
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by RON12 on za 15-08-2015 at 11:28:26,72.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\RON\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

15-8-2015 11:31:17 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\RON12\AppData\Roaming\Common deleted successfully
C:\Users\RON12\AppData\Roaming\PiccShare deleted successfully
C:\Users\RON\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\RON\AppData\Local\EmieSiteList deleted successfully
C:\Users\RON\AppData\Local\EmieUserList deleted successfully
C:\Users\RON\AppData\Local\{1FEA563C-90E0-4ED2-928A-655D05ED86A0} deleted successfully
C:\Users\RON\AppData\Local\{21AB6627-FEB4-454A-A68D-CA5E6EE677B7} deleted successfully
C:\Users\RON\AppData\Local\{7D497D4A-01FF-494F-8CBC-77458EE3478F} deleted successfully
C:\Users\RON\AppData\Local\{988D8219-080D-4B87-920B-1AE38B737984} deleted successfully
C:\Users\RON\AppData\Local\{9E52B774-589A-416C-AFA8-50C02AA5FDB4} deleted successfully
C:\Users\RON\AppData\Local\{B026E1B5-59E5-4D11-9085-C38D9E0C7716} deleted successfully
C:\Users\RON\AppData\Local\{C5DA2492-937A-4383-BF07-CDA5B85C1A6F} deleted successfully
C:\Users\RON\AppData\Local\{CCF42349-86C3-4FBC-8FC1-43936F454712} deleted successfully
C:\Users\RON\AppData\Local\{D2E328BE-7478-4165-A27F-028AE5C2A34B} deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

æTorrent  
Aangifte inkomstenbelasting 2009  
Aangifte inkomstenbelasting 2010  
Aangifte inkomstenbelasting 2011  
Aangifte inkomstenbelasting 2012  
Aangifte inkomstenbelasting 2013  
Acer Arcade Deluxe  
Acer Backup Manager  
Acer eRecovery Management  
Acer GameZone Console  
Acer Registration  
Acer ScreenSaver  
Acrobat.com  
Adobe Flash Player 18 ActiveX  
Advertising Center  
Alice Greenfingers  
Amazonia  
ATI Catalyst Install Manager  
Backup Manager Advance  
Bandicam  
Bandisoft MPEG-1 Decoder  
Bing Bar  
Canon Easy-WebPrint EX  
Canon Inkjet Printer/Scanner/Fax Extended Survey Program  
Canon MP560 series MP Drivers  
Canon Utilities Easy-PhotoPrint EX  
Canon Utilities My Printer  
Canon Utilities Solution Menu  
Catalyst Control Center - Branding  
Catalyst Control Center Core Implementation  
Catalyst Control Center Graphics Full Existing  
Catalyst Control Center Graphics Full New  
Catalyst Control Center Graphics Light  
Catalyst Control Center Graphics Previews Vista  
Catalyst Control Center InstallProxy  
Catalyst Control Center Localization All  
ccc-core-static  
ccc-utility64  
CCC Help Chinese Standard  
CCC Help Chinese Traditional  
CCC Help Czech  
CCC Help Danish  
CCC Help Dutch  
CCC Help English  
CCC Help Finnish  
CCC Help French  
CCC Help German  
CCC Help Greek  
CCC Help Hungarian  
CCC Help Italian  
CCC Help Japanese  
CCC Help Korean  
CCC Help Norwegian  
CCC Help Polish  
CCC Help Portuguese  
CCC Help Russian  
CCC Help Spanish  
CCC Help Swedish  
CCC Help Thai  
CCC Help Turkish  
CCleaner  
Chicken Invaders 2  
Computer Security 14.115.101.0 (release)  
Corel Applications  
CyberLink PowerDirector  
D3DX10  
Dairy Dash  
Dream Day First Home  
DVD Decrypter (Remove Only)  
DVD Shrink 3.2  
F-Secure CCF Reputation  
F-Secure CCF Scanning 1.51.111.300 (release)  
F-Secure Network CCF 1.02.141  
F-Secure SafeSearch 1.03.159.0 (release)  
Farm Frenzy 2  
Freemake Video Converter versie 4.1.3  
Freemake Video Downloader  
Gebruikersregistratie voor Canon MP560 series  
Google Drive  
Google Earth  
Google Toolbar for Internet Explorer  
Google Update Helper  
Granny In Paradise  
Heroes of Hellas  
Hotkey Utility  
HP-software voor foto- en beeldbewerking 2.0 - All-in-One  
HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma  
Identity Card  
ImagXpress  
Intel© Matrix Storage Manager  
iWisoft Flash SWF to Video Converter 3.4  
Junk Mail filter update  
Merriam Websters Spell Jam  
Mesh Runtime  
Messenger Companion  
Microsoft .NET Framework 4.5.2  
Microsoft .NET Framework 4.5.2 (Nederlands)  
Microsoft .NET Framework 4.5.2 (NLD)  
Microsoft Application Error Reporting  
Microsoft Corporation  
Microsoft LifeCam  
Microsoft Office 2007 Service Pack 3 (SP3)  
Microsoft Office Access MUI (Dutch) 2007  
Microsoft Office Excel MUI (Dutch) 2007  
Microsoft Office File Validation Add-In  
Microsoft Office InfoPath MUI (Dutch) 2007  
Microsoft Office Live Add-in 1.5  
Microsoft Office Office 64-bit Components 2007  
Microsoft Office Outlook Connector  
Microsoft Office Outlook MUI (Dutch) 2007  
Microsoft Office PowerPoint MUI (Dutch) 2007  
Microsoft Office Professional Plus 2007  
Microsoft Office Proof (Dutch) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (German) 2007  
Microsoft Office Proofing (Dutch) 2007  
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  
Microsoft Office Publisher MUI (Dutch) 2007  
Microsoft Office Shared 64-bit MUI (Dutch) 2007  
Microsoft Office Shared MUI (Dutch) 2007  
Microsoft Office Suite Activation Assistant  
Microsoft Office Word MUI (Dutch) 2007  
Microsoft Silverlight  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ Run Time  Lib Setup  
MSVCRT  
MSVCRT_amd64  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
MyWinLocker  
Nero 9 Essentials  
Nero ControlCenter  
Nero DiscSpeed  
Nero DiscSpeed Help  
Nero DriveSpeed  
Nero DriveSpeed Help  
Nero Express Help  
Nero InfoTool  
Nero InfoTool Help  
Nero Installer  
Nero Online Upgrade  
Nero StartSmart  
Nero StartSmart Help  
Nero StartSmart OEM  
NeroExpress  
neroxml  
PDF-Viewer  
Realtek HDMI Audio Driver for ATI  
Realtek High Definition Audio Driver  
SaveVid Plug-in  
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)  
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)  
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)  
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2837610) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB3054888) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB3054890) 32-Bit Edition   
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition   
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208) 32-Bit Edition   
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2986254) 32-Bit Edition   
Security Update for Microsoft Office Excel 2007 (KB3054992) 32-Bit Edition   
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  
Security Update for Microsoft Office PowerPoint 2007 (KB3055051) 32-Bit Edition   
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition   
Security Update for Microsoft Office Word 2007 (KB3055052) 32-Bit Edition   
ShowRoom for PowerPoint  
Speccy  
Star Defender 4  
Suite  
swMSM  
Travelmanager Europe  
UnderCoverXP 1.23  
Update for 2007 Microsoft Office System (KB967642)  
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3055023) 32-Bit Edition  
Update voor Microsoft Office Excel 2007 Help (KB963678)  
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)  
Update voor Microsoft Office Word 2007 Help (KB963665)  
Visual C++ 8.0 Runtime Setup Package (x64)  
Visual Studio 2008 x64 Redistributables  
Visual Studio 2010 x64 Redistributables  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
VLC media player 2.0.7  
Welcome Center  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Family Safety  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen  
Windows Live Mesh  
Windows Live Messenger  
Windows Live Messenger Companion Core  
Windows Live MIME IFilter  
Windows Live Movie Maker  
Windows Live Photo Common  
Windows Live Photo Gallery  
Windows Live PIMT Platform  
Windows Live Remote Client  
Windows Live Remote Client Resources  
Windows Live Remote Service  
Windows Live Remote Service Resources  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live Sync  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
WinPcap 4.1.2  
WinRAR  
Ziggo Internetbeveiliging  

==== Running Processes ======================

C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Users\RON\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\RON\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\RON12\Desktop\OBRONA BlockAds.lnk deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4096 MB
CPU Info: Pentium(R) Dual-Core  CPU      E6500  @ 2.93GHz
CPU Speed: 3001.1 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Realtek HDMI Output (Realtek Hi | 
Realtek Digital Output(Optical) | 
Display Adapters: ATI Radeon HD 4650 | ATI Radeon HD 4650 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | TP-LINK 300Mbps Wireless N Adapter | Intel(R) 82567V-2 Gigabit Network Connection
CD / DVD Drives: 1x (E: | ) E: HL-DT-STBDDVDRW CH10N
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 8 Button Wheel Mouse Present
Hard Disks: C:  458.0GB | D:  458.4GB | F:  1863.0GB
Hard Disks - Free: C:  133.1GB | D:  458.3GB | F:  1618.2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 08/31/09 | ACRSYS - 20090831
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer EG43M
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: Internetbeveiliging On-access scanning disabled (Outdated)
Anti-Spyware: Internetbeveiliging disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Internet Explorer Version: 11.0.9600.17959 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-08-12 04:19:04	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\notepad.exe
====== C:\Users\RON12\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-08-12 05:47:28	4FA66A573E9A45D05AD5A25B1E76A35D	103120	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 04:31:17	BDC048308B74B2146495BBB8D4CD4974	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 04:31:16	FCDCEB29CD1129C6C86AD9700A7E5BD1	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 04:31:16	C989240A97D4E0B4354679CCF7E66389	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-08-12 04:31:16	A37FEDFC0BC9E96AD3DFFF41D5805F04	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-08-12 04:31:15	C929BFB3FD2460B570553AE7344640BC	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 04:31:15	BD3E3A13423C40E8CF4BE531EE68BAF0	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-08-12 04:31:15	67DA0EE95026FB2D3577F664F2187F98	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 04:31:15	358D91656E54B03B8FFE3CF4D535A6C8	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-08-12 04:31:15	32664FC06B115923C449DC22D47CD8A6	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 04:31:14	C98AF04E9FC94DBF57B29A9891597664	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 04:31:14	BAAAC903BF7F9CA5F1129C972AEDE6BD	19870208	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-08-12 04:31:13	E3762A30F1EC29C30AC85CC2B8CAA3F3	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 04:31:13	728188684708FEF4F18E2CAB46C54DBB	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 04:31:13	0E9529DC8BA5AD3C06B99F115D0D804D	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-08-12 04:31:12	D1D3DB57C68A2A62E03DD973F53CEA18	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 04:31:11	FB1B7D2B2D500E067B96C56EE0B4DDAD	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-08-12 04:31:11	D7FDD5E8B88ADE9107772B4C879FDF94	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 04:31:11	8B6B89D3FEDB34CA38055B82A790545F	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 04:31:11	793F71F873D106A611DB79741327038C	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 04:31:11	3E168B5E5FEE3D09C2D4E97861B5F4B3	479232	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-08-12 04:31:11	1CB9D50EE52BED7DEBF394CEA8A971A5	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 04:31:10	3C74EA1EC43A694060F09B7D754446C6	12856832	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-08-12 04:31:08	AB6A3699E478DEF677D48B126B223C54	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-08-12 04:31:08	53DE75BD2C7A3EA29770147EAC8A8D5A	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 04:31:08	0AC8CD2138FD10C4A0E2FF08F892359C	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-08-12 04:31:07	ECF459774AE6A273F0F59D7C072DB3C4	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 04:31:07	4D036506C8359185FC52EB49DB891743	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-08-12 04:31:07	445DB8651F05684F8259D4054A15BC50	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-08-12 04:22:38	DC18FFFF3175376ABD38E6D48309F7F9	3934656	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 04:22:38	5792E7C663FAA39335D4F787B9499490	1311768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-08-12 04:22:36	A38E10B4143A19F32D64517B6A1FCB98	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-08-12 04:22:36	6C95D6264810F816E92780E7DB81F7B1	3989952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 04:22:35	FC85BC746818EE9B5181EA0B1C882778	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-08-12 04:22:34	FE748FEAA8A5A7677DA1C2C6CE405ADE	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-08-12 04:22:34	650B603F5C040727788F19AD0B8D09BC	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 04:22:34	51C161D5638465251857B2207BD535CB	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-08-12 04:22:34	4C2D57F3DDBC07D3CC59160CDC400AC0	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 04:22:34	15400F593C9023CDC1D144C30BBDA47A	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 04:22:33	E70054ADA6AAB84659AB20D137747ACF	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-08-12 04:22:33	A2C5FAE51BC43B29525AAA5BF0B31259	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-08-12 04:22:33	0A4CE9AAA18F9DE7414C1E7BE572F5FA	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 04:22:33	086A1544FACAA91CD6F95FC4CDE16913	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-08-12 04:22:32	8A82C9C4A205266DC22BB1C8F2E1AB2D	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-08-12 04:22:32	75706C0F199BC7658A98BEE452964587	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 04:22:32	3982911B4C4F42B156D7347C1543CF9F	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-08-12 04:22:32	37CE74C8094AD7D1D3B79A8D2849803E	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 04:22:32	2506A1507B7CBFE069BC0289349786ED	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 04:22:30	DD8BCBBC1C383F38F284E25CE39C136C	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-08-12 04:22:28	C899E7E3A4F42B802DA1E97F9908BD26	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 04:22:28	9E94CD7C6CBDC2C9B6A87AD9D5E4EF80	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-08-12 04:22:27	832494A551C2B2CCB616B2BE13A696A1	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-08-12 04:22:26	D5F9C627C221A3B4B6944EDBE90D642C	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-08-12 04:22:26	1EA1328207A915C9EB10AA1D102C0B52	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-08-12 04:22:26	03A179385219FD37CDFB3E603F912CA7	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-08-12 04:22:26	008BDC16E15B3B6EFB6E8B6684022F36	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-08-12 04:19:17	6B003E11CDBDA3B45A3D16E5A9D3F73B	82432	----a-w-	C:\Windows\SysWOW64\davclnt.dll
2015-08-12 04:19:17	55C70654420DBF429604FD567E6F3CD3	206848	----a-w-	C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 04:19:08	EA1BE72A8CD5CEA7B6E6649D1FD78BA1	1241088	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2015-08-12 04:19:08	B6F9E4CDA3069B03F654B650A5379E60	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 04:19:08	127EE7F36CEA127ECCA55BECBC230398	2048	----a-w-	C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 04:19:08	121E2E789BE080EB86DA71F95B611DF2	1390592	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2015-08-12 04:19:04	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\SysWOW64\notepad.exe
2015-08-12 04:18:58	CE21524C53E9671A7108B28FB9B4E474	1251328	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-08-12 04:18:57	680D463893C9846CC6A1DA6012DD0FE5	299520	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-08-12 04:18:52	9E2F12744DD9810961031C56FBB691F4	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-08-12 04:18:52	965CFC7687F0D188F215DC142FC8F6A1	1987584	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 04:18:52	7983F3481E89B96074FAE9AFCC24079C	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-08-12 04:18:52	520AEC6C64AF2CFD74B469DB98611D4A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-08-12 04:18:52	400C20D6967A83EA69D6953EBB8D3FA3	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-08-12 04:18:41	44886B1E7B230F39BF3789E0EC748765	4922368	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-08-12 04:18:41	11741998816D58791B62A6BB3DDA461D	269824	----a-w-	C:\Windows\SysWOW64\aaclient.dll
2015-08-12 04:18:40	C49240FA601351BBFB1EE30906EA5B29	37376	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 04:18:29	4478348E3942AD9EED9AB263AFE7CD83	12875776	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-08-12 04:18:15	FBECE2B32A3658AEB609DC5A1021100F	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-08-12 04:18:15	E96D0EEAAE0446F664EE15703BB32A34	93184	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-08-12 04:18:15	A02515B58D318F427FBA64437FB0EDDF	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-08-12 04:18:15	742AC3EF3C7C30F0EBF628D6D03BB399	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-08-12 04:18:15	4447FD20A6B48D05E8392B6E18A194A8	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-08-12 05:47:28	52ED64BF80D360B0EA2B6E5F1504CDFF	124624	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 04:31:16	92E60B0F2E864336737091554370E658	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-08-12 04:31:16	890E3A6A6DB6D15EB242460D2353D39C	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-08-12 04:31:16	4E37600CED71FFCE7EEBB129A90B3431	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-08-12 04:31:15	D0A52A4F631172E2AC35A84CCDF28FA4	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-08-12 04:31:15	B2ADFD1217625A68A484E9838C608F51	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-08-12 04:31:15	ACE8BB2BECFEC66A738EE3DDDFF0CA07	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-08-12 04:31:15	2319CA59AF0AA295EC254528DD558E37	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-08-12 04:31:13	9CAC3401B481383936A9D66EF1B80307	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-08-12 04:31:12	B8322A1FCD5686F2D97B6BCA1862C9B8	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-08-12 04:31:12	158C1D034080B9DC0A9A2CD9E8DB0199	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-08-12 04:31:11	857D9F533F7F9838B68C2CEF8AB68412	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-08-12 04:31:11	427D40AF9BCAE05125F3513E770706E1	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-08-12 04:31:11	3E4568FFE110FE81CA1A75BF1149153B	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-08-12 04:31:10	F9C6645800D1EDE9033858C60903F00C	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-08-12 04:31:10	C580215DE134617942FF1740A1235CE4	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-08-12 04:31:09	43AF91A40E44205272335E33B7BBA4C3	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-08-12 04:31:08	95C5B29740852D171CA03BAE61B670FE	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-08-12 04:31:08	62FC1CC7DFC11B5F6A25763375F765BF	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-08-12 04:31:08	39E11AA344781CD5773BE9E2472C84E4	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-08-12 04:31:06	E892688BB1C8B0B485C27436F2B963CF	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-08-12 04:31:06	6E3D6B8844FF524D7B27EE7FFB3EF6F5	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-08-12 04:31:05	AD31A019C2195C75B26DF3337EE8F9FE	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-08-12 04:31:05	995797E4DE4215715CA2040BB81F4594	14451200	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-08-12 04:31:05	56E1A08F9CDF246CCAB75EA32B87B2DA	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-08-12 04:31:04	ECA4CCA74F61C6288734B786089765B0	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-08-12 04:31:04	9C7B3D3A9A945AED5CC97C6535C9D857	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-08-12 04:31:03	C6960223A6BAB3CF83DB09565D191844	5923328	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-08-12 04:31:03	C555B5C8142844DED9E3BD94E6313000	2427904	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-08-12 04:31:02	77A4FEE4031F90DBB5C16F6A8FC855BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-08-12 04:31:02	2D9A67695E80C889FAD5C92651D5E641	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-08-12 04:31:01	080E99BE131C2433FD7E6813F77F08FD	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-08-12 04:31:00	E6CF1778145272A83E58C4AB66358AF3	25192448	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-08-12 04:23:23	EC9178A8037D3EF938F38B6793EAF990	774656	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-08-12 04:23:23	DD91D9EAAA415B26EB30EC9CF768BF03	743424	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-08-12 04:23:23	A3D0A038A6C03E368E80CDDEFC473140	1148416	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-08-12 04:23:23	4FEB4397B066DEEDDDED0D1CEDA1C887	69120	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-08-12 04:23:23	400E0B72AEB663360E1A3AB33DDD6A87	1116672	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-08-12 04:23:23	36DA2E5BD218764CB48B8A13CF0B091F	437760	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-08-12 04:23:22	EEAFBC5A31C68438AF67531C52410A3D	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-08-12 04:23:21	E99A30142A108B11381C47B0A30283B0	17344	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-08-12 04:22:39	B9A07A9807A4BAC067498CC8D77F3D4D	5568960	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-08-12 04:22:39	72585BDAF2EC5237EBD71D540657D6A2	1163264	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-08-12 04:22:39	3F63C62D9183235792A46C0B66EAAD04	1730496	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-08-12 04:22:38	2E730941CC5BF6200A4F56D1E9C24AAD	1743360	----a-w-	C:\Windows\Sysnative\sysmain.dll
2015-08-12 04:22:36	AF249D7461E228EBBD1C7E98D99B3B12	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-08-12 04:22:35	DAF50D708FF79AC4AE0A1C256A9BEE33	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-08-12 04:22:35	B892459EC8441FFB9E045CCE73862868	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-08-12 04:22:35	A0502BF52867F00FD9C67D1C355F6C91	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-08-12 04:22:35	99D1FAA337A4EF3C33E256C79DC708F8	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-08-12 04:22:34	E80CA72FA43BF258E72C408CEF9839BE	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-08-12 04:22:34	E615E2FF68D64B52CEFDCD24332D61F5	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-08-12 04:22:34	D6431591DEED9D47E9266890FB2BFBBC	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-08-12 04:22:34	7245C8C33397B90E376B9BB54E2A96C8	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-08-12 04:22:34	6DC249682EA708DA1C4B5CBD9C016F21	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-08-12 04:22:34	6518A42BE5B157EF3DC3ED4F8BE4CA46	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-08-12 04:22:34	61024C6DE4EEBC6BCC92422F0AE3CE94	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-08-12 04:22:34	55C48343919A72B0C8F5C42E4C798FCA	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-08-12 04:22:34	53632BBEFB00BDA1DCFC9E155E0C6B53	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-08-12 04:22:34	46041293D887F4D89979874015F26B30	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-08-12 04:22:34	35766EDA62E3FA02B897182219EEDF8A	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-08-12 04:22:34	354D59027DE2BFB3A63E8E7DBAF081D8	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-08-12 04:22:33	EBB9C6638109A3486EBA51D28837495C	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-08-12 04:22:33	E6D24098FDB4A9C29007696B79389DB9	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-08-12 04:22:33	98AFEF63F857FA67FA1BDD3969F40366	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-08-12 04:22:33	98432481E11B9EDB54A2B069E465D1CB	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-08-12 04:22:33	0D48E93C6BE3143C0198CB252B992D16	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-08-12 04:22:32	BD6BDB13F5D8FA13166CF8B3CBD6976A	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-08-12 04:22:32	7ADF0CB99051D1E0DB7F65DA1D8099F1	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-08-12 04:22:32	77E88D36E88FDC825DCCBF269F81ED3E	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-08-12 04:22:32	219DF0B319E46EA2601D90101C4C330A	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-08-12 04:22:32	1BE3823E3206785F2BA8F26B2FAD3FBE	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-08-12 04:22:32	0797A4FDBA2766B88FB563BBB7646FCE	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-08-12 04:22:28	BC48CD24D35FA0E18D66A97E502BFAE2	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-08-12 04:22:26	FFAD95FF2FE4B14F91E437E03D1F68BA	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-08-12 04:22:26	46CB68A774B67187B722FA1156672A23	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-08-12 04:22:26	25AADF664F576D1C264F8AC27B4838DF	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-08-12 04:20:50	168EA9CD9BD6056BB6F60B57D5304BBE	52736	----a-w-	C:\Windows\Sysnative\basesrv.dll
2015-08-12 04:19:17	4E89FC53493704BF835F0300DC201C34	260096	----a-w-	C:\Windows\Sysnative\WebClnt.dll
2015-08-12 04:19:17	16FD9A0F6EDEF091A72D7D3B77574008	102912	----a-w-	C:\Windows\Sysnative\davclnt.dll
2015-08-12 04:19:09	40EA064E91C6A63FDBC83259FC5BD4F8	2004992	----a-w-	C:\Windows\Sysnative\msxml6.dll
2015-08-12 04:19:09	32A74A5BC52EF569BC65252AF6F28578	1887232	----a-w-	C:\Windows\Sysnative\msxml3.dll
2015-08-12 04:19:08	99119778A8E44F077E46B0870B8DD6A8	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2015-08-12 04:19:08	22DC6C17443DECC9EBE258220906DCAC	2048	----a-w-	C:\Windows\Sysnative\msxml6r.dll
2015-08-12 04:19:04	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\Sysnative\notepad.exe
2015-08-12 04:18:59	D5A775990A7C202A037378FDBCDB6141	1180160	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-08-12 04:18:58	DB94C47BD7F2AD9C58DEC46026D5FD08	1648128	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-08-12 04:18:57	F97A0CFC495C92FF2F6A03933157D115	3208192	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-08-12 04:18:57	F8C0AF84AB602D395FFC89BC7CF3CE18	372736	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-08-12 04:18:53	0365E7AED8A38CB5FFF1DFB4458C0593	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-08-12 04:18:52	D4FB2E00F49711C9DD3E2C2646D7C767	2565120	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
2015-08-12 04:18:52	B45F7BC413F905ECA9DE679E3FF09472	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-08-12 04:18:52	52DE81006E192EAA09B3BDE763D80BC8	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-08-12 04:18:52	15113A4CD09E0F06894495FCE8BF2BF8	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-08-12 04:18:42	FCCEC2081623C9F4CF87FE596C344D3D	5779456	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-08-12 04:18:41	0EEB15058126F30607D29DAEFA2BE55B	322560	----a-w-	C:\Windows\Sysnative\aaclient.dll
2015-08-12 04:18:40	8E43FDE7430E7F9B25D0556CA33013FC	44032	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2015-08-12 04:18:31	733BC760342A816D3B5A8CE2C7EF1D92	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-08-12 04:18:15	DE1B5089D48291BD81F6A5CCFB832E53	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-08-12 04:18:15	D1E38F98DDA581BF70B6A89882E6E6F6	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-08-12 04:18:15	C980982C7F8ECB462C52CBEC759CBBDC	3154944	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-08-12 04:18:15	C0DA341908CC3A0209A63FBD4B521C2A	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-08-12 04:18:15	B0FBE5C8E18EB3BD677846DAB54037D5	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-08-12 04:18:15	A6848EF3860E81A835AA4982ADBA1884	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-08-12 04:18:15	7CFCC5210E226AA85F2A21098FA01F29	37376	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-08-12 04:18:15	6FDC1FAD277AEF0A89B0D28F5675679C	139776	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-08-12 04:18:15	499034D7F1F6AF49F9EE12F8822793CB	2606080	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-08-12 04:18:15	1956D89C3E24A8388840489371B3A428	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-08-12 04:18:15	0F72B73EBE4F6F86EE569598D377165E	192000	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-08-12 04:18:05	53405CDA694982E5C6A0E9454AC1D407	493504	----a-w-	C:\Windows\Sysnative\mcupdate_GenuineIntel.dll
====== C:\Windows\Sysnative\drivers =====
2015-08-12 04:22:36	67050452C0118BAF2883928E6FCCFE47	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-08-12 04:22:34	67A1743377EBB5D9A370A8C2086CFDCC	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-08-12 04:22:34	522A1595D5701800DD41B2D472F5AAED	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-08-12 04:22:30	B2081803D510DCE174992BA880EDCA70	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-08-12 04:22:30	97687971F9CB30E2633DE0F1296B9F61	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-08-12 04:22:30	552FA62B0EFECD22D8D52499324BCA4F	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
=======  =====
====== C:\Users\RON12\AppData\Roaming ======
====== C:\Users\RON12 ======
2015-08-11 15:48:25	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\RON\Desktop\RSITx64.exe

====== C: exe-files ==
2015-08-13 06:40:26	FE0B93CE6EFAD628152BA700C44266A2	207912	----a-w-	C:\ProgramData\f-secure\GUTS2\hydrawin\1439444788\install.exe
2015-08-12 04:31:16	92E60B0F2E864336737091554370E658	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-08-12 04:31:15	F666B5E4A99DAE8E243189C89E9AFA74	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-08-12 04:31:15	ACE8BB2BECFEC66A738EE3DDDFF0CA07	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-08-12 04:31:13	E595881896AA929A7FA8936DFCF8D3FE	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-08-12 04:31:13	2B1D4B6004AE4BE9EB19CAD4AB924944	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-08-12 04:31:12	C2A6A7E10E872F62F261637B67AFB248	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-08-12 04:31:11	D7FDD5E8B88ADE9107772B4C879FDF94	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 04:31:11	427D40AF9BCAE05125F3513E770706E1	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-08-12 04:31:09	66CD0B90DA1E7219759821F9846A29CB	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-08-12 04:31:08	AA12B1DD4C32F01995A07774D9A44C47	814288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-08-12 04:31:08	95C5B29740852D171CA03BAE61B670FE	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-08-12 04:23:21	E99A30142A108B11381C47B0A30283B0	17344	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2015-08-12 04:22:39	B9A07A9807A4BAC067498CC8D77F3D4D	5568960	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-08-12 04:22:38	DC18FFFF3175376ABD38E6D48309F7F9	3934656	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 04:22:36	6C95D6264810F816E92780E7DB81F7B1	3989952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 04:22:35	99D1FAA337A4EF3C33E256C79DC708F8	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-08-12 04:22:34	55C48343919A72B0C8F5C42E4C798FCA	112640	----a-w-	C:\Windows\System32\smss.exe
2015-08-12 04:22:34	354D59027DE2BFB3A63E8E7DBAF081D8	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-08-12 04:22:33	EBB9C6638109A3486EBA51D28837495C	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-08-12 04:22:33	A2C5FAE51BC43B29525AAA5BF0B31259	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-08-12 04:22:33	0D48E93C6BE3143C0198CB252B992D16	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-08-12 04:22:33	086A1544FACAA91CD6F95FC4CDE16913	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-08-12 04:22:27	832494A551C2B2CCB616B2BE13A696A1	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-08-12 04:22:26	03A179385219FD37CDFB3E603F912CA7	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-08-12 04:19:04	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\System32\notepad.exe
2015-08-12 04:19:04	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\notepad.exe
2015-08-12 04:19:04	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\SysWOW64\notepad.exe
2015-08-12 04:18:15	7CFCC5210E226AA85F2A21098FA01F29	37376	----a-w-	C:\Windows\System32\wuapp.exe
2015-08-12 04:18:15	742AC3EF3C7C30F0EBF628D6D03BB399	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-08-12 04:18:15	6FDC1FAD277AEF0A89B0D28F5675679C	139776	----a-w-	C:\Windows\System32\wuauclt.exe
2015-08-11 15:48:25	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\RON\Desktop\RSITx64.exe
=== C: other files ==
2015-08-15 06:27:24	DE0983FE4B830699312D35A990B3AE1B	1945	----a-w-	C:\Users\RON\AppData\Local\temp\_MEI40042\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx
2015-08-15 06:27:24	82F5C942549405F61A8808D0EA0FA9E2	25575	----a-w-	C:\Users\RON\AppData\Local\temp\_MEI40042\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
2015-08-12 04:22:36	67050452C0118BAF2883928E6FCCFE47	94656	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-08-12 04:22:34	67A1743377EBB5D9A370A8C2086CFDCC	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-08-12 04:22:34	522A1595D5701800DD41B2D472F5AAED	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-08-12 04:22:30	B2081803D510DCE174992BA880EDCA70	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-08-12 04:22:30	97687971F9CB30E2633DE0F1296B9F61	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-08-12 04:22:30	552FA62B0EFECD22D8D52499324BCA4F	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-08-12 04:18:57	F97A0CFC495C92FF2F6A03933157D115	3208192	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1255420860-2708843325-1920694139-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Spotify Web Helper"="C:\Users\RON\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

[HKEY_USERS\S-1-5-21-1255420860-2708843325-1920694139-1006\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\RON\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"F-Secure Manager"="C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash"
"F-Secure Hoster (45123)"="C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe -app -hosterid:1"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\RON\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"PlayMovie"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcadeDeluxeAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcadeDeluxeAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BackupManagerTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NewTech Infosystems\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CanonMyPrinter"
"hkey"="HKLM"
"command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenu]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CanonSolutionMenu"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Canon\\SolutionMenu\\CNSLMAIN.exe /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecLiveUpdate]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EgisTecLiveUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec Egis Software Update\\EgisUpdate.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Hotkey Utility]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Hotkey Utility"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Acer\\Hotkey Utility\\HotkeyUtility.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAAnotif]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IAAnotif"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\iaanotif.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LifeCam]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LifeCam"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft LifeCam\\LifeExp.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mwlDaemon"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlayMovie]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PlayMovie"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sidebar"
"hkey"="HKCU"
"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AVG Security Toolbar Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AVGIDSAgent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\avgwd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Greg_Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IAANTMON]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IJPLMSVC]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Nero BackItUp Scheduler 4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTI IScheduleSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RichVideo]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SBSDWSCService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Updater Service]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-08-2015 23:13]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2014 10:00]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2014 10:00]
C:\Windows\tasks\Scheduled scanning task.job --a------ C:\PROGRA2\INTERN2\apps\COMPUT1\ANTI-V1\fsav.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\Scheduled scanning task" [C:\PROGRA~2\INTERN~2\apps\COMPUT~1\ANTI-V~1\fsav.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{67CF27D5-CE2A-48B9-8B33-0323E9935BFD}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{412762FA-EDD6-4646-9A7B-91549C5D1D83}" [C:\Program Files (x86)\AVG\AVG10\avgui.exe]
"C:\Windows\SysNative\tasks\{93018F3F-1C05-4AB2-BC9E-BD0053B6E183}" [C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe]
"C:\Windows\SysNative\tasks\{D8C98761-3232-46F2-BD7F-EF7F8868AAF5}" [C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqthb08.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\2i7kio6k.default
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

ProfilePath: C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\ospvsaxp.default
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

ProfilePath: C:\Users\RON12\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd11
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ytfmdownloader@gmail.com"="C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com" [10-06-2013 21:45]

==== Firefox Extensions ======================

ProfilePath: C:\Users\RON\AppData\Roaming\Mozilla\Firefox\Profiles\2i7kio6k.default
- Undetermined - C:\Program Files (x86)\AVG\AVG10\Firefox4

==== Firefox Plugins ======================


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== HijackThis Entries ======================

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: SafeSearchBHO - {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: F-Secure Search Toolbar - {B242FC32-2B60-48EA-A8E3-2E280EDBC48F} - C:\Program Files (x86)\Internetbeveiliging\apps\SafeSearch\IE\FSSafeSearch.dll
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Hoster (45123)] "C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe" -app -hosterid:1
O4 - HKCU\..\Run: [uTorrent] C:\Users\RON\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'RON')
O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [Spotify Web Helper] "C:\Users\RON\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" (User 'RON')
O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'RON')
O4 - HKUS\S-1-5-21-1255420860-2708843325-1920694139-1000\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart (User 'RON')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\apps\CCF_Reputation\fsorsp.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\RON\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\RON12\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1960 folders=259 561055275 bytes)

==== Empty Temp Folders ======================

C:\Users\AppData\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\RON\AppData\Local\temp will be emptied at reboot
C:\Users\RON12\AppData\Local\temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot