-09 22:07:30	2496D799A02337CDE6C895942B8D9017	273207408	----a-w-	C:\Users\ikke\Downloads\downloads\Bitdefender Antivirus 2015 v18.19.0.1345 (32-64bit) final with License Keys\bitdefender_av_18_32b.exe
2015-03-09 21:59:59	CEDE02D7AF62449A2C38C49ABECC0CD3	4995416	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\vcredist2010x86.exe
2015-03-09 21:59:59	CBE0B05C11D5D523C2AF997D737C137B	5673816	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\vcredist2010x64.exe
2015-03-09 21:59:59	9581FADEB6720966C46803B65964E2E8	578152	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setupdownloader.exe
2015-03-09 21:59:59	891B01D7F68DB2F5798388F788CB6D20	419088	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\localization_safebox.exe
2015-03-09 21:59:59	7E9DE6656BD725557E0C66CE3E854EBB	60296760	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\parental.exe
2015-03-09 21:59:59	230CE5046437D941CD60600354376A38	7474912	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\threatscanner.exe
2015-03-09 21:59:59	1D8F25EB5405C8FFFA0DE6EE4E139841	519472	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe
2015-03-09 21:59:59	07CD2D09DE06CA7AB7A42D207A907654	128536224	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\pluginsx64.exe
2015-03-09 21:59:58	FD1906FBC128516A70C2C4F30742D9A3	60121904	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdrescue.exe
2015-03-09 21:59:58	E7DD59F12AA93E30A06B64D81FA069A4	1018160	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdis_localization.exe
2015-03-09 21:59:58	DA4AC8CE5D8AD71B01E0C0620518E743	9150056	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\installerpackage.exe
2015-03-09 21:59:58	CEF57CBED42D14245B7225D629CE1B48	601392	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_winxp_winvista_win7_systemfolder.exe
2015-03-09 21:59:58	B45BDA1BD4A831DD560ECF7249FB777F	474288	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdis_winvista_win7_commonfilesfolder.exe
2015-03-09 21:59:58	A5828B96041CEA084ED7BAC405BC37C9	476064	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdis_win8_commonfilesfolder.exe
2015-03-09 21:59:58	A20A2AC6286FEE6F2B9DDBFFBA098791	1066648	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdts_localization.exe
2015-03-09 21:59:58	9AB87AA15BAA4A1193D0D5E7FD3F3F26	500048	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdis_winxp_winvista_win7_commonfilesfolder.exe
2015-03-09 21:59:58	8C203428407B701804BEE20E8CA565AC	2143776	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdts_winxp_winvista_win7_safebox.exe
2015-03-09 21:59:58	68BF34A47994A63F5E8395AADCD20C64	418808	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\localization_appdata.exe
2015-03-09 21:59:58	5F5F26533BB3D6953C4AA129D811B5CB	7034104	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdis_winxp_winvista_win7_programfilesfolder.exe
2015-03-09 21:59:58	2F565906AF1CFD3BC0B05E2E47F62163	1281312	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdts_winxp_winvista_win7_programfilesfolder.exe
2015-03-09 21:59:58	13BB31243212C4112398E4D7FEA038F0	508448	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_winxp_winvista_win7_system32.exe
2015-03-09 21:59:57	DEE27F38DE76ECD6DF5B89233CE11FB0	3803912	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_localization.exe
2015-03-09 21:59:57	B379350EB298CE40FA3C5A98A350196D	2498792	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_win8_programfilesfolder.exe
2015-03-09 21:59:57	6C32BFF81BE101DB682CA0CF51823817	34010104	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\60second_x64.exe
2015-03-09 21:59:57	59ADD000A74F621A3CBE6251152F5A27	600792	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\antiphishing.exe
2015-03-09 21:59:57	522329156911C1D8247C759A049397E1	68941264	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_winxp_winvista_win7_programfilesfolder.exe
2015-03-09 21:59:57	44044DE311675DD80F9E58E683CAF2C5	478336	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_winxp_winvista_commonfilesfolder.exe
2015-03-09 21:59:57	383F9899CB284975A30FAA9BE722E3D6	458432	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_winvista_win7_programfilesfolder.exe
2015-03-09 21:59:57	3658A80281E4A2A39D333F4B9871EE7E	443032	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_win8_systemfolder.exe
2015-03-09 21:59:57	32F61D127C4C05DD3B8EE7486EDE3AD7	472456	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_win7_commonfilesfolder.exe
2015-03-09 21:59:57	2B324D05F97AC0FB841F966F3E371EA2	9922384	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_winxp_winvista_win7_commonfilesfolder.exe
2015-03-09 21:59:57	03687B5DB781D72213DA72438463EF42	479376	----a-w-	C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\bdav_win8_commonfilesfolder.exe
2015-03-09 21:55:56	043771C1E9BDBD03389630A3BAD984FB	26418295	----a-w-	C:\Users\ikke\Downloads\downloads\VIPRE Antivirus 2015 8.0.5.3.exe
2015-03-09 12:59:23	4DB5909D450AE68CC11DC865B9B84F71	2126848	----a-w-	C:\Users\ikke\Desktop\adwcleaner_4.111.exe
2015-03-08 23:58:32	E68F4DA796550658A46D98995A1765EC	16278832	----a-w-	C:\Users\ikke\Desktop\Vipre\VIPRE.AV.AS.4.0.3904.exe
2015-03-08 23:58:29	B88228D5FEF4B6DC019D69D4471F23EC	5073240	----a-w-	C:\Users\ikke\Desktop\Vipre\Microsoft Visual C++ 2010\vcredist_x86.exe
2015-03-08 23:58:29	6CF3186987C267D288FAB019448C1F9E	338944	----a-w-	C:\Users\ikke\Desktop\Vipre\Vipre Activator.exe
2015-03-06 17:07:04	4C874DCC40A4BCE7432017A121221624	4264256	----a-w-	C:\Users\ikke\Downloads\VyprVPN-2.7.0.4852-installer.exe
2015-03-06 11:44:10	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\ikke.exe
2015-03-06 11:42:05	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\ikke\Desktop\RSITx64.exe
2015-03-06 11:34:00	C78EEFBC22F5507BFF4A0CF83567DB22	980480	----a-w-	C:\Users\ikke\Desktop\WIGI.exe
2015-03-06 11:33:30	F4BC9F24AB2389F0D18812865157E97A	549426	----a-w-	C:\Users\ikke\Desktop\WhyIGotInfected.exe
2015-03-04 11:33:33	6868295CA1A0950B9D6B8531738D23EE	159144	----a-w-	C:\Users\ikke\Downloads\WindowsActivationUpdate.exe
2015-03-04 11:10:28	7EA5D6C2CE669BBCCEF968DEDC37E2AF	9092688	----a-w-	C:\Program Files (x86)\Google\Update\Install\{D0A5EAAC-7F47-41C6-9C91-D61827DF088F}\41.0.2272.76_40.0.2214.115_chrome_updater.exe
2015-03-04 11:10:25	7EA5D6C2CE669BBCCEF968DEDC37E2AF	9092688	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.76\41.0.2272.76_40.0.2214.115_chrome_updater.exe
=== C: other files ==
2015-03-11 08:01:43	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\System32\drivers\PEAuth.sys
2015-03-11 08:01:40	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-03-11 08:01:38	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\System32\drivers\appid.sys
2015-03-11 08:00:42	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-03-11 08:00:42	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-03-11 08:00:42	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-03-11 07:56:03	A0DEE06D68F210CA090FD4D9A33CDC12	3204096	----a-w-	C:\Windows\System32\win32k.sys
2015-03-11 07:39:48	0A513FB75ADF2580D0F0D55D0A245C4F	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
2015-03-10 11:11:14	8CDA894FA86D03FB43063D5FD85EFCAE	136752	----a-w-	C:\Windows\System32\drivers\aswStm.sys
2015-03-10 11:11:13	11644D8399F4AC8BB12C2364DCB87CB4	268640	----a-w-	C:\Windows\System32\drivers\aswVmm.sys
2015-03-10 11:11:12	3A145C94A519E52FE7E99460DD0DF53C	441728	----a-w-	C:\Windows\System32\drivers\aswSP.sys
2015-03-10 11:11:11	713AFFD4E38553AEF04617C985B4030B	65736	----a-w-	C:\Windows\System32\drivers\aswRvrt.sys
2015-03-10 11:11:10	245D3A0670491E1F88759EC45C9F7314	88408	----a-w-	C:\Windows\System32\drivers\aswMonFlt.sys
2015-03-10 11:11:09	BC18D5B42B19564BA09156410E1FB9BE	93528	----a-w-	C:\Windows\System32\drivers\aswRdr2.sys
2015-03-10 11:11:09	BA4B999D245287608A79C92CDAE6F3C1	29168	----a-w-	C:\Windows\System32\drivers\aswHwid.sys
2015-03-10 11:11:06	669F6B37965756E407B447272B5EE39F	1047320	----a-w-	C:\Windows\System32\drivers\aswSnx.sys
2015-03-10 11:05:18	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-03-10 11:04:59	CA43F8904E24BBE49982E4C0B29E6579	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-03-10 11:04:59	A646C2DDB8C46E9B20A326FAF566646C	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-03-10 11:04:59	0307CF4184F4F22DB75F36ACCCEF7ED1	107736	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-03-08 23:49:41	595B2147D21A93BE8BBA245B0D888140	21560528	----a-w-	C:\Users\ikke\Downloads\Vipre.zip
2015-03-06 17:31:01	A666A709F546719AB2BE55A2A5CA447F	229	----a-w-	C:\Program Files (x86)\VyprVPN\InstallCertificates.bat
2015-03-06 17:30:36	37241B5327FC15721E9A75DE37E5ED9D	193	----a-w-	C:\Program Files (x86)\VyprVPN\OpenVPN\util\addtap.bat
2015-03-06 17:30:36	362ACDA9A9E8FFDA0F1A6C6305DA9036	258	----a-w-	C:\Program Files (x86)\VyprVPN\OpenVPN\util\deltapall.bat
2015-03-06 11:25:03	FE7F83689172CC17185D6FB1AEFDFC6E	1188194	----a-w-	C:\Users\ikke\Downloads\ProcessExplorer.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-755594152-3724653302-3261122093-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Messenger (Yahoo\PROGRA~2\Yahoo\Messenger\YahooMessenger.exe -quiet"
"VyprVPN"="C:\Program Files (x86)\VyprVPN\VyprVPN.exe"
"pdiface"="C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"ZoneAlarm"="C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Messenger (Yahoo\PROGRA~2\Yahoo\Messenger\YahooMessenger.exe -quiet"
"VyprVPN"="C:\Program Files (x86)\VyprVPN\VyprVPN.exe"
"pdiface"="C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"InstallerLauncher"="C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe /run:C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25/02/2015 21:48]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/02/2015 13:33]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/02/2015 13:33]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default
user_pref("browser.startup.homepage", "google.com");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10/03/2015 12:11]

==== Firefox Extensions ======================

ProfilePath: C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default
- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\ikke\AppData\Roaming\Mozilla\Firefox\Profiles\azl0lchs.default
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies
C62322C77D1AAB77B1CF1130FCC3673A	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll -	Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 41.0.2272.76 (Could not determine latest Stable Version)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[10/03/2015 12:10]

Google Slides - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Hangouts - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl
Google Wallet - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - ikke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [VyprVPN] C:\Program Files (x86)\VyprVPN\VyprVPN.exe
O4 - HKCU\..\Run: [pdiface] C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe -noshow
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VyprVPN - Golden Frog, GmbH. - C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ikke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ikke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\ikke\AppData\Local\Mozilla\Firefox\Profiles\azl0lchs.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\ikke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=396 folders=110 58272061 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ikke\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ikke\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 11/03/2015 at 10:25:17,74 ======================