Zoek.exe v5.0.0.0 Updated 23-March-2015 Tool run by John Schijven on di 24-03-2015 at 18:01:56,53. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TURUG6G\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 24-3-2015 18:04:46 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\John Schijven\AppData\Roaming\QuickScan deleted successfully C:\Users\John Schijven\AppData\Roaming\WinRAR deleted successfully C:\Users\John Schijven\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 17 ActiveX Adobe Reader XI (11.0.10) - Nederlands BullGuard Internet Security CCleaner D3DX10 Microsoft .NET Framework 4.5 Microsoft .NET Framework 4.5 NLD Language Pack Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable MSVCRT NETGEAR WNDA3100v2 wireless USB 2.0 adapter Security Update for Microsoft .NET Framework 4.5 (KB2737083) Security Update for Microsoft .NET Framework 4.5 (KB2742613) Security Update for Microsoft .NET Framework 4.5 (KB2789648) Security Update for Microsoft .NET Framework 4.5 (KB2840642v2) Security Update for Microsoft .NET Framework 4.5 (KB2861208) Security Update for Microsoft .NET Framework 4.5 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5 (KB2898864) Security Update for Microsoft .NET Framework 4.5 (KB2901118) Security Update for Microsoft .NET Framework 4.5 (KB2972107) Security Update for Microsoft .NET Framework 4.5 (KB2972216) Security Update for Microsoft .NET Framework 4.5 (KB2978128) Security Update for Microsoft .NET Framework 4.5 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956107) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2956109) 32-Bit Edition Skype Click to Call SkypeT 7.2 Spotnet Taalpakket voor Microsoft .NET Framework 4.5 - NLD TomTom HOME TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4.5 (KB2750147) Update for Microsoft .NET Framework 4.5 (KB2805221) Update for Microsoft .NET Framework 4.5 (KB2805226) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2956104) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Users\John Schijven\Downloads\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Users\John Schijven\Downloads\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe C:\Windows\system32\taskeng.exe C:\Program Files\CCleaner\CCleaner.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\conhost.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_134_ActiveX.exe C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TURUG6G\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\SvcHost.exe -k BullGuard_Main C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\SvcHost.exe -k BullGuard_Backup C:\Windows\System32\SvcHost.exe -k BullGuard_Cache C:\Windows\System32\SvcHost.exe -k BullGuard C:\Windows\System32\SvcHost.exe -k BullGuard_Proxy C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601) Memory (RAM): 3327 MB CPU Info: Intel(R) Core(TM)2 Duo CPU E6550 @ 2.33GHz CPU Speed: 2330,6 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: ATI Radeon HD 2600 XT | ATI Radeon HD 2600 XT | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Dell SE198WFP(Digital) | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Intel(R) 82562V-2 10/100-netwerkverbinding CD / DVD Drives: 2x (E: | F: | ) E: HL-DT-STDVD-ROM GDRH20N | F: HL-DT-STDVD+-RW GSA-H73N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 232,8GB | D: 10,0GB Hard Disks - Free: C: 196,2GB | D: 983,3MB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 02/24/09 | DELL - 42302e31 Time Zone: West-Europa (standaardtijd) Motherboard *: Dell Inc. 0RY007 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: BullGuard Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: BullGuard Antispyware disabled (Outdated) Firewall: BullGuard Firewall disabled Internet Explorer Version: 11.0.9600.17691 Adobe Reader version: 11.0.10.32 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-02-27 15:50:33 8B88EBBB05A0E56B7DCC708498C02B3E 2616320 ----a-w- C:\Windows\explorer.exe 2015-02-26 15:22:03 163A95975E1D8819E653AA3E961371CA 51200 ----a-w- C:\Windows\twain_32.dll 2015-02-26 15:22:02 DBD14D0DB0382DFE96D7B5007DDD5ABE 65024 ----a-w- C:\Windows\bfsvc.exe 2015-02-25 16:45:49 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\ativpsrm.bin ====== C:\Users\JOHNSC~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-03-24 15:02:56 8D797C8B7F5B4B0EA3E0548E72F9F88C 576 ----a-w- C:\Windows\System32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD 2015-03-24 02:24:42 6BF8843C99352B8A600794DE740C2566 2744320 ----a-w- C:\Windows\System32\rdpcorets.dll 2015-03-24 02:24:42 1B430766C544BEF1D8BE2305FF7F8D9C 221184 ----a-w- C:\Windows\System32\rdpudd.dll 2015-03-24 02:24:42 06E6DEABDA3A27DDA054BE46207420E4 13824 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll 2015-03-24 02:24:40 E284CFD490A1F2E03A8BE0B4C09A3DEE 74240 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2015-03-24 02:24:07 0C9988BDA3CEC3C421B773982C5E2EC6 5703168 ----a-w- C:\Windows\System32\mstscax.dll 2015-03-22 08:49:08 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\System32\rdpendp_winip.dll 2015-03-22 08:48:36 F37167FCDB661FD4B54CAD4755ABDD61 32256 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll 2015-03-22 08:48:31 D60E27D4BD5A91FCD17D2CB27F86738E 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2015-03-22 08:48:27 AB5EFB103DB01C1912C9D2F545EA5621 17920 ----a-w- C:\Windows\System32\wksprtPS.dll 2015-03-22 08:48:27 A90F47CDCC0898733596B5070039FC15 14336 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll 2015-03-22 08:48:27 8DEEE20D8D30E9B0FBDCA31E58A027BD 53248 ----a-w- C:\Windows\System32\tsgqec.dll 2015-03-22 08:48:27 5E676B296B762E211D83B87635F2C330 855552 ----a-w- C:\Windows\System32\rdvidcrl.dll 2015-03-22 08:48:27 2EFB1279E7BEA7D12D9F4D6508D27880 50176 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll 2015-03-22 08:48:26 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\System32\mstsc.exe 2015-03-22 08:48:26 0FC6922517964E9D90DE84DC86F63E40 350208 ----a-w- C:\Windows\System32\wksprt.exe 2015-03-19 15:08:12 6F69FE8AC17E8A652C3C1782F60ECD61 140816 ----a-w- C:\Windows\System32\BgGamingMonitor.dll 2015-03-19 15:08:06 7CFA5CD6DE9B79FA5A51A79B773847A3 64336 ----a-w- C:\Windows\System32\BGLsp.dll 2015-03-11 15:36:05 340EECB781E6C06A6171B3068DA208AD 12875264 ----a-w- C:\Windows\System32\shell32.dll 2015-03-11 15:36:02 84B460BB65567ED42DD605FA044DB370 828928 ----a-w- C:\Windows\System32\msctf.dll 2015-03-11 15:36:02 5F3628DCF926C4499BE1DC74431DFBC8 1230848 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2015-03-11 15:36:00 BA3CB7D5C1DCF17E6FFFB28DB950841A 2381312 ----a-w- C:\Windows\System32\win32k.sys 2015-03-11 15:35:59 FDF0B4DC83627A859D18EE439B8E5A26 47616 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2015-03-11 15:35:59 B8445B89D0EA5C2575C98EA7BD180C5C 30720 ----a-w- C:\Windows\System32\iernonce.dll 2015-03-11 15:35:59 97F98251AC65657A07673E64AA31519F 684544 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-03-11 15:35:59 8FDE1162C9DCF7B180AA702DD9EB6071 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2015-03-11 15:35:59 87E5DC0BADC63A6E92A3C7A896B8C15E 102912 ----a-w- C:\Windows\System32\ieetwcollector.exe 2015-03-11 15:35:58 F5F730ED126DCFBEBDB9BB629BD482C4 620032 ----a-w- C:\Windows\System32\jscript9diag.dll 2015-03-11 15:35:58 BA10D970EB39913357B224F4473D535B 418304 ----a-w- C:\Windows\System32\dxtmsft.dll 2015-03-11 15:35:58 B35C35C55FED3DD7F995C77F63CBC29B 1311232 ----a-w- C:\Windows\System32\urlmon.dll 2015-03-11 15:35:58 A41C85FDB2275FA9AAA821A118807FDB 710144 ----a-w- C:\Windows\System32\ieapfltr.dll 2015-03-11 15:35:58 988AB676FBF4484508BA134CAAB711EB 115712 ----a-w- C:\Windows\System32\ieUnatt.exe 2015-03-11 15:35:58 756B4F77945C61ADBE68150D7D2EC7A6 47104 ----a-w- C:\Windows\System32\jsproxy.dll 2015-03-11 15:35:58 59788C115F8362C5DBBAD68B54AD6357 667648 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2015-03-11 15:35:58 29EDBC5C381F1406A5262351E69BC87A 342696 ----a-w- C:\Windows\System32\iedkcs32.dll 2015-03-11 15:35:57 AD1BA932AC31D2BC8C9105DA59BEA6BE 689152 ----a-w- C:\Windows\System32\msfeeds.dll 2015-03-11 15:35:57 08B30EB9751858C1C369E8775492D732 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2015-03-11 15:35:56 BD838E2129623E8311720AA86C5DFBBF 62464 ----a-w- C:\Windows\System32\iesetup.dll 2015-03-11 15:35:56 B0B83B31853E15C619FDB91B64F8349A 168960 ----a-w- C:\Windows\System32\msrating.dll 2015-03-11 15:35:56 A34897A1A39316BDECCA3E61986F98F2 2052608 ----a-w- C:\Windows\System32\inetcpl.cpl 2015-03-11 15:35:55 EA6EA6912F27F05C61D8D747517EB47E 1888256 ----a-w- C:\Windows\System32\wininet.dll 2015-03-11 15:35:55 3B2A9D5AF0E44A8C41E7545A8A7D5A98 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2015-03-11 15:35:54 AD13E719AE506AA0E0BB5D49E0D5B44A 285696 ----a-w- C:\Windows\System32\dxtrans.dll 2015-03-11 15:35:53 E868396BC5F8957A9E39BD9A28EA814D 12827648 ----a-w- C:\Windows\System32\ieframe.dll 2015-03-11 15:35:53 AC35DA94A14679E8E515A44A8CF90804 478208 ----a-w- C:\Windows\System32\ieui.dll 2015-03-11 15:35:52 02C0770DA3BE9231EFAF7185EE51020C 1155072 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2015-03-11 15:35:52 00F39165D6D14302618C20CDD7BB213A 76288 ----a-w- C:\Windows\System32\mshtmled.dll 2015-03-11 15:35:51 6108ED659B5962DE73DACB3B04D86ED3 64000 ----a-w- C:\Windows\System32\MshtmlDac.dll 2015-03-11 15:35:51 52B4DECDC70B8758380D37EA2CDD4254 2278400 ----a-w- C:\Windows\System32\iertutil.dll 2015-03-11 15:35:50 95CB6079B3E62D4301958023C2070A48 19720192 ----a-w- C:\Windows\System32\mshtml.dll 2015-03-11 15:35:49 BC9CE46C3F05CCC40F8F1EFC7E4B41C7 503296 ----a-w- C:\Windows\System32\vbscript.dll 2015-03-11 15:35:48 FC5FE9F2D140435FC95CB3EF6724EF0A 4300288 ----a-w- C:\Windows\System32\jscript9.dll 2015-03-11 15:35:23 B804EAA9E037580F96C22537C2ECB62A 171520 ----a-w- C:\Windows\System32\ubpm.dll 2015-03-11 15:35:22 D9FAD47AFADE210921EF0991307DAD6D 1061376 ----a-w- C:\Windows\System32\lsasrv.dll 2015-03-11 15:35:22 D5063B86DC3F85B93D02AF68099F4C9A 248832 ----a-w- C:\Windows\System32\schannel.dll 2015-03-11 15:35:21 F65F365AC0D1657917EFDB52445C848B 22528 ----a-w- C:\Windows\System32\lsass.exe 2015-03-11 15:35:21 C7D334A01C66BF07B92D04CD7A981B7F 259584 ----a-w- C:\Windows\System32\msv1_0.dll 2015-03-11 15:35:21 B06A4105DD22E91A1D922D7310803140 65536 ----a-w- C:\Windows\System32\TSpkg.dll 2015-03-11 15:35:21 ACD0CA819E279E1C17BE5C8A077EF448 146432 ----a-w- C:\Windows\System32\msaudite.dll 2015-03-11 15:35:21 887C8C0BF3FF4C74E76714375AE9B1D8 15872 ----a-w- C:\Windows\System32\sspisrv.dll 2015-03-11 15:35:21 84974782ED5D108DA2EFAF3C6534A760 22016 ----a-w- C:\Windows\System32\secur32.dll 2015-03-11 15:35:21 7A71DA6D6F75AB73475128F787DD8EAD 221184 ----a-w- C:\Windows\System32\ncrypt.dll 2015-03-11 15:35:21 7407DDA27838C393DE67A0BDCDD044D0 60416 ----a-w- C:\Windows\System32\msobjs.dll 2015-03-11 15:35:21 69925A266D265DAD96C6FCBB861FA5CD 550912 ----a-w- C:\Windows\System32\kerberos.dll 2015-03-11 15:35:21 5E76C26CAE2810EA71C161ED9A2CF0D1 50176 ----a-w- C:\Windows\System32\auditpol.exe 2015-03-11 15:35:21 4E15E2D20AE755FDEACD96F359F732DB 172032 ----a-w- C:\Windows\System32\wdigest.dll 2015-03-11 15:35:21 49144A633AB640E34A0FFDE26CB31EB5 100352 ----a-w- C:\Windows\System32\sspicli.dll 2015-03-11 15:35:21 30F5B3E28636009A0B194057AAE4392A 17408 ----a-w- C:\Windows\System32\credssp.dll 2015-03-11 15:35:21 0485899A035E02C53014C0545D912405 686080 ----a-w- C:\Windows\System32\adtschema.dll 2015-03-11 15:35:18 965D6A2B30A95A9F7EF13653988D3D9F 299008 ----a-w- C:\Windows\System32\atmfd.dll 2015-03-11 15:35:17 DD16C06B79DA2FBD422E87923C6C0C9D 26624 ----a-w- C:\Windows\System32\lpk.dll 2015-03-11 15:35:17 ABB358777FDF4AF51B2FE26137D2B8D4 70656 ----a-w- C:\Windows\System32\fontsub.dll 2015-03-11 15:35:17 55273844B66D77A2F1A2213C17A9EA4A 34304 ----a-w- C:\Windows\System32\atmlib.dll 2015-03-11 15:35:17 274F0540FD4C88FC845C94CA1569688A 10240 ----a-w- C:\Windows\System32\dciman32.dll 2015-03-11 15:35:16 9566C8BBD2271A7962D4432A624762AD 417792 ----a-w- C:\Windows\System32\WMPhoto.dll 2015-03-11 15:35:11 DCC148408770F2D55B201F8FC26438A1 988160 ----a-w- C:\Windows\System32\drmv2clt.dll 2015-03-11 15:35:11 003C51B9FE38287BA4E0E58D3AE080BD 744960 ----a-w- C:\Windows\System32\blackbox.dll 2015-03-11 15:35:10 B378B6A865C28CE5C1E23C35760A1199 11411968 ----a-w- C:\Windows\System32\wmp.dll 2015-03-11 15:35:10 833FCABCB5D95B1911BA6E62FC82AC04 617984 ----a-w- C:\Windows\System32\wmdrmsdk.dll 2015-03-11 15:35:10 5B0C6247027FCF5A2E2F150E298D2FFA 3209728 ----a-w- C:\Windows\System32\mf.dll 2015-03-11 15:35:08 BB73C907D1BD437B6C30F2C23BB089FC 406016 ----a-w- C:\Windows\System32\drmmgrtn.dll 2015-03-11 15:35:08 6C2D4DC5D2E271F4AE4016FD4587B0B2 3973048 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2015-03-11 15:35:08 2CFE69A0A8AFDA8DB9A773D728000BB7 3917760 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-03-11 15:35:07 96DB6A923DEDB58FC7CBBF5CFF73314D 1329664 ----a-w- C:\Windows\System32\quartz.dll 2015-03-11 15:35:07 74264B7F57A16D25CB581C07964D324A 1174528 ----a-w- C:\Windows\System32\crypt32.dll 2015-03-11 15:35:07 2D4814D567E5A85C473228BA772A7AFB 489984 ----a-w- C:\Windows\System32\evr.dll 2015-03-11 15:35:06 FFCFCDFD8D17DC62F168B50E92143EFA 400896 ----a-w- C:\Windows\System32\srcore.dll 2015-03-11 15:35:06 D31FB78F37F075FA9605D7ED9B2070D2 409272 ----a-w- C:\Windows\System32\ci.dll 2015-03-11 15:35:06 C5667EE72D7364BE81516C0707FEF724 354816 ----a-w- C:\Windows\System32\mfplat.dll 2015-03-11 15:35:06 B7D2BB84C590F0AE9DA51DBB065A780E 1005056 ----a-w- C:\Windows\System32\cryptui.dll 2015-03-11 15:35:06 B54FD1991E659FD61EF1D34EC27AAECD 81408 ----a-w- C:\Windows\System32\cryptsp.dll 2015-03-11 15:35:06 52954BE460EC6C54C0ACB2B3B126FFC6 157184 ----a-w- C:\Windows\System32\pcasvc.dll 2015-03-11 15:35:06 18F1BBB37F1BC76332B5C1B5FA5ED310 455752 ----a-w- C:\Windows\System32\winresume.exe 2015-03-11 15:35:05 D5EC42139D6A6158CF188975C50B6A60 179200 ----a-w- C:\Windows\System32\wintrust.dll 2015-03-11 15:35:05 CFE8B425822E478B530A590896ECF091 100864 ----a-w- C:\Windows\System32\audiodg.exe 2015-03-11 15:35:05 C1619A13B10CAC5038BF7129F57D8DE3 475136 ----a-w- C:\Windows\System32\audiosrv.dll 2015-03-11 15:35:05 98C1191C862B44567FCF3C18BAEE859E 519680 ----a-w- C:\Windows\System32\qdvd.dll 2015-03-11 15:35:05 7DD3B3971D45197FA059C7CF55387BE8 521384 ----a-w- C:\Windows\System32\winload.exe 2015-03-11 15:35:05 70E96EBE87A38857619671FCB9C8EC7B 265216 ----a-w- C:\Windows\System32\msnetobj.dll 2015-03-11 15:35:05 49474B3E37969AF4B5C076F42B623AFF 143872 ----a-w- C:\Windows\System32\cryptsvc.dll 2015-03-11 15:35:05 3BAA4BAE71460C5CEB40D5E9339A61BC 103936 ----a-w- C:\Windows\System32\cryptnet.dll 2015-03-11 15:35:05 320A8699369C43CF53B2DB4538D17C52 504320 ----a-w- C:\Windows\System32\msscp.dll 2015-03-11 15:35:05 055C6BD2B4216C69302807A44A2C2B46 262656 ----a-w- C:\Windows\System32\rstrui.exe 2015-03-11 15:35:04 F5090F8FA6757C58E17BAEAA86093636 27648 ----a-w- C:\Windows\System32\appidsvc.dll 2015-03-11 15:35:04 E0AB9CA912398BE1AAD14FF7AD75C397 50688 ----a-w- C:\Windows\System32\appidapi.dll 2015-03-11 15:35:04 C45E651DD6C0D7C1D92B338CE9331EF3 28160 ----a-w- C:\Windows\System32\pcadm.dll 2015-03-11 15:35:04 AF47EAA4ADDA9AA221FB7647EE22BF53 103424 ----a-w- C:\Windows\System32\mfps.dll 2015-03-11 15:35:04 A6AEADE370FFE3F37554D8AAA3E4B873 8192 ----a-w- C:\Windows\System32\pcalua.exe 2015-03-11 15:35:04 A56F4029FDCF4F817E78953CDA953E28 442880 ----a-w- C:\Windows\System32\AUDIOKSE.dll 2015-03-11 15:35:04 A4A2EFB40015B76467F09E6DC388BC26 43008 ----a-w- C:\Windows\System32\srclient.dll 2015-03-11 15:35:04 7847865A78B7FB9221D9DFB35A7B8ECD 38912 ----a-w- C:\Windows\System32\csrsrv.dll 2015-03-11 15:35:04 6EBC44F464A00EF4E4F0DBBB6BD3FF14 275968 ----a-w- C:\Windows\System32\EncDump.dll 2015-03-11 15:35:04 6C620B9DDB9EB0F0D92E9607D76B3D3D 50176 ----a-w- C:\Windows\System32\setbcdlocale.dll 2015-03-11 15:35:04 6B1EB62B8DD3F439F972BE14D7A34FC8 10752 ----a-w- C:\Windows\System32\msmmsp.dll 2015-03-11 15:35:04 69B4CE000298A9253EB206C3AC1360F5 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe 2015-03-11 15:35:04 50B8937A81360D16A5C772302BD32CFE 195584 ----a-w- C:\Windows\System32\AudioSes.dll 2015-03-11 15:35:04 49F4EE8DF752CFA159B99046CD1FDD2B 23040 ----a-w- C:\Windows\System32\mfpmp.exe 2015-03-11 15:35:04 3245B3D9A1F36C8A80900003B22F9FA4 96768 ----a-w- C:\Windows\System32\appidpolicyconverter.exe 2015-03-11 15:35:04 2D21189858856316D55EAD55DF4964C2 374784 ----a-w- C:\Windows\System32\AudioEng.dll 2015-03-11 15:35:04 10495B2681F3E271CB93608D853A0CF0 9728 ----a-w- C:\Windows\System32\pcawrk.exe 2015-03-11 15:35:04 08FF727297A97907AADED4BA86CF44E9 50176 ----a-w- C:\Windows\System32\rrinstaller.exe 2015-03-11 15:35:04 01C6C743FE49D0FB3F0A1391FEF1DEB3 69632 ----a-w- C:\Windows\System32\smss.exe 2015-03-11 15:35:03 FCD5137A10C8943B34C9BE891C50159F 6656 ----a-w- C:\Windows\System32\apisetschema.dll 2015-03-11 15:35:03 F0C8038C9336EE6C3244CF431AB362BE 8704 ----a-w- C:\Windows\System32\pcaevts.dll 2015-03-11 15:35:03 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\System32\msdxm.ocx 2015-03-11 15:35:03 D3916F83AC8F2314262387A2E16C6578 4096 ----a-w- C:\Windows\System32\dxmasf.dll 2015-03-11 15:35:03 8B07DBA0D77346545C6359AC67DCB980 8192 ----a-w- C:\Windows\System32\spwmp.dll 2015-03-11 15:35:03 7C1CADCA0E674212412559B0EAD0919A 12625408 ----a-w- C:\Windows\System32\wmploc.DLL 2015-03-11 15:35:03 2F3CE58D8C276570EEB69C99CFBAFD58 2048 ----a-w- C:\Windows\System32\mferror.dll ====== C:\Windows\system32\drivers ===== 2015-03-22 08:49:13 65375DF758CA1872AB7EBBBA457FD5E6 14848 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2015-03-22 08:48:29 C6A5FBD4977305E1FA23E02C042DB463 49152 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2015-03-18 16:10:07 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2015-03-11 15:35:22 9EED5E0B7BF784C491C2289A09920BDA 137656 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-03-11 15:35:21 4DAC97CF81FAE4B2988AEF0DF40D04AE 67512 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2015-03-11 15:35:07 AEBC369F7DC72AB3F5B9BDF34FA0D43F 593920 ----a-w- C:\Windows\System32\drivers\PEAuth.sys 2015-03-11 15:35:07 3051724F223EA48968B19567DE2A81F4 370488 ----a-w- C:\Windows\System32\drivers\cng.sys 2015-03-11 15:35:06 644905A19D0F37F2233DFCE53BC4BC19 78784 ----a-w- C:\Windows\System32\drivers\mountmgr.sys 2015-03-11 15:35:04 81F97D8F8B3FB94A451CC6F7CF8B2965 50176 ----a-w- C:\Windows\System32\drivers\appid.sys 2015-03-05 16:51:13 B9730495E0CF674680121E34BD95A73B 50704 ----a-w- C:\Windows\System32\drivers\npf.sys 2015-03-03 15:31:08 B172E759651C4FBD77C009F8E1571EB3 1093888 ----a-w- C:\Windows\System32\drivers\bcmwlhigh6.sys 2015-03-01 08:16:44 A6E0D6305D1125AEAFD279AE60FEB07B 1092160 ----a-w- C:\Windows\System32\drivers\AE1200w7.sys 2015-02-28 12:49:16 D320BF87125326F996D4904FE24300FC 80256 ----a-w- C:\Windows\System32\drivers\amdsata.sys 2015-02-28 12:49:16 5CD5F9A5444E6CDCB0AC89BD62D8B76E 332160 ----a-w- C:\Windows\System32\drivers\iaStorV.sys 2015-02-28 12:49:16 4380E59A170D88C4F1022EFF6719A8A4 143744 ----a-w- C:\Windows\System32\drivers\nvstor.sys 2015-02-28 12:49:15 F991AB9CC6B908DB552166768176896A 76288 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2015-02-28 12:49:15 B3E25EE28883877076E0E1FF877D02E0 117120 ----a-w- C:\Windows\System32\drivers\nvraid.sys 2015-02-28 12:49:15 46387FB17B086D16DEA267D5BE23A2F2 22400 ----a-w- C:\Windows\System32\drivers\amdxata.sys 2015-02-26 20:08:11 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2015-02-26 20:08:11 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2015-02-26 20:08:08 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2015-02-26 20:05:43 7DAE5EBCC80E45D3253F4923DC424D05 19824 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2015-02-26 19:18:45 CD9214A6AE17D188D17C3CF8CB9CC693 184320 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2015-02-26 19:18:44 6C5139E4283249518F7743D7043775B3 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2015-02-26 19:17:57 ED80D303102A746D30C1684B387BCBF1 33280 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys 2015-02-26 19:17:57 8C9C922D71F1CD4DEF73F186416B7896 712048 ----a-w- C:\Windows\System32\drivers\ndis.sys 2015-02-26 19:15:03 D0B388DA1D111A34366E04EB4A5DD156 338944 ----a-w- C:\Windows\System32\drivers\afd.sys 2015-02-26 19:14:58 F1A449D762657230629D8BFC107ABC14 149440 ----a-w- C:\Windows\System32\drivers\storport.sys 2015-02-26 19:14:58 EB34CE31FABD4DC4343FD2AD16D2CAF9 234432 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2015-02-26 19:14:58 5FB4F271032B6435F3B2252F577A4815 27072 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2015-02-26 19:14:14 3583A5A8CC2E682BFFBD4630D0FEC08B 730048 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2015-02-26 19:14:14 0EC652D17AB4607745FB4E6958E8FAB6 219072 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2015-02-26 19:13:47 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2015-02-26 19:13:36 DEE7EDA5AAA96C4C68A1F098F5145799 187840 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2015-02-26 19:13:36 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys 2015-02-26 19:13:36 5579DD18546999F5D0EC39D018726C6B 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2015-02-26 19:13:35 E4C2764065D66EA1D2D3EBC28FE99C46 311808 ----a-w- C:\Windows\System32\drivers\srv.sys 2015-02-26 19:13:35 BE6BD660CAA6F291AE06A718A4FA8ABC 114688 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2015-02-26 19:13:35 03F0545BD8D4C77FA0AE1CEEDFCC71AB 310272 ----a-w- C:\Windows\System32\drivers\srv2.sys 2015-02-26 19:13:24 B81F204D146000BE76651A50670A5E9E 96768 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2015-02-26 19:13:24 6D17A4791ACA19328C685D256349FEFC 223744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2015-02-26 19:13:24 5D16C921E3671636C0EBA3BBAAC5FD25 123904 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2015-02-26 19:13:08 8F2DA3028D5FCBD1A060A3DE64CD6506 69632 ----a-w- C:\Windows\System32\drivers\bowser.sys 2015-02-26 19:13:07 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2015-02-26 19:13:07 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys 2015-02-26 19:13:07 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2015-02-26 19:13:07 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2015-02-26 19:13:06 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\drivers\ataport.sys 2015-02-26 19:13:06 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2015-02-26 19:13:06 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2015-02-26 19:13:06 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2015-02-26 19:12:08 3EEBD3BD93DA46A26E89893C7AB2FF3B 35328 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2015-02-26 19:11:19 EB6137D696A9B4E9718AC6F8641CB4C9 177152 ----a-w- C:\Windows\System32\drivers\portcls.sys 2015-02-26 19:11:19 9842041E2F5ACE1E2F5FB4EF02053DC8 81408 ----a-w- C:\Windows\System32\drivers\drmk.sys 2015-02-26 19:11:16 FC6B21DB4B5B398AB93DBE59CBF11036 36352 ----a-w- C:\Windows\System32\drivers\usbscan.sys 2015-02-26 19:11:16 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2015-02-26 19:11:15 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2015-02-26 19:11:08 7FE680A3DFA421C4A8E4879AE4C5AAB0 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys 2015-02-26 19:11:07 E306A24D9694C724FA2491278BF50FDB 196328 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2015-02-26 19:11:03 C8DFF8D07755A66C7A4A738930F0FEAC 1212352 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2015-02-26 19:11:02 3F34A1B4C5F6475F320C275E63AFCE9B 56176 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2015-02-26 19:10:59 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys 2015-02-26 19:10:51 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-02-26 19:10:51 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2015-02-26 19:10:51 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2015-02-26 19:10:39 2C2C5AFE7EE4F620D69C23C0617651A8 24576 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2015-02-26 19:10:38 03F899F521D2AAED1C55008F734DF252 116224 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2015-02-26 15:22:45 0C4E035C7F105F1299258C90886C64C5 14208 ----a-w- C:\Windows\System32\drivers\hwpolicy.sys 2015-02-26 15:22:29 F497F67932C6FA693D7DE2780631CFE7 245632 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2015-02-26 15:22:27 871917B07A141BFF43D76D8844D48106 513536 ----a-w- C:\Windows\System32\drivers\http.sys 2015-02-26 15:22:25 1B133875B8AA8AC48969BD3458AFE9F5 164864 ----a-w- C:\Windows\System32\drivers\1394ohci.sys 2015-02-26 15:22:24 55055F8AD8BE27A64C831322A780A228 116096 ----a-w- C:\Windows\System32\drivers\msdsm.sys 2015-02-26 15:22:23 D528BC58A489409BA40334EBF96A311B 242688 ----a-w- C:\Windows\System32\drivers\rdbss.sys 2015-02-26 15:22:22 673E55C3498EB970088E812EA820AA8F 153984 ----a-w- C:\Windows\System32\drivers\pci.sys 2015-02-26 15:22:21 04DBF4B01EA4BF25A9A3E84AFFAC9B20 53120 ----a-w- C:\Windows\System32\drivers\termdd.sys 2015-02-26 15:22:20 05D860DA1040F111503AC416CCEF2BCA 85376 ----a-w- C:\Windows\System32\drivers\sbp2port.sys 2015-02-26 15:22:19 5461686CCA2FDA57B024547733AB42E3 160128 ----a-w- C:\Windows\System32\drivers\vhdmp.sys 2015-02-26 15:22:19 012C5F4E9349E711E11E0F19A8589F0A 28032 ----a-w- C:\Windows\System32\drivers\msahci.sys 2015-02-26 15:22:18 CEA80C80BED809AA0DA6FEBC04733349 274304 ----a-w- C:\Windows\System32\drivers\acpi.sys 2015-02-26 15:22:17 EE43346C7E4B5E63E54F927BABBB32FF 246784 ----a-w- C:\Windows\System32\drivers\udfs.sys 2015-02-26 15:22:17 A67E5F9A400F3BD1BE3D80613B45F708 35968 ----a-w- C:\Windows\System32\drivers\winusb.sys 2015-02-26 15:22:16 4C63E00F2F4B5F86AB48A58CD990F212 53120 ----a-w- C:\Windows\System32\drivers\volmgr.sys 2015-02-26 15:22:16 280122DDCF04B378EDD1AD54D71C1E54 187904 ----a-w- C:\Windows\System32\drivers\netbt.sys 2015-02-26 15:22:14 2D699FB6E89CE0D8DA14ECC03B3EDFE0 130432 ----a-w- C:\Windows\System32\drivers\mpio.sys 2015-02-26 15:22:13 099972E1FAF4950D3994FBAB9DD21253 140160 ----a-w- C:\Windows\System32\drivers\scsiport.sys 2015-02-26 15:22:11 518395321DC96FE2C9F0E96AC743B656 173440 ----a-w- C:\Windows\System32\drivers\rdyboost.sys 2015-02-26 15:22:07 5DCEF0C32BE0F33277326586FA503689 190976 ----a-w- C:\Windows\System32\drivers\ks.sys 2015-02-26 15:22:04 A4BDC541E69674FBFF1A8FF00BE913F2 48640 ----a-w- C:\Windows\System32\drivers\ndproxy.sys 2015-02-26 15:22:01 906DCFC5EBF4EC0433F8D4FFFB0BA334 117760 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2015-02-26 15:21:59 D8A65DAFB3EB41CBB622745676FCD072 46080 ----a-w- C:\Windows\System32\drivers\ndisuio.sys 2015-02-26 15:21:57 CBE8C58A8579CFE5FCCF809E6F114E89 31232 ----a-w- C:\Windows\System32\drivers\CompositeBus.sys 2015-02-26 15:21:57 2F885864D5BC8A16C86BEE595969A48A 21504 ----a-w- C:\Windows\System32\drivers\tdi.sys 2015-02-26 15:21:57 1A078C3FE1C1F9C8561CD600C69AD300 26112 ----a-w- C:\Windows\System32\drivers\usbrpm.sys 2015-02-26 15:21:56 BE167ED0FDB9C1FA1133953C18D5A6C9 108544 ----a-w- C:\Windows\System32\drivers\cdrom.sys 2015-02-26 15:21:55 F024449C97EC1E464AAFFDA18593DB88 78336 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2015-02-26 15:21:55 B2FA25D9B17A68BB93D58B0556E8C90D 108544 ----a-w- C:\Windows\System32\drivers\tunnel.sys 2015-02-26 15:21:55 38FBE267E7E6983311179230FACB1017 118784 ----a-w- C:\Windows\System32\drivers\ndiswan.sys 2015-02-26 15:21:55 1EFBC664ABFF416D1D07DB115DCB264F 10240 ----a-w- C:\Windows\System32\drivers\acpipmi.sys 2015-02-26 15:21:54 4BD7134618C1D2A27466A099062547BF 65536 ----a-w- C:\Windows\System32\drivers\IPMIDrv.sys 2015-02-26 15:21:54 10C19F8290891AF023EAEC0832E1EB4D 24064 ----a-w- C:\Windows\System32\drivers\hidusb.sys 2015-02-26 15:21:53 FD82D2B38C465A55C527E339BA1201B1 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD.sys 2015-02-26 15:21:53 E071E5BE621FEC4590117C488A78AE32 25856 ----a-w- C:\Windows\System32\drivers\USBCAMD2.sys 2015-02-26 15:21:53 D295BED4B898F0FD999FCFA9B32B071B 39936 ----a-w- C:\Windows\System32\drivers\umbus.sys 2015-02-26 15:21:53 A5EF29D5315111C80A5C1ABAD14C8972 304128 ----a-w- C:\Windows\System32\drivers\HdAudio.sys 2015-02-26 15:21:53 9E3CED91863E6EE98C24794D05E27A71 28160 ----a-w- C:\Windows\System32\drivers\kbdhid.sys 2015-02-26 15:21:53 9036377B8A6C15DC2EEC53E489D159B5 108544 ----a-w- C:\Windows\System32\drivers\hdaudbus.sys 2015-02-26 15:21:53 6D4CCAEDC018F1CF52866BBBAA235982 12800 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys 2015-02-26 15:21:53 3C3C78515F5AB448B022BDF5B8FFDD2E 63488 ----a-w- C:\Windows\System32\drivers\wanarp.sys 2015-02-26 15:21:53 23DAE03F29D253AE74C44F99E515F9A1 6656 ----a-w- C:\Windows\System32\drivers\RDPCDD.sys 2015-02-26 15:21:53 1CB91B2BD8F6DD367DFC2EF26FD751B2 18432 ----a-w- C:\Windows\System32\drivers\tdpipe.sys 2015-02-26 15:21:53 0693B5EC673E34DC147E195779A4DCF6 26624 ----a-w- C:\Windows\System32\drivers\scfilter.sys 2015-02-25 17:32:29 A5F73D55CACA2A4FEDCDDF079939A2BA 21888 ----a-w- C:\Windows\System32\drivers\NSNetmon.sys 2015-02-25 17:32:29 4F5DDEB675D21836E688E574F911FA5C 263432 ----a-w- C:\Windows\System32\drivers\NSKernel.sys 2015-02-25 17:03:10 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_bcmwlhigh6_01009.Wdf 2015-02-25 17:02:32 46FB343BA8538009D5A24B110E8C7724 21472 ----a-w- C:\Windows\System32\drivers\SCMNdisP.sys 2015-02-25 16:45:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf ====== C:\Windows\Tasks ====== 2015-02-25 18:08:47 8A57A66D0D8ACBE42A95A4259B8F065B 3878 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater 2015-02-25 18:08:47 6BC00511DF976787A586CC40D80C53CB 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-25 17:09:06 AE4B950882A5BE28F960CA289A401E01 4018 ----a-w- C:\Windows\system32\Tasks\User_Feed_Synchronization-{A895EED4-C231-4832-ACB2-139711668433} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-22 09:23:28 -------- d-----w- C:\Program Files\trend micro 2015-03-21 09:15:16 -------- d-----w- C:\Program Files\Spotnet 2015-03-12 18:08:16 -------- d-----w- C:\Program Files\Common Files\Skype 2015-03-12 18:08:15 -------- d-----r- C:\Program Files\Skype 2015-03-05 16:51:06 -------- d--h--w- C:\Program Files\InstallShield Installation Information 2015-03-05 16:51:06 -------- d-----w- C:\Program Files\NETGEAR 2015-03-05 15:31:23 -------- d-----w- C:\Program Files\Common Files\Adobe 2015-03-05 15:31:23 -------- d-----w- C:\Program Files\Adobe 2015-03-01 16:55:07 -------- d-----w- C:\Program Files\TomTom International B.V 2015-02-26 15:56:36 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2015-02-26 15:43:39 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition 2015-02-26 15:42:46 -------- d-----w- C:\Program Files\Windows Live 2015-02-26 15:33:37 -------- d-----w- C:\Program Files\Common Files\Windows Live 2015-02-25 18:44:24 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-02-25 17:49:07 -------- d-----w- C:\Program Files\Microsoft Works 2015-02-25 17:48:53 -------- d-----w- C:\Program Files\Microsoft Visual Studio 2015-02-25 17:48:37 -------- d-----w- C:\Program Files\Microsoft.NET 2015-02-25 17:46:58 -------- d-----w- C:\Program Files\Microsoft Office 2015-02-25 17:25:20 -------- d-----w- C:\Program Files\Common Files\BullGuard Ltd 2015-02-25 17:25:19 -------- d-----w- C:\Program Files\BullGuard Ltd ======= C: ===== ====== C:\Users\John Schijven\AppData\Roaming ====== 2015-03-14 17:43:43 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\Spotnet 2015-03-14 15:51:37 -------- d-----w- C:\Users\John Schijven\AppData\Local\Spotnet 2015-03-12 18:08:28 -------- d-----w- C:\Users\John Schijven\AppData\Local\Skype 2015-03-12 18:08:24 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\Skype 2015-03-05 16:50:19 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\InstallShield 2015-03-05 15:32:01 -------- d-----w- C:\Users\John Schijven\AppData\Locallow\Adobe 2015-03-05 15:30:19 -------- d-----w- C:\Users\John Schijven\AppData\Local\Adobe 2015-03-02 18:12:50 -------- d-----w- C:\Users\John Schijven\AppData\Local\Diagnostics 2015-03-02 16:48:19 -------- d-----w- C:\Users\John Schijven\AppData\Local\Programs 2015-03-01 16:56:14 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\TomTom 2015-03-01 16:56:14 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\Mozilla 2015-03-01 16:56:14 -------- d-----w- C:\Users\John Schijven\AppData\Local\TomTom 2015-03-01 16:52:26 -------- d-----w- C:\Users\John Schijven\AppData\Local\Downloaded Installations 2015-02-27 21:17:08 -------- d-sh--w- C:\Users\John Schijven\AppData\Locallow\EmieUserList 2015-02-27 21:17:08 -------- d-sh--w- C:\Users\John Schijven\AppData\Locallow\EmieBrowserModeList 2015-02-27 21:16:46 -------- d-sh--w- C:\Users\John Schijven\AppData\Local\EmieUserList 2015-02-27 21:16:46 -------- d-sh--w- C:\Users\John Schijven\AppData\Local\EmieSiteList 2015-02-27 21:16:46 -------- d-sh--w- C:\Users\John Schijven\AppData\Local\EmieBrowserModeList 2015-02-27 20:47:46 -------- d-sh--w- C:\Users\John Schijven\AppData\Locallow\EmieSiteList 2015-02-26 15:33:38 -------- d-----w- C:\Users\John Schijven\AppData\Local\Windows Live 2015-02-25 18:37:16 87C962EEE93C09E51DC09238B926B286 109280 ----a-w- C:\Users\John Schijven\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-25 18:08:52 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\Adobe 2015-02-25 17:46:59 -------- d-----w- C:\Users\John Schijven\AppData\Local\Microsoft Help 2015-02-25 17:38:46 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\BullGuard 2015-02-25 17:26:01 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\BullGuard 2015-02-25 17:07:30 -------- d-sh--w- C:\Users\John Schijven\AppData\Locallow\Microsoft 2015-02-25 16:54:28 -------- d-----r- C:\Users\John Schijven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2015-02-25 16:54:28 -------- d-----r- C:\Users\John Schijven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2015-02-25 16:54:21 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\Identities 2015-02-25 16:54:14 -------- d-s---w- C:\Users\John Schijven\AppData\Roaming\Microsoft 2015-02-25 16:54:14 -------- d-----w- C:\Users\John Schijven\AppData\Roaming\Media Center Programs 2015-02-25 16:54:14 -------- d-----w- C:\Users\John Schijven\AppData\Local\Temp 2015-02-25 16:54:14 -------- d-----w- C:\Users\John Schijven\AppData\Local\Microsoft 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\John Schijven ====== 2015-03-21 09:15:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotnet 2015-03-21 09:15:16 -------- d-----w- C:\ProgramData\Spotnet 2015-03-12 18:08:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-03-12 18:08:09 -------- d-----w- C:\ProgramData\Skype 2015-03-05 16:51:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNDA3100v2 Genie 2015-03-05 15:31:10 -------- d-----w- C:\ProgramData\Adobe 2015-03-01 16:57:54 -------- d-----w- C:\ProgramData\TomTom 2015-03-01 16:55:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2015-02-26 16:20:41 -------- d-----w- C:\Users\John Schijven\Tracing 2015-02-25 18:44:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-02-25 17:49:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-02-25 17:46:57 -------- d-----w- C:\ProgramData\Microsoft Help 2015-02-25 17:26:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard 2015-02-25 17:22:56 -------- d-----w- C:\ProgramData\BullGuard 2015-02-25 16:54:28 -------- d-----r- C:\Users\John Schijven\Searches 2015-02-25 16:54:19 -------- d-----r- C:\Users\John Schijven\Contacts 2015-02-25 16:54:14 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\John Schijven\ntuser.ini 2015-02-25 16:54:14 -------- d--h--w- C:\Users\John Schijven\AppData 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Videos 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Saved Games 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Pictures 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Music 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Links 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Favorites 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Downloads 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Documents 2015-02-25 16:54:14 -------- d-----r- C:\Users\John Schijven\Desktop 2015-02-25 16:47:00 -------- d-----w- C:\ProgramData\Hewlett-Packard ====== C: exe-files == 2015-03-24 02:24:40 E284CFD490A1F2E03A8BE0B4C09A3DEE 74240 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2015-03-22 09:23:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\John Schijven.exe 2015-03-22 09:23:18 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NF61JJSO\RSIT.exe 2015-03-22 08:48:31 D60E27D4BD5A91FCD17D2CB27F86738E 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2015-03-22 08:48:26 4676AAA9DDF52A50C829FEDB4EA81E54 1068544 ----a-w- C:\Windows\System32\mstsc.exe 2015-03-22 08:48:26 0FC6922517964E9D90DE84DC86F63E40 350208 ----a-w- C:\Windows\System32\wksprt.exe 2015-03-22 08:40:57 9E8253F0A993E53B4809DBD74B335227 1005568 ----a-w- C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TURUG6G\dotNetFx45_Full_setup.exe 2015-03-21 09:15:20 E6FDBB66A816B3D1D96A811069442AC8 229376 ----a-w- C:\Program Files\Spotnet\win\par2\par2-classic.exe 2015-03-21 09:15:20 D17D03DEF41FF44013A5D5D6BF55B330 276992 ----a-w- C:\Program Files\Spotnet\win\unrar\x64\UnRAR.exe 2015-03-21 09:15:20 ABCAF37BDE149152CA8AB766736D4ADC 515072 ----a-w- C:\Program Files\Spotnet\win\par2\x64\par2.exe 2015-03-21 09:15:20 75375C22C72F1BEB76BEA39C22A1ED68 167936 ----a-w- C:\Program Files\Spotnet\win\unzip\unzip.exe 2015-03-21 09:15:20 1BAF578E4B16A56CDAC24D5C6B18E4F5 260096 ----a-w- C:\Program Files\Spotnet\win\unrar\UnRAR.exe 2015-03-21 09:15:20 1977F54AFB662549DCE68E26D6E48178 423936 ----a-w- C:\Program Files\Spotnet\win\par2\par2.exe 2015-03-21 09:15:18 BE6EBB6F8C6F5AD290709FD6B5E166AD 114702 ----a-w- C:\Program Files\Spotnet\lib\curl.exe 2015-03-21 09:15:16 B2344619EB86432A2391599EB35CB059 348672 ----a-w- C:\Program Files\Spotnet\SABnzbd.exe 2015-03-21 09:15:16 AB8011B91286000129AEAC36EDA49C05 1160704 ----a-w- C:\Program Files\Spotnet\Spotnet.exe 2015-03-21 09:15:16 62046B32A67A02F04C00B04F84A7A8A1 716189 ----a-w- C:\Program Files\Spotnet\unins000.exe 2015-03-21 09:15:03 0F00095C28C068C80F5AF04F5F7958FB 11065159 ----a-w- C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5AAL67TC\spotnet181.exe 2015-03-19 15:08:12 D55364110D9BC3BAF1544262245A0FC3 226504 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDirSize.exe 2015-03-19 15:08:12 8785B37F080781A679E2B229ABCD6374 82768 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgDelayStartup.exe 2015-03-19 15:08:07 E3E6B38C51022658E880674705B3D527 264528 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupRun.exe 2015-03-19 15:08:07 445ADEBB6D3B75376FA64FA1715D2BEE 352080 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BackupShellTransfer.exe 2015-03-19 15:08:05 5BF11864E2A42243C7B1B9181568FDA2 521040 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe 2015-03-19 15:08:05 43CE7F2B31C9CB162C37185FF298D481 236368 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BgCertUtil32.exe 2015-03-19 15:08:05 2C9239C3EA885B330646FF0F2B804481 240464 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe 2015-03-19 15:08:04 C8068B1F6FAAB35DD10989D024641373 1146192 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\ManualUpdate.exe 2015-03-19 15:08:04 C7FDC2C089381DFE3B9FBAFA1AE7693C 313032 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgLogViewer.exe 2015-03-19 15:08:04 9845D04CDF84549556946A6AA2CC7873 409424 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgScan.exe 2015-03-19 15:08:04 8673292AEC61B5001C69EE317C6B6C27 118608 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\UpdatePatcher.exe 2015-03-19 15:08:04 5AD741C0BC060D6ECF9DF5D3B57540F5 196944 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgSecErase.exe 2015-03-19 15:08:03 ADD6303192B5E446C4BA0C5F9C440C93 2327888 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe 2015-03-19 15:08:02 62D35E72ECD6F66DD50F6C05B4402A98 69968 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgLauncher.exe 2015-03-19 15:08:02 48AF2E796B423900962AAD9ABE967E1F 132432 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgNag.exe 2015-03-19 15:08:02 3192100BE003EDAF92DF59E240A3E0E0 75088 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgRegister.exe 2015-03-19 15:08:02 2B77C882A9A81E50AD9A04270E32D4D8 149704 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BgProbe.exe 2015-03-19 15:08:02 01CA051F434F5042BEAEA35BFB5DF114 1136328 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe 2015-03-19 15:04:37 5C46678C1595886BAF066E9152A888CB 333000 ----a-w- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe === C: other files == 2015-03-23 16:00:12 F64E9D0F25DD915332BCF05A236AA9A4 10772 ----a-w- C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7KN1V5TI\nacht[1].zip 2015-03-22 08:49:13 E951866BAC5A23403F62A349EDBB6EEB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\termmou.inf_x86_neutral_0e28c761f9ae155a\terminpt.sys 2015-03-22 08:49:13 E951866BAC5A23403F62A349EDBB6EEB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\termkbd.inf_x86_neutral_339f71420b21f4a1\terminpt.sys 2015-03-22 08:49:13 65375DF758CA1872AB7EBBBA457FD5E6 14848 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2015-03-22 08:49:12 57C527AF84748B5C2F5178C499C0B81F 27136 ----a-w- C:\Windows\System32\DriverStore\FileRepository\tsgenericusbdriver.inf_x86_neutral_93ae7b205b7d38be\TsUsbGD.sys 2015-03-22 08:48:32 7E6E0797EB91F1D63641058416044313 26880 ----a-w- C:\Windows\System32\DriverStore\FileRepository\tsgenericusbdriver.inf_x86_neutral_9002d2f3f0cfc5e0\TsUsbGD.sys 2015-03-22 08:48:29 C6A5FBD4977305E1FA23E02C042DB463 49152 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2015-03-21 13:52:37 E6C7030787CA07ACD819759365226500 1891275 ----a-w- C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5AAL67TC\DBCLoader11.zip 2015-03-21 09:15:19 CEC377014B9500F6907523ABB35090B9 4692380 ----a-w- C:\Program Files\Spotnet\lib\sabnzbd.zip 2015-03-21 09:15:19 35F1020D983FF711E51ED4D68E6948F6 1376889 ----a-w- C:\Program Files\Spotnet\lib\sabhelper.zip 2015-03-19 15:08:06 1DE279C586E6320FFF2D76A93BE0FC21 408280 ----a-w- C:\Program Files\Common Files\BullGuard Ltd\BullGuard\Antivirus\Antirootkit\trufos.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-763893080-186385914-86791336-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "TomTomHOME.exe"="C:\Users\John Schijven\Downloads\TomTom HOME 2\TomTomHOMERunner.exe -s" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot" "BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "TomTomHOME.exe"="C:\Users\John Schijven\Downloads\TomTom HOME 2\TomTomHOMERunner.exe -s" ==== Startup Folders ====================== 2015-03-05 16:51:06 900 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [20-03-2015 16:34] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\User_Feed_Synchronization-{A895EED4-C231-4832-ACB2-139711668433}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "antiphishing@bullguard"="C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\JOHNSC~1\AppData\Roaming\TomTom\HOME\Profiles\j27w4m14.default - Map status indicator - C:\Users\John Schijven\Downloads\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Users\John Schijven\Downloads\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {FF822549-1620-40AE-9865-225AA4491F34} Google Url="https://www.google.com/search?q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\antiphishing@bullguard deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe" -boot O4 - HKLM\..\Run: [BullGuardUpdate2] c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Users\John Schijven\Downloads\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: NETGEAR WNDA3100v2 Genie.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIE.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TomTomHOMEService - TomTom - C:\Users\John Schijven\Downloads\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: WSWNDA3100v2 - Unknown owner - C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe ==== Empty IE Cache ====================== C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TURUG6G will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4 folders=3 1063 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\John Schijven\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JOHNSC~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\John Schijven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9TURUG6G" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on di 24-03-2015 at 19:54:35,19 ======================