Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by admin on za 13/06/2015 at 12:35:40,03.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\admin\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-06-13-095521.log	69755 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\admin\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8078 MB
CPU Info: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
CPU Speed: 2297,4 MHz
Sound Card: Not detected
Display Adapters: | RDP Encoder Mirror Driver
Monitors: 1x; 
Screen Resolution: 800 X 600 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Intel(R) Centrino(R) Wireless-N 2230 | Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (F: | ) F: SlimtypeDVD A  DS8A8SH
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  372,6GB | D:  533,6GB
Hard Disks - Free: C:  286,7GB | D:  492,1GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 05/23/12 | _ASUS_ - 1072009
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK COMPUTER INC. N76VM
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Bitdefender Antivirus Free Edition On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Bitdefender Antivirus Free Edition disabled (Outdated)
Default Browser: Google Chrome	43.0.2357.124
Internet Explorer Version: 11.0.9600.17843 
Google Chrome version: 43.0.2357.124
Adobe Reader version: 15.7.20033.133275
Sun Java version: 1.8.0_45 (32-bit) 
Sun Java version: 1.8.0_45 (64-bit) 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\admin\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-11 07:09:35	2CA16814DA3C5B2D8C7E70DC47A45ED1	551424	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-06-11 07:09:34	FCA6EFFEE6D7D42E794F0E538297026C	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-06-11 07:09:34	FB224B0A63B8F58E91FE8A314AD295AD	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-06-11 07:09:34	F85FA29340A536C8E0A16151B9B03923	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-06-11 07:09:34	EA141596564AE0C670EDD0F2636EC29C	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-06-11 07:09:34	BBABC6702529CFADAC0EC2B28168A288	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-06-11 07:09:34	A9E8F961F7FE1EDEEF8F46EEB800F2D8	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-06-11 07:09:34	9E68E1BDEBD85FC8803707370BE0FC6E	641536	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2015-06-11 07:09:34	9A50B2567918BF7DDD600ECE5DB5ED76	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-06-11 07:09:34	8C7635292CFF4901F058269454A1D64E	1310744	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-06-11 07:09:34	7A9F94E0F53C8F6E09405351AC104A3C	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-06-11 07:09:34	6C06D2B1CF88AB83F1CFB24928F63107	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-11 07:09:34	65A5E27C2217D606E212B6088CCD6104	92160	----a-w-	C:\Windows\SysWOW64\sechost.dll
2015-06-11 07:09:34	641A14E6AC492ED45BC68815E2E2F566	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 07:09:34	629AD3FDA168D82D459164044A29F9BB	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-06-11 07:09:34	583FFF12D2F0D6E1A8746462C433895F	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 07:09:34	5643A88C6DA8AAEC9CE2845431942650	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-06-11 07:09:34	558227F567E977D71B9182013EF03E9C	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 07:09:34	4238391DE3E3FDCD2C731C1E4E0F402C	635392	----a-w-	C:\Windows\SysWOW64\tdh.dll
2015-06-11 07:09:34	3E6731BF36A7D6C62D09671B427B6B67	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-06-11 07:09:34	3C1BE79C3CE6EB378108B11D94CA1072	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 07:09:34	3B5DA649BF7B7D07510C06DE0AEEB4EB	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-06-11 07:09:34	2D23A10FBFA09DC1B61799128BBA91A2	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-06-11 07:09:33	F81920ADB15012CF4E9FF8238C85686A	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-06-11 07:09:33	F72A9953199EF5807D595AE3694B5D01	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-06-11 07:09:33	EEA17E843EE2EE50D623BEACF50BD815	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-11 07:09:33	EC6E5AE2ECFE7A335B370865A1158EF8	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-11 07:09:33	D877133532CE090502B1166B360E9516	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 07:09:33	7E7933E63BBE2BE71CC908EF140458EF	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-06-11 07:09:33	6C730482615C97B923B88C648FF554A3	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-06-11 07:09:33	619D5101114C71E1A4A585C5E68301B7	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-06-11 07:09:33	52C869A640B8169D7C8460FB1646ABF5	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-06-11 07:09:33	2E65BF3D85BB2C831669FBCBDE6C9879	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-06-11 07:09:16	8C3A03295F56D1FFB51D9D05DA42B12D	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-11 07:09:16	81C1182A9EE7AC4D21187811DE66A7D0	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-06-11 07:09:15	9F6066005D8B8620598085C7499E9B70	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-11 07:09:15	6B7210618D7E2CE0404ECF748701253A	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 07:09:14	F26680AF396F89F7ABFDA1D1D6B62011	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 07:09:14	96837E5864777688477AF6DE2332C06D	503808	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-06-11 07:09:14	7C9F8DB66A56306C5BBE97F9FC0F01EF	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 07:09:14	53E9614ADFA6A40A452BA014CEF6F261	1309696	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-06-11 07:09:14	2DED8A99E45053C42DD21D6937D3960C	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 07:09:14	185490A6C3BEDAC5EF547314F68AB07B	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 07:09:13	975421AC32F9F6E27A58F75DAB4B5871	19607040	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-06-11 07:09:12	B6D8148C1C697A7BF04EE0FE82408B6A	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 07:09:12	5C06EE62F06E990E9521EA80B8D4D4B8	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-06-11 07:09:11	C93AE4D14AEF5169791B35D97AE7C9FC	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-06-11 07:09:11	C27C8CACEBC712BE2AD791715E9734EC	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-06-11 07:09:11	927E38A35E4DFC4E294BD130BAA6F759	2278912	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-06-11 07:09:11	7DBCBB1647B7CD71E2039C1B50A12717	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 07:09:11	4ABEEF30EA5B9F4718312DCB60B6C9BC	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 07:09:10	E21AE910DF0C5CB7D46D8FA17A4567DE	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 07:09:10	1A628C1F5470F0AF21E37E425026F27A	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-06-11 07:09:10	17B0852D8202A872C3E6D01B518B6A4E	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-06-11 07:09:09	DB254D50B4527C2821C537E0587B44E8	12829696	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-06-11 07:09:09	8C8B8C78C0CCD5D36ABCB115B0B581E1	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-06-11 07:09:08	E4EB138060BAE0DBAB1A3B71A3141FE7	1950720	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-06-11 07:09:08	85E21CCF38166E0D6DE2E42D9D3823BD	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-11 07:09:08	3FD7E6DB5D81FE400DB4D81D278596E6	4305920	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-06-11 07:09:07	FB5C9234E4BF6BDAF4A954763A4582BA	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-06-11 07:09:07	EF853EA2A6A7BD891CCF31B0C2915352	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-06-11 07:08:55	58788565442368B0615DDAF1D452B843	530432	----a-w-	C:\Windows\SysWOW64\comctl32.dll
2015-06-11 07:08:54	A98E8F79C738CAF23C152DBCABD978FE	11411456	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-06-11 07:08:53	DA27A4EA7B7C77FAFDB3F94D83E310C1	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 07:08:53	605E9B2CFA3445ED7716D0B345EE21EC	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-06-11 07:08:53	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 07:08:53	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-11 07:09:35	AA5319FA8602676B5D3A2B4A1355896D	1255424	----a-w-	C:\Windows\Sysnative\diagtrack.dll
2015-06-11 07:09:35	93A05407F8E53BC731C42AAD56163F80	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-06-11 07:09:35	8DCA1C70AF170C3FBCE47A4F49BFC887	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-06-11 07:09:35	6FDF03A3B110C5264F52F979335AE301	1162752	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-06-11 07:09:35	6ECD6D92F43C2DC55099F892978D5BE7	728576	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-06-11 07:09:35	4FFD08A01047EF6B58F6EB4E6D001A8D	879104	----a-w-	C:\Windows\Sysnative\advapi32.dll
2015-06-11 07:09:34	FF9BBFAE899091C1FF0D1A3F2C587911	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-06-11 07:09:34	E20BF3FA89DE67B00ED713B5254C0BF0	47104	----a-w-	C:\Windows\Sysnative\typeperf.exe
2015-06-11 07:09:34	D68690450978D127E030FB14E9B2023B	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-06-11 07:09:34	CCB352B939B77B38983DD878C547451F	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-06-11 07:09:34	AD54856A16B635720B0BE5FAF44526FC	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-06-11 07:09:34	A929B9ABA1083AF35ECE7BD63AF3E42F	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-06-11 07:09:34	A5F57F4866C2DC7F8215058D7D56BD21	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-06-11 07:09:34	9E2A2028228645DD57EF45A02CAC0CCE	5569984	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-06-11 07:09:34	9BBEA639884C0338DD78654277BD188A	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-06-11 07:09:34	996EE6571ADB880A60846DD02C8D5869	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-06-11 07:09:34	858F04B3C39239972959E9EE97CACAE4	43008	----a-w-	C:\Windows\Sysnative\relog.exe
2015-06-11 07:09:34	7C5E375F20F639607376351A8BCC0647	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-06-11 07:09:34	6ACD3C75BE449F039E1A4E43424D5B6F	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-06-11 07:09:34	6703266C1E56157B5965F9AC868A20AC	404992	----a-w-	C:\Windows\Sysnative\tracerpt.exe
2015-06-11 07:09:34	66DF73B202105406602941778792FE3D	879104	----a-w-	C:\Windows\Sysnative\tdh.dll
2015-06-11 07:09:34	5EC57AC6DC16CB8A058CA019AA2C188D	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-06-11 07:09:34	53042708C242959B3924242FBBE297B1	1728960	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-06-11 07:09:34	4F90A7A0FCBC0ED18E573917860062FF	113664	----a-w-	C:\Windows\Sysnative\sechost.dll
2015-06-11 07:09:34	48C30C54194142910FB6B86D308220ED	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-06-11 07:09:34	37DFCC91E419952772E02F2B3BBB2E2B	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-06-11 07:09:34	289D99B0879C6ED5C6D1B3A856CA6DA3	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-06-11 07:09:34	2313AF8D5A9CEB4A55400A01DD311A95	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-06-11 07:09:34	210E7D1EA34369194BE09493784E27BE	104448	----a-w-	C:\Windows\Sysnative\logman.exe
2015-06-11 07:09:34	1B93381366141875D8EE7EC1085236B9	19456	----a-w-	C:\Windows\Sysnative\diskperf.exe
2015-06-11 07:09:34	17A6A9AAD04CCC6EE53290585BFC43AF	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-06-11 07:09:34	16154A6682B1552DEAB953BFA4B8E955	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-06-11 07:09:34	13DE715D959DD502CFD52DC920408B33	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-06-11 07:09:34	11D5815F0DC571CE3C72213B375860B1	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-06-11 07:09:34	03BA5D20751137F3A705B389C52DB8D6	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-06-11 07:09:33	AF557D115972A73964FC8F209300948A	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-06-11 07:09:33	8A4EB32C7C948F70EAC6F85063596A39	36864	----a-w-	C:\Windows\Sysnative\UtcResources.dll
2015-06-11 07:09:33	837BBE4170D5A75F293BD6F294A8FE34	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-06-11 07:09:33	6E882D7CA34073890107559B5A515A24	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-06-11 07:09:33	6ACFCC28E4D60B5A931D8749332A14E2	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-06-11 07:09:33	5A17FF38EDE95B2313E428BF444126D7	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-06-11 07:09:33	20BD408AC3F8576997D6A47F48A1C5B2	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-06-11 07:09:16	9DB8E01D5A546FAFCACE95489E351186	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-06-11 07:09:16	73509D13542A90E260F45D1D6D4100A8	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-06-11 07:09:14	9E2B8C0601E3D460F78F0233B509CE4F	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-06-11 07:09:14	70D24021ED327CE7FFA9DEE327BB4C6B	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-06-11 07:09:14	4BD747AAF01C480901B3E777EC48826B	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-06-11 07:09:12	D202078FBA3A77B85D39669EE4110DE2	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-06-11 07:09:12	3C3E159F284F51D55DB59C3D0B843979	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-06-11 07:09:11	6ABFC5736EC920C4436F32111F5CBCEE	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-06-11 07:09:11	36F3718E67F442F54AB4A39DCDD8FD19	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-06-11 07:09:10	86FDFEA67833DB261EC01A777594EDCF	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-06-11 07:09:10	57DFACB53ED16190EF732E2430B39741	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-06-11 07:09:10	083BCA14FCE290D682D8DAC9372CBF23	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-06-11 07:09:09	FF84182188CA8F0DC28CFED06C9B7816	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-06-11 07:09:09	7F8F9AE03D1BA4354671E05F07A40F1A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-06-11 07:09:09	5F8EE9311ECF078CD9426874FFAD660C	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-06-11 07:09:08	6E295C7364DAEB151CC0E98434B6AC92	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-06-11 07:09:08	33B5F1A727FACDEA7CDA0E35FFAADDCF	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-06-11 07:09:07	AFF5C12099B87FA645F8867701729894	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-06-11 07:09:07	AE5A2843B4A2E1E558B9EE13EF62CCE5	14404096	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-06-11 07:09:07	8909A24DA8B5C426CF6595BA843B6CC5	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-06-11 07:09:07	35622F5A652C4E16774234DCA0026E74	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-06-11 07:09:07	0EDA3219FA027A486AA11269355AB279	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-06-11 07:09:06	CFA52E2FE8E623042A1EEF96EB1B9481	6026240	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-06-11 07:09:06	ACD6FE6C82B93813F023FC01A51CB940	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-06-11 07:09:06	83781DF625A4448B39410D7FA2BDC48D	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-06-11 07:09:06	4A5A84B457C72E79A64AE4036EC6BB0E	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-06-11 07:09:06	417F80E4AFBA1AA9EBBD618F1C6D9165	2426880	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-06-11 07:09:06	3854BFE1C0F14872C94501421CC40813	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-06-11 07:09:05	2BC2D3A41BB755487FD55C09938F00BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-06-11 07:09:05	16091938F6CDBCCCBA1CBE24600121BC	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-06-11 07:09:05	06A8CE6C3AE6B7916F026B0EFDDCAAA5	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-06-11 07:09:04	A29BAFC1543F9D2234AFFFEA9BCE76C8	24917504	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-06-11 07:08:55	9D80A82B0BB77AC3EF6A87FA0C534E20	14635008	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-06-11 07:08:55	51F89CE2D0FEC66070354504E6C4C3E4	633856	----a-w-	C:\Windows\Sysnative\comctl32.dll
2015-06-11 07:08:53	834FD7C31EA16D59CC3B2DC60F2F2620	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-06-11 07:08:53	51ECEE70F33601310DDEF3EEE39550D3	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-06-11 07:08:53	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-06-11 07:08:53	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-06-11 07:06:44	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-06-05 18:02:59	E87D4371B24BC9E5BAE95AEA60FFD959	193536	----a-w-	C:\Windows\Sysnative\aepic.dll
2015-06-05 18:02:59	CFF429F2234C1D1A5993E80F46C37CFB	1119232	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-06-05 18:02:59	B23AB4C401E2DE02C47B7497D41E2318	757248	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-06-05 18:02:59	6F07FC190DBCB42C8A5319235F72F906	423424	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-06-05 18:02:59	6E2EB5A36C3CCD917F7FF9BED7C1390E	45568	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-06-05 18:02:59	587BBA3B3959144334700EC48232712F	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-06-05 18:02:59	52DEF4C743C2EABD6BD3EDC790A0E778	1021440	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-06-05 18:02:59	2DCA988113A02EB9BCB98A5DC2D34E57	700416	----a-w-	C:\Windows\Sysnative\generaltel.dll
====== C:\Windows\Sysnative\drivers =====
2015-06-11 07:09:34	BF69D973523D539A35807946C6DA7E16	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-06-11 07:09:34	272C27711C8AA6E7815EE33F8ACA9C66	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-06-11 07:08:53	36E0DDD19038C92B7C7709BFA03F813F	69888	----a-w-	C:\Windows\Sysnative\drivers\stream.sys
2015-05-25 09:33:15	3B9549FEF98AB1768A1D6A919F355B70	261056	----a-w-	C:\Windows\Sysnative\drivers\avchv.sys
2015-05-25 09:33:14	AAE1DAE483DD57D0E267FCA42FCB5133	718840	----a-w-	C:\Windows\Sysnative\drivers\avc3.sys
2015-05-25 09:33:14	8183B715BD56561C27BEBB68B1192B7A	593144	----a-w-	C:\Windows\Sysnative\drivers\avckf.sys
2015-05-25 09:30:34	408B664926675C270D911160F1631D6B	148696	----a-w-	C:\Windows\Sysnative\drivers\gzflt.sys
2015-05-25 09:30:34	132C0E39AF0312E6B9611E2E1B344D41	382536	----a-w-	C:\Windows\Sysnative\drivers\trufos.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-06-13 07:36:54	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\admin\AppData\Roaming ======
2015-06-13 09:53:24	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-06-13 09:53:24	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-06-13 09:53:24	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Temp
2015-06-13 09:53:24	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-06-13 09:53:24	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-06-13 09:53:23	--------	d-----w-	C:\Users\admin\AppData\Local\Temp
2015-06-12 20:28:12	--------	d-----w-	C:\Users\admin\AppData\Local\ElevatedDiagnostics
2015-06-12 19:19:25	--------	d-----w-	C:\Users\Default\AppData\Local\ASUS
2015-06-12 19:19:25	--------	d-----w-	C:\Users\Default User\AppData\Local\ASUS
2015-06-01 18:06:42	--------	d-----w-	C:\Users\admin\AppData\Local\GWX
====== C:\Users\admin ======
2015-06-13 07:36:22	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\admin\Desktop\RSITx64.exe
2015-05-25 09:33:46	8BE8D88DE0A66E3B7374AB3C5E34C753	205449	----a-w-	C:\ProgramData\1432546217.bdinstall.bin
2015-05-25 09:33:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
2015-05-25 09:26:36	784FF9F5E74399D16E9BD59E785F3183	2052	----a-w-	C:\ProgramData\1432545994.1028.bin
2015-05-25 09:26:34	26C2F08CE9B948019175F84C7E326304	41882	----a-w-	C:\ProgramData\1432545994.5404.bin
2015-05-25 09:26:08	81D20756D66CD7C3745D816C7D16048A	117340	----a-w-	C:\ProgramData\1432545953.6368.bin
2015-05-25 09:25:59	D84252B8FC56DD47E5BC813C7FC41791	6932	----a-w-	C:\ProgramData\1432545953.6572.bin
2015-05-25 09:25:59	273CE342D299E5E6175009F20AF95CD7	1230	----a-w-	C:\ProgramData\1432545953.6288.bin
2015-05-25 09:25:53	75427D5BBC17C6841440506FF0D33D1B	119328	----a-w-	C:\ProgramData\1432545953.6688.bin

====== C: exe-files ==
2015-06-13 07:36:54	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\admin.exe
2015-06-13 07:36:22	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\admin\Desktop\RSITx64.exe
2015-06-11 07:09:34	FB224B0A63B8F58E91FE8A314AD295AD	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-06-11 07:09:34	F85FA29340A536C8E0A16151B9B03923	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-06-11 07:09:34	E20BF3FA89DE67B00ED713B5254C0BF0	47104	----a-w-	C:\Windows\System32\typeperf.exe
2015-06-11 07:09:34	9E2A2028228645DD57EF45A02CAC0CCE	5569984	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-06-11 07:09:34	9BBEA639884C0338DD78654277BD188A	112640	----a-w-	C:\Windows\System32\smss.exe
2015-06-11 07:09:34	858F04B3C39239972959E9EE97CACAE4	43008	----a-w-	C:\Windows\System32\relog.exe
2015-06-11 07:09:34	6C06D2B1CF88AB83F1CFB24928F63107	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-11 07:09:34	6703266C1E56157B5965F9AC868A20AC	404992	----a-w-	C:\Windows\System32\tracerpt.exe
2015-06-11 07:09:34	641A14E6AC492ED45BC68815E2E2F566	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 07:09:34	629AD3FDA168D82D459164044A29F9BB	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-06-11 07:09:34	583FFF12D2F0D6E1A8746462C433895F	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 07:09:34	48C30C54194142910FB6B86D308220ED	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-06-11 07:09:34	3E6731BF36A7D6C62D09671B427B6B67	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-06-11 07:09:34	3C1BE79C3CE6EB378108B11D94CA1072	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 07:09:34	3B5DA649BF7B7D07510C06DE0AEEB4EB	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-06-11 07:09:34	210E7D1EA34369194BE09493784E27BE	104448	----a-w-	C:\Windows\System32\logman.exe
2015-06-11 07:09:34	1B93381366141875D8EE7EC1085236B9	19456	----a-w-	C:\Windows\System32\diskperf.exe
2015-06-11 07:09:34	17A6A9AAD04CCC6EE53290585BFC43AF	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-06-11 07:09:34	16154A6682B1552DEAB953BFA4B8E955	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-06-11 07:09:34	03BA5D20751137F3A705B389C52DB8D6	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-06-11 07:09:33	EEA17E843EE2EE50D623BEACF50BD815	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-11 07:09:33	EC6E5AE2ECFE7A335B370865A1158EF8	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-11 07:09:16	73509D13542A90E260F45D1D6D4100A8	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-06-11 07:09:14	70D24021ED327CE7FFA9DEE327BB4C6B	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-06-11 07:09:14	2B3CF8F7903266E2AA5C9D9850FAA8F6	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-06-11 07:09:12	8D4E75DEAA0FFBEFB5F366A4770D9644	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-06-11 07:09:12	29874C10D7D0088CD8743EC8F5DABBE4	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-06-11 07:09:11	9F45DA24EBAE4180F70D03503580E8CA	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-06-11 07:09:10	E21AE910DF0C5CB7D46D8FA17A4567DE	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 07:09:10	57DFACB53ED16190EF732E2430B39741	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-06-11 07:09:09	52956B4DD1899CB09BB50FB939F6E99D	490496	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-06-11 07:09:08	FF9877ABCA06D539264275321C97BB07	814288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-06-11 07:09:07	0EDA3219FA027A486AA11269355AB279	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-06-11 07:08:53	E39D7E7FCC5D4B77B8CBA52FEF8753DE	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2015-06-11 07:08:53	8D3316795ACCC0EC0DD6A844E046DA68	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2015-06-11 07:08:53	6F139F39295000E6301C0D08F7493CC6	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-06-11 07:08:53	5F7B628B5F10531E8DE3E711ED73AAD7	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-06-11 07:08:53	44854DDB738BF2C507FC2162245361D6	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2015-06-11 07:08:53	3505E5A7664FD84AC8AE51FE3B545AE1	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-06-09 19:35:44	74D7DFE507EA48737061EA8E990157E8	2212944	----a-w-	C:\Program Files (x86)\Google\Update\Install\{252189A2-9A8A-4AB2-9669-F1EF2CD07B99}\43.0.2357.124_43.0.2357.81_chrome_updater.exe
2015-06-09 19:35:44	74D7DFE507EA48737061EA8E990157E8	2212944	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_43.0.2357.81_chrome_updater.exe
2015-06-09 19:34:15	8B303EBBC88D0BB795557DA659EE7F92	453720	----a-w-	C:\ProgramData\NVIDIA\Updatus\Download\77EB\updatus.19655412_RUNASUSER.exe
=== C: other files ==
2015-06-11 07:09:34	BF69D973523D539A35807946C6DA7E16	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-06-11 07:09:34	272C27711C8AA6E7815EE33F8ACA9C66	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-06-11 07:08:53	36E0DDD19038C92B7C7709BFA03F813F	69888	----a-w-	C:\Windows\System32\drivers\stream.sys
2015-06-11 07:06:44	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3441671481-3117547957-1868338228-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"BingSvc"="C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"ASUS InstantKey"="C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe"
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"BingSvc"="C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 "
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ACMON]
"command"="C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe"
"hkey"="HKLM"
"item"="ACMON"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AmIcoSinglun64"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSWebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.108.222\\AsusWSPanel.exe /S"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RemoteControl10"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Cyberlink\\PowerDVD10\\PDVD10Serv.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RTHDVCPL"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\admin\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SUPERAntiSpyware"
"hkey"="HKCU"
"command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePSTShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdatePSTShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerStarter\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AsusVibeLauncher.lnk"
"backup"="C:\\Windows\\pss\\AsusVibeLauncher.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\ASUS\\AsusVibe\\ASUSVI~2.EXE /start"
"item"="AsusVibeLauncher"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/04/2015 17:12]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/04/2015 17:12]
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe]
"C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bmkckgpgekmanipelfidlhmkfcjicion - No path found[]

Google Slides - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Wallet - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
be":-2.2293886449264093,"www.pc-helpforum.be":-2.2293886449264093,"www.twinset.com":2.223901085741545}}},"password_bubble":{"nopes":0},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{"vip-selection.be,*":{"setting":1}},"fullscreen":{},"geolocation":{"http://www.nieuwsblad.be:80,http://www.nieuwsblad.be:80":{"setting":2},"https://www.google.be:443,https://www.google.be:443":{"setting":1}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"https://www.google.be:443,https://www.google.be:443":{"geolocation":1,"last_used":{"geolocation":1430681071.512968}},"vip-selection.be,*":{"cookies":1}},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\admin\\Desktop"},"selectfile":{"last_directory":"D:\\Valerie\\Documents\\Word"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13074372560934677"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":2},"translate_last_denied_time":1430121521832.253,"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}}
,"icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"homepage":"http://www.google.com","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"688D53B93EE372DF2FEE0614B1CC73CFD0ACCDE6843954899262A35DD385CA0E"},"default_search_provider":{"keyword":"C186B5800B019F73800696872340FFAE12C714092A4417683EAC932A3DCEDD2E","name":"0E5A6A5D7EDE8C0A62A5F40FAD875E2A383C0C878F7DA5250A7C705DC1F6BBA2","search_url":"257413591B5325DA89AEAE2AE2E107CFA12DBF42F19EED042B5B045D2ACA58C1"},"default_search_provider_data":{"template_url_data":"0235CA5EC8EAAB964CECFB1FAA4C41F4B2476D01AAF840CB07541C437C2264F8"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"B687AD18B8BA137BFF3EB623D0B2F4F02DDD51AD706F7A979CDE51BF3815A0E0","ahfgeienlihckogmohjhadlkjgocpleb":"A02EF6BC54CB65ED4AC8A9CCD7F2CF1D01FB3F4664A03E1B212CAA39CA6E2180","aohghmighlieiainnegkcijnfilokake":"A0E957A57855D44BA0661E62223419FD2416E27D443EBE3A7E1A04E9ADDC8ABC","apdfllckaahabafndbhieahigkjlhalf":"A7FFE4781A3975938AC9639401142BA0AAC86FB5B7AEB0253CC857EFE885ED40","bepbmhgboaologfdajaanbcjmnhjmhfn":"40BABB786445C1FF9270F2647D894114AC931164E5A25760C75AB010F9FC782C","blpcfgokakmgnkcojhhkbfbldkacnbeo":"87362AB8CE99B487D39A2D39165253E2A5688945DC26D6F22B72F265467CCD2D","bmkckgpgekmanipelfidlhmkfcjicion":"32EAF878D64D44D6105BC05500EFE7A43159AA04213DDD045B305E43CA159838","coobgpohoikkiipiblmjeljniedjpjpf":"0BDEE097FA11DF0EBDAC9F51D5212022B4074A86A514460C384E3724F7825346","eemcgdkfndhakfknompkggombfjjjeno":"DA0E658525E0D45909F10BC87736538C829EE3196B94BAF41CDE567D36F78F7D","ennkphjdgehloodpbhlhldgbnhmacadg":"9DFA6F698787D3F92A73E6FCFA3FA7BF016E9A7C8B59F04F56B1EDB318D0E215","fabcmochhfpldjekobfaaggijgohadih":"A43F1BFC0261C1EF241D3E88320B6EB885F58E3F58CA66762FF1C5BD726B3E68","felcaaldnbdncclmgdcncolpebgiejap":"B80639AE86BBA3623EECBEC2D9D9D6FCF24B87724851982A4580BB13CFA90C8F","gfdkimpbcpahaombhbimeihdjnejgicl":"46797261CBDBD926E9F16DC7D9535723045D88395FF09A9F5834847C3531AB1B","kmendfapggjehodndflmmgagdbamhnfd":"E4771C400DF9657677106A455DAA0DBAED892FC0E9B6F10425B52F395760BD3A","mfehgcgbbipciphmccgaenjidiccnmng":"4559CA0FBE28CA4D91CAC400F658279B16807252EEF2B75A31A9756D1E49C81A","mgndgikekgjfcpckkfioiadnlibdjbkf":"850AC271CEE08323F900CD9BD0228682BE887F1E9308A6EAA004C42332339657","mhjfbmdgcfjbbpaeojofohoefgiehjai":"2AD9513672B9D838E507DF787D5687BE3CD1F5639D586FD180C6E4BA9DDDCBD9","neajdppkdcdipfabeoofebfddakdcjhd":"42929821E1F95E66ED5FB1809138BE9D8F1E1A4DB6DDA4961FF33E791B82500E","nkeimhogjdpnpccoofpliimaahmaaome":"FFF49CB9B19BBB4BD4AFB4700D0D0C30078C3A4D5D79ADF417FC53D8585FD9B9","nmmhkkegccagdldgiimedpiccmgmieda":"15A11BF2F1AC370475EF887196ECD8A79A34A4E3AA490723BE55ADA6C3815693","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"48EB897049153E51EA45098B3526225BD6D013E12F90FCFBCD1FB1884CD1E4F6","pjkljhegncpnkpknbcohdijeoejaedia":"FF5FD3DE4E2F72942F2BE655FA5DCD13668E3FA09C2D0C1C0D7557DDD5D8A012"}},"google":{"services":{"last_username":"E4D256207E7D19289BDEFCC6BBCD252AF1402C8709A3C75238490B58937DC6BF","username":"6550B755E9B20E3433CB8003CBEB9A68A9591774CD74E691FF9B79C3FD7D7C8B"}},"homepage":"9DB24DF890457B72C36C1AB6287ED30D7C036BE60032C40530FBC9862DCEA1E2","homepage_is_newtabpage":"91B49325632D66EE63BD2F1B5E3E3C88A6CCEB1B491B35A01EFE6C30175F0B8E","pinned_tabs":"8980E40DAD0EFA9A08CE8051FE5E6E7B5E404B25C026B5B38B1F9EE4BB6299B5","prefs":{"preference_reset_time":"200E3C3592B3123A19F523B8E64D74475492C0DB03889DBF29177188F6F3398B"},"profile":{"reset_prompt_memento":"D5C8F77459E2BABED4B4108449C64F2E7CC3881700E5A30751CFE3AA52DFAC03"},"safebrowsing":{"incidents_sent":"475329059BEDAEEA44CE8D6B66FF1F39E2ABA75BE19479BC59D6B3B61EE3A72A"},"search_provider_overrides":"3882FE477F0B9D570C5AA62AE91A9548D63347044E799F81C504F7984F6FD910","session":{"restore_on_startup":"19E21BC4837071A92D508EF13071434D63E8691CA9BB7B0FC8FE49B735143B97","startup_urls":"6ED83535A11B9CBC32BF1FBD4413C3D1766F9947E052025EA7FED00519D41555"},"software_reporter":{"prompt_reason":"561760778ABB82DB15F8C3833C22141953922C6EDAB3F1527F1965179F7E3076","prompt_seed":"B12AF45FAEE7F0FF6EFEAC990BCA24C73C9A14ECF997517A4C4DAEF688A7E275","prompt_version":"988EE28B1255E3FE6FC885B934A312261DD2A12A7D2CCD23A9225E7E20B7F668"},"sync":{"remaining_rollback_tries":"4FFF68FEC18604369E03D3EE9D77876422A640C2EA7C53308D1C4077AF7D0460"}},"super_mac":"240179A14D48C75FBF8F2ED6BD5D2815C4BC31FA67BD4D9ABA7CF9FA4C086AC3"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"]}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ASUS InstantKey] C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\admin\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4 folders=3 2412 bytes)

==== Empty Temp Folders ======================

C:\Users\admin\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\admin\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 13/06/2015 at 13:02:42,31 ======================