hein

Hallo Kape, Mijn laptop draait weer als van ouds. Het trojaans paard en consorten is verdwenen. Ook McAfee is tevreden en meldt niets meer ook na een geplande scan is alles in orde. Heel hartelijk dank voor de gedane inspanningen. Uw PC Helpforum zal ik zeker aanbevelen bij familie, vrienden en kennissen. met vriendelijke groet, Hein

# AdwCleaner v3.023 - Report created 17/04/2014 at 11:01:48 # Updated 01/04/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : henkh - PCCARWIL # Running from : C:\Users\henkh\Documents\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\henkh\AppData\Local\CrashRpt ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Classes\iLivid.torrent Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1 Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DealPly Key Deleted : HKCU\Software\Default Tab Key Deleted : HKCU\Software\DefaultTab Key Deleted : HKCU\Software\GoforFiles Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Imesh Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\systweak Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\DealPly Key Deleted : HKLM\Software\Default Tab Key Deleted : HKLM\Software\DefaultTab Key Deleted : HKLM\Software\GoforFiles Key Deleted : HKLM\Software\Softonic Key Deleted : HKLM\Software\systweak Key Deleted : HKLM\Software\Uniblue ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 -\\ Google Chrome v34.0.1847.116 [ File : C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage ************************* AdwCleaner[R0].txt - [10778 octets] - [17/04/2014 11:00:17] AdwCleaner[s0].txt - [10329 octets] - [17/04/2014 11:01:48] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10390 octets] ##########

Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by henkh on wo 16-04-2014 at 22:23:49,25. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\henkh\Documents\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-04-15-154943.log 150471 bytes C:\zoek-results2014-04-16-064934.log 495 bytes C:\zoek-results2014-04-16-200710.log 551 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Movies Toolbar\Datamngr not found C:\Users\henkh\AppData\Local\ilividmoviestoolbarha not found C:\Program Files (x86)\Softonic not found C:\Program Files (x86)\DealPly not found C:\Program Files (x86)\DefaultTab not found C:\Windows\SysNative\tasks\FFMPEGUpd deleted C:\Windows\SysNative\tasks\{B676DFF9-BBAA-418C-A55E-049186C59C3A} deleted C:\Windows\SysNative\tasks\{B920D6F7-6DBA-4249-BB75-D52A0D25253F} deleted C:\Windows\SysNative\tasks\{FC6B1B50-64A0-4B6C-BBFA-99748CC80D0D} deleted ==== Folders Found In C:\Users\henkh\AppData\Locallow\Goobzo ====================== 2014-04-10 13:26:03 d-----w- C:\Users\henkh\AppData\Locallow\Goobzo\Video Converter ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\henkh\AppData\Local\Temp ==== 2014-04-16 19:59:11 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\henkh\AppData\Local\Temp\afgytdrp.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-04-16 20:04:02 07A5E39591215BC00B472988DEEFBB75 78336 ----a-w- C:\Windows\SysWOW64\rp.dll 2014-04-13 11:55:20 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-04-13 11:55:19 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-04-13 11:55:16 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-04-13 11:55:14 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-04-13 11:55:14 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-04-13 11:55:14 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-04-13 11:55:14 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-04-13 11:55:14 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-04-13 11:55:13 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-04-13 11:55:13 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-13 11:55:13 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-04-13 11:55:12 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-13 11:55:10 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-04-13 11:55:10 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-13 11:55:10 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-04-13 11:55:09 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-04-13 11:55:08 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-04-13 11:55:08 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-04-13 11:55:08 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-04-13 11:55:07 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-04-13 11:55:06 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-04-13 11:55:06 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-04-10 09:44:00 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2014-04-10 09:44:00 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2014-04-10 09:44:00 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2014-04-10 09:44:00 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2014-04-10 09:44:00 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2014-04-10 09:44:00 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-04-13 11:55:20 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-04-13 11:55:19 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-04-13 11:55:16 6A8AA25D37F89E40B834F34950E3B89B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-04-13 11:55:15 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-04-13 11:55:15 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-04-13 11:55:15 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-04-13 11:55:15 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-04-13 11:55:14 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-04-13 11:55:14 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-04-13 11:55:14 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-04-13 11:55:14 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-04-13 11:55:14 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-04-13 11:55:14 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-04-13 11:55:13 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-04-13 11:55:13 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-04-13 11:55:12 37D0FB9E5E8EDA40B66FC3FB3D660261 23549440 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-04-13 11:55:10 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-04-13 11:55:10 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-04-13 11:55:10 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-04-13 11:55:10 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-04-13 11:55:08 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-04-13 11:55:08 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-04-13 11:55:08 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-04-13 11:55:08 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-04-13 11:55:07 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-04-13 11:55:06 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-04-10 09:44:00 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2014-04-10 09:44:00 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2014-04-10 09:44:00 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2014-04-10 09:44:00 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2014-04-10 09:44:00 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll ====== C:\Windows\Sysnative\drivers ===== 2014-04-10 09:44:03 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-04-10 09:44:03 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-04-10 09:44:03 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-04-10 09:43:59 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-15 12:30:20 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-04-10 13:26:31 -------- d-----w- C:\PROGRA~2\FFMPEG 2014-03-25 15:02:13 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-03-25 15:02:13 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\henkh\AppData\Roaming ====== 2014-04-15 15:49:47 -------- d-----w- C:\Users\henkh\AppData\Local\Packages 2014-04-15 15:47:28 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-04-15 15:47:28 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-04-15 15:47:28 -------- d-----w- C:\Users\TEMP\AppData\Local\Temp 2014-04-15 15:47:28 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-04-15 15:47:28 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-04-15 15:47:27 -------- d-----w- C:\Users\henkh\AppData\Local\Temp 2014-04-10 13:26:03 -------- d-----w- C:\Users\henkh\AppData\Locallow\Goobzo 2014-03-25 15:02:20 -------- d-----w- C:\Users\henkh\AppData\Local\Skype ====== C:\Users\henkh ====== 2014-04-15 12:28:23 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\henkh\Desktop\RSITx64.exe 2014-04-14 17:10:28 -------- d--h--w- C:\ProgramData\Common Files 2014-04-14 08:12:20 -------- d-----w- C:\ProgramData\InstallShield 2014-03-25 15:02:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2014-04-16 20:01:16 13017F5AD440EC859C43FFB37CA231A9 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-588773822-3484970543-4242595443-1000\$IHO4PEL.exe 2014-04-16 19:59:11 CC8FB54CB36E66AD6D58DD58B982A693 245248 ----a-w- C:\Users\henkh\AppData\Local\Temp\afgytdrp.exe 2014-04-16 19:58:46 2ED2319F3DE13495AAA49B70A1467055 1285120 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-588773822-3484970543-4242595443-1000\$RHO4PEL.exe 2014-04-15 12:30:22 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\henkh.exe 2014-04-15 12:28:23 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\henkh\Desktop\RSITx64.exe 2014-04-13 11:55:18 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-04-13 11:55:18 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-04-13 11:55:18 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-04-13 11:55:18 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-04-13 11:55:15 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-04-13 11:55:13 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-13 11:55:13 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-13 11:55:10 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-04-13 11:55:10 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-04-13 11:55:08 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-04-13 11:55:08 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-04-11 17:26:30 8FAE9109245E4B4FF42704ECFB86F1B6 8704216 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.116\34.0.1847.116_33.0.1750.154_chrome_updater.exe 2014-04-10 13:26:04 684E58AF02F5B57D3D2BF8F54F8C146E 10434976 ----a-w- C:\Users\henkh\AppData\LocalLow\Goobzo\Video Converter\FFMPEGInst.exe 2014-04-10 09:44:00 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2014-04-10 09:44:00 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2014-04-10 09:44:00 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe === C: other files == 2014-04-10 09:44:03 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2014-04-10 09:44:03 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\System32\drivers\storport.sys 2014-04-10 09:44:03 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2014-04-10 09:43:59 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Remote Control Editor"="C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "EaseUS EPM tray"="C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Remote Control Editor"="C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Startup Folders ====================== 2013-05-07 16:49:21 1935 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-03-2014 16:24] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-11-2012 11:32] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf2bc0b2205a9e.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-11-2012 11:32] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\DriverTuner Startup" ["C:\Program Files (x86)\DriverTuner\DriverTuner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf2bc0b2205a9e" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{4B730A40-543D-468C-9DA4-543E483EC931}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\WinZipDriverUpdaterRunAtStartup" [C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [29-03-2014 01:03] ==== Chrome Look ====================== Google Docs - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Spry this - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam Google Search - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Allin1Convert - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl Google Wallet - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WYZYY9B will be deleted at reboot C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T63IZ92G will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5284 folders=1313 283854327 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\henkh\AppData\Local\Temp will be emptied at reboot C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\henkh\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\henkh\AppData\Local\Packages" deleted "C:\Users\henkh\AppData\Local\Packages" not found "C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WYZYY9B" not found "C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T63IZ92G" not found ==== EOF on wo 16-04-2014 at 22:45:08,78 ======================

Hallo Kape, Hierna het logje Zoek.exe. - Ondertussen kwam er weer hetzelfde trojaanspaard voorbij en is McAfee "scannen bij opnieuw opstarten" bezig, terwijl dit was uitgeschakeld. Zoek.exe v5.0.0.0 Updated 14-April-2014 Tool run by henkh on di 15-04-2014 at 17:29:21,58. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\henkh\Documents\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 15-4-2014 17:33:20 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\GreenTree Applications deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~3\WinZipEC deleted successfully C:\Users\henkh\AppData\Roaming\TP deleted successfully C:\Users\henkh\AppData\Roaming\WinRAR deleted successfully C:\Users\henkh\AppData\Local\DriverTuner deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{E87806B5-E908-45FD-AF5E-957D83E58E68} deleted successfully HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DefaultTabUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\DealPly not found C:\Program Files (x86)\Softonic not found C:\Users\henkh\AppData\Roaming\defaulttab deleted C:\Program Files (x86)\Mobogenie deleted C:\Users\henkh\AppData\Roaming\GoforFiles deleted C:\Program Files (x86)\GoforFiles deleted C:\Users\henkh\AppData\Roaming\systweak deleted C:\a4146bdf70767356990317cf7b deleted C:\Windows\SYSWOW64\SearchProtect deleted C:\Users\henkh\daemonprocess.txt deleted C:\Users\henkh\.android deleted C:\PROGRA~2\ShopperPro deleted C:\PROGRA~2\DefaultTab deleted C:\Users\henkh\AppData\Roaming\Softonic deleted C:\Users\henkh\AppData\Roaming\OpenCandy deleted C:\PROGRA~3\Datamngr deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\Wincert deleted C:\PROGRA~3\SPEEDbit deleted C:\Users\henkh\AppData\Local\ilividmoviestoolbarha deleted C:\Users\henkh\AppData\Local\Mobogenie deleted C:\Users\henkh\AppData\Local\cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\henkh\AppData\LocalLow\ilividmoviestoolbarha deleted C:\Users\henkh\AppData\LocalLow\Softonic deleted C:\Users\henkh\AppData\LocalLow\DataMngr deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\Tasks\GoforFilesUpdate deleted C:\Windows\tasks\WinZipDriverUpdater_UPDATES.job deleted C:\windows\SysNative\tasks\WinZipDriverUpdater_UPDATES deleted C:\windows\SysNative\tasks\SMupdate1 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted C:\windows\SysNative\tasks\DTReg deleted C:\Users\henkh\Documents\Mobogenie deleted "C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job" deleted "C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job" deleted "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\apcrtldr.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\Datamngr.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrChrome.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrUI.exe" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\del_DM_LL_nsm7601.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\favicon.ico" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\Helper.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\IEBHO.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\Internet Explorer Settings.exe" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\mgrldr_u.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\setmgrc1.cfg" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\Uninstall.exe" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\apcrtldr.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\Datamngr.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\del_DM_LL_nsm7601.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\IEBHO.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\mgrldr.dll" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\setmgrc1.cfg" not deleted "C:\Program Files (x86)\Microsoft\BingBar" not deleted "C:\PROGRA~2\Movies Toolbar" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr" not deleted "C:\PROGRA~2\Movies Toolbar\Datamngr\x64" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\henkh\AppData\Local\Temp ==== 2014-04-14 08:35:07 F8F2B913D2912F506967AEA815C402AF 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFin.dll 2014-04-14 08:35:07 F8ACD567BAEAAB22B0F2CC9B9145A080 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndEng.dll 2014-04-14 08:35:07 F7F77FE3A18EA13C9E5354AE70FA04EB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPtb.dll 2014-04-14 08:35:07 F2F14D6D62768743698A1507E0ABC800 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSpa.dll 2014-04-14 08:35:07 EFDAAFC6D650774C35A9ACB60243C4A4 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndUsa.dll 2014-04-14 08:35:07 DCCCD0C385DCA939159B38290E902945 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndGer.dll 2014-04-14 08:35:07 BD601800F46306EED0F892AD3E677BBB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPol.dll 2014-04-14 08:35:07 A90BD769AA47AF057E3B9A8AFC4BE060 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndIta.dll 2014-04-14 08:35:07 A418359B855C8028EDC9B56B2C7AF510 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndJpn.dll 2014-04-14 08:35:07 A2A5550D70B2BEECF7BFC5C3A62B7359 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndChn.dll 2014-04-14 08:35:07 A01C23BC70358A9EA1827D5A22277F2D 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDut.dll 2014-04-14 08:35:07 9865FF0BC6902F00CF77D79E792EBF16 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndTrk.dll 2014-04-14 08:35:07 8634F08E4F713318167D1867444C2ECB 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndNor.dll 2014-04-14 08:35:07 7DFA86EEC396CE1A472B98DE1B72A706 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSvk.dll 2014-04-14 08:35:07 6A76DEA59A57F400593EBD976C8236A2 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndHun.dll 2014-04-14 08:35:07 4D6A57C0CE7C4EAC5AE1D69E01656B89 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPor.dll 2014-04-14 08:35:07 40F29329CA932A48DF3AD88EB9021119 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDan.dll 2014-04-14 08:35:07 3AEE5D4CD81697AAFA8993DC8A8079AF 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRus.dll 2014-04-14 08:35:07 247FDE4993B846D5F57ABB05D3B57A80 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRom.dll 2014-04-14 08:35:07 216C9549E520E41FD065A8511EA3F7EC 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFrc.dll 2014-04-14 08:35:07 1D2E3D854B2955F4824803BD30C1D4DB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndBul.dll 2014-04-14 08:35:07 10F27BCA32DC590ADB4E52828617DFAE 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSwe.dll 2014-04-14 08:35:07 09E3073EE9795C5BC8A515DB395CDABD 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFre.dll 2014-04-14 08:35:07 06E5BE3FA89F049B72F25830CDC17DFD 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BroSNMP.dll 2014-04-14 08:35:07 02187196DA7537020C8E1848C546A64F 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCze.dll 2014-04-14 08:35:07 015D388843FCE6C29CF750609268F150 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCht.dll 2014-04-14 08:35:06 F71EC3FEC2EBEB67D067E9DA1469A9E0 122880 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRLMW03A.DLL 2014-04-14 08:35:06 D4CF6B2DA2F6410242480138B4AD43EA 139264 ----a-r- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccjpn.dll 2014-04-14 08:35:06 878CD9FA1E2A60BF1AA758FF8A84F1DA 208896 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrFirmUpdateCheck.dll 2014-04-14 08:35:06 6050BCC1B23F3DF7A1876CBDCBAC8232 401462 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\MSVCP60.DLL 2014-04-14 08:35:06 59DBBA43CBBC9F039196DE4DCEB23A4A 40960 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brif03a.dll 2014-04-14 08:35:06 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:35:06 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:35:06 38E7739C91344425AF13004239CC0130 106544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\maxutil.dll 2014-04-14 08:35:06 3524B19B9DF27873F0AEB2C0EC82EBC9 24223 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brlm03a.dll 2014-04-14 08:35:06 27A559C83AF3FCC4AB2A25D0BC01EC06 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRHOOK.DLL 2014-04-14 08:35:06 07FE70018E07871C338FBD6CB2D47C00 81966 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\pperr.dll 2014-04-14 08:35:06 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:35:05 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrDbgOut.dll 2014-04-14 08:34:31 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:34:31 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll 2014-04-14 08:25:09 FC2BD601B48F8107AD74195166CCD69C 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\brrunpp.dll 2014-04-14 08:25:09 97C8FC42065E54C0FB764ED3A22443DB 106496 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\BrMuSNMP.dll 2014-04-14 08:25:09 84D378A6E4934142F5CC4B5563B183E3 524288 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\FAXRX.exe 2014-04-14 08:25:09 5142D792080F0B8D1CACACCE004DE07A 167936 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\NSSearch.dll 2014-04-14 08:25:09 4A15F78204C1D57A6EEB8CBE988C0B30 36864 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\frxlang.dll 2014-04-14 08:25:09 28F2911AF34F73259A9C5DFFCBF71A00 995383 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\MFC42.DLL 2014-04-14 08:25:09 0F9EAD48C40D771FAF014F7B513F8040 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\cvtifmax.exe 2014-04-14 08:25:09 0B9C183D1565B48FA6E5D1D3D4B86BCC 266293 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\Msvcrt.dll 2014-04-14 08:25:08 F7F77FE3A18EA13C9E5354AE70FA04EB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPtb.dll 2014-04-14 08:25:08 F2F14D6D62768743698A1507E0ABC800 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSpa.dll 2014-04-14 08:25:08 EFDAAFC6D650774C35A9ACB60243C4A4 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndUsa.dll 2014-04-14 08:25:08 E36464F565D40407750F2E4CA3C62393 8192 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PCFAX\BRLFXA5B.dll 2014-04-14 08:25:08 C70AC95B10D56F4A651901E932603F5B 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\BrMfNt.dll 2014-04-14 08:25:08 C70AC95B10D56F4A651901E932603F5B 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\BrMfNt.dll 2014-04-14 08:25:08 C254DA1614D568F1153BAA53428D3E3B 241152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PCFAX\BROFXA5B.dll 2014-04-14 08:25:08 BD601800F46306EED0F892AD3E677BBB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPol.dll 2014-04-14 08:25:08 B95177108784A3D780678C67BA036AB8 241664 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrsif.dll 2014-04-14 08:25:08 A90BD769AA47AF057E3B9A8AFC4BE060 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndIta.dll 2014-04-14 08:25:08 A418359B855C8028EDC9B56B2C7AF510 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndJpn.dll 2014-04-14 08:25:08 A1256E4B39C66A0079FE5D3EB813D720 647168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\AddrBook.exe 2014-04-14 08:25:08 9865FF0BC6902F00CF77D79E792EBF16 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndTrk.dll 2014-04-14 08:25:08 97C8FC42065E54C0FB764ED3A22443DB 106496 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\BrMuSNMP.dll 2014-04-14 08:25:08 97C594F6C860A2114CA7B945A3076341 892928 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxDial.exe 2014-04-14 08:25:08 902EE57331D0A71DA17DBBC8454399FB 216064 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PCFAX\BRUFXA5B.dll 2014-04-14 08:25:08 8634F08E4F713318167D1867444C2ECB 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndNor.dll 2014-04-14 08:25:08 846EDC30AC781493B25BD06AEBB58267 446464 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxSet.exe 2014-04-14 08:25:08 7DFA86EEC396CE1A472B98DE1B72A706 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSvk.dll 2014-04-14 08:25:08 6F88FD042A51326A92F52AD70859E52A 425984 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrsdg.dll 2014-04-14 08:25:08 6A76DEA59A57F400593EBD976C8236A2 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndHun.dll 2014-04-14 08:25:08 646CF36D9F133AD06B4C1D6469EC9DDE 179712 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\SysDir\BrfxDA5b.dll 2014-04-14 08:25:08 5142D792080F0B8D1CACACCE004DE07A 167936 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\NSSearch.dll 2014-04-14 08:25:08 4D6A57C0CE7C4EAC5AE1D69E01656B89 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPor.dll 2014-04-14 08:25:08 434060BE2DB37AD0CC7152370F0870FF 704512 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrmss.exe 2014-04-14 08:25:08 3AEE5D4CD81697AAFA8993DC8A8079AF 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRus.dll 2014-04-14 08:25:08 2C0DF74811D6CCC6591D09718A0A6A8F 73728 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\BRCrypt.dll 2014-04-14 08:25:08 247FDE4993B846D5F57ABB05D3B57A80 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRom.dll 2014-04-14 08:25:08 10F27BCA32DC590ADB4E52828617DFAE 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSwe.dll 2014-04-14 08:25:08 06E5BE3FA89F049B72F25830CDC17DFD 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BroSNMP.dll 2014-04-14 08:25:08 03716A01A9AE2392EC0C087DB96EFCF1 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\pcfxcom.dll 2014-04-14 08:25:07 F8F2B913D2912F506967AEA815C402AF 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFin.dll 2014-04-14 08:25:07 F8ACD567BAEAAB22B0F2CC9B9145A080 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndEng.dll 2014-04-14 08:25:07 F71EC3FEC2EBEB67D067E9DA1469A9E0 122880 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRLMW03A.DLL 2014-04-14 08:25:07 DCCCD0C385DCA939159B38290E902945 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndGer.dll 2014-04-14 08:25:07 DBC2B6E7019F42BE0E9496F3516AC441 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccswe.dll 2014-04-14 08:25:07 A2A5550D70B2BEECF7BFC5C3A62B7359 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndChn.dll 2014-04-14 08:25:07 A01C23BC70358A9EA1827D5A22277F2D 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDut.dll 2014-04-14 08:25:07 878CD9FA1E2A60BF1AA758FF8A84F1DA 208896 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrFirmUpdateCheck.dll 2014-04-14 08:25:07 815519C6CFE6C71DBDB3424560740FFC 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcctrk.dll 2014-04-14 08:25:07 6050BCC1B23F3DF7A1876CBDCBAC8232 401462 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\MSVCP60.DLL 2014-04-14 08:25:07 59DBBA43CBBC9F039196DE4DCEB23A4A 40960 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brif03a.dll 2014-04-14 08:25:07 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:25:07 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:25:07 40F29329CA932A48DF3AD88EB9021119 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDan.dll 2014-04-14 08:25:07 38E7739C91344425AF13004239CC0130 106544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\maxutil.dll 2014-04-14 08:25:07 3524B19B9DF27873F0AEB2C0EC82EBC9 24223 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brlm03a.dll 2014-04-14 08:25:07 27A559C83AF3FCC4AB2A25D0BC01EC06 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRHOOK.DLL 2014-04-14 08:25:07 216C9549E520E41FD065A8511EA3F7EC 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFrc.dll 2014-04-14 08:25:07 1D2E3D854B2955F4824803BD30C1D4DB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndBul.dll 2014-04-14 08:25:07 1750FB684B853B0592DC2F295BC59AEE 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccusa.dll 2014-04-14 08:25:07 09E3073EE9795C5BC8A515DB395CDABD 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFre.dll 2014-04-14 08:25:07 07FE70018E07871C338FBD6CB2D47C00 81966 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\pperr.dll 2014-04-14 08:25:07 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:25:07 02187196DA7537020C8E1848C546A64F 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCze.dll 2014-04-14 08:25:07 015D388843FCE6C29CF750609268F150 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCht.dll 2014-04-14 08:25:06 EFEF8C5EC67E86F74A0A6F407966BF5D 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccsvk.dll 2014-04-14 08:25:06 EB6B8F37BE24C166E651C19066EAA8BE 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccpor.dll 2014-04-14 08:25:06 D4CF6B2DA2F6410242480138B4AD43EA 139264 ----a-r- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccjpn.dll 2014-04-14 08:25:06 CFAC7DCD42CC530F1579BAA697D628E3 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccptb.dll 2014-04-14 08:25:06 BAC3BB46DF6402BB415BAB74C56C518E 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccger.dll 2014-04-14 08:25:06 B26E5F8C794AB98BCB29D1A85C675B02 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccita.dll 2014-04-14 08:25:06 A1F89E2EA896EC6AD4E43DFF0AFFBD4F 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccrom.dll 2014-04-14 08:25:06 9CBC05B2044AF8F85D7CA39F3588DB06 5390336 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccimg.dll 2014-04-14 08:25:06 9055616AB09C3134C8514EEA50959C33 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcchun.dll 2014-04-14 08:25:06 8BD1BDDE43105C5A1BC34E030EB788A6 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccnor.dll 2014-04-14 08:25:06 7861C64573649C7382741290A09ED005 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccdut.dll 2014-04-14 08:25:06 6E50E0E3D59F8AC07852C6AE29E67D70 135168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcccht.dll 2014-04-14 08:25:06 6C6C0CCDA55AE727BFA097783B148C98 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccspa.dll 2014-04-14 08:25:06 5082934C3EE386C63F4F725886A4EA2E 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccfre.dll 2014-04-14 08:25:06 3A82502E93786F3EF4746EE8B515E2A7 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcceng.dll 2014-04-14 08:25:06 3377CC1DC18FB147620967476046A494 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccdan.dll 2014-04-14 08:25:06 2BD9418404CAC9203F259C7C88C9A5CB 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcccze.dll 2014-04-14 08:25:06 182FD8278F836D3CB625CCA4146F050A 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccpol.dll 2014-04-14 08:25:06 14BF7AD1469283F3A8A2759850408CD4 135168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccchn.dll 2014-04-14 08:25:06 0C44A71BABC84A6D03BEF2756531B79E 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccbul.dll 2014-04-14 08:25:06 028CC27FF6B9E43CBE7272D8BF81F1AA 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccrus.dll 2014-04-14 08:25:06 01E826F95F4555B5C163412A88E34979 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccfin.dll 2014-04-14 08:25:05 F99D296F011387C448F6AFC113BBE7D0 19968 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfwfx12n.dll 2014-04-14 08:25:05 F84F78363A96EE80D6BC8C1E34DB0872 126976 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcctwn.dll 2014-04-14 08:25:05 F726CD37FADF5CFE066B4861FC422541 208384 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltefx12n.dll 2014-04-14 08:25:05 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrDbgOut.dll 2014-04-14 08:25:05 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrDbgOut.dll 2014-04-14 08:25:05 F122133B677E43C0A027F5F742822BEC 406016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltkrn12n.dll 2014-04-14 08:25:05 DB8D1C9622792BADAC8FFA2824C6B3CB 31232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LFPNM12n.dll 2014-04-14 08:25:05 DB0387FE5668433D3A5DDBAEEA2B05D9 770048 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccDCtl.dll 2014-04-14 08:25:05 D5118B15DB42A0DE2532CFB5B616551E 37888 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfeps12n.dll 2014-04-14 08:25:05 CBC583FBF0D31F6E99CF8D01ABDD36B8 73728 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccsrch.dll 2014-04-14 08:25:05 C55322EA1F55FC6F842E166CE13F427C 73728 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lffax12n.dll 2014-04-14 08:25:05 ABFF6282B3960644748BB89FBE5D5C3C 30720 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfbmp12n.dll 2014-04-14 08:25:05 A83B6809545DCA07FEAFB748DE761CB6 23040 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfawd12n.dll 2014-04-14 08:25:05 9F01FAAB70CBD0B4791D8D4227DA54B2 94208 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrImgPDF.dll 2014-04-14 08:25:05 9E42EF5005EE75A40F1F93CB157B8A9D 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccwia.dll 2014-04-14 08:25:05 97F2EE031DA2ACC0583A12B3AFEAAC85 29184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lflma12n.dll 2014-04-14 08:25:05 953289B3AA65D8B85D18C80BEE42EE98 49664 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfwmf12n.dll 2014-04-14 08:25:05 8B8104D6D0030E6B9138CE956925A09F 19456 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfmsp12n.dll 2014-04-14 08:25:05 77FB208063DA1322C2E3355466BB3FD4 259584 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LTDIS12n.dll 2014-04-14 08:25:05 71747472120F3410BA1D509EC6CF2C47 360448 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LFCMP12n.DLL 2014-04-14 08:25:05 6B5C6C5FE1199CA803A75511B02D0183 35840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lttwn12n.dll 2014-04-14 08:25:05 5F470DC5F29C23A244418D96660C89F4 182784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\Lfpng12n.dll 2014-04-14 08:25:05 58671C4515FF07CF883C5B2C57ADE1AF 141312 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lftif12n.dll 2014-04-14 08:25:05 5122A2325A7B610437D8BEB7A42D5146 20992 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfwpg12n.dll 2014-04-14 08:25:05 503B1D27508C1B623B9245E487269034 31744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lflmb12n.dll 2014-04-14 08:25:05 4DE3EF07E0854547309C6B40235A9D44 114688 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrCtrCen.exe 2014-04-14 08:25:05 478987092F4BB426553696E1CAB542A7 164864 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltimg12n.dll 2014-04-14 08:25:05 454B24A0D75B9C1553EA20A0B907940E 266240 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brAutCrp.dll 2014-04-14 08:25:05 452885B04C9AC4BE7E428663F0164C3B 81920 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccfile.dll 2014-04-14 08:25:05 3E673974AB50A2B8276DE3FDED15D56A 131584 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltfil12n.DLL 2014-04-14 08:25:05 36E5CA5DCE72A831A3F7C7ED8AEA83AE 872448 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrccMCtl.exe 2014-04-14 08:25:05 355B06200F17D17BDEEF16A869EBC90A 184320 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\RLACMPCAPI.dll 2014-04-14 08:25:05 25E24EF9FF9F50338677E5B35DAB144D 26112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfpcx12n.dll 2014-04-14 08:25:05 24BD0B5F1CE381C62E167E92E75BAD5D 372736 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccFCtl.dll 2014-04-14 08:25:05 00739E6215570EBF7561C4694A28A78E 30208 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LTWND12n.DLL 2014-04-14 08:24:30 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll 2014-04-14 08:24:29 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:17:55 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{03D28ADE-AB7D-47AD-9D6F-EAFC4D929E7B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll 2014-04-14 08:13:09 FB1809869E2FAF8CE1A2DD2E6A9EC49C 58368 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\NetScn\SysDir\BrWiaNCp.dll 2014-04-14 08:13:09 E3370E3143ED1FB77D356F688F2EBB2A 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\NetScn\SysDir\BrSNMP64.dll 2014-04-14 08:13:09 D4C839FCA579B988060D7689656DACE7 47616 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\NetScn\SysDir\Brnsplg.dll 2014-04-14 08:13:09 2EC52083CE532AB1FAAFDC010A58116F 82944 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\NetScn\SysDir\BrNetSti.dll 2014-04-14 08:13:09 13FF14D5E66D6F80A565EC8593A3E895 207872 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\NetScn\SysDir\NSSRH64.dll 2014-04-14 08:13:08 FF29231116B0E69843B8334595BBC22F 1236992 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Drivers\briu07a.dll 2014-04-14 08:13:08 F19C118412FEBE5346EAA3143BAC56CF 1886720 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Drivers\brio07a.dll 2014-04-14 08:13:08 5096FF2EBC95F2AF3AE6A4EF19E1F86D 68608 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Drivers\bril07a.dll 2014-04-14 08:13:07 FC2BD601B48F8107AD74195166CCD69C 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\brrunpp.dll 2014-04-14 08:13:07 97C8FC42065E54C0FB764ED3A22443DB 106496 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\BrMuSNMP.dll 2014-04-14 08:13:07 84D378A6E4934142F5CC4B5563B183E3 524288 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\FAXRX.exe 2014-04-14 08:13:07 7B793F91B579282DD021A84C22EDCFA3 116544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Drivers\brqikmon.exe 2014-04-14 08:13:07 5142D792080F0B8D1CACACCE004DE07A 167936 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\NSSearch.dll 2014-04-14 08:13:07 4A15F78204C1D57A6EEB8CBE988C0B30 36864 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\frxlang.dll 2014-04-14 08:13:07 28F2911AF34F73259A9C5DFFCBF71A00 995383 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\MFC42.DLL 2014-04-14 08:13:07 0F9EAD48C40D771FAF014F7B513F8040 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\cvtifmax.exe 2014-04-14 08:13:07 0B9C183D1565B48FA6E5D1D3D4B86BCC 266293 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\Msvcrt.dll 2014-04-14 08:13:06 F8F2B913D2912F506967AEA815C402AF 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFin.dll 2014-04-14 08:13:06 F8ACD567BAEAAB22B0F2CC9B9145A080 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndEng.dll 2014-04-14 08:13:06 F7F77FE3A18EA13C9E5354AE70FA04EB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPtb.dll 2014-04-14 08:13:06 F2F14D6D62768743698A1507E0ABC800 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSpa.dll 2014-04-14 08:13:06 EFDAAFC6D650774C35A9ACB60243C4A4 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndUsa.dll 2014-04-14 08:13:06 E36464F565D40407750F2E4CA3C62393 8192 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PCFAX\BRLFXA5B.dll 2014-04-14 08:13:06 DCCCD0C385DCA939159B38290E902945 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndGer.dll 2014-04-14 08:13:06 C70AC95B10D56F4A651901E932603F5B 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\BrMfNt.dll 2014-04-14 08:13:06 C70AC95B10D56F4A651901E932603F5B 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\SysDir\BrMfNt.dll 2014-04-14 08:13:06 C254DA1614D568F1153BAA53428D3E3B 241152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PCFAX\BROFXA5B.dll 2014-04-14 08:13:06 BD601800F46306EED0F892AD3E677BBB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPol.dll 2014-04-14 08:13:06 B95177108784A3D780678C67BA036AB8 241664 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrsif.dll 2014-04-14 08:13:06 A90BD769AA47AF057E3B9A8AFC4BE060 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndIta.dll 2014-04-14 08:13:06 A418359B855C8028EDC9B56B2C7AF510 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndJpn.dll 2014-04-14 08:13:06 A2A5550D70B2BEECF7BFC5C3A62B7359 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndChn.dll 2014-04-14 08:13:06 A1256E4B39C66A0079FE5D3EB813D720 647168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\AddrBook.exe 2014-04-14 08:13:06 A01C23BC70358A9EA1827D5A22277F2D 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDut.dll 2014-04-14 08:13:06 9865FF0BC6902F00CF77D79E792EBF16 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndTrk.dll 2014-04-14 08:13:06 97C8FC42065E54C0FB764ED3A22443DB 106496 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\BrMuSNMP.dll 2014-04-14 08:13:06 97C594F6C860A2114CA7B945A3076341 892928 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxDial.exe 2014-04-14 08:13:06 902EE57331D0A71DA17DBBC8454399FB 216064 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PCFAX\BRUFXA5B.dll 2014-04-14 08:13:06 8634F08E4F713318167D1867444C2ECB 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndNor.dll 2014-04-14 08:13:06 846EDC30AC781493B25BD06AEBB58267 446464 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxSet.exe 2014-04-14 08:13:06 7DFA86EEC396CE1A472B98DE1B72A706 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSvk.dll 2014-04-14 08:13:06 6F88FD042A51326A92F52AD70859E52A 425984 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrsdg.dll 2014-04-14 08:13:06 6A76DEA59A57F400593EBD976C8236A2 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndHun.dll 2014-04-14 08:13:06 646CF36D9F133AD06B4C1D6469EC9DDE 179712 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\SysDir\BrfxDA5b.dll 2014-04-14 08:13:06 59DBBA43CBBC9F039196DE4DCEB23A4A 40960 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brif03a.dll 2014-04-14 08:13:06 5142D792080F0B8D1CACACCE004DE07A 167936 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\NSSearch.dll 2014-04-14 08:13:06 4D6A57C0CE7C4EAC5AE1D69E01656B89 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPor.dll 2014-04-14 08:13:06 434060BE2DB37AD0CC7152370F0870FF 704512 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrmss.exe 2014-04-14 08:13:06 40F29329CA932A48DF3AD88EB9021119 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDan.dll 2014-04-14 08:13:06 3AEE5D4CD81697AAFA8993DC8A8079AF 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRus.dll 2014-04-14 08:13:06 3524B19B9DF27873F0AEB2C0EC82EBC9 24223 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brlm03a.dll 2014-04-14 08:13:06 2C0DF74811D6CCC6591D09718A0A6A8F 73728 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\SysDir\BRCrypt.dll 2014-04-14 08:13:06 247FDE4993B846D5F57ABB05D3B57A80 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRom.dll 2014-04-14 08:13:06 216C9549E520E41FD065A8511EA3F7EC 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFrc.dll 2014-04-14 08:13:06 1D2E3D854B2955F4824803BD30C1D4DB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndBul.dll 2014-04-14 08:13:06 10F27BCA32DC590ADB4E52828617DFAE 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSwe.dll 2014-04-14 08:13:06 09E3073EE9795C5BC8A515DB395CDABD 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFre.dll 2014-04-14 08:13:06 06E5BE3FA89F049B72F25830CDC17DFD 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BroSNMP.dll 2014-04-14 08:13:06 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:13:06 03716A01A9AE2392EC0C087DB96EFCF1 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\pcfxcom.dll 2014-04-14 08:13:06 02187196DA7537020C8E1848C546A64F 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCze.dll 2014-04-14 08:13:06 015D388843FCE6C29CF750609268F150 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCht.dll 2014-04-14 08:13:05 F71EC3FEC2EBEB67D067E9DA1469A9E0 122880 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRLMW03A.DLL 2014-04-14 08:13:05 EFEF8C5EC67E86F74A0A6F407966BF5D 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccsvk.dll 2014-04-14 08:13:05 EB6B8F37BE24C166E651C19066EAA8BE 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccpor.dll 2014-04-14 08:13:05 DBC2B6E7019F42BE0E9496F3516AC441 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccswe.dll 2014-04-14 08:13:05 D4CF6B2DA2F6410242480138B4AD43EA 139264 ----a-r- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccjpn.dll 2014-04-14 08:13:05 CFAC7DCD42CC530F1579BAA697D628E3 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccptb.dll 2014-04-14 08:13:05 BAC3BB46DF6402BB415BAB74C56C518E 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccger.dll 2014-04-14 08:13:05 B26E5F8C794AB98BCB29D1A85C675B02 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccita.dll 2014-04-14 08:13:05 A1F89E2EA896EC6AD4E43DFF0AFFBD4F 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccrom.dll 2014-04-14 08:13:05 9CBC05B2044AF8F85D7CA39F3588DB06 5390336 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccimg.dll 2014-04-14 08:13:05 9055616AB09C3134C8514EEA50959C33 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcchun.dll 2014-04-14 08:13:05 8BD1BDDE43105C5A1BC34E030EB788A6 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccnor.dll 2014-04-14 08:13:05 878CD9FA1E2A60BF1AA758FF8A84F1DA 208896 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrFirmUpdateCheck.dll 2014-04-14 08:13:05 815519C6CFE6C71DBDB3424560740FFC 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcctrk.dll 2014-04-14 08:13:05 7861C64573649C7382741290A09ED005 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccdut.dll 2014-04-14 08:13:05 6E50E0E3D59F8AC07852C6AE29E67D70 135168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcccht.dll 2014-04-14 08:13:05 6C6C0CCDA55AE727BFA097783B148C98 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccspa.dll 2014-04-14 08:13:05 6050BCC1B23F3DF7A1876CBDCBAC8232 401462 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\MSVCP60.DLL 2014-04-14 08:13:05 5082934C3EE386C63F4F725886A4EA2E 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccfre.dll 2014-04-14 08:13:05 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:13:05 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:13:05 3A82502E93786F3EF4746EE8B515E2A7 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcceng.dll 2014-04-14 08:13:05 38E7739C91344425AF13004239CC0130 106544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\maxutil.dll 2014-04-14 08:13:05 3377CC1DC18FB147620967476046A494 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccdan.dll 2014-04-14 08:13:05 2BD9418404CAC9203F259C7C88C9A5CB 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcccze.dll 2014-04-14 08:13:05 27A559C83AF3FCC4AB2A25D0BC01EC06 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRHOOK.DLL 2014-04-14 08:13:05 182FD8278F836D3CB625CCA4146F050A 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccpol.dll 2014-04-14 08:13:05 1750FB684B853B0592DC2F295BC59AEE 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccusa.dll 2014-04-14 08:13:05 14BF7AD1469283F3A8A2759850408CD4 135168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccchn.dll 2014-04-14 08:13:05 0C44A71BABC84A6D03BEF2756531B79E 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccbul.dll 2014-04-14 08:13:05 07FE70018E07871C338FBD6CB2D47C00 81966 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\pperr.dll 2014-04-14 08:13:05 028CC27FF6B9E43CBE7272D8BF81F1AA 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccrus.dll 2014-04-14 08:13:05 01E826F95F4555B5C163412A88E34979 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccfin.dll 2014-04-14 08:13:04 F99D296F011387C448F6AFC113BBE7D0 19968 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfwfx12n.dll 2014-04-14 08:13:04 F84F78363A96EE80D6BC8C1E34DB0872 126976 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brcctwn.dll 2014-04-14 08:13:04 F726CD37FADF5CFE066B4861FC422541 208384 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltefx12n.dll 2014-04-14 08:13:04 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrDbgOut.dll 2014-04-14 08:13:04 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrDbgOut.dll 2014-04-14 08:13:04 F122133B677E43C0A027F5F742822BEC 406016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltkrn12n.dll 2014-04-14 08:13:04 DB8D1C9622792BADAC8FFA2824C6B3CB 31232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LFPNM12n.dll 2014-04-14 08:13:04 DB0387FE5668433D3A5DDBAEEA2B05D9 770048 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccDCtl.dll 2014-04-14 08:13:04 D5118B15DB42A0DE2532CFB5B616551E 37888 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfeps12n.dll 2014-04-14 08:13:04 CBC583FBF0D31F6E99CF8D01ABDD36B8 73728 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccsrch.dll 2014-04-14 08:13:04 C55322EA1F55FC6F842E166CE13F427C 73728 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lffax12n.dll 2014-04-14 08:13:04 ABFF6282B3960644748BB89FBE5D5C3C 30720 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfbmp12n.dll 2014-04-14 08:13:04 A83B6809545DCA07FEAFB748DE761CB6 23040 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfawd12n.dll 2014-04-14 08:13:04 9F01FAAB70CBD0B4791D8D4227DA54B2 94208 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrImgPDF.dll 2014-04-14 08:13:04 9E42EF5005EE75A40F1F93CB157B8A9D 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccwia.dll 2014-04-14 08:13:04 97F2EE031DA2ACC0583A12B3AFEAAC85 29184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lflma12n.dll 2014-04-14 08:13:04 953289B3AA65D8B85D18C80BEE42EE98 49664 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfwmf12n.dll 2014-04-14 08:13:04 8B8104D6D0030E6B9138CE956925A09F 19456 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfmsp12n.dll 2014-04-14 08:13:04 77FB208063DA1322C2E3355466BB3FD4 259584 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LTDIS12n.dll 2014-04-14 08:13:04 71747472120F3410BA1D509EC6CF2C47 360448 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LFCMP12n.DLL 2014-04-14 08:13:04 6B5C6C5FE1199CA803A75511B02D0183 35840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lttwn12n.dll 2014-04-14 08:13:04 5F470DC5F29C23A244418D96660C89F4 182784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\Lfpng12n.dll 2014-04-14 08:13:04 58671C4515FF07CF883C5B2C57ADE1AF 141312 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lftif12n.dll 2014-04-14 08:13:04 5122A2325A7B610437D8BEB7A42D5146 20992 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfwpg12n.dll 2014-04-14 08:13:04 503B1D27508C1B623B9245E487269034 31744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lflmb12n.dll 2014-04-14 08:13:04 4DE3EF07E0854547309C6B40235A9D44 114688 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrCtrCen.exe 2014-04-14 08:13:04 478987092F4BB426553696E1CAB542A7 164864 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltimg12n.dll 2014-04-14 08:13:04 454B24A0D75B9C1553EA20A0B907940E 266240 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brAutCrp.dll 2014-04-14 08:13:04 452885B04C9AC4BE7E428663F0164C3B 81920 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccfile.dll 2014-04-14 08:13:04 3E673974AB50A2B8276DE3FDED15D56A 131584 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\ltfil12n.DLL 2014-04-14 08:13:04 36E5CA5DCE72A831A3F7C7ED8AEA83AE 872448 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrccMCtl.exe 2014-04-14 08:13:04 355B06200F17D17BDEEF16A869EBC90A 184320 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\RLACMPCAPI.dll 2014-04-14 08:13:04 25E24EF9FF9F50338677E5B35DAB144D 26112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\lfpcx12n.dll 2014-04-14 08:13:04 24BD0B5F1CE381C62E167E92E75BAD5D 372736 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccFCtl.dll 2014-04-14 08:13:04 00739E6215570EBF7561C4694A28A78E 30208 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\LTWND12n.DLL 2014-04-14 08:12:20 FD9FADAA2A1E77B0F39170D68C87A9A4 110592 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brchkinsdrv.dll 2014-04-14 08:12:20 F7562493D826A27EF1BCD451F365285A 266240 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\SetStMonReg.dll 2014-04-14 08:12:20 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrDbgOut.dll 2014-04-14 08:12:20 E8FDD053893778670D6A5E34292E5921 90112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrStDvPt.exe 2014-04-14 08:12:20 E3F005B37D2D9D4B7C876AF86B672642 69632 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrScnSet.dll 2014-04-14 08:12:20 DFD6C6E6DA7EFCCF4A4E3E6BCBA67051 32768 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrWiEvRg.exe 2014-04-14 08:12:20 DCB85AC1C2214F8865C0814C8C445B31 10672 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\dotnetinstaller.exe 2014-04-14 08:12:20 DBEFE7BFEAC2310A13CA1D51EC9D01B5 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brstsmen.dll 2014-04-14 08:12:20 CD150FF4C3B71C279ED5F29C9189AA8D 88064 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\_IsRes.dll 2014-04-14 08:12:20 CC886198F49A382FD76F71271A9121B0 106496 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrNsInst.dll 2014-04-14 08:12:20 C689C9276B3BF3DD136813D9CC7C929E 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrWIARegRepair.exe 2014-04-14 08:12:20 B76CC44516BAB3AD483D0A2F32311880 28672 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\CHGFSC.DLL 2014-04-14 08:12:20 B35DDE51D14F9400E73196693148734E 208304 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\isrt.dll 2014-04-14 08:12:20 A757ABA80DF17DF90066C1CCE82E2E96 57344 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PTINSNT2.DLL 2014-04-14 08:12:20 A1D8E6FE86CF6D3638F282297ADD515B 90112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrDp2KPt.exe 2014-04-14 08:12:20 A10220011E0083E06B906FBB5799F40A 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrRemPnP.dll 2014-04-14 08:12:20 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:12:20 981BDE730ADC21648BAB637293BD4D3C 109056 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrNsInst64.exe 2014-04-14 08:12:20 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll 2014-04-14 08:12:20 8841C69C84B3C5C93E20B9549138399B 241664 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Custom.dll 2014-04-14 08:12:20 802DCB2A722729FC88506AC872A038D4 28672 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrIniCp.exe 2014-04-14 08:12:20 7346FAF9A1E84D7A8A7E0A869331005F 126976 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrVCPIf.dll 2014-04-14 08:12:20 5B557242C12DF680372E002FDF95C2F9 211968 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\prnadmin.dll 2014-04-14 08:12:20 5ACEC91F7912CB81C1A4C4C252539C66 90112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrDifxapi.exe 2014-04-14 08:12:20 5142D792080F0B8D1CACACCE004DE07A 167936 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\NSSearch.dll 2014-04-14 08:12:20 4C9ADE5FC5BE8A5C71DC77B9E66A9E13 217088 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrRssInfo.dll 2014-04-14 08:12:20 4B56C021299344676F123FCB48F53C1E 70064 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\ISBEW64.exe 2014-04-14 08:12:20 3F0D24C3125799980256058DCFD26E9D 45056 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ChngInfo.exe 2014-04-14 08:12:20 3EB56A500FFE64DD86642A5A0D048B38 430080 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrRemPnP.exe 2014-04-14 08:12:20 392A00E6C3DA3194581328A1F1A3ABAC 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrRmCtrl.dll 2014-04-14 08:12:20 36F4BD799DE6CDC6668B06A2171DFB0A 196608 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\_ISUser.dll 2014-04-14 08:12:20 2FED786AB07E181A4DA1D0036B6DD8DA 45056 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Bruninst.exe 2014-04-14 08:12:20 2985A79020EC96AFC2D1C8AB318B866F 385968 ----a-w- C:\Users\henkh\AppData\Local\Temp\{056B2677-A0C2-491C-9250-AD7E94DB2E76}\_Setup.dll 2014-04-14 08:12:20 208BCFC4B18E6D7888BA2C04C2297B1F 45056 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\THoop.dll 2014-04-14 08:12:20 1EA7961EF18E8A7F4E5EC1F3AA0DB990 34816 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrLach64.exe 2014-04-14 08:12:20 18C9E2B8E714F75B61FF347CEEE27E8F 114688 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrmfPrint.dll 2014-04-14 08:12:20 1837EE5E30C98E143D8CC0406E70003A 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\SendWmCommand.exe 2014-04-14 08:12:20 13FF14D5E66D6F80A565EC8593A3E895 207872 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\NSSRH64.dll 2014-04-14 08:12:20 00A6E5C5848E4AD2491700F66494149B 107008 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrDifxapi64.exe 2014-04-14 08:07:50 F2F14D6D62768743698A1507E0ABC800 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSpa.dll 2014-04-14 08:07:50 EFDAAFC6D650774C35A9ACB60243C4A4 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndUsa.dll 2014-04-14 08:07:50 9865FF0BC6902F00CF77D79E792EBF16 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndTrk.dll 2014-04-14 08:07:50 7DFA86EEC396CE1A472B98DE1B72A706 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSvk.dll 2014-04-14 08:07:50 10F27BCA32DC590ADB4E52828617DFAE 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSwe.dll 2014-04-14 08:07:50 06E5BE3FA89F049B72F25830CDC17DFD 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BroSNMP.dll 2014-04-14 08:07:49 F8F2B913D2912F506967AEA815C402AF 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFin.dll 2014-04-14 08:07:49 F8ACD567BAEAAB22B0F2CC9B9145A080 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndEng.dll 2014-04-14 08:07:49 F7F77FE3A18EA13C9E5354AE70FA04EB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPtb.dll 2014-04-14 08:07:49 DCCCD0C385DCA939159B38290E902945 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndGer.dll 2014-04-14 08:07:49 BD601800F46306EED0F892AD3E677BBB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPol.dll 2014-04-14 08:07:49 A90BD769AA47AF057E3B9A8AFC4BE060 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndIta.dll 2014-04-14 08:07:49 A418359B855C8028EDC9B56B2C7AF510 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndJpn.dll 2014-04-14 08:07:49 A2A5550D70B2BEECF7BFC5C3A62B7359 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndChn.dll 2014-04-14 08:07:49 A01C23BC70358A9EA1827D5A22277F2D 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDut.dll 2014-04-14 08:07:49 8634F08E4F713318167D1867444C2ECB 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndNor.dll 2014-04-14 08:07:49 6A76DEA59A57F400593EBD976C8236A2 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndHun.dll 2014-04-14 08:07:49 4D6A57C0CE7C4EAC5AE1D69E01656B89 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPor.dll 2014-04-14 08:07:49 40F29329CA932A48DF3AD88EB9021119 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDan.dll 2014-04-14 08:07:49 3AEE5D4CD81697AAFA8993DC8A8079AF 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRus.dll 2014-04-14 08:07:49 3524B19B9DF27873F0AEB2C0EC82EBC9 24223 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brlm03a.dll 2014-04-14 08:07:49 247FDE4993B846D5F57ABB05D3B57A80 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRom.dll 2014-04-14 08:07:49 216C9549E520E41FD065A8511EA3F7EC 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFrc.dll 2014-04-14 08:07:49 1D2E3D854B2955F4824803BD30C1D4DB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndBul.dll 2014-04-14 08:07:49 09E3073EE9795C5BC8A515DB395CDABD 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFre.dll 2014-04-14 08:07:49 02187196DA7537020C8E1848C546A64F 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCze.dll 2014-04-14 08:07:49 015D388843FCE6C29CF750609268F150 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCht.dll 2014-04-14 08:07:48 F71EC3FEC2EBEB67D067E9DA1469A9E0 122880 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRLMW03A.DLL 2014-04-14 08:07:48 D4CF6B2DA2F6410242480138B4AD43EA 139264 ----a-r- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccjpn.dll 2014-04-14 08:07:48 878CD9FA1E2A60BF1AA758FF8A84F1DA 208896 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrFirmUpdateCheck.dll 2014-04-14 08:07:48 6050BCC1B23F3DF7A1876CBDCBAC8232 401462 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\MSVCP60.DLL 2014-04-14 08:07:48 59DBBA43CBBC9F039196DE4DCEB23A4A 40960 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brif03a.dll 2014-04-14 08:07:48 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:07:48 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:07:48 38E7739C91344425AF13004239CC0130 106544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\maxutil.dll 2014-04-14 08:07:48 27A559C83AF3FCC4AB2A25D0BC01EC06 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRHOOK.DLL 2014-04-14 08:07:48 07FE70018E07871C338FBD6CB2D47C00 81966 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\pperr.dll 2014-04-14 08:07:48 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:07:47 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrDbgOut.dll 2014-04-14 08:07:08 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll 2014-04-14 08:07:07 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:05:16 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{046E2613-0194-49A8-B0B9-46D4BF0B8A91}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll 2014-04-14 08:01:11 F7F77FE3A18EA13C9E5354AE70FA04EB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPtb.dll 2014-04-14 08:01:11 F2F14D6D62768743698A1507E0ABC800 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSpa.dll 2014-04-14 08:01:11 EFDAAFC6D650774C35A9ACB60243C4A4 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndUsa.dll 2014-04-14 08:01:11 BD601800F46306EED0F892AD3E677BBB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPol.dll 2014-04-14 08:01:11 A90BD769AA47AF057E3B9A8AFC4BE060 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndIta.dll 2014-04-14 08:01:11 A418359B855C8028EDC9B56B2C7AF510 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndJpn.dll 2014-04-14 08:01:11 9865FF0BC6902F00CF77D79E792EBF16 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndTrk.dll 2014-04-14 08:01:11 8634F08E4F713318167D1867444C2ECB 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndNor.dll 2014-04-14 08:01:11 7DFA86EEC396CE1A472B98DE1B72A706 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSvk.dll 2014-04-14 08:01:11 6A76DEA59A57F400593EBD976C8236A2 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndHun.dll 2014-04-14 08:01:11 4D6A57C0CE7C4EAC5AE1D69E01656B89 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPor.dll 2014-04-14 08:01:11 3AEE5D4CD81697AAFA8993DC8A8079AF 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRus.dll 2014-04-14 08:01:11 247FDE4993B846D5F57ABB05D3B57A80 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRom.dll 2014-04-14 08:01:11 10F27BCA32DC590ADB4E52828617DFAE 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSwe.dll 2014-04-14 08:01:11 06E5BE3FA89F049B72F25830CDC17DFD 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BroSNMP.dll 2014-04-14 08:01:10 F8F2B913D2912F506967AEA815C402AF 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFin.dll 2014-04-14 08:01:10 F8ACD567BAEAAB22B0F2CC9B9145A080 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndEng.dll 2014-04-14 08:01:10 DCCCD0C385DCA939159B38290E902945 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndGer.dll 2014-04-14 08:01:10 A2A5550D70B2BEECF7BFC5C3A62B7359 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndChn.dll 2014-04-14 08:01:10 A01C23BC70358A9EA1827D5A22277F2D 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDut.dll 2014-04-14 08:01:10 40F29329CA932A48DF3AD88EB9021119 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDan.dll 2014-04-14 08:01:10 216C9549E520E41FD065A8511EA3F7EC 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFrc.dll 2014-04-14 08:01:10 1D2E3D854B2955F4824803BD30C1D4DB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndBul.dll 2014-04-14 08:01:10 09E3073EE9795C5BC8A515DB395CDABD 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFre.dll 2014-04-14 08:01:10 02187196DA7537020C8E1848C546A64F 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCze.dll 2014-04-14 08:01:10 015D388843FCE6C29CF750609268F150 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCht.dll 2014-04-14 08:01:09 F71EC3FEC2EBEB67D067E9DA1469A9E0 122880 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRLMW03A.DLL 2014-04-14 08:01:09 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrDbgOut.dll 2014-04-14 08:01:09 D4CF6B2DA2F6410242480138B4AD43EA 139264 ----a-r- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccjpn.dll 2014-04-14 08:01:09 878CD9FA1E2A60BF1AA758FF8A84F1DA 208896 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrFirmUpdateCheck.dll 2014-04-14 08:01:09 6050BCC1B23F3DF7A1876CBDCBAC8232 401462 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\MSVCP60.DLL 2014-04-14 08:01:09 59DBBA43CBBC9F039196DE4DCEB23A4A 40960 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brif03a.dll 2014-04-14 08:01:09 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:01:09 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:01:09 38E7739C91344425AF13004239CC0130 106544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\maxutil.dll 2014-04-14 08:01:09 3524B19B9DF27873F0AEB2C0EC82EBC9 24223 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brlm03a.dll 2014-04-14 08:01:09 27A559C83AF3FCC4AB2A25D0BC01EC06 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRHOOK.DLL 2014-04-14 08:01:09 07FE70018E07871C338FBD6CB2D47C00 81966 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\pperr.dll 2014-04-14 08:01:09 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:00:31 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:00:31 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll 2014-04-14 07:57:03 F8F2B913D2912F506967AEA815C402AF 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFin.dll 2014-04-14 07:57:03 F8ACD567BAEAAB22B0F2CC9B9145A080 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndEng.dll 2014-04-14 07:57:03 F7F77FE3A18EA13C9E5354AE70FA04EB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPtb.dll 2014-04-14 07:57:03 F2F14D6D62768743698A1507E0ABC800 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSpa.dll 2014-04-14 07:57:03 EFDAAFC6D650774C35A9ACB60243C4A4 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndUsa.dll 2014-04-14 07:57:03 DCCCD0C385DCA939159B38290E902945 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndGer.dll 2014-04-14 07:57:03 BD601800F46306EED0F892AD3E677BBB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPol.dll 2014-04-14 07:57:03 A90BD769AA47AF057E3B9A8AFC4BE060 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndIta.dll 2014-04-14 07:57:03 A418359B855C8028EDC9B56B2C7AF510 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndJpn.dll 2014-04-14 07:57:03 A2A5550D70B2BEECF7BFC5C3A62B7359 151552 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndChn.dll 2014-04-14 07:57:03 A01C23BC70358A9EA1827D5A22277F2D 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDut.dll 2014-04-14 07:57:03 9865FF0BC6902F00CF77D79E792EBF16 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndTrk.dll 2014-04-14 07:57:03 8634F08E4F713318167D1867444C2ECB 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndNor.dll 2014-04-14 07:57:03 7DFA86EEC396CE1A472B98DE1B72A706 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSvk.dll 2014-04-14 07:57:03 6A76DEA59A57F400593EBD976C8236A2 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndHun.dll 2014-04-14 07:57:03 4D6A57C0CE7C4EAC5AE1D69E01656B89 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndPor.dll 2014-04-14 07:57:03 40F29329CA932A48DF3AD88EB9021119 159744 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndDan.dll 2014-04-14 07:57:03 3AEE5D4CD81697AAFA8993DC8A8079AF 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRus.dll 2014-04-14 07:57:03 247FDE4993B846D5F57ABB05D3B57A80 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndRom.dll 2014-04-14 07:57:03 216C9549E520E41FD065A8511EA3F7EC 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFrc.dll 2014-04-14 07:57:03 1D2E3D854B2955F4824803BD30C1D4DB 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndBul.dll 2014-04-14 07:57:03 10F27BCA32DC590ADB4E52828617DFAE 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndSwe.dll 2014-04-14 07:57:03 09E3073EE9795C5BC8A515DB395CDABD 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndFre.dll 2014-04-14 07:57:03 06E5BE3FA89F049B72F25830CDC17DFD 176128 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BroSNMP.dll 2014-04-14 07:57:03 02187196DA7537020C8E1848C546A64F 163840 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCze.dll 2014-04-14 07:57:03 015D388843FCE6C29CF750609268F150 155648 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon_NotUninstall\BrmfcwndCht.dll 2014-04-14 07:57:02 F71EC3FEC2EBEB67D067E9DA1469A9E0 122880 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRLMW03A.DLL 2014-04-14 07:57:02 878CD9FA1E2A60BF1AA758FF8A84F1DA 208896 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrFirmUpdateCheck.dll 2014-04-14 07:57:02 6050BCC1B23F3DF7A1876CBDCBAC8232 401462 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\MSVCP60.DLL 2014-04-14 07:57:02 59DBBA43CBBC9F039196DE4DCEB23A4A 40960 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brif03a.dll 2014-04-14 07:57:02 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 07:57:02 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 07:57:02 38E7739C91344425AF13004239CC0130 106544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\maxutil.dll 2014-04-14 07:57:02 3524B19B9DF27873F0AEB2C0EC82EBC9 24223 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\brlm03a.dll 2014-04-14 07:57:02 27A559C83AF3FCC4AB2A25D0BC01EC06 49152 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BRHOOK.DLL 2014-04-14 07:57:02 07FE70018E07871C338FBD6CB2D47C00 81966 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ContrlCenter\pperr.dll 2014-04-14 07:57:02 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 07:57:01 F14425B29193F18EFCB9F856F28BCD59 118784 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrDbgOut.dll 2014-04-14 07:57:01 D4CF6B2DA2F6410242480138B4AD43EA 139264 ----a-r- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\brccjpn.dll 2014-04-14 07:55:25 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 07:55:25 9495B07F33DED991C65D9B04945D44C5 519232 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\difxapi.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-04-13 11:55:20 AA12D7A960DB78DD9690AB5B5DAE6586 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-04-13 11:55:19 CE6921D33682C6C3DB8A45853CC69402 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-04-13 11:55:16 A127D17C354B473B0F4C6265538F5A2C 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-04-13 11:55:14 EDACA6C44D9CE200F899B7DB0F201DFF 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-04-13 11:55:14 EBC35FE64056910A84485BEEB6DCCAC6 524288 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-04-13 11:55:14 7E9FE7DB43BC204E44F159F843E35C15 367616 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-04-13 11:55:14 34FC79C948EE2C5FD0CD699E7D7F91B7 244224 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-04-13 11:55:14 31385A6CAA31BE9D07B0B32E5AA99ABB 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-04-13 11:55:13 82287FCFFA4A2D60FD744E3FEB3192C5 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-04-13 11:55:13 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-13 11:55:13 0FDC1A576A3F40420882C0F7C4A66EAD 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-04-13 11:55:12 C9CA9803299EB6AFA34CB520BAAB083D 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-13 11:55:10 BB185D4A9362AA17CBCEC0768CDBF249 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-04-13 11:55:10 6557B48D53D653CFCCE3CB1CFA53A8E1 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-13 11:55:10 0F4A295516781897FFB09B4CCF2E8798 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-04-13 11:55:09 05BD47136DE62FAFE9F95B40E4100144 2178048 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-04-13 11:55:08 E4E829EE073E046B0EB19B5FECB19B8C 1789440 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-04-13 11:55:08 C4A383FD50FBD7E274DD41CF571DF898 1967104 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-04-13 11:55:08 76F58DB8F85C125E0D6B3AA42F3BF1D0 1143808 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-04-13 11:55:07 2AFBB91BBD2378933B26E6D68C140D1B 11745792 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-04-13 11:55:06 EA85144F35EDE6EE25C484D4242FF2C8 17387008 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-04-13 11:55:06 8C46360D6EF9D4C563FE834C4F287DA3 4254720 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-04-10 09:44:00 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2014-04-10 09:44:00 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2014-04-10 09:44:00 76161B9D78A275F8F28DD67436013110 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2014-04-10 09:44:00 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2014-04-10 09:44:00 1F76F7CB3C690ACB985C2FD419383B49 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2014-04-10 09:44:00 1E886E327F37F34CC7465F1605D1F3CD 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-04-13 11:55:20 7446786E7092ABE122D372F95E6ED74B 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-04-13 11:55:19 FFF555C177D9F2B79B5C3146BED09FB1 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-04-13 11:55:16 6A8AA25D37F89E40B834F34950E3B89B 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-04-13 11:55:15 D6067F7EE060C5D6D79008AD591B4E3B 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-04-13 11:55:15 964C89BC8A52A260D68C90FDDEB862E2 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-04-13 11:55:15 72116CC377FF4281B0132C397026D911 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-04-13 11:55:15 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-04-13 11:55:14 E7161E2C66FF9B1E87C30FC9D2497ABB 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-04-13 11:55:14 E0D95345D1EBB54F28E958782B9C0CE0 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-04-13 11:55:14 CFBA793F678EB3855052ECF99357A9A1 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-04-13 11:55:14 CB57E934280D346AE0A9B053DAA284C5 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-04-13 11:55:14 75AD355828187145A60E3DC7BAF7B0F3 628736 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-04-13 11:55:14 3F547245C78F4847B73EDDFD4A2F7E12 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-04-13 11:55:13 A3F9A9E46BDDBB8B20B7CF3EEDB990F2 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-04-13 11:55:13 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-04-13 11:55:12 37D0FB9E5E8EDA40B66FC3FB3D660261 23549440 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-04-13 11:55:10 EBAD8A4D048ED257E4A45F6356541F86 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-04-13 11:55:10 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-04-13 11:55:10 915D8A9E112C97C90C654F792B6B28B9 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-04-13 11:55:10 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-04-13 11:55:08 F220BA78AB542C70211D73AE4729B2CD 2260480 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-04-13 11:55:08 32417AE8280276968E5C551ED85D3525 1400832 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-04-13 11:55:08 1F8534A19A66275C863DE17645CB2A13 2767360 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-04-13 11:55:08 1654093C8BD3342997D27B71684ACCE8 2043904 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-04-13 11:55:07 A14BB2F5F6457738AAA11367F5172A05 13551104 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-04-13 11:55:06 BF25489459C7A762DD7B3186C7E3984D 5784064 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-04-10 09:44:00 D2A513EE880D71BDE7F0257F38B9D019 1163264 ----a-w- C:\Windows\Sysnative\kernel32.dll 2014-04-10 09:44:00 74959C718FF4594369645F35B7DF19C4 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2014-04-10 09:44:00 7434E01FBCA3CB86539C39412A31D5E1 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2014-04-10 09:44:00 2A107B611C91CD256466C58C0D776E9D 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2014-04-10 09:44:00 0F090A77E664CB0F70AB8D3B230B760C 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll ====== C:\Windows\Sysnative\drivers ===== 2014-04-10 09:44:03 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-04-10 09:44:03 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-04-10 09:44:03 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-04-10 09:43:59 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys ====== C:\Windows\Tasks ====== 2014-04-10 13:26:32 489387715610DBC3B78014E29F89271A 3540 ----a-w- C:\Windows\Sysnative\Tasks\FFMPEGUpd ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-04-15 12:30:20 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-04-10 13:26:31 -------- d-----w- C:\PROGRA~2\FFMPEG 2014-03-25 15:02:13 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-03-25 15:02:13 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\henkh\AppData\Roaming ====== 2014-04-10 13:26:03 -------- d-----w- C:\Users\henkh\AppData\Locallow\Goobzo 2014-03-25 15:02:20 -------- d-----w- C:\Users\henkh\AppData\Local\Skype ====== C:\Users\henkh ====== 2014-04-15 12:28:23 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\henkh\Desktop\RSITx64.exe 2014-04-14 17:10:28 -------- d--h--w- C:\ProgramData\Common Files 2014-04-14 08:12:20 -------- d-----w- C:\ProgramData\InstallShield 2014-03-25 15:02:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2014-04-15 12:30:22 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\henkh.exe 2014-04-15 12:28:23 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\henkh\Desktop\RSITx64.exe 2014-04-14 08:35:06 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:35:06 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:35:06 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:34:31 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{AAC79586-CAEA-49D2-B63E-FE28CB8FF59B}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:25:09 84D378A6E4934142F5CC4B5563B183E3 524288 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\FAXRX.exe 2014-04-14 08:25:09 0F9EAD48C40D771FAF014F7B513F8040 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\cvtifmax.exe 2014-04-14 08:25:08 A1256E4B39C66A0079FE5D3EB813D720 647168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\AddrBook.exe 2014-04-14 08:25:08 97C594F6C860A2114CA7B945A3076341 892928 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxDial.exe 2014-04-14 08:25:08 846EDC30AC781493B25BD06AEBB58267 446464 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxSet.exe 2014-04-14 08:25:08 434060BE2DB37AD0CC7152370F0870FF 704512 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrmss.exe 2014-04-14 08:25:07 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:25:07 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:25:07 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:25:05 4DE3EF07E0854547309C6B40235A9D44 114688 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrCtrCen.exe 2014-04-14 08:25:05 36E5CA5DCE72A831A3F7C7ED8AEA83AE 872448 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrccMCtl.exe 2014-04-14 08:24:29 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{0763C0AF-ED67-48F2-BDD1-B5D7C3D30DFC}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:13:07 84D378A6E4934142F5CC4B5563B183E3 524288 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\FAXRX.exe 2014-04-14 08:13:07 7B793F91B579282DD021A84C22EDCFA3 116544 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Drivers\brqikmon.exe 2014-04-14 08:13:07 0F9EAD48C40D771FAF014F7B513F8040 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxRx\cvtifmax.exe 2014-04-14 08:13:06 A1256E4B39C66A0079FE5D3EB813D720 647168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\AddrBook.exe 2014-04-14 08:13:06 97C594F6C860A2114CA7B945A3076341 892928 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxDial.exe 2014-04-14 08:13:06 846EDC30AC781493B25BD06AEBB58267 446464 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\PcfaxTx\PCfxSet.exe 2014-04-14 08:13:06 434060BE2DB37AD0CC7152370F0870FF 704512 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Rsp\brmfrmss.exe 2014-04-14 08:13:06 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:13:05 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:13:05 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:13:04 4DE3EF07E0854547309C6B40235A9D44 114688 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrCtrCen.exe 2014-04-14 08:13:04 36E5CA5DCE72A831A3F7C7ED8AEA83AE 872448 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ControlCenter\BrccMCtl.exe 2014-04-14 08:12:20 E8FDD053893778670D6A5E34292E5921 90112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrStDvPt.exe 2014-04-14 08:12:20 DFD6C6E6DA7EFCCF4A4E3E6BCBA67051 32768 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrWiEvRg.exe 2014-04-14 08:12:20 DCB85AC1C2214F8865C0814C8C445B31 10672 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\dotnetinstaller.exe 2014-04-14 08:12:20 C689C9276B3BF3DD136813D9CC7C929E 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrWIARegRepair.exe 2014-04-14 08:12:20 A1D8E6FE86CF6D3638F282297ADD515B 90112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrDp2KPt.exe 2014-04-14 08:12:20 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:12:20 981BDE730ADC21648BAB637293BD4D3C 109056 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrNsInst64.exe 2014-04-14 08:12:20 802DCB2A722729FC88506AC872A038D4 28672 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrIniCp.exe 2014-04-14 08:12:20 5ACEC91F7912CB81C1A4C4C252539C66 90112 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrDifxapi.exe 2014-04-14 08:12:20 4B56C021299344676F123FCB48F53C1E 70064 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\ISBEW64.exe 2014-04-14 08:12:20 3F0D24C3125799980256058DCFD26E9D 45056 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\ChngInfo.exe 2014-04-14 08:12:20 3EB56A500FFE64DD86642A5A0D048B38 430080 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrRemPnP.exe 2014-04-14 08:12:20 2FED786AB07E181A4DA1D0036B6DD8DA 45056 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Bruninst.exe 2014-04-14 08:12:20 1EA7961EF18E8A7F4E5EC1F3AA0DB990 34816 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrLach64.exe 2014-04-14 08:12:20 1837EE5E30C98E143D8CC0406E70003A 24576 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\SendWmCommand.exe 2014-04-14 08:12:20 00A6E5C5848E4AD2491700F66494149B 107008 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrDifxapi64.exe 2014-04-14 08:07:48 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:07:48 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:07:48 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:07:07 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{39BA1A3B-58D2-4BE2-B1A4-29BF19D656C4}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 08:01:09 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 08:01:09 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 08:01:09 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 08:00:31 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{16BA6175-259B-40E8-95CE-C6A13DF152FA}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-14 07:57:02 4D5D968FE6AE6BF94A807F73F7FF6B3D 1159168 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcWnd.exe 2014-04-14 07:57:02 490F9A7948EF661DF32A9F0DC8534284 221184 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfcMon.exe 2014-04-14 07:57:02 03ED4235F1E428A79B86287E6AD108F4 143360 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\Brmfcmon\BrMfimon.exe 2014-04-14 07:55:25 9C368AE8852FEC5F06F66381D8CA2678 86016 ----a-w- C:\Users\henkh\AppData\Local\Temp\{24B67BB6-80AA-48EB-9F44-83C6DB4E5D59}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\BrC3Rgin.exe 2014-04-13 11:55:18 F972DDD19A10F53D74021DDEAC07CCA6 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-04-13 11:55:18 E0155A11B26C7D5347069AB7ACB62D02 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-04-13 11:55:18 C5C7E33308BAE18BD9F59F9A93E85D33 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-04-13 11:55:18 BEA4E0C0BA936E8A3DB24D1A37BF70BE 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-04-13 11:55:15 3F498856C68725717195C16568FE19D0 586240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-04-13 11:55:13 21BF6759685FD193715B483F2B3F21B1 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-04-13 11:55:13 1BF215FF4DF6DE10D2F81A2CE85157D2 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-04-13 11:55:10 A3A132CBE48AF0324466469F2CAAE8A2 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-04-13 11:55:10 710FD0E362A1A5C087DB90C1BAC46411 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-04-13 11:55:08 EA8386CA87165460D39A1D29FF11080B 809680 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-04-13 11:55:08 0667ED9F8E905E1F73DB60ACCEDCBCA7 811728 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-04-11 17:26:30 8FAE9109245E4B4FF42704ECFB86F1B6 8704216 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.116\34.0.1847.116_33.0.1750.154_chrome_updater.exe 2014-04-10 13:26:04 684E58AF02F5B57D3D2BF8F54F8C146E 10434976 ----a-w- C:\Users\henkh\AppData\LocalLow\Goobzo\Video Converter\FFMPEGInst.exe 2014-04-10 12:41:35 9051F98A6ABF038359C3CC6FC961058D 8558520 ----a-w- C:\Windows\Temp\d2467975\SetupDataMngr_iLivid.exe 2014-04-10 09:44:00 A30AB03E7C837A17AC70E67E63B8E2F6 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2014-04-10 09:44:00 9F3D88540DB73F5213D5044CB50006DF 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2014-04-10 09:44:00 2E1D6624EE2C3F454CADF09DC59E78B0 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2014-04-09 15:21:36 A5D2A38C8BCF423115E065FACC83C8A3 113896 ----a-w- C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe === C: other files == 2014-04-14 08:12:20 DE48EA0338BA6CC4F2DCF9E63FB373EE 1139 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\prnport_2k.vbs 2014-04-14 08:12:20 4A802E0C0FFE4AFE9C7F351CBBEDFDE9 29488 ----a-w- C:\Users\henkh\AppData\Local\Temp\{2B506A37-D29F-4706-B71A-024552CCC07F}\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}\prnport.vbs 2014-04-10 09:44:03 B3222734D80013D2C73841B0C549FA63 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2014-04-10 09:44:03 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\System32\drivers\storport.sys 2014-04-10 09:44:03 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2014-04-10 09:43:59 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\System32\drivers\ntfs.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-588773822-3484970543-4242595443-1000\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Remote Control Editor"="C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "Dolby Home Theater v4"="C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe -autostart" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "mcpltui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey" "EaseUS EPM tray"="C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Remote Control Editor"="C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " ==== Startup Folders ====================== 2013-05-07 16:49:21 1935 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-03-2014 16:24] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-11-2012 11:32] C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf2bc0b2205a9e.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-11-2012 11:32] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\DriverTuner Startup" ["C:\Program Files (x86)\DriverTuner\DriverTuner.exe"] "C:\Windows\SysNative\tasks\FFMPEGUpd" [C:\PROGRA~2\FFMPEG\FFMPEG~1.EXE] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf2bc0b2205a9e" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{4B730A40-543D-468C-9DA4-543E483EC931}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\WinZipDriverUpdaterRunAtStartup" [C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\{B676DFF9-BBAA-418C-A55E-049186C59C3A}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE] "C:\Windows\SysNative\tasks\{B920D6F7-6DBA-4249-BB75-D52A0D25253F}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE] "C:\Windows\SysNative\tasks\{FC6B1B50-64A0-4B6C-BBFA-99748CC80D0D}" [C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [29-03-2014 01:03] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\henkh\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[] bopakagnckmlgajfccecajhnimjiiedh - No path found[] elchiiiejkobdbblfejjkbphbddgmljf - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\Softonic.crx[] fheoggkfdfchfphceeifdbepaooicaho - No path found[] gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files (x86)\DefaultTab\DefaultTab.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] Snap.Do - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl Google Docs - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Spry this - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam Google Search - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Allin1Convert - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl DefaultTab - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Google Wallet - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ShopperPro - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc Gmail - henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhagnahfpegocdhlopgljpaafeogmcc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-362&v=a11465-178&t=4" "Search Page"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013" "Default_Page_URL"="http://www.aldi.com" "Search Bar"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=ac1acefc000000000000685d4327bedc" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=ac1acefc000000000000685d4327bedc" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013" "SearchAssistant"="http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\virtualKeyboard@kaspersky.ru deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaCR deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBA9R03 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\henkh\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5099 folders=1230 281418516 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\henkh\AppData\Local\Temp will be emptied at reboot C:\Users\TEMP\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\henkh\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Movies Toolbar\Datamngr\apcrtldr.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\Datamngr.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrChrome.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\DatamngrUI.exe" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\del_DM_LL_nsm7601.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\favicon.ico" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\Helper.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\IEBHO.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\Internet Explorer Settings.exe" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\mgrldr_u.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\setmgrc1.cfg" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\Uninstall.exe" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\apcrtldr.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\Datamngr.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\del_DM_LL_nsm7601.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\IEBHO.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\mgrldr.dll" not found "C:\PROGRA~2\Movies Toolbar\Datamngr\x64\setmgrc1.cfg" not found "C:\Users\henkh\AppData\Local\Packages" deleted "C:\Program Files (x86)\Microsoft\BingBar" not found "C:\PROGRA~2\Movies Toolbar" not found "C:\Users\henkh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3WBA9R03" not found ==== EOF on di 15-04-2014 at 17:49:43,49 ======================

Hallo Kape bedankt voor de snelle reactie. Hieronder staat het log van RSIT: Logfile of random's system information tool 1.09 (written by random/random) Run by henkh at 2014-04-15 14:32:19 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 341 GB (80%) free of 425 GB Total RAM: 3988 MB (57% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:32:26, on 15-4-2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files\trend micro\henkh.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Ask.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=NL&userid=dc8ea2dc-9ef3-cef3-3484-7137624ac05d&searchtype=ds&q={searchTerms}&installDate=18/11/2013 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\henkh\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (file missing) O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (file missing) O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Remote Control Editor] "C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU) O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Elektronica, Auto's, Mode, Verzamelobjecten, Coupons en Meer | eBay (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files (x86)\PHotkey\ASLDRSrv.exe O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Security Service (BTHSSecurityMgr) - Intel® Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe O23 - Service: Distributed Computing Experiment (DCE) - Unknown owner - C:\Program Files\DCE\dce.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\henkh\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: McAfee Anti-Malware Core (mfecore) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NPWService - Unknown owner - C:\Program Files (x86)\Generic\Network Printer Wizard\NPWService.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- End of file - 20319 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\PHotkey\ASLDRSrv.exe" "C:\Program Files (x86)\PHotkey\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k bthsvcs "C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe" "C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe" "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" "C:\Program Files\DCE\dce.exe" "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 456 "C:\Users\henkh\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe" "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" "C:\Program Files\Intel\iCLS Client\HeciServer.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe" "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\Generic\Network Printer Wizard\NPWService.exe" "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:\Program Files\CyberLink\Shared files\RichVideo64.exe" "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" "C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait C:\Windows\system32\wbem\wmiprvse.exe "C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait WLIDSvcM.exe 2772 "C:\Program Files\McAfee\MSC\McAPExe.exe" "C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "taskhost.exe" taskeng.exe {00200685-0725-4201-997B-B514FD82EF2E} "C:\Program Files (x86)\PHotkey\PHotkey.exe" "C:\Program Files (x86)\PHotkey\MsgTranAgt.exe" "C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" -EMBEDDING ATouch64 "C:\Program Files (x86)\PHotkey\PVDesktop.exe" "C:\Program Files (x86)\PHotkey\PVDAgent.exe" "C:\Program Files (x86)\PHotkey\MyWiMax.exe" "C:\Program Files (x86)\PHotkey\POSD.exe" "C:\Program Files (x86)\PHotkey\GPMTray.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" "C:\Windows\WindowsMobile\wmdc.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun C:\Windows\system32\svchost.exe -k WindowsMobile "C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe" "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe" "C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" "C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" /AUTORUN "C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui /runkey HCSynApi.exe "C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe" /autorun "C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "c:\PROGRA~2\mcafee\SITEAD~1\saui.exe" -Embedding "C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe" "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\McAfee\MAT\McPvTray.exe" C:\Windows\system32\svchost.exe -k SDRSVC C:\Windows\system32\wbem\wmiprvse.exe C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe {CF10C3DD-7FC1-476f-8546-A12D7DA24BBF}|{5a0e3522-a7f0-424e-b2f4-83a4160f94a5} "C:\Users\henkh\Documents\Downloads\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf2bc0b2205a9e.job C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job C:\Windows\tasks\WinZipDriverUpdater_UPDATES.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-07-15 545192] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-02 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-03-19 290792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-07-15 193456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-07-15 453104] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] DefaultTab Browser Helper - C:\Users\henkh\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2014-02-10 468600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] DealPly - C:\Program Files (x86)\DealPly\DealPlyIE.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-02 194504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}] McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-03-19 239280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-07-15 157680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] Softonic Helper Object - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\bh\Softonic.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-03-19 290792] {ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 444752] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-02 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-03-19 239280] {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - Softonic Toolbar - C:\Program Files (x86)\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll [] {ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 444752] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-02 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-02-23 2884880] "BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2012-02-18 177936] "Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-11-20 39408] "Remote Control Editor"=C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe [2010-11-16 1843784] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10 20918432] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"=C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648] "RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-07-13 93296] "Dolby Home Theater v4"=C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2011-02-03 506712] "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184] "mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-01-28 537992] "mcpltui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2014-01-28 537992] "EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2013-03-29 2081792] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "BrMfcWnd"=C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [2009-05-26 1159168] "ControlCenter3"=C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [2008-12-24 114688] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-12-14 442880] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\Windows\System32\klogon.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "NoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 3 months====== 2014-04-15 14:30:20 ----D---- C:\rsit 2014-04-15 14:30:20 ----D---- C:\Program Files\trend micro 2014-04-14 19:10:28 ----HD---- C:\ProgramData\Common Files 2014-04-14 19:10:28 ----D---- C:\ProgramData\MFAData 2014-04-14 10:12:20 ----D---- C:\ProgramData\InstallShield 2014-04-13 13:55:20 ----A---- C:\Windows\SYSWOW64\ieui.dll 2014-04-13 13:55:20 ----A---- C:\Windows\system32\ieui.dll 2014-04-13 13:55:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2014-04-13 13:55:19 ----A---- C:\Windows\system32\vbscript.dll 2014-04-13 13:55:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-13 13:55:15 ----A---- C:\Windows\system32\iernonce.dll 2014-04-13 13:55:15 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2014-04-13 13:55:15 ----A---- C:\Windows\system32\ie4uinit.exe 2014-04-13 13:55:14 ----A---- C:\Windows\SYSWOW64\msrating.dll 2014-04-13 13:55:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2014-04-13 13:55:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2014-04-13 13:55:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2014-04-13 13:55:14 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2014-04-13 13:55:14 ----A---- C:\Windows\system32\msrating.dll 2014-04-13 13:55:14 ----A---- C:\Windows\system32\msfeeds.dll 2014-04-13 13:55:14 ----A---- C:\Windows\system32\jsproxy.dll 2014-04-13 13:55:14 ----A---- C:\Windows\system32\jscript9diag.dll 2014-04-13 13:55:14 ----A---- C:\Windows\system32\dxtrans.dll 2014-04-13 13:55:14 ----A---- C:\Windows\system32\dxtmsft.dll 2014-04-13 13:55:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2014-04-13 13:55:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2014-04-13 13:55:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2014-04-13 13:55:13 ----A---- C:\Windows\system32\ieUnatt.exe 2014-04-13 13:55:13 ----A---- C:\Windows\system32\iesetup.dll 2014-04-13 13:55:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2014-04-13 13:55:12 ----A---- C:\Windows\system32\mshtml.dll 2014-04-13 13:55:10 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2014-04-13 13:55:10 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2014-04-13 13:55:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2014-04-13 13:55:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-13 13:55:10 ----A---- C:\Windows\system32\ieetwproxystub.dll 2014-04-13 13:55:10 ----A---- C:\Windows\system32\ieetwcollector.exe 2014-04-13 13:55:10 ----A---- C:\Windows\system32\ieapfltr.dll 2014-04-13 13:55:09 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2014-04-13 13:55:08 ----A---- C:\Windows\SYSWOW64\wininet.dll 2014-04-13 13:55:08 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2014-04-13 13:55:08 ----A---- C:\Windows\system32\wininet.dll 2014-04-13 13:55:08 ----A---- C:\Windows\system32\urlmon.dll 2014-04-13 13:55:08 ----A---- C:\Windows\system32\iertutil.dll 2014-04-13 13:55:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2014-04-13 13:55:07 ----A---- C:\Windows\system32\ieframe.dll 2014-04-13 13:55:06 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2014-04-13 13:55:06 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2014-04-13 13:55:06 ----A---- C:\Windows\system32\jscript9.dll 2014-04-10 15:26:31 ----D---- C:\Program Files (x86)\FFMPEG 2014-04-10 15:26:04 ----D---- C:\ProgramData\SPEEDbit 2014-04-10 11:44:03 ----A---- C:\Windows\SYSWOW64\iologmsg.dll 2014-04-10 11:44:03 ----A---- C:\Windows\system32\iologmsg.dll 2014-04-10 11:44:03 ----A---- C:\Windows\system32\drivers\storport.sys 2014-04-10 11:44:03 ----A---- C:\Windows\system32\drivers\msiscsi.sys 2014-04-10 11:44:03 ----A---- C:\Windows\system32\drivers\Diskdump.sys 2014-04-10 11:44:00 ----A---- C:\Windows\SYSWOW64\wow32.dll 2014-04-10 11:44:00 ----A---- C:\Windows\SYSWOW64\user.exe 2014-04-10 11:44:00 ----A---- C:\Windows\SYSWOW64\setup16.exe 2014-04-10 11:44:00 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2014-04-10 11:44:00 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2014-04-10 11:44:00 ----A---- C:\Windows\SYSWOW64\instnm.exe 2014-04-10 11:44:00 ----A---- C:\Windows\system32\wow64win.dll 2014-04-10 11:44:00 ----A---- C:\Windows\system32\wow64cpu.dll 2014-04-10 11:44:00 ----A---- C:\Windows\system32\wow64.dll 2014-04-10 11:44:00 ----A---- C:\Windows\system32\ntvdm64.dll 2014-04-10 11:44:00 ----A---- C:\Windows\system32\kernel32.dll 2014-04-10 11:43:59 ----A---- C:\Windows\system32\drivers\ntfs.sys 2014-03-25 17:02:13 ----RD---- C:\Program Files (x86)\Skype 2014-03-13 23:40:07 ----A---- C:\Windows\system32\wwansvc.dll 2014-03-13 23:37:59 ----A---- C:\Windows\SYSWOW64\wer.dll 2014-03-13 23:37:59 ----A---- C:\Windows\system32\wer.dll 2014-03-13 23:35:29 ----A---- C:\Windows\system32\win32k.sys 2014-03-13 23:11:22 ----A---- C:\Windows\SYSWOW64\qedit.dll 2014-03-13 23:11:22 ----A---- C:\Windows\system32\qedit.dll 2014-03-13 23:01:07 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll 2014-03-13 23:01:07 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-02-26 11:04:21 ----D---- C:\Windows\Migration 2014-02-25 20:30:44 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2014-02-25 20:30:44 ----A---- C:\Windows\system32\mstscax.dll 2014-02-17 18:52:56 ----D---- C:\Program Files (x86)\Mobogenie 2014-02-17 18:52:37 ----D---- C:\Users\henkh\AppData\Roaming\GoforFiles 2014-02-17 18:52:37 ----D---- C:\Program Files (x86)\GoforFiles 2014-02-17 12:06:16 ----A---- C:\Windows\system32\roboot64.exe 2014-02-17 12:06:14 ----D---- C:\Users\henkh\AppData\Roaming\systweak 2014-02-17 01:18:21 ----D---- C:\a4146bdf70767356990317cf7b 2014-02-16 09:53:12 ----D---- C:\Program Files\McAfee Security Scan 2014-02-15 01:14:26 ----D---- C:\Users\henkh\AppData\Roaming\Ashampoo 2014-02-13 23:30:12 ----A---- C:\Windows\system32\msxml3.dll 2014-02-13 23:30:11 ----A---- C:\Windows\SYSWOW64\msxml3r.dll 2014-02-13 23:30:11 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2014-02-13 23:30:11 ----A---- C:\Windows\system32\msxml3r.dll 2014-02-13 23:29:58 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2014-02-13 23:29:58 ----A---- C:\Windows\system32\RMActivate_isv.exe 2014-02-13 23:29:58 ----A---- C:\Windows\system32\RMActivate.exe 2014-02-13 23:29:57 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2014-02-13 23:29:57 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2014-02-13 23:29:57 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 23:29:57 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 23:29:56 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2014-02-13 23:29:56 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2014-02-13 23:29:56 ----A---- C:\Windows\system32\secproc_isv.dll 2014-02-13 23:29:56 ----A---- C:\Windows\system32\secproc.dll 2014-02-13 23:29:55 ----A---- C:\Windows\SYSWOW64\secproc.dll 2014-02-13 23:29:55 ----A---- C:\Windows\SYSWOW64\msdrm.dll 2014-02-13 23:29:55 ----A---- C:\Windows\system32\secproc_ssp.dll 2014-02-13 23:29:55 ----A---- C:\Windows\system32\msdrm.dll 2014-02-13 23:29:54 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2014-02-13 23:29:54 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2014-02-13 23:29:54 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 23:29:36 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2014-02-13 23:29:36 ----A---- C:\Windows\system32\d3d10warp.dll 2014-02-13 23:29:35 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2014-02-13 23:29:35 ----A---- C:\Windows\system32\d2d1.dll 2014-02-10 12:11:49 ----D---- C:\Program Files\ZyXEL PLA42xx Series Configuration 2014-02-10 12:10:54 ----D---- C:\Program Files (x86)\WinPcap 2014-02-09 17:39:32 ----D---- C:\Users\henkh\AppData\Roaming\TeamViewer 2014-02-09 01:30:55 ----D---- C:\ProgramData\Datamngr 2014-02-08 01:26:00 ----D---- C:\Program Files (x86)\LAV Filters 2014-02-08 01:24:17 ----D---- C:\Program Files (x86)\TERRATEC 2014-02-07 18:00:11 ----D---- C:\Program Files\Recuva 2014-02-07 18:00:02 ----A---- C:\Windows\wininit.ini 2014-02-03 00:20:51 ----D---- C:\Windows\SYSWOW64\SearchProtect 2014-02-02 16:42:51 ----D---- C:\Users\henkh\AppData\Roaming\uTorrent 2014-02-02 15:59:40 ----D---- C:\Program Files (x86)\GreenTree Applications 2014-01-30 01:11:37 ----D---- C:\Program Files\Common Files\TerraTec 2014-01-30 01:03:15 ----D---- C:\ProgramData\TerraTec 2014-01-30 01:02:02 ----D---- C:\Users\henkh\AppData\Roaming\TerraTec 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71u.dll 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71KOR.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71JPN.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71ITA.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71FRA.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71ESP.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71ENU.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71DEU.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71CHT.DLL 2014-01-30 00:37:04 ----A---- C:\Windows\SYSWOW64\MFC71CHS.DLL 2014-01-30 00:37:03 ----A---- C:\Windows\SYSWOW64\MFC71.dll 2014-01-30 00:37:03 ----A---- C:\Windows\SYSWOW64\gdiplus.dll 2014-01-30 00:34:20 ----D---- C:\ProgramData\Apple 2014-01-30 00:34:20 ----D---- C:\Program Files\Bonjour 2014-01-30 00:34:20 ----D---- C:\Program Files (x86)\Bonjour 2014-01-30 00:14:05 ----D---- C:\ProgramData\CMUV 2014-01-30 00:10:54 ----D---- C:\Program Files (x86)\DVBViewer TERRATEC Edition 2014-01-30 00:03:20 ----D---- C:\Program Files\DIFX 2014-01-29 20:08:05 ----A---- C:\Windows\system32\drivers\RTL2832U_IRHID.sys 2014-01-24 11:02:22 ----A---- C:\Windows\system32\drivers\HipShieldK.sys 2014-01-21 04:50:46 ----A---- C:\Windows\system32\drivers\mfeclnrk.sys 2014-01-21 04:50:24 ----A---- C:\Windows\system32\drivers\mfencrk.sys 2014-01-21 04:50:02 ----A---- C:\Windows\system32\drivers\mfencbdc.sys ======List of files/folders modified in the last 3 months====== 2014-04-15 14:32:21 ----D---- C:\Windows\Temp 2014-04-15 14:30:20 ----RD---- C:\Program Files 2014-04-15 14:29:04 ----D---- C:\Windows\system32\config 2014-04-15 14:21:59 ----D---- C:\Windows\System32 2014-04-15 14:21:59 ----D---- C:\Windows\inf 2014-04-15 14:21:59 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-04-15 14:18:46 ----D---- C:\Users\henkh\AppData\Roaming\Skype 2014-04-15 14:17:56 ----A---- C:\Windows\SYSWOW64\log.txt 2014-04-14 19:14:17 ----SHD---- C:\Windows\Installer 2014-04-14 19:14:17 ----RD---- C:\Program Files (x86) 2014-04-14 19:14:13 ----SHD---- C:\System Volume Information 2014-04-14 19:14:06 ----HD---- C:\ProgramData 2014-04-14 19:13:29 ----D---- C:\Windows\SysWOW64 2014-04-14 10:47:39 ----D---- C:\Windows\system32\NDF 2014-04-14 10:44:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2014-04-14 10:44:49 ----D---- C:\Windows\SYSWOW64\nl-NL 2014-04-14 10:44:49 ----D---- C:\Windows\system32\nl-NL 2014-04-14 10:35:45 ----A---- C:\Windows\Brpfx04a.ini 2014-04-14 10:35:45 ----A---- C:\Windows\brpcfx.ini 2014-04-14 10:35:44 ----A---- C:\Windows\BRWMARK.INI 2014-04-14 10:35:44 ----A---- C:\Windows\BRPP2KA.INI 2014-04-13 14:03:47 ----D---- C:\Windows\winsxs 2014-04-13 14:03:29 ----D---- C:\Windows\SYSWOW64\en-US 2014-04-13 14:03:29 ----D---- C:\Windows\system32\en-US 2014-04-13 14:03:29 ----D---- C:\Windows\PolicyDefinitions 2014-04-13 14:03:29 ----D---- C:\Program Files\Internet Explorer 2014-04-13 14:03:29 ----D---- C:\Program Files (x86)\Internet Explorer 2014-04-13 13:55:43 ----D---- C:\Windows\system32\catroot2 2014-04-13 13:55:43 ----D---- C:\Windows\system32\catroot 2014-04-12 23:09:20 ----D---- C:\Windows\Prefetch 2014-04-10 22:57:50 ----D---- C:\Windows\system32\Tasks 2014-04-10 22:56:33 ----D---- C:\Windows\Tasks 2014-04-10 21:03:40 ----D---- C:\Windows\rescache 2014-04-10 17:24:47 ----D---- C:\Program Files\Common Files\System 2014-04-10 15:34:26 ----AD---- C:\ProgramData\Temp 2014-04-10 13:40:54 ----D---- C:\Windows\system32\drivers 2014-04-10 13:40:53 ----D---- C:\Windows\AppPatch 2014-04-10 13:40:32 ----D---- C:\Windows\system32\DriverStore 2014-04-10 13:40:24 ----D---- C:\Program Files (x86)\McAfee 2014-04-10 12:32:02 ----D---- C:\ProgramData\Microsoft Help 2014-04-10 12:31:27 ----D---- C:\Windows\system32\MRT 2014-04-10 12:29:32 ----A---- C:\Windows\system32\MRT.exe 2014-03-25 17:02:13 ----D---- C:\Program Files (x86)\Common Files 2014-03-25 17:02:12 ----D---- C:\ProgramData\Skype 2014-03-14 01:06:33 ----D---- C:\Program Files\Microsoft Silverlight 2014-03-14 01:06:33 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2014-03-13 22:45:06 ----D---- C:\Program Files\Common Files\McAfee 2014-03-12 16:24:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-28 15:27:31 ----D---- C:\Windows\Microsoft.NET 2014-02-26 11:06:36 ----RSD---- C:\Windows\assembly 2014-02-26 11:04:21 ----SD---- C:\ProgramData\Microsoft 2014-02-26 11:04:21 ----D---- C:\Windows 2014-02-15 01:13:01 ----D---- C:\ProgramData\CyberLink 2014-02-13 23:29:42 ----A---- C:\Windows\win.ini 2014-02-12 15:20:38 ----RD---- C:\Users 2014-02-09 01:31:17 ----D---- C:\ProgramData\Wincert 2014-02-08 01:26:08 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2014-02-07 18:31:32 ----D---- C:\ProgramData\Adobe 2014-02-07 18:31:30 ----D---- C:\Program Files (x86)\Adobe 2014-02-03 11:41:42 ----D---- C:\ProgramData\McAfee 2014-02-03 11:41:39 ----D---- C:\Program Files\McAfee 2014-01-30 01:11:37 ----D---- C:\Program Files\Common Files 2014-01-27 09:37:08 ----A---- C:\Windows\system32\mfevtps.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-02-02 568600] R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2012-05-21 19264] R0 McPvDrv;McPvDrv Driver; C:\Windows\system32\drivers\McPvDrv.sys [2013-09-09 74560] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg [2014-04-09 36216] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-01-27 180272] R2 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-01-27 311600] R2 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-01-27 783864] R2 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-01-27 344688] R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-10-20 47632] R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys [2009-09-11 14344] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144] R3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984] R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784] R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384] R3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2011-11-30 94720] R3 btmhsf;btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [2011-11-30 747008] R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-01-27 70592] R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-04-14 31216] R3 EST_BusEnum;Network USB Device Bus; C:\Windows\system32\DRIVERS\GenBus.sys [2009-10-06 29696] R3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2013-09-23 197704] R3 ibtfltcoex;ibtfltcoex; C:\Windows\system32\DRIVERS\iBtFltCoex.sys [2012-02-14 60928] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-04-10 4021736] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528] R3 iusb3hub;Intel® USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824] R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-04-20 25528] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-01-27 520696] R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2014-01-21 422712] R3 NUS_Bus;Network USB Server Bus; C:\Windows\system32\DRIVERS\NUS_Bus.sys [2010-01-28 30208] R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-08-23 565352] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-02-23 423696] S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2012-03-15 198144] S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\Windows\system32\DRIVERS\BrSerIf.sys [2006-12-12 97280] S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960] S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896] S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-04-20 35256] S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2014-01-21 96592] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-06-03 11499008] S3 NUServer64;Network USB Server Device ; C:\Windows\system32\DRIVERS\NUServer64.sys [2010-09-17 240128] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984] S3 RTL2832U_IRHID;Cinergy T Stick HID; C:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2012-01-09 49152] S3 RTL2832UBDA;Cinergy T Stick RC BDA service; C:\Windows\system32\drivers\RTL2832UBDA.sys [2012-01-09 225920] S3 RTL2832UUSB;Cinergy T Stick RC USB service; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2012-01-09 39680] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2009-09-21 127488] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2009-09-21 18944] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2009-09-21 161280] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [2009-12-19 104968] R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-02-22 1014096] R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-02-22 1104208] R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-10-07 345376] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-24 135952] R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2011-04-14 70952] R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2011-04-14 312616] R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2014-04-09 3545088] R2 DCE;Distributed Computing Experiment; C:\Program Files\DCE\dce.exe [2013-12-18 59392] R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\henkh\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-11-29 107520] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-06-26 628016] R2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [2011-10-13 156672] R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-02 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448] R2 Intel® ME Service;Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-03-15 127320] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-03-15 162648] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2012-03-15 276824] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304] R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2014-01-28 178528] R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 mfecore;McAfee Anti-Malware Core; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-01-21 1025712] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-01-27 219752] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2014-01-27 185792] R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928] R2 NPWService;NPWService; C:\Program Files (x86)\Generic\Network Printer Wizard\NPWService.exe [2011-01-11 785408] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-06-26 149296] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344] R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-03-15 362840] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-20 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928] S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560] S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-02-22 1304912] S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-20 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-20 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256] S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2013-08-02 602944] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-06-26 272688] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2009-10-20 117264] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-21 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------

Ook ik heb sinds eind vorige week last van een steeds terugkerend trojaans paard met windows 7. McAfee parkeert het in de map "in quarantaine geplaatste gegevens", zodat ik het kan verwijderen. Zodra het is verwijderd komt hert direct, of na verloop van tijd, of dezelfde dag weer terug. Hoe moet dit definitief uit mijn laptop verwijderd worden? Op dezelfde wijze als omschreven in de discussie als van Bob Schaart? Heeft u een oplossing? met vriendelijke groet, Hein