Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack Log analysis please due to some problems


  • This topic is locked This topic is locked
28 replies to this topic

#1 Rotterdam

Rotterdam

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 13 September 2014 - 10:35 PM

Hello,

 

I have got problems with coreclickhoo constantly interfering in the toolbar and putting all kinds of links and adds on what I do. Also, the seach.zonealarm toolbar keeps coming back and my Schockwave Flash keeps crashing sometimes even continuously.

 

Please check my Hijack Log:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 05:28:58, on 14-9-2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17054)

FIREFOX: 32.0.1 (x86 nl)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Users\Rob\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Rob\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem32.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe

--
End of file - 11795 bytes

 

Thank you
Rob
 

 

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 14 September 2014 - 05:51 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Rotterdam

Rotterdam
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 14 September 2014 - 01:36 PM

Hello Marius,

 

Thanks for your kind reply.

 

Here are the two files from FRST.

 

I have started aswMBR scan but three times the computer shut down during that process. Maybe that means something to you.

 

Thanks very much for looking in to this.

Rob

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Rob (administrator) on LAPTOP on 14-09-2014 14:43:49
Running from C:\Users\Rob\Downloads
Platform: Windows 8 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(BitTorrent Inc.) C:\Users\Rob\AppData\Roaming\BitTorrent\BitTorrent.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreviewer64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3091740776-465430269-2068346934-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-08-18] (Glarysoft Ltd)
HKU\S-1-5-21-3091740776-465430269-2068346934-1001\...\Run: [BitTorrent] => C:\Users\Rob\AppData\Roaming\BitTorrent\BitTorrent.exe [1274456 2014-07-12] (BitTorrent Inc.)
HKU\S-1-5-21-3091740776-465430269-2068346934-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7763736 2014-09-10] (SUPERAntiSpyware)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  No File
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {289F982B-1A39-492F-8EB3-5C6F219DA252} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=aw0202ff&cd=2XzuyEtN2Y1L1QzutBzzzytByE0AyDyByC0A0D0FyByEyByBtN0D0Tzu0SyBzyyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyC0C0C0F0ByC0E0DtG0CtA0AtCtG0Bzyzz0FtGtAyDzy0DtGyBzzzy0BtByByD0B0E0CyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDzy0DyBzy0F0EtGyB0B0EyDtGyBzztC0FtG0B0ByEzztGtAyDzztAtAtA0D0CyBtByC0B2Q&cr=921755135&ir=
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\0fqetbzi.default
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=372fc66bbe124cf8a2b5683021dd171a&tu=10GXy00E82D13P0&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF Plugin HKCU: iMeshPlugin -> C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml
FF Extension: Website Counselor - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\0fqetbzi.default\Extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} [2014-09-08]
FF Extension: Adblock Plus - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\0fqetbzi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-13]
FF Extension: AnviAdblock - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\AnviAdblock@anvisoft.com.xpi [2014-09-13]

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (No Name) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-30]
CHR Extension: (Google Drive) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (YouTube) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-30]
CHR Extension: (Google Search) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-30]
CHR Extension: (Google Wallet) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-30]
CHR Extension: (Gmail) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-03-26] () [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-22] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-18] (Glarysoft Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-08-20] (Glarysoft Ltd)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\drivers\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2014-06-11] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490080 2014-06-11] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-12] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S0 vgtpub; System32\drivers\lolxx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 14:11 - 2014-09-14 14:19 - 00060682 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 14:11 - 2014-09-14 14:11 - 00297032 _____ () C:\Windows\Minidump\091414-67359-01.dmp
2014-09-14 14:10 - 2014-09-14 14:10 - 599385682 _____ () C:\Windows\MEMORY.DMP
2014-09-14 14:10 - 2014-09-14 14:10 - 00001904 _____ () C:\Windows\PFRO.log
2014-09-14 14:06 - 2014-09-14 14:06 - 05185536 _____ (AVAST Software) C:\Users\Rob\Downloads\aswmbr(1).exe
2014-09-14 14:05 - 2014-09-14 14:05 - 05185536 _____ (AVAST Software) C:\Users\Rob\Downloads\aswmbr.exe
2014-09-14 14:00 - 2014-09-14 14:01 - 00043696 _____ () C:\Users\Rob\Downloads\Addition.txt
2014-09-14 13:58 - 2014-09-14 14:47 - 00019810 _____ () C:\Users\Rob\Downloads\FRST.txt
2014-09-14 13:46 - 2014-09-14 14:44 - 00000000 ____D () C:\FRST
2014-09-14 13:46 - 2014-09-14 13:46 - 02105856 _____ (Farbar) C:\Users\Rob\Downloads\FRST64.exe
2014-09-14 10:31 - 2014-09-14 10:31 - 06057862 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-14 07:13 - 2014-09-14 08:04 - 00000000 ____D () C:\Users\Rob\Downloads\Web Designer - Joomla - 20 Reasons To Switch From Wordpress (Issue 220, 2014)
2014-09-14 06:31 - 2014-09-14 08:05 - 00000000 ____D () C:\Users\Rob\Downloads\{www.scenetime.com}Concert.For.George.2003.720p.BRRIP.XVID-AC3-PULSAR
2014-09-14 06:01 - 2014-09-14 06:01 - 00025560 _____ () C:\Users\Rob\Downloads\Combi fix txt 14 sep.txt
2014-09-14 05:45 - 2014-09-14 06:07 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles Mono Box
2014-09-14 05:42 - 2014-09-14 13:18 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles - Rubber Soul [US] [smb]
2014-09-14 05:41 - 2014-09-14 06:01 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander.S01E06.720p.HDTV.x264-KILLERS[rarbg]
2014-09-14 05:28 - 2014-09-14 05:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rob\Downloads\HijackThis.exe
2014-09-14 05:28 - 2014-09-14 05:28 - 00011797 _____ () C:\Users\Rob\Downloads\hijackthis.log
2014-09-13 18:57 - 2014-09-13 18:57 - 00025560 _____ () C:\ComboFix.txt
2014-09-13 12:19 - 2014-09-13 12:19 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact(1)
2014-09-13 12:12 - 2014-09-13 12:12 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact
2014-09-13 07:39 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-13 07:39 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-13 07:39 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-13 07:35 - 2014-09-13 18:58 - 00000000 ____D () C:\Qoobox
2014-09-13 07:35 - 2014-09-13 07:35 - 00016712 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP113.SYS
2014-09-13 07:34 - 2014-09-13 18:51 - 00000000 ____D () C:\Windows\erdnt
2014-09-13 06:41 - 2014-09-13 06:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 06:39 - 2014-09-13 06:40 - 00000000 ____D () C:\Users\Rob\Documents\Attachments_2014913
2014-09-13 06:36 - 2014-09-13 06:36 - 20954978 _____ () C:\Users\Rob\Downloads\Attachments_2014913.zip
2014-09-13 06:36 - 2014-09-13 06:36 - 18449013 _____ () C:\Users\Rob\Downloads\Attachments_2014913(1).zip
2014-09-13 05:34 - 2014-09-14 13:34 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d059edcc-f3c9-4a1b-bd2d-e6878ffeee95.job
2014-09-13 05:34 - 2014-09-14 02:00 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task eb5f06d3-1227-44a8-9006-a7d49ca18aec.job
2014-09-13 05:34 - 2014-09-13 05:34 - 00003566 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task eb5f06d3-1227-44a8-9006-a7d49ca18aec
2014-09-13 05:34 - 2014-09-13 05:34 - 00003484 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d059edcc-f3c9-4a1b-bd2d-e6878ffeee95
2014-09-13 05:34 - 2014-09-13 05:34 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\SUPERAntiSpyware.com
2014-09-13 05:33 - 2014-09-14 14:15 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-13 05:33 - 2014-09-13 05:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-13 05:33 - 2014-09-13 05:33 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-09-13 05:33 - 2014-09-13 05:33 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-13 04:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 04:56 - 2014-09-14 06:11 - 00000000 ____D () C:\AdwCleaner
2014-09-13 04:51 - 2014-09-13 05:26 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander S01E05 HDTV x264-KILLERS[ettv]
2014-09-12 11:49 - 2014-09-14 13:31 - 00000000 ____D () C:\Users\Rob\Downloads\Rickie Lee Jones - Rickie Lee Jones (1979) mp3@320 {1337x}-kawli
2014-09-12 09:28 - 2014-09-14 14:21 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-12 09:28 - 2014-09-12 09:28 - 00003828 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-12 08:41 - 2014-09-12 08:41 - 00003162 _____ () C:\Windows\System32\Tasks\{A60D6119-2E7F-424B-92C6-800E68E76B0F}
2014-09-12 08:23 - 2014-09-12 08:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 08:23 - 2014-09-12 08:23 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 08:23 - 2014-09-12 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 08:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-12 08:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-12 08:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-12 08:22 - 2014-09-12 08:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 19:04 - 2014-09-14 13:20 - 00000000 ____D () C:\Users\Rob\Downloads\Ry Cooder - Chicken Skin Music [smb]
2014-09-11 07:34 - 2014-09-13 05:42 - 00000000 ____D () C:\Users\Rob\Downloads\The.War.Diaries.1940.Fall.Of.Paris.2008.SweSub.DvDRip.XviD-SWAXXON
2014-09-11 07:34 - 2014-09-11 07:50 - 00000000 ____D () C:\Users\Rob\Downloads\Red.Shoe.Diaries.The.Movie.1992.DVDRip.X264-NCAXA[rarbg]
2014-09-11 05:29 - 2014-09-11 07:34 - 367311842 _____ () C:\Users\Rob\Downloads\White.Collar.S01E06.All.In.HDTV.XviD-FQM.avi
2014-09-11 05:28 - 2014-09-11 05:38 - 367473076 _____ () C:\Users\Rob\Downloads\White.Collar.S01E09.Bad.Judgment.HDTV.XviD-FQM.avi
2014-09-10 09:36 - 2014-09-13 05:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-09-10 09:36 - 2014-09-12 16:20 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-10 09:11 - 2014-08-20 08:52 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-09-10 09:09 - 2014-09-10 09:09 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-09-10 09:08 - 2014-09-10 09:08 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-09-10 08:24 - 2014-09-10 08:36 - 366923402 _____ () C:\Users\Rob\Downloads\White.Collar.S01E05.The.Portrait.HDTV.XviD-FQM.avi
2014-09-09 22:55 - 2014-09-09 23:01 - 367055506 ____R () C:\Users\Rob\Downloads\White.Collar.S01E04.Flip.of.the.Coin.HDTV.XviD-FQM.avi
2014-09-09 17:38 - 2014-09-09 17:38 - 00000000 ____D () C:\Program Files\Reason
2014-09-09 17:37 - 2014-09-09 17:37 - 00002530 _____ () C:\Users\Rob\Desktop\Rkill.txt
2014-09-09 17:26 - 2014-09-09 17:26 - 00000000 ____D () C:\Users\Rob\Documents\RN Connect
2014-09-09 16:21 - 2014-09-09 16:21 - 00173731 _____ () C:\Users\Rob\AppData\Local\ars.cache
2014-09-09 16:21 - 2014-09-09 16:21 - 00126405 _____ () C:\Users\Rob\AppData\Local\census.cache
2014-09-09 16:19 - 2014-09-09 16:19 - 00000010 _____ () C:\Users\Rob\AppData\Local\sponge.last.runtime.cache
2014-09-09 15:54 - 2014-09-09 15:54 - 00000036 _____ () C:\Users\Rob\AppData\Local\housecall.guid.cache
2014-09-09 15:54 - 2013-09-02 09:58 - 00175528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-09-09 11:23 - 2014-09-09 11:29 - 366868718 _____ () C:\Users\Rob\Downloads\White.Collar.S01E03.Book.of.Hours.HDTV.XviD-FQM.avi
2014-09-08 18:33 - 2014-06-11 10:09 - 00490080 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-08 18:33 - 2014-06-11 10:09 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-08 18:03 - 2014-09-09 08:15 - 00000000 ____D () C:\d28db38384b9ad43a8a6e0
2014-09-08 17:44 - 2014-09-08 18:33 - 00431451 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-09-08 17:44 - 2014-09-08 17:44 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-09-08 17:44 - 2014-09-08 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-09-08 17:40 - 2014-09-08 17:44 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-09-08 17:20 - 2014-09-09 08:15 - 00000000 ____D () C:\52e2fcfe236db1b0ed80ff
2014-09-08 17:17 - 2014-09-08 17:19 - 30517960 _____ (Microsoft Corporation) C:\Users\Rob\Downloads\Windows-KB890830-x64-V5.15.exe
2014-09-08 06:44 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.SceneTime.com ] - The.Chair.S01E01.HDTV.XviD-AFG
2014-09-07 06:41 - 2014-09-07 06:42 - 00000000 ____D () C:\Users\Rob\Downloads\Paradisemosaics
2014-09-07 05:55 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.torrenting.com ] - Outlander.S01E05.480p.HDTV.x264-mSD
2014-09-07 05:53 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\Downloads\The Strain (2014)S01E01 1080p NL Subs X264-NLU002
2014-09-06 13:06 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\Downloads\Adobe Audition CC 2014
2014-09-06 12:52 - 2014-09-06 12:52 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2014.lnk
2014-09-06 12:51 - 2014-09-06 12:53 - 00000000 ____D () C:\Program Files\Adobe
2014-09-06 12:49 - 2014-09-06 12:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-06 12:48 - 2014-09-06 12:48 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-09-06 12:48 - 2012-06-22 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-09-06 12:48 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys
2014-09-06 12:48 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-09-06 12:37 - 2014-09-09 08:13 - 00000000 ___RD () C:\Users\Rob\Creative Cloud Files
2014-09-06 12:34 - 2014-09-06 12:34 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-06 12:34 - 2014-09-06 12:34 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-06 12:33 - 2014-09-06 12:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 12:28 - 2014-09-06 12:28 - 00615304 _____ (Adobe Systems Incorporated) C:\Users\Rob\Downloads\CreativeCloudSet-Up.exe
2014-09-06 11:04 - 2014-09-06 11:04 - 00000000 ____D () C:\Users\Rob\Documents\libmp3lame-win-3.98.2-1
2014-09-06 10:54 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\AppData\Local\WinZip
2014-09-06 10:54 - 2014-09-09 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-09-06 10:54 - 2014-09-06 11:00 - 00000000 ____D () C:\ProgramData\WinZip
2014-09-06 10:54 - 2014-09-06 10:54 - 00002251 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00002245 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00000000 ____D () C:\Program Files\WinZip
2014-09-06 09:49 - 2014-09-06 09:49 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-09-06 09:49 - 2014-09-06 09:49 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-09-06 09:48 - 2014-09-06 09:49 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-09-06 05:41 - 2014-09-06 10:00 - 00000000 ____D () C:\Users\Rob\Downloads\White Collar S01E02 Threads HDTV XviD DutchReleaseTeam
2014-09-06 03:50 - 2014-09-13 04:50 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Audacity
2014-09-04 22:00 - 2014-09-04 22:01 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison
2014-09-04 18:56 - 2014-09-04 18:56 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord(1).xlsx
2014-09-04 18:37 - 2014-09-04 18:38 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison - Beware Of ABKCO!
2014-09-04 18:19 - 2014-09-04 18:19 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord.xlsx
2014-09-03 21:56 - 2014-09-03 22:10 - 576705870 _____ () C:\Users\Rob\Downloads\White.Collar.S01E01.Pilot.HDTV.XviD-FQM.avi
2014-09-03 21:20 - 2014-09-03 21:58 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.torrenting.com ] - Inquisition.S01E01.HDTV.XviD-AFG
2014-09-03 07:29 - 2014-09-03 07:32 - 192882283 _____ () C:\Users\Rob\Downloads\EastEnders.2014-09-02.mp4
2014-09-02 20:34 - 2014-09-02 20:34 - 00000000 ____D () C:\Users\Rob\Downloads\Call of the Valley
2014-09-02 18:15 - 2014-09-02 18:15 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-02 18:15 - 2014-09-02 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-02 18:13 - 2014-09-02 18:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-02 18:13 - 2014-09-02 18:15 - 00000000 ____D () C:\Program Files\iTunes
2014-09-02 18:13 - 2014-09-02 18:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-02 18:13 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files\iPod
2014-09-02 18:12 - 2014-09-02 18:12 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Users\Rob\AppData\Local\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-02 17:56 - 2014-09-02 17:58 - 113492816 _____ (Apple Inc.) C:\Users\Rob\Downloads\iTunes64Setup.exe
2014-09-02 07:03 - 2014-09-02 07:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-02 07:01 - 2014-09-10 07:15 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\DiskDefrag
2014-08-31 21:29 - 2014-08-31 21:33 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney (Wings) - Venus And Mars (3 bonus tracks) [1975]  FLAC
2014-08-31 21:28 - 2014-08-31 21:35 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney - Wings At The Speed Of Sound (DCC GZS-1096).cue ape scans-server alliance
2014-08-28 06:11 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:11 - 2014-08-28 06:57 - 1412346484 _____ () C:\Users\Rob\Downloads\SHANGHAI_SURPRISE-Madonna Dvdrip AVI (English).avi
2014-08-27 08:22 - 2014-08-27 08:46 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 1997 PB
2014-08-27 08:12 - 2014-09-06 05:18 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 2006 PB
2014-08-27 08:11 - 2014-08-27 08:14 - 00000000 ____D () C:\Users\Rob\Downloads\The Fender Stratocaster (693)
2014-08-27 08:10 - 2014-08-27 08:11 - 00000000 ____D () C:\Users\Rob\Downloads\Star Guitars - 101 Guitars That Rocked the World
2014-08-27 08:08 - 2014-08-27 08:08 - 00000000 ____D () C:\Users\Rob\Downloads\Guitarist (WorldMags) - September 2013
2014-08-27 08:07 - 2014-09-06 05:18 - 00000000 ____D () C:\Users\Rob\Downloads\UNCUT John Lennon - The Ultimate Music Guide - September 2010
2014-08-26 21:55 - 2014-08-27 07:48 - 1404431662 _____ () C:\Users\Rob\Downloads\BBC.Richard.Attenborough.A.Life.In.Film.720p.HDTV.x264.AAC.MVGroup.org.mp4
2014-08-26 14:25 - 2014-09-01 14:26 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The First VIKING King of England (July 2013)
2014-08-26 13:42 - 2014-08-26 13:42 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The Invasion Of Tudor England + Napoleons Last Game (September 2013)
2014-08-26 11:39 - 2014-08-26 21:55 - 00000000 ____D () C:\Users\Rob\Downloads\The Borgias S01E01 HDTV XviD DutchReleaseTeam
2014-08-24 20:28 - 2014-08-24 20:28 - 00025278 _____ () C:\Users\Rob\Downloads\Untitled.pdn
2014-08-24 13:19 - 2014-08-24 13:19 - 06052529 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-24 11:52 - 2014-08-24 11:52 - 00000000 ____D () C:\Users\Rob\Documents\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD]
2014-08-21 17:41 - 2014-08-21 17:43 - 00000000 ____D () C:\Users\Rob\Downloads\Wild Beasts - Present Tense (2014) [FLAC]
2014-08-20 14:51 - 2014-08-20 14:51 - 00000000 ____D () C:\Users\Rob\AppData\Local\Macromedia
2014-08-20 14:43 - 2014-08-20 19:31 - 202450249 _____ () C:\Users\Rob\Downloads\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD].rar
2014-08-20 08:52 - 2014-08-20 08:52 - 00047632 _____ (Anvisoft) C:\Windows\system32\Drivers\asdids.sys
2014-08-20 08:02 - 2014-09-14 14:13 - 00000342 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-08-20 08:02 - 2014-09-14 14:13 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-08-20 08:02 - 2014-08-20 08:02 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-08-20 08:02 - 2014-08-20 08:02 - 00002964 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-08-20 08:02 - 2014-08-20 08:02 - 00002610 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-08-20 08:02 - 2014-08-20 08:02 - 00001092 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00001080 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-20 08:02 - 2014-08-18 03:06 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-08-20 08:02 - 2014-07-18 09:11 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-08-20 03:30 - 2014-08-20 03:32 - 01058200 _____ (Adobe) C:\Users\Rob\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-19 14:47 - 2014-08-23 19:35 - 00000000 ____D () C:\Users\Rob\Downloads\Leonard_Cohen
2014-08-18 15:18 - 2014-08-18 15:19 - 01515369 _____ () C:\Users\Rob\Downloads\Layayoga_ The Definitive Guide to the Chakras and Kundalini - Goswami, Shyam Sundar.epub
2014-08-18 14:00 - 2014-08-18 14:00 - 00000000 ____D () C:\Windows\Sun
2014-08-17 21:29 - 2014-08-17 21:30 - 00000000 ____D () C:\Users\Rob\Downloads\Gary Puckett & The Union Gap - Woman Woman
2014-08-15 16:59 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 16:59 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-14 14:47 - 2014-09-14 13:58 - 00019810 _____ () C:\Users\Rob\Downloads\FRST.txt
2014-09-14 14:47 - 2013-02-12 15:06 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\BitTorrent
2014-09-14 14:44 - 2014-09-14 13:46 - 00000000 ____D () C:\FRST
2014-09-14 14:27 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-14 14:21 - 2014-09-12 09:28 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-14 14:19 - 2014-09-14 14:11 - 00060682 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 14:18 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-14 14:15 - 2014-09-13 05:33 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-14 14:15 - 2014-08-09 21:47 - 00000000 ____D () C:\Users\Rob\AppData\Local\Adobe
2014-09-14 14:13 - 2014-08-20 08:02 - 00000342 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-09-14 14:13 - 2014-08-20 08:02 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-09-14 14:13 - 2014-05-30 12:49 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 14:11 - 2014-09-14 14:11 - 00297032 _____ () C:\Windows\Minidump\091414-67359-01.dmp
2014-09-14 14:11 - 2014-05-31 18:01 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForRob.job
2014-09-14 14:11 - 2013-02-16 16:31 - 00000000 ____D () C:\Windows\Minidump
2014-09-14 14:11 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 14:10 - 2014-09-14 14:10 - 599385682 _____ () C:\Windows\MEMORY.DMP
2014-09-14 14:10 - 2014-09-14 14:10 - 00001904 _____ () C:\Windows\PFRO.log
2014-09-14 14:10 - 2013-02-10 10:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 14:06 - 2014-09-14 14:06 - 05185536 _____ (AVAST Software) C:\Users\Rob\Downloads\aswmbr(1).exe
2014-09-14 14:05 - 2014-09-14 14:05 - 05185536 _____ (AVAST Software) C:\Users\Rob\Downloads\aswmbr.exe
2014-09-14 14:01 - 2014-09-14 14:00 - 00043696 _____ () C:\Users\Rob\Downloads\Addition.txt
2014-09-14 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-14 13:59 - 2014-05-30 12:49 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 13:47 - 2013-04-13 19:20 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\vlc
2014-09-14 13:46 - 2014-09-14 13:46 - 02105856 _____ (Farbar) C:\Users\Rob\Downloads\FRST64.exe
2014-09-14 13:34 - 2014-09-13 05:34 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d059edcc-f3c9-4a1b-bd2d-e6878ffeee95.job
2014-09-14 13:31 - 2014-09-12 11:49 - 00000000 ____D () C:\Users\Rob\Downloads\Rickie Lee Jones - Rickie Lee Jones (1979) mp3@320 {1337x}-kawli
2014-09-14 13:20 - 2014-09-11 19:04 - 00000000 ____D () C:\Users\Rob\Downloads\Ry Cooder - Chicken Skin Music [smb]
2014-09-14 13:18 - 2014-09-14 05:42 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles - Rubber Soul [US] [smb]
2014-09-14 13:13 - 2013-11-21 05:05 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\FileZilla
2014-09-14 10:32 - 2014-06-10 09:44 - 00002000 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-09-14 10:32 - 2014-03-11 05:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 10:32 - 2014-03-11 05:18 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-09-14 10:31 - 2014-09-14 10:31 - 06057862 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-14 08:05 - 2014-09-14 06:31 - 00000000 ____D () C:\Users\Rob\Downloads\{www.scenetime.com}Concert.For.George.2003.720p.BRRIP.XVID-AC3-PULSAR
2014-09-14 08:04 - 2014-09-14 07:13 - 00000000 ____D () C:\Users\Rob\Downloads\Web Designer - Joomla - 20 Reasons To Switch From Wordpress (Issue 220, 2014)
2014-09-14 06:11 - 2014-09-13 04:56 - 00000000 ____D () C:\AdwCleaner
2014-09-14 06:07 - 2014-09-14 05:45 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles Mono Box
2014-09-14 06:01 - 2014-09-14 06:01 - 00025560 _____ () C:\Users\Rob\Downloads\Combi fix txt 14 sep.txt
2014-09-14 06:01 - 2014-09-14 05:41 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander.S01E06.720p.HDTV.x264-KILLERS[rarbg]
2014-09-14 05:28 - 2014-09-14 05:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\Rob\Downloads\HijackThis.exe
2014-09-14 05:28 - 2014-09-14 05:28 - 00011797 _____ () C:\Users\Rob\Downloads\hijackthis.log
2014-09-14 02:00 - 2014-09-13 05:34 - 00000520 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task eb5f06d3-1227-44a8-9006-a7d49ca18aec.job
2014-09-13 18:58 - 2014-09-13 07:35 - 00000000 ____D () C:\Qoobox
2014-09-13 18:57 - 2014-09-13 18:57 - 00025560 _____ () C:\ComboFix.txt
2014-09-13 18:57 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-09-13 18:51 - 2014-09-13 07:34 - 00000000 ____D () C:\Windows\erdnt
2014-09-13 18:50 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-09-13 12:33 - 2013-02-11 18:52 - 05599744 ___SH () C:\Users\Rob\Downloads\Thumbs.db
2014-09-13 12:19 - 2014-09-13 12:19 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact(1)
2014-09-13 12:12 - 2014-09-13 12:12 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact
2014-09-13 10:34 - 2014-05-30 12:49 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-13 07:35 - 2014-09-13 07:35 - 00016712 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP113.SYS
2014-09-13 07:33 - 2013-02-10 21:44 - 00000000 ____D () C:\Users\Rob\Documents\Algemene Passwords
2014-09-13 06:41 - 2014-09-13 06:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 06:40 - 2014-09-13 06:39 - 00000000 ____D () C:\Users\Rob\Documents\Attachments_2014913
2014-09-13 06:36 - 2014-09-13 06:36 - 20954978 _____ () C:\Users\Rob\Downloads\Attachments_2014913.zip
2014-09-13 06:36 - 2014-09-13 06:36 - 18449013 _____ () C:\Users\Rob\Downloads\Attachments_2014913(1).zip
2014-09-13 05:42 - 2014-09-11 07:34 - 00000000 ____D () C:\Users\Rob\Downloads\The.War.Diaries.1940.Fall.Of.Paris.2008.SweSub.DvDRip.XviD-SWAXXON
2014-09-13 05:34 - 2014-09-13 05:34 - 00003566 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task eb5f06d3-1227-44a8-9006-a7d49ca18aec
2014-09-13 05:34 - 2014-09-13 05:34 - 00003484 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task d059edcc-f3c9-4a1b-bd2d-e6878ffeee95
2014-09-13 05:34 - 2014-09-13 05:34 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\SUPERAntiSpyware.com
2014-09-13 05:34 - 2014-09-13 05:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-09-13 05:33 - 2014-09-13 05:33 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-09-13 05:33 - 2014-09-13 05:33 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-09-13 05:26 - 2014-09-13 04:51 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander S01E05 HDTV x264-KILLERS[ettv]
2014-09-13 05:17 - 2014-05-31 18:01 - 00003148 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRob
2014-09-13 05:17 - 2013-01-27 16:07 - 00000000 ____D () C:\Users\Rob
2014-09-13 05:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-13 05:01 - 2013-04-02 10:57 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\CheckPoint
2014-09-13 05:00 - 2014-09-10 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-09-13 04:50 - 2014-09-06 03:50 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Audacity
2014-09-12 20:26 - 2013-02-11 07:31 - 00000000 ____D () C:\Users\Rob\Documents\Radio Capelle
2014-09-12 16:54 - 2012-09-02 02:52 - 00871836 _____ () C:\Windows\system32\perfh013.dat
2014-09-12 16:54 - 2012-09-02 02:52 - 00192876 _____ () C:\Windows\system32\perfc013.dat
2014-09-12 16:54 - 2012-07-26 09:28 - 01995640 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-12 16:36 - 2013-01-27 16:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3091740776-465430269-2068346934-1001
2014-09-12 16:20 - 2014-09-10 09:36 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-12 12:05 - 2013-02-15 12:30 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-09-12 12:04 - 2013-02-15 12:30 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-12 09:28 - 2014-09-12 09:28 - 00003828 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-12 08:41 - 2014-09-12 08:41 - 00003162 _____ () C:\Windows\System32\Tasks\{A60D6119-2E7F-424B-92C6-800E68E76B0F}
2014-09-12 08:24 - 2014-09-12 08:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 08:23 - 2014-09-12 08:23 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 08:23 - 2014-09-12 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 08:23 - 2014-09-12 08:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 07:50 - 2014-09-11 07:34 - 00000000 ____D () C:\Users\Rob\Downloads\Red.Shoe.Diaries.The.Movie.1992.DVDRip.X264-NCAXA[rarbg]
2014-09-11 07:34 - 2014-09-11 05:29 - 367311842 _____ () C:\Users\Rob\Downloads\White.Collar.S01E06.All.In.HDTV.XviD-FQM.avi
2014-09-11 05:38 - 2014-09-11 05:28 - 367473076 _____ () C:\Users\Rob\Downloads\White.Collar.S01E09.Bad.Judgment.HDTV.XviD-FQM.avi
2014-09-10 11:19 - 2013-03-17 10:40 - 00000000 ____D () C:\Users\Rob\AppData\Local\Paint.NET
2014-09-10 09:09 - 2014-09-10 09:09 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-09-10 09:08 - 2014-09-10 09:08 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-09-10 08:36 - 2014-09-10 08:24 - 366923402 _____ () C:\Users\Rob\Downloads\White.Collar.S01E05.The.Portrait.HDTV.XviD-FQM.avi
2014-09-10 07:24 - 2014-07-10 15:47 - 00093184 ___SH () C:\Users\Rob\Desktop\Thumbs.db
2014-09-10 07:15 - 2014-09-02 07:01 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\DiskDefrag
2014-09-09 23:37 - 2014-03-10 12:15 - 00000000 ____D () C:\Users\Rob\Documents\Magento
2014-09-09 23:01 - 2014-09-09 22:55 - 367055506 ____R () C:\Users\Rob\Downloads\White.Collar.S01E04.Flip.of.the.Coin.HDTV.XviD-FQM.avi
2014-09-09 17:38 - 2014-09-09 17:38 - 00000000 ____D () C:\Program Files\Reason
2014-09-09 17:37 - 2014-09-09 17:37 - 00002530 _____ () C:\Users\Rob\Desktop\Rkill.txt
2014-09-09 17:26 - 2014-09-09 17:26 - 00000000 ____D () C:\Users\Rob\Documents\RN Connect
2014-09-09 16:21 - 2014-09-09 16:21 - 00173731 _____ () C:\Users\Rob\AppData\Local\ars.cache
2014-09-09 16:21 - 2014-09-09 16:21 - 00126405 _____ () C:\Users\Rob\AppData\Local\census.cache
2014-09-09 16:19 - 2014-09-09 16:19 - 00000010 _____ () C:\Users\Rob\AppData\Local\sponge.last.runtime.cache
2014-09-09 15:54 - 2014-09-09 15:54 - 00000036 _____ () C:\Users\Rob\AppData\Local\housecall.guid.cache
2014-09-09 11:29 - 2014-09-09 11:23 - 366868718 _____ () C:\Users\Rob\Downloads\White.Collar.S01E03.Book.of.Hours.HDTV.XviD-FQM.avi
2014-09-09 10:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\registration
2014-09-09 08:15 - 2014-09-08 18:03 - 00000000 ____D () C:\d28db38384b9ad43a8a6e0
2014-09-09 08:15 - 2014-09-08 17:20 - 00000000 ____D () C:\52e2fcfe236db1b0ed80ff
2014-09-09 08:13 - 2014-09-08 06:44 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.SceneTime.com ] - The.Chair.S01E01.HDTV.XviD-AFG
2014-09-09 08:13 - 2014-09-07 05:55 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.torrenting.com ] - Outlander.S01E05.480p.HDTV.x264-mSD
2014-09-09 08:13 - 2014-09-07 05:53 - 00000000 ____D () C:\Users\Rob\Downloads\The Strain (2014)S01E01 1080p NL Subs X264-NLU002
2014-09-09 08:13 - 2014-09-06 13:06 - 00000000 ____D () C:\Users\Rob\Downloads\Adobe Audition CC 2014
2014-09-09 08:13 - 2014-09-06 12:37 - 00000000 ___RD () C:\Users\Rob\Creative Cloud Files
2014-09-09 08:13 - 2014-09-06 10:54 - 00000000 ____D () C:\Users\Rob\AppData\Local\WinZip
2014-09-09 08:13 - 2014-09-06 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-09-09 08:13 - 2014-07-26 07:20 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-09-09 08:13 - 2013-02-11 07:33 - 00000000 ____D () C:\Users\Rob\Documents\XSitePro-Data
2014-09-09 08:13 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-08 18:33 - 2014-09-08 17:44 - 00431451 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-09-08 18:32 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-08 17:44 - 2014-09-08 17:44 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-09-08 17:44 - 2014-09-08 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-09-08 17:44 - 2014-09-08 17:40 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-09-08 17:19 - 2014-09-08 17:17 - 30517960 _____ (Microsoft Corporation) C:\Users\Rob\Downloads\Windows-KB890830-x64-V5.15.exe
2014-09-07 06:42 - 2014-09-07 06:41 - 00000000 ____D () C:\Users\Rob\Downloads\Paradisemosaics
2014-09-06 12:53 - 2014-09-06 12:51 - 00000000 ____D () C:\Program Files\Adobe
2014-09-06 12:52 - 2014-09-06 12:52 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2014.lnk
2014-09-06 12:52 - 2014-09-06 12:49 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-06 12:52 - 2013-02-11 15:52 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-06 12:51 - 2013-01-27 16:11 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Adobe
2014-09-06 12:48 - 2014-09-06 12:48 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-09-06 12:34 - 2014-09-06 12:34 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-06 12:34 - 2014-09-06 12:34 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-06 12:34 - 2014-09-06 12:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 12:30 - 2013-02-21 12:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-06 12:28 - 2014-09-06 12:28 - 00615304 _____ (Adobe Systems Incorporated) C:\Users\Rob\Downloads\CreativeCloudSet-Up.exe
2014-09-06 11:04 - 2014-09-06 11:04 - 00000000 ____D () C:\Users\Rob\Documents\libmp3lame-win-3.98.2-1
2014-09-06 11:00 - 2014-09-06 10:54 - 00000000 ____D () C:\ProgramData\WinZip
2014-09-06 10:54 - 2014-09-06 10:54 - 00002251 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00002245 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00000000 ____D () C:\Program Files\WinZip
2014-09-06 10:00 - 2014-09-06 05:41 - 00000000 ____D () C:\Users\Rob\Downloads\White Collar S01E02 Threads HDTV XviD DutchReleaseTeam
2014-09-06 09:54 - 2013-02-11 18:45 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Spotify
2014-09-06 09:49 - 2014-09-06 09:49 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-09-06 09:49 - 2014-09-06 09:49 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-09-06 09:49 - 2014-09-06 09:48 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-09-06 05:18 - 2014-08-27 08:12 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 2006 PB
2014-09-06 05:18 - 2014-08-27 08:07 - 00000000 ____D () C:\Users\Rob\Downloads\UNCUT John Lennon - The Ultimate Music Guide - September 2010
2014-09-06 05:18 - 2013-10-06 08:26 - 00000000 ____D () C:\Users\Rob\Downloads\Smart Calling Eliminaate the fear OnlyGill
2014-09-06 05:18 - 2013-08-07 17:32 - 00000000 ____D () C:\Users\Rob\Downloads\Muscle Guides
2014-09-04 22:01 - 2014-09-04 22:00 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison
2014-09-04 18:56 - 2014-09-04 18:56 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord(1).xlsx
2014-09-04 18:38 - 2014-09-04 18:37 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison - Beware Of ABKCO!
2014-09-04 18:19 - 2014-09-04 18:19 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord.xlsx
2014-09-03 22:10 - 2014-09-03 21:56 - 576705870 _____ () C:\Users\Rob\Downloads\White.Collar.S01E01.Pilot.HDTV.XviD-FQM.avi
2014-09-03 21:58 - 2014-09-03 21:20 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.torrenting.com ] - Inquisition.S01E01.HDTV.XviD-AFG
2014-09-03 07:32 - 2014-09-03 07:29 - 192882283 _____ () C:\Users\Rob\Downloads\EastEnders.2014-09-02.mp4
2014-09-02 20:34 - 2014-09-02 20:34 - 00000000 ____D () C:\Users\Rob\Downloads\Call of the Valley
2014-09-02 18:15 - 2014-09-02 18:15 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-02 18:15 - 2014-09-02 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-02 18:15 - 2014-09-02 18:13 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-02 18:15 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files\iTunes
2014-09-02 18:15 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-02 18:13 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files\iPod
2014-09-02 18:12 - 2014-09-02 18:12 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Users\Rob\AppData\Local\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-02 18:11 - 2012-09-18 14:13 - 00000000 ____D () C:\ProgramData\Apple
2014-09-02 17:58 - 2014-09-02 17:56 - 113492816 _____ (Apple Inc.) C:\Users\Rob\Downloads\iTunes64Setup.exe
2014-09-02 17:56 - 2013-02-11 18:46 - 00000000 ____D () C:\Users\Rob\AppData\Local\Spotify
2014-09-02 07:03 - 2014-09-02 07:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-02 07:02 - 2014-07-24 16:24 - 00469192 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 14:26 - 2014-08-26 14:25 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The First VIKING King of England (July 2013)
2014-08-31 21:35 - 2014-08-31 21:28 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney - Wings At The Speed Of Sound (DCC GZS-1096).cue ape scans-server alliance
2014-08-31 21:33 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney (Wings) - Venus And Mars (3 bonus tracks) [1975]  FLAC
2014-08-30 07:08 - 2013-02-10 21:44 - 00000000 ____D () C:\Users\Rob\Documents\prive
2014-08-28 22:56 - 2014-02-16 09:43 - 00000000 ____D () C:\Users\Rob\Documents\Ommoord
2014-08-28 06:57 - 2014-08-27 21:11 - 1412346484 _____ () C:\Users\Rob\Downloads\SHANGHAI_SURPRISE-Madonna Dvdrip AVI (English).avi
2014-08-27 08:46 - 2014-08-27 08:22 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 1997 PB
2014-08-27 08:14 - 2014-08-27 08:11 - 00000000 ____D () C:\Users\Rob\Downloads\The Fender Stratocaster (693)
2014-08-27 08:11 - 2014-08-27 08:10 - 00000000 ____D () C:\Users\Rob\Downloads\Star Guitars - 101 Guitars That Rocked the World
2014-08-27 08:08 - 2014-08-27 08:08 - 00000000 ____D () C:\Users\Rob\Downloads\Guitarist (WorldMags) - September 2013
2014-08-27 07:48 - 2014-08-26 21:55 - 1404431662 _____ () C:\Users\Rob\Downloads\BBC.Richard.Attenborough.A.Life.In.Film.720p.HDTV.x264.AAC.MVGroup.org.mp4
2014-08-26 21:55 - 2014-08-26 11:39 - 00000000 ____D () C:\Users\Rob\Downloads\The Borgias S01E01 HDTV XviD DutchReleaseTeam
2014-08-26 13:42 - 2014-08-26 13:42 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The Invasion Of Tudor England + Napoleons Last Game (September 2013)
2014-08-24 20:28 - 2014-08-24 20:28 - 00025278 _____ () C:\Users\Rob\Downloads\Untitled.pdn
2014-08-24 13:19 - 2014-08-24 13:19 - 06052529 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-24 11:52 - 2014-08-24 11:52 - 00000000 ____D () C:\Users\Rob\Documents\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD]
2014-08-24 10:28 - 2013-03-26 06:45 - 00000000 ____D () C:\Users\Rob\AppData\Local\xheader-data
2014-08-24 05:32 - 2014-03-11 06:19 - 00000000 ____D () C:\Users\Rob\Documents\Mindfulness
2014-08-23 19:35 - 2014-08-19 14:47 - 00000000 ____D () C:\Users\Rob\Downloads\Leonard_Cohen
2014-08-23 08:47 - 2014-08-28 06:11 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 17:43 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Rob\Downloads\Wild Beasts - Present Tense (2014) [FLAC]
2014-08-20 19:31 - 2014-08-20 14:43 - 202450249 _____ () C:\Users\Rob\Downloads\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD].rar
2014-08-20 14:51 - 2014-08-20 14:51 - 00000000 ____D () C:\Users\Rob\AppData\Local\Macromedia
2014-08-20 09:45 - 2013-02-10 10:55 - 00000000 ____D () C:\Users\Rob\AppData\Local\Mozilla
2014-08-20 09:33 - 2013-02-10 10:55 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Mozilla
2014-08-20 08:59 - 2013-03-24 09:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-20 08:56 - 2014-07-13 20:53 - 00000000 ____D () C:\Users\Rob\Downloads\Pink Floyd Ultimate Discography
2014-08-20 08:56 - 2014-07-12 20:27 - 00000000 ____D () C:\Users\Rob\Downloads\Thea Beckman - Triologie - NLT RELEASE - Audioboek - Dutch -
2014-08-20 08:56 - 2013-05-13 08:26 - 00000000 ____D () C:\Users\Rob\Rob Nieuwveld B.V
2014-08-20 08:56 - 2013-03-26 07:23 - 00000000 ____D () C:\Users\Rob\Downloads\Microsoft Office 2010 DutchReleaseTeam
2014-08-20 08:55 - 2014-01-12 11:06 - 00000000 ____D () C:\Users\Rob\AppData\Local\cache
2014-08-20 08:55 - 2013-07-17 07:39 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\RapidContentWizard
2014-08-20 08:55 - 2013-06-26 20:26 - 00000000 ____D () C:\Users\Rob\AppData\Local\Windows Live
2014-08-20 08:55 - 2013-06-18 17:38 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\ConverterLite
2014-08-20 08:55 - 2013-05-13 09:53 - 00000000 ____D () C:\Users\Rob\Boeken
2014-08-20 08:55 - 2013-05-13 09:48 - 00000000 ____D () C:\Users\Rob\Documents\Beatles
2014-08-20 08:55 - 2013-04-13 19:26 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\dvdcss
2014-08-20 08:55 - 2013-04-09 08:37 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\MOVAVI
2014-08-20 08:55 - 2013-04-04 13:51 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Canon
2014-08-20 08:55 - 2013-03-24 09:45 - 00000000 ____D () C:\Users\Rob\AppData\Local\Google
2014-08-20 08:55 - 2013-02-13 18:53 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\CyberLink
2014-08-20 08:55 - 2013-02-13 09:57 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Apple Computer
2014-08-20 08:55 - 2013-02-11 08:26 - 00000000 ____D () C:\Users\Rob\Documents\Paint.NET
2014-08-20 08:55 - 2013-02-11 07:48 - 00000000 ____D () C:\Users\Rob\Documents\Affiliate Marketing
2014-08-20 08:54 - 2013-05-13 12:33 - 00000000 ____D () C:\Users\Rob\Affiliate Marketing
2014-08-20 08:52 - 2014-09-10 09:11 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-08-20 08:52 - 2014-08-20 08:52 - 00047632 _____ (Anvisoft) C:\Windows\system32\Drivers\asdids.sys
2014-08-20 08:46 - 2014-05-09 09:25 - 00000000 ____D () C:\Users\Rob\Downloads\Last Tango In Halifax
2014-08-20 08:46 - 2013-07-10 11:37 - 00000000 ____D () C:\Users\Rob\Angst
2014-08-20 08:46 - 2013-07-09 19:56 - 00000000 ____D () C:\Users\Rob\Downloads\Eckhart Tolle - Bringing Stillness Into Everyday Life - full
2014-08-20 08:46 - 2013-04-18 06:49 - 00000000 ____D () C:\Users\Rob\Downloads\Eckhart_Tolle-The_Flowering_of_Human_Consciousness-2CD.XVID.DVDRip
2014-08-20 08:46 - 2013-02-10 21:33 - 00000000 ____D () C:\Users\Rob\Documents\Lessen
2014-08-20 08:44 - 2014-07-08 14:20 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.Torrentday.com ] - The.7.Wonders.Of.The.Ancient.World.H264.AAC-BladeBDP
2014-08-20 08:44 - 2013-02-11 07:30 - 00000000 ____D () C:\Users\Rob\Documents\Project Karel
2014-08-20 08:43 - 2014-06-16 09:48 - 00000000 ____D () C:\Users\Rob\Downloads\Elizabeth Is Missing
2014-08-20 08:43 - 2013-09-11 13:38 - 00000000 ____D () C:\Users\Rob\Downloads\Bert Wagendorp - Ventoux  DutchReleaseTeam
2014-08-20 08:42 - 2014-07-06 21:48 - 00000000 ____D () C:\Users\Rob\Documents\mApple_v1.6.2rc
2014-08-20 08:42 - 2013-10-02 08:58 - 00000000 ____D () C:\Users\Rob\Downloads\Photography Monthly - 50 years of The Beatles + Landscapes Portraits, Travel & Nature (May 2013)
2014-08-20 08:03 - 2014-03-16 08:09 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-20 08:02 - 2014-08-20 08:02 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-08-20 08:02 - 2014-08-20 08:02 - 00002964 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-08-20 08:02 - 2014-08-20 08:02 - 00002610 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-08-20 08:02 - 2014-08-20 08:02 - 00001092 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00001080 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-20 08:02 - 2013-02-18 23:16 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\GlarySoft
2014-08-20 03:32 - 2014-08-20 03:30 - 01058200 _____ (Adobe) C:\Users\Rob\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-18 15:19 - 2014-08-18 15:18 - 01515369 _____ () C:\Users\Rob\Downloads\Layayoga_ The Definitive Guide to the Chakras and Kundalini - Goswami, Shyam Sundar.epub
2014-08-18 14:00 - 2014-08-18 14:00 - 00000000 ____D () C:\Windows\Sun
2014-08-18 03:06 - 2014-08-20 08:02 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-08-17 21:30 - 2014-08-17 21:29 - 00000000 ____D () C:\Users\Rob\Downloads\Gary Puckett & The Union Gap - Woman Woman
2014-08-16 16:28 - 2014-05-31 18:06 - 00000000 ____D () C:\Users\Rob\Downloads\1970 - Layla And Other Assorted Love Songs
2014-08-15 17:25 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-08-15 15:42 - 2014-07-18 18:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 15:42 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData

Some content of TEMP:
====================
C:\Users\Rob\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-12 17:04

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Rob at 2014-09-14 14:48:07
Running from C:\Users\Rob\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ZoneAlarm Free Firewall Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Free Firewall Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
ConverterLite 1.6.3 (HKLM-x32\...\ConverterLite) (Version: 1.6.3 - ConverterLite)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{2A07A3D4-F6CA-4EEB-9576-3A6AC8A736CE}) (Version:  - Microsoft)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Gebruikersregistratie voor Canon MG2200 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG2200 series) (Version:  - Canon Inc.‎)
Glary Utilities 5.6 (HKLM-x32\...\Glary Utilities 5) (Version: 5.6.0.13 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{8A9B16F0-A84E-4EC5-BDA7-0ACCE79FB043}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{4983EBE7-5117-43C9-8DE1-FFEBFDBD35DB}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 nl)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Renee Undeleter 2013.5.27.0 (HKLM-x32\...\{BECFEA3A-6E81-436B-9D2B-6B01185004A5}}_is1) (Version: 2013.5.27.0 - Rene.e Laboratory)
Revo Uninstaller Pro 3.0.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.2 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1146 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Traffic Travis 3.3.36 (HKLM-x32\...\Traffic Travis_is1) (Version:  - Affilorama Ltd.)
Traffic Travis 4.1.0 (HKLM-x32\...\Traffic Travis 4.1 Setup Wizard_is1) (Version:  - Affilorama Ltd.)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{17815BC8-062D-49BE-B40C-B54149C85CE3}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{84B191B5-5319-463A-A305-8C4D53B1D20A}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{B114A387-8A14-4C43-AE51-82F17EB81D49}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0413-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D1F3B526-7EB2-4701-92DB-0784988D78DE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{52BEF8AE-9324-40A1-9A92-E5A8FB63A475}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{56551B9F-2FE1-4705-ACF0-8FA920535E18}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8F699D53-05FB-488E-B7D3-E4E47257BE5D}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{4B9B2BAF-EE1F-4B60-A4D9-17B7BEEB13A1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0413-1000-0000000FF1CE}_Office14.PROPLUS_{EE4DE155-B0C7-4B85-BB95-95503FB4D750}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A20A650C-F820-4CE4-AEA5-EC140192FAFB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 64-Bit Edition (HKLM\...\{90140000-0018-0413-1000-0000000FF1CE}_Office14.PROPLUS_{918B0EB8-2684-4471-8F9A-D44C4A9AFC72}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F6F342A1-530B-4D48-A468-1E3F70928984}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C950A55F-82E3-4CC8-8FA2-E8A2A0F651F3}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{89FDC8D9-FB84-4EFE-950D-AF4EECC3B64C}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinSCP 5.1.6 (HKLM-x32\...\winscp3_is1) (Version: 5.1.6 - Martin Prikryl)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
XHeader (HKLM-x32\...\XHeader) (Version: 1.215 - Intellimon)
XSitePro2 (HKLM\...\XSitePro2) (Version: 2.550 - Intellimon Ltd)
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

30-08-2014 04:26:20 Windows Update
01-09-2014 12:34:46 Removed WinZip 18.0
02-09-2014 16:00:34 Removed iTunes
06-09-2014 10:31:38 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-09-2014 06:01:46 Herstelbewerking
10-09-2014 06:07:02 WinZip 18.5 is verwijderd
12-09-2014 07:24:31 WinZip 18.5 is verwijderd

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2014-09-13 18:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06406AC3-86F9-411A-8DD8-D3D01B9B35E3} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-08-18] (Glarysoft Ltd)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21376736-1465-43C9-9B10-64B5319C6277} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {262C479E-B3D5-43A3-A6A3-5EBDDC35EEB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {3B43F8BA-8FEC-4AD0-BF49-2E6174317601} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {4F438B00-235D-40DC-8EE3-5503AF09A6C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {537B3EAD-61D0-4587-9F4B-1EED81DE7C81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {56BE67FB-36FF-4F3E-AFC9-E9C1950A7359} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {641C1A1F-D986-4D5F-89F2-5A680F9DAE46} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {668A5E81-4E27-4C78-8753-803C11E2E7A4} - System32\Tasks\HPCeeScheduleForRob => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {71CA839C-E505-4B95-ACEC-27FEA4B63949} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7DA1F20D-ECBE-41AC-BB43-1DAF3C544A48} - System32\Tasks\SUPERAntiSpyware Scheduled Task eb5f06d3-1227-44a8-9006-a7d49ca18aec => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {96995BF8-3D3C-4299-99D9-6A68A574235D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A70035F-AC8A-4FEE-9AF5-65F9CD25E323} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-08-18] (Glarysoft Ltd)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B24A59EA-2FF5-4C62-860E-2CE54E10BCBD} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {BCA6B07B-0007-412D-9CF9-3660EED5733B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CFF507E0-FE47-4916-9C98-F789C1FA21FA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-31] (Microsoft Corporation)
Task: {D406967C-4B74-48E9-9288-C6D3EB2FA72B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {D60ECB78-8168-4B74-B225-F05E40768F41} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5758498-9753-4C32-81E2-1C8F6EE3B662} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: {F6459777-59E6-43FC-BAAD-004B428AFF0B} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {FEEDF8D6-A32B-47EB-A179-1E9DA31855BF} - System32\Tasks\SUPERAntiSpyware Scheduled Task d059edcc-f3c9-4a1b-bd2d-e6878ffeee95 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRob.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task d059edcc-f3c9-4a1b-bd2d-e6878ffeee95.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task eb5f06d3-1227-44a8-9006-a7d49ca18aec.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2013-04-03 14:18 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-02 09:13 - 2014-05-02 09:14 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-18 03:06 - 2014-08-18 03:06 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-09-13 06:41 - 2014-09-13 06:41 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-09-18 14:09 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B1D8CA6DAFB1420975D4C101565EBF87"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2014 02:14:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/14/2014 02:13:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: De index kan niet worden geïnitialiseerd.


Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: De toepassing kan niet worden geïnitialiseerd.

Context: toepassing Windows


Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Het object van de gegevensverzamelaar kan niet worden geïnitialiseerd.

Context: toepassing Windows, catalogus SystemIndex


Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: De invoegtoepassing in <Search.TripoliIndexer> kan niet worden geïnitialiseerd.

Context: toepassing Windows, catalogus SystemIndex


Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (09/14/2014 02:13:37 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Het invoegtoepassingenbeheer <Search.TripoliIndexer> kan niet worden geïnitialiseerd.

Context: toepassing Windows


Details:
	(HRESULT : 0x8e5e0210) (0x8e5e0210)

Error: (09/14/2014 02:13:36 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: De Windows Search-service wordt gestopt vanwege een probleem met de indexeerfunctie, The catalog is corrupt.


Details:
	De catalogus met de inhoudsindex is beschadigd.   0xc0041801 (0xc0041801)

Error: (09/14/2014 02:13:36 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: De zoekservice heeft beschadigde gegevensbestanden ontdekt in de index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)}. De service probeert dit probleem automatisch te verhelpen door de index opnieuw samen te stellen.


Details:
	 0x8e5e0210 (0x8e5e0210)

Error: (09/14/2014 02:13:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (4444) Windows: Fout -1811 (0xfffff8ed) is opgetreden tijdens het openen van logboekbestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00492.log.


System errors:
=============
Error: (09/14/2014 02:13:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/14/2014 02:13:41 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service Windows Search is gestopt met de volgende specifieke servicefout: 
%%2147749126

Error: (09/14/2014 02:11:12 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000000a (0x000000701bfff040, 0x0000000000000002, 0x0000000000000001, 0xfffff801b511f3d5)C:\Windows\MEMORY.DMP091414-67359-01

Error: (09/14/2014 02:11:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 13:58:11 op ‎14-‎9-‎2014 is onverwacht gebeurd.

Error: (09/13/2014 06:49:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

Error: (09/13/2014 06:47:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\ComboFix\catchme.sys

Error: (09/13/2014 01:43:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

Error: (09/13/2014 09:50:32 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

Error: (09/13/2014 07:53:40 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist.

Error: (09/12/2014 04:21:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De ZoneAlarm Privacy Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten.


Microsoft Office Sessions:
=========================
Error: (09/14/2014 02:14:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/14/2014 02:13:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: toepassing Windows


Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: toepassing Windows, catalogus SystemIndex


Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (09/14/2014 02:13:40 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: toepassing Windows, catalogus SystemIndex


Details:
	Kan het opgegeven object niet vinden. Geef de naam van een bestaand object op.  (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer

Error: (09/14/2014 02:13:37 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Context: toepassing Windows


Details:
	(HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer

Error: (09/14/2014 02:13:36 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	De catalogus met de inhoudsindex is beschadigd.   0xc0041801 (0xc0041801)
The catalog is corrupt

Error: (09/14/2014 02:13:36 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	 0x8e5e0210 (0x8e5e0210)
4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)

Error: (09/14/2014 02:13:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer4444Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb00492.log-1811 (0xfffff8ed)


CodeIntegrity Errors:
===================================
  Date: 2014-09-14 14:46:23.777
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 14:25:49.917
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 14:23:40.035
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 14:18:29.199
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 14:06:22.553
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 14:04:34.357
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 14:04:10.100
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 13:58:07.121
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 13:47:23.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-14 13:47:22.956
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 92%
Total physical RAM: 3986.27 MB
Available physical RAM: 293.12 MB
Total Pagefile: 8082.27 MB
Available Pagefile: 1718.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.44 GB) (Free:266.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.55 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 458C4708)

Partition: GPT Partition Type.

==================== End Of Log ============================


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 15 September 2014 - 07:41 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 Rotterdam

Rotterdam
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 15 September 2014 - 08:47 AM

Thanks for your reply.

 

Apart from probably Torrent for downloading, I am not aware of any illegal software and most certainly am not aware of illegal activities.

 

Therefore I am very interested to know which those are.

 

And I am very interested to have my computer cleaned because this interrupts my work on the computer.

 

So for the clean up, thank you very much, that is highly appreciated.



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 15 September 2014 - 10:08 AM

Microsoft Office 2010 on this machine is cracked - uninstall it and create and post new logs with FRST.

I´ll provide further advice then.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 Rotterdam

Rotterdam
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 15 September 2014 - 11:20 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Rob (administrator) on LAPTOP on 15-09-2014 18:13:33
Running from C:\Users\Rob\Downloads
Platform: Windows 8 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(BitTorrent Inc.) C:\Users\Rob\AppData\Roaming\BitTorrent\BitTorrent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\SoftwareUpdate.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\x64\Win64ShellLink.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-08-19] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3091740776-465430269-2068346934-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-08-18] (Glarysoft Ltd)
HKU\S-1-5-21-3091740776-465430269-2068346934-1001\...\Run: [BitTorrent] => C:\Users\Rob\AppData\Roaming\BitTorrent\BitTorrent.exe [1274456 2014-07-12] (BitTorrent Inc.)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  No File
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  No File
BootExecute: autocheck autochk *  BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {289F982B-1A39-492F-8EB3-5C6F219DA252} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=aw0202ff&cd=2XzuyEtN2Y1L1QzutBzzzytByE0AyDyByC0A0D0FyByEyByBtN0D0Tzu0SyBzyyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyC0C0C0F0ByC0E0DtG0CtA0AtCtG0Bzyzz0FtGtAyDzy0DtGyBzzzy0BtByByD0B0E0CyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDzy0DyBzy0F0EtGyB0B0EyDtGyBzztC0FtG0B0ByEzztGtAyDzztAtAtA0D0CyBtByC0B2Q&cr=921755135&ir=
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/1346-154357-12126-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} ->  No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\0fqetbzi.default
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=372fc66bbe124cf8a2b5683021dd171a&tu=10GXy00E82D13P0&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File
FF Plugin HKCU: iMeshPlugin -> C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml
FF Extension: Website Counselor - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\0fqetbzi.default\Extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e} [2014-09-08]
FF Extension: Adblock Plus - C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\0fqetbzi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-13]
FF Extension: AnviAdblock - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\AnviAdblock@anvisoft.com.xpi [2014-09-13]

Chrome: 
=======
CHR HomePage: Default -> 
CHR Profile: C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (No Name) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-30]
CHR Extension: (Google Drive) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-30]
CHR Extension: (YouTube) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-30]
CHR Extension: (Google Search) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-30]
CHR Extension: (Google Wallet) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-30]
CHR Extension: (Gmail) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-30]
CHR HKLM-x32\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-03-26] () [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-22] (IDT, Inc.) [File not signed]
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-18] (Glarysoft Ltd)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-08-20] (Glarysoft Ltd)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\drivers\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2014-06-11] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490080 2014-06-11] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-12] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-04] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S0 vgtpub; System32\drivers\lolxx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 18:06 - 2014-09-15 18:06 - 00000002 _____ () C:\Users\Rob\Documents\XspUsageLog.log
2014-09-15 16:52 - 2014-09-15 17:23 - 1736149690 ____R () C:\Users\Rob\Downloads\Hand.Of.God.S01E01.720p.WEBRip.x264-W4F.mkv
2014-09-15 16:51 - 2014-09-15 16:51 - 00000000 ____D () C:\Users\Rob\Downloads\Sons of Anarchy S07E01 HDTV x264-2HD[ettv]
2014-09-15 11:03 - 2014-08-16 11:34 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-15 11:03 - 2014-08-16 11:34 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-15 11:03 - 2014-08-16 11:34 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-09-15 11:03 - 2014-08-16 11:34 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-15 11:03 - 2014-08-16 11:33 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-15 11:03 - 2014-08-16 11:33 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-15 11:03 - 2014-08-16 11:33 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-15 11:03 - 2014-08-16 11:32 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-15 11:03 - 2014-08-16 11:32 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-15 11:03 - 2014-08-16 11:32 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-15 11:03 - 2014-08-16 11:32 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-15 11:03 - 2014-08-16 11:32 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-15 11:03 - 2014-08-16 11:32 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-15 11:03 - 2014-08-16 11:32 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-15 11:03 - 2014-08-16 11:32 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-15 11:03 - 2014-08-16 09:37 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-15 11:03 - 2014-08-16 09:37 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-15 11:03 - 2014-08-16 09:36 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-15 11:03 - 2014-08-16 09:35 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-15 11:03 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-15 11:03 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-09-15 11:03 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-09-15 11:03 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-15 11:03 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-15 11:03 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-15 11:03 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-15 11:03 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-15 11:03 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-15 11:03 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-15 11:03 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-15 11:03 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-09-15 11:03 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-15 11:03 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-15 11:03 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 20:19 - 2014-09-14 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-14 20:19 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2014-09-14 20:19 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-09-14 20:16 - 2014-09-15 10:06 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-14 20:16 - 2014-09-14 20:22 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-14 20:12 - 2014-09-14 20:12 - 00000000 ____D () C:\Users\Rob\AppData\Local\Downloaded Installations
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 ____D () C:\Users\Rob\AppData\Local\WorldofTanks
2014-09-14 20:03 - 2014-09-14 20:03 - 00000000 ____D () C:\Users\Rob\AppData\Local\Sparta
2014-09-14 18:50 - 2014-09-14 18:50 - 00296976 _____ () C:\Windows\Minidump\091414-36000-01.dmp
2014-09-14 18:42 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-09-14 18:42 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-09-14 18:41 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-14 18:40 - 2014-08-28 13:34 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-14 18:40 - 2014-08-28 08:05 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-14 18:40 - 2014-08-28 08:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-14 18:40 - 2014-08-28 08:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-14 18:40 - 2014-08-28 08:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-14 18:40 - 2014-08-28 08:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-14 18:40 - 2014-08-28 08:01 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-14 18:40 - 2014-08-28 08:01 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-14 18:40 - 2014-08-28 08:01 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-14 18:40 - 2014-08-28 08:01 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-09-14 18:40 - 2014-08-28 08:01 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-09-14 18:40 - 2014-08-28 08:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-14 18:40 - 2014-08-28 08:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-14 18:40 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-09-14 18:36 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-14 18:36 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-14 18:30 - 2014-09-05 00:36 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-14 18:30 - 2014-09-03 03:49 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-14 17:46 - 2014-09-15 14:41 - 00000000 ____D () C:\Users\Rob\Downloads\Opruiming NL e-boeken 40 (E-Books)NLT
2014-09-14 14:11 - 2014-09-15 18:09 - 00458389 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 14:11 - 2014-09-14 14:11 - 00297032 _____ () C:\Windows\Minidump\091414-67359-01.dmp
2014-09-14 14:10 - 2014-09-15 18:06 - 00002264 _____ () C:\Windows\PFRO.log
2014-09-14 14:10 - 2014-09-14 18:50 - 492271130 _____ () C:\Windows\MEMORY.DMP
2014-09-14 14:05 - 2014-09-14 14:05 - 05185536 _____ (AVAST Software) C:\Users\Rob\Downloads\aswmbr.exe
2014-09-14 14:00 - 2014-09-14 14:53 - 00045549 _____ () C:\Users\Rob\Downloads\Addition.txt
2014-09-14 13:58 - 2014-09-15 18:13 - 00017992 _____ () C:\Users\Rob\Downloads\FRST.txt
2014-09-14 13:46 - 2014-09-15 18:13 - 00000000 ____D () C:\FRST
2014-09-14 13:46 - 2014-09-14 13:46 - 02105856 _____ (Farbar) C:\Users\Rob\Downloads\FRST64.exe
2014-09-14 10:31 - 2014-09-14 10:31 - 06057862 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-14 07:13 - 2014-09-14 08:04 - 00000000 ____D () C:\Users\Rob\Downloads\Web Designer - Joomla - 20 Reasons To Switch From Wordpress (Issue 220, 2014)
2014-09-14 06:01 - 2014-09-14 06:01 - 00025560 _____ () C:\Users\Rob\Downloads\Combi fix txt 14 sep.txt
2014-09-14 05:45 - 2014-09-14 06:07 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles Mono Box
2014-09-14 05:42 - 2014-09-14 13:18 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles - Rubber Soul [US] [smb]
2014-09-14 05:41 - 2014-09-14 06:01 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander.S01E06.720p.HDTV.x264-KILLERS[rarbg]
2014-09-13 18:57 - 2014-09-13 18:57 - 00025560 _____ () C:\ComboFix.txt
2014-09-13 12:19 - 2014-09-13 12:19 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact(1)
2014-09-13 12:12 - 2014-09-13 12:12 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact
2014-09-13 07:39 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-13 07:39 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-13 07:39 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-13 07:39 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-13 07:35 - 2014-09-13 18:58 - 00000000 ____D () C:\Qoobox
2014-09-13 07:35 - 2014-09-13 07:35 - 00016712 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP113.SYS
2014-09-13 07:34 - 2014-09-13 18:51 - 00000000 ____D () C:\Windows\erdnt
2014-09-13 06:41 - 2014-09-13 06:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 06:39 - 2014-09-13 06:40 - 00000000 ____D () C:\Users\Rob\Documents\Attachments_2014913
2014-09-13 06:36 - 2014-09-13 06:36 - 20954978 _____ () C:\Users\Rob\Downloads\Attachments_2014913.zip
2014-09-13 06:36 - 2014-09-13 06:36 - 18449013 _____ () C:\Users\Rob\Downloads\Attachments_2014913(1).zip
2014-09-13 04:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-13 04:56 - 2014-09-14 06:11 - 00000000 ____D () C:\AdwCleaner
2014-09-13 04:51 - 2014-09-13 05:26 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander S01E05 HDTV x264-KILLERS[ettv]
2014-09-12 11:49 - 2014-09-14 13:31 - 00000000 ____D () C:\Users\Rob\Downloads\Rickie Lee Jones - Rickie Lee Jones (1979) mp3@320 {1337x}-kawli
2014-09-12 09:28 - 2014-09-15 17:21 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-12 09:28 - 2014-09-12 09:28 - 00003828 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-12 08:41 - 2014-09-12 08:41 - 00003162 _____ () C:\Windows\System32\Tasks\{A60D6119-2E7F-424B-92C6-800E68E76B0F}
2014-09-12 08:23 - 2014-09-12 08:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 08:23 - 2014-09-12 08:23 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 08:23 - 2014-09-12 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 08:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-12 08:23 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-12 08:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-12 08:22 - 2014-09-12 08:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 19:04 - 2014-09-14 13:20 - 00000000 ____D () C:\Users\Rob\Downloads\Ry Cooder - Chicken Skin Music [smb]
2014-09-11 07:34 - 2014-09-13 05:42 - 00000000 ____D () C:\Users\Rob\Downloads\The.War.Diaries.1940.Fall.Of.Paris.2008.SweSub.DvDRip.XviD-SWAXXON
2014-09-11 07:34 - 2014-09-11 07:50 - 00000000 ____D () C:\Users\Rob\Downloads\Red.Shoe.Diaries.The.Movie.1992.DVDRip.X264-NCAXA[rarbg]
2014-09-11 05:29 - 2014-09-11 07:34 - 367311842 _____ () C:\Users\Rob\Downloads\White.Collar.S01E06.All.In.HDTV.XviD-FQM.avi
2014-09-11 05:28 - 2014-09-11 05:38 - 367473076 _____ () C:\Users\Rob\Downloads\White.Collar.S01E09.Bad.Judgment.HDTV.XviD-FQM.avi
2014-09-10 09:36 - 2014-09-13 05:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-09-10 09:36 - 2014-09-12 16:20 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-10 09:11 - 2014-08-20 08:52 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-09-10 09:09 - 2014-09-10 09:09 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-09-10 09:08 - 2014-09-10 09:08 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-09-10 08:24 - 2014-09-10 08:36 - 366923402 _____ () C:\Users\Rob\Downloads\White.Collar.S01E05.The.Portrait.HDTV.XviD-FQM.avi
2014-09-09 22:55 - 2014-09-09 23:01 - 367055506 ____R () C:\Users\Rob\Downloads\White.Collar.S01E04.Flip.of.the.Coin.HDTV.XviD-FQM.avi
2014-09-09 17:38 - 2014-09-09 17:38 - 00000000 ____D () C:\Program Files\Reason
2014-09-09 17:37 - 2014-09-09 17:37 - 00002530 _____ () C:\Users\Rob\Desktop\Rkill.txt
2014-09-09 17:26 - 2014-09-09 17:26 - 00000000 ____D () C:\Users\Rob\Documents\RN Connect
2014-09-09 16:21 - 2014-09-09 16:21 - 00173731 _____ () C:\Users\Rob\AppData\Local\ars.cache
2014-09-09 16:21 - 2014-09-09 16:21 - 00126405 _____ () C:\Users\Rob\AppData\Local\census.cache
2014-09-09 16:19 - 2014-09-09 16:19 - 00000010 _____ () C:\Users\Rob\AppData\Local\sponge.last.runtime.cache
2014-09-09 15:54 - 2014-09-09 15:54 - 00000036 _____ () C:\Users\Rob\AppData\Local\housecall.guid.cache
2014-09-09 15:54 - 2013-09-02 09:58 - 00175528 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2014-09-09 11:23 - 2014-09-09 11:29 - 366868718 _____ () C:\Users\Rob\Downloads\White.Collar.S01E03.Book.of.Hours.HDTV.XviD-FQM.avi
2014-09-08 18:33 - 2014-06-11 10:09 - 00490080 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-09-08 18:33 - 2014-06-11 10:09 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-09-08 18:03 - 2014-09-09 08:15 - 00000000 ____D () C:\d28db38384b9ad43a8a6e0
2014-09-08 17:44 - 2014-09-08 18:33 - 00431451 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-09-08 17:44 - 2014-09-08 17:44 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-09-08 17:44 - 2014-09-08 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-09-08 17:40 - 2014-09-08 17:44 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-09-08 17:20 - 2014-09-09 08:15 - 00000000 ____D () C:\52e2fcfe236db1b0ed80ff
2014-09-08 17:17 - 2014-09-08 17:19 - 30517960 _____ (Microsoft Corporation) C:\Users\Rob\Downloads\Windows-KB890830-x64-V5.15.exe
2014-09-08 06:44 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.SceneTime.com ] - The.Chair.S01E01.HDTV.XviD-AFG
2014-09-07 06:41 - 2014-09-07 06:42 - 00000000 ____D () C:\Users\Rob\Downloads\Paradisemosaics
2014-09-07 05:53 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\Downloads\The Strain (2014)S01E01 1080p NL Subs X264-NLU002
2014-09-06 13:06 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\Downloads\Adobe Audition CC 2014
2014-09-06 12:52 - 2014-09-06 12:52 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2014.lnk
2014-09-06 12:51 - 2014-09-06 12:53 - 00000000 ____D () C:\Program Files\Adobe
2014-09-06 12:49 - 2014-09-06 12:52 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-06 12:48 - 2014-09-06 12:48 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-09-06 12:48 - 2012-06-22 03:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-09-06 12:48 - 2012-04-24 03:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys
2014-09-06 12:48 - 2012-04-24 03:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-09-06 12:37 - 2014-09-09 08:13 - 00000000 ___RD () C:\Users\Rob\Creative Cloud Files
2014-09-06 12:34 - 2014-09-06 12:34 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-06 12:34 - 2014-09-06 12:34 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-06 12:33 - 2014-09-06 12:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 12:28 - 2014-09-06 12:28 - 00615304 _____ (Adobe Systems Incorporated) C:\Users\Rob\Downloads\CreativeCloudSet-Up.exe
2014-09-06 11:04 - 2014-09-06 11:04 - 00000000 ____D () C:\Users\Rob\Documents\libmp3lame-win-3.98.2-1
2014-09-06 10:54 - 2014-09-09 08:13 - 00000000 ____D () C:\Users\Rob\AppData\Local\WinZip
2014-09-06 10:54 - 2014-09-09 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-09-06 10:54 - 2014-09-06 11:00 - 00000000 ____D () C:\ProgramData\WinZip
2014-09-06 10:54 - 2014-09-06 10:54 - 00002251 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00002245 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00000000 ____D () C:\Program Files\WinZip
2014-09-06 09:49 - 2014-09-06 09:49 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-09-06 09:49 - 2014-09-06 09:49 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-09-06 09:48 - 2014-09-06 09:49 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-09-06 05:41 - 2014-09-06 10:00 - 00000000 ____D () C:\Users\Rob\Downloads\White Collar S01E02 Threads HDTV XviD DutchReleaseTeam
2014-09-06 03:50 - 2014-09-14 18:37 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Audacity
2014-09-04 22:00 - 2014-09-04 22:01 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison
2014-09-04 18:56 - 2014-09-04 18:56 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord(1).xlsx
2014-09-04 18:37 - 2014-09-04 18:38 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison - Beware Of ABKCO!
2014-09-04 18:19 - 2014-09-04 18:19 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord.xlsx
2014-09-03 21:56 - 2014-09-03 22:10 - 576705870 _____ () C:\Users\Rob\Downloads\White.Collar.S01E01.Pilot.HDTV.XviD-FQM.avi
2014-09-03 21:20 - 2014-09-03 21:58 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.torrenting.com ] - Inquisition.S01E01.HDTV.XviD-AFG
2014-09-02 20:34 - 2014-09-02 20:34 - 00000000 ____D () C:\Users\Rob\Downloads\Call of the Valley
2014-09-02 18:15 - 2014-09-02 18:15 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-02 18:15 - 2014-09-02 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-02 18:13 - 2014-09-02 18:15 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-02 18:13 - 2014-09-02 18:15 - 00000000 ____D () C:\Program Files\iTunes
2014-09-02 18:13 - 2014-09-02 18:15 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-02 18:13 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files\iPod
2014-09-02 18:12 - 2014-09-02 18:12 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Users\Rob\AppData\Local\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-02 07:03 - 2014-09-02 07:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-02 07:01 - 2014-09-10 07:15 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\DiskDefrag
2014-08-31 21:29 - 2014-08-31 21:33 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney (Wings) - Venus And Mars (3 bonus tracks) [1975]  FLAC
2014-08-31 21:28 - 2014-08-31 21:35 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney - Wings At The Speed Of Sound (DCC GZS-1096).cue ape scans-server alliance
2014-08-28 06:11 - 2014-08-23 08:47 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:11 - 2014-08-28 06:57 - 1412346484 _____ () C:\Users\Rob\Downloads\SHANGHAI_SURPRISE-Madonna Dvdrip AVI (English).avi
2014-08-27 08:22 - 2014-08-27 08:46 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 1997 PB
2014-08-27 08:12 - 2014-09-06 05:18 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 2006 PB
2014-08-27 08:11 - 2014-08-27 08:14 - 00000000 ____D () C:\Users\Rob\Downloads\The Fender Stratocaster (693)
2014-08-27 08:10 - 2014-08-27 08:11 - 00000000 ____D () C:\Users\Rob\Downloads\Star Guitars - 101 Guitars That Rocked the World
2014-08-27 08:08 - 2014-08-27 08:08 - 00000000 ____D () C:\Users\Rob\Downloads\Guitarist (WorldMags) - September 2013
2014-08-27 08:07 - 2014-09-06 05:18 - 00000000 ____D () C:\Users\Rob\Downloads\UNCUT John Lennon - The Ultimate Music Guide - September 2010
2014-08-26 21:55 - 2014-08-27 07:48 - 1404431662 _____ () C:\Users\Rob\Downloads\BBC.Richard.Attenborough.A.Life.In.Film.720p.HDTV.x264.AAC.MVGroup.org.mp4
2014-08-26 14:25 - 2014-09-01 14:26 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The First VIKING King of England (July 2013)
2014-08-26 13:42 - 2014-08-26 13:42 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The Invasion Of Tudor England + Napoleons Last Game (September 2013)
2014-08-26 11:39 - 2014-08-26 21:55 - 00000000 ____D () C:\Users\Rob\Downloads\The Borgias S01E01 HDTV XviD DutchReleaseTeam
2014-08-24 20:28 - 2014-08-24 20:28 - 00025278 _____ () C:\Users\Rob\Downloads\Untitled.pdn
2014-08-24 13:19 - 2014-08-24 13:19 - 06052529 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-24 11:52 - 2014-08-24 11:52 - 00000000 ____D () C:\Users\Rob\Documents\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD]
2014-08-21 17:41 - 2014-08-21 17:43 - 00000000 ____D () C:\Users\Rob\Downloads\Wild Beasts - Present Tense (2014) [FLAC]
2014-08-20 14:51 - 2014-08-20 14:51 - 00000000 ____D () C:\Users\Rob\AppData\Local\Macromedia
2014-08-20 14:43 - 2014-08-20 19:31 - 202450249 _____ () C:\Users\Rob\Downloads\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD].rar
2014-08-20 08:52 - 2014-08-20 08:52 - 00047632 _____ (Anvisoft) C:\Windows\system32\Drivers\asdids.sys
2014-08-20 08:02 - 2014-09-15 18:10 - 00000342 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-08-20 08:02 - 2014-09-15 18:10 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-08-20 08:02 - 2014-08-20 08:02 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-08-20 08:02 - 2014-08-20 08:02 - 00002964 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-08-20 08:02 - 2014-08-20 08:02 - 00002610 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-08-20 08:02 - 2014-08-20 08:02 - 00001092 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00001080 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-20 08:02 - 2014-08-18 03:06 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-08-20 08:02 - 2014-07-18 09:11 - 00017600 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\BootDefragDriver.sys
2014-08-20 03:30 - 2014-08-20 03:32 - 01058200 _____ (Adobe) C:\Users\Rob\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-19 14:47 - 2014-08-23 19:35 - 00000000 ____D () C:\Users\Rob\Downloads\Leonard_Cohen
2014-08-18 15:18 - 2014-08-18 15:19 - 01515369 _____ () C:\Users\Rob\Downloads\Layayoga_ The Definitive Guide to the Chakras and Kundalini - Goswami, Shyam Sundar.epub
2014-08-18 14:00 - 2014-08-18 14:00 - 00000000 ____D () C:\Windows\Sun
2014-08-17 21:29 - 2014-08-17 21:30 - 00000000 ____D () C:\Users\Rob\Downloads\Gary Puckett & The Union Gap - Woman Woman

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 18:13 - 2014-09-14 13:58 - 00017992 _____ () C:\Users\Rob\Downloads\FRST.txt
2014-09-15 18:13 - 2014-09-14 13:46 - 00000000 ____D () C:\FRST
2014-09-15 18:13 - 2013-02-12 15:06 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\BitTorrent
2014-09-15 18:11 - 2014-08-09 21:47 - 00000000 ____D () C:\Users\Rob\AppData\Local\Adobe
2014-09-15 18:11 - 2014-05-30 12:49 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 18:10 - 2014-08-20 08:02 - 00000342 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-09-15 18:10 - 2014-08-20 08:02 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-09-15 18:09 - 2014-09-14 14:11 - 00458389 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 18:09 - 2014-05-31 18:01 - 00000338 _____ () C:\Windows\Tasks\HPCeeScheduleForRob.job
2014-09-15 18:09 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 18:08 - 2014-07-24 16:24 - 00465208 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-15 18:07 - 2014-07-18 18:13 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-15 18:06 - 2014-09-15 18:06 - 00000002 _____ () C:\Users\Rob\Documents\XspUsageLog.log
2014-09-15 18:06 - 2014-09-14 14:10 - 00002264 _____ () C:\Windows\PFRO.log
2014-09-15 18:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-09-15 17:59 - 2014-05-30 12:49 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 17:30 - 2013-03-26 09:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-15 17:30 - 2013-03-26 09:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-15 17:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-15 17:28 - 2012-09-01 17:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-15 17:28 - 2012-08-04 00:37 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-15 17:26 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-15 17:26 - 2012-07-26 09:52 - 00000000 ____D () C:\Windows\ShellNew
2014-09-15 17:26 - 2012-07-26 07:26 - 00000076 _____ () C:\Windows\win.ini
2014-09-15 17:23 - 2014-09-15 16:52 - 1736149690 ____R () C:\Users\Rob\Downloads\Hand.Of.God.S01E01.720p.WEBRip.x264-W4F.mkv
2014-09-15 17:23 - 2014-02-16 09:43 - 00000000 ____D () C:\Users\Rob\Documents\Ommoord
2014-09-15 17:23 - 2012-09-02 02:52 - 00871836 _____ () C:\Windows\system32\perfh013.dat
2014-09-15 17:23 - 2012-09-02 02:52 - 00192876 _____ () C:\Windows\system32\perfc013.dat
2014-09-15 17:23 - 2012-07-26 09:28 - 01995640 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-15 17:21 - 2014-09-12 09:28 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 16:51 - 2014-09-15 16:51 - 00000000 ____D () C:\Users\Rob\Downloads\Sons of Anarchy S07E01 HDTV x264-2HD[ettv]
2014-09-15 15:53 - 2013-02-11 18:52 - 05599744 ___SH () C:\Users\Rob\Downloads\Thumbs.db
2014-09-15 14:44 - 2013-04-13 19:20 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\vlc
2014-09-15 14:41 - 2014-09-14 17:46 - 00000000 ____D () C:\Users\Rob\Downloads\Opruiming NL e-boeken 40 (E-Books)NLT
2014-09-15 11:27 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-15 10:06 - 2014-09-14 20:16 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-09-15 09:40 - 2014-05-31 18:01 - 00003148 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForRob
2014-09-15 09:40 - 2013-01-27 16:07 - 00000000 ____D () C:\Users\Rob
2014-09-14 20:22 - 2014-09-14 20:16 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-14 20:19 - 2014-09-14 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-14 20:18 - 2012-09-01 17:19 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-14 20:12 - 2014-09-14 20:12 - 00000000 ____D () C:\Users\Rob\AppData\Local\Downloaded Installations
2014-09-14 20:04 - 2014-09-14 20:04 - 00000000 ____D () C:\Users\Rob\AppData\Local\WorldofTanks
2014-09-14 20:03 - 2014-09-14 20:03 - 00000000 ____D () C:\Users\Rob\AppData\Local\Sparta
2014-09-14 18:50 - 2014-09-14 18:50 - 00296976 _____ () C:\Windows\Minidump\091414-36000-01.dmp
2014-09-14 18:50 - 2014-09-14 14:10 - 492271130 _____ () C:\Windows\MEMORY.DMP
2014-09-14 18:50 - 2013-02-16 16:31 - 00000000 ____D () C:\Windows\Minidump
2014-09-14 18:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-14 18:37 - 2014-09-06 03:50 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Audacity
2014-09-14 17:55 - 2013-02-11 07:31 - 00000000 ____D () C:\Users\Rob\Documents\Radio Capelle
2014-09-14 14:53 - 2014-09-14 14:00 - 00045549 _____ () C:\Users\Rob\Downloads\Addition.txt
2014-09-14 14:11 - 2014-09-14 14:11 - 00297032 _____ () C:\Windows\Minidump\091414-67359-01.dmp
2014-09-14 14:10 - 2013-02-10 10:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-14 14:05 - 2014-09-14 14:05 - 05185536 _____ (AVAST Software) C:\Users\Rob\Downloads\aswmbr.exe
2014-09-14 13:46 - 2014-09-14 13:46 - 02105856 _____ (Farbar) C:\Users\Rob\Downloads\FRST64.exe
2014-09-14 13:31 - 2014-09-12 11:49 - 00000000 ____D () C:\Users\Rob\Downloads\Rickie Lee Jones - Rickie Lee Jones (1979) mp3@320 {1337x}-kawli
2014-09-14 13:20 - 2014-09-11 19:04 - 00000000 ____D () C:\Users\Rob\Downloads\Ry Cooder - Chicken Skin Music [smb]
2014-09-14 13:18 - 2014-09-14 05:42 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles - Rubber Soul [US] [smb]
2014-09-14 13:13 - 2013-11-21 05:05 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\FileZilla
2014-09-14 10:32 - 2014-06-10 09:44 - 00002000 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-09-14 10:32 - 2014-03-11 05:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 10:32 - 2014-03-11 05:18 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-09-14 10:31 - 2014-09-14 10:31 - 06057862 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-09-14 08:04 - 2014-09-14 07:13 - 00000000 ____D () C:\Users\Rob\Downloads\Web Designer - Joomla - 20 Reasons To Switch From Wordpress (Issue 220, 2014)
2014-09-14 06:11 - 2014-09-13 04:56 - 00000000 ____D () C:\AdwCleaner
2014-09-14 06:07 - 2014-09-14 05:45 - 00000000 ____D () C:\Users\Rob\Downloads\The Beatles Mono Box
2014-09-14 06:01 - 2014-09-14 06:01 - 00025560 _____ () C:\Users\Rob\Downloads\Combi fix txt 14 sep.txt
2014-09-14 06:01 - 2014-09-14 05:41 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander.S01E06.720p.HDTV.x264-KILLERS[rarbg]
2014-09-13 18:58 - 2014-09-13 07:35 - 00000000 ____D () C:\Qoobox
2014-09-13 18:57 - 2014-09-13 18:57 - 00025560 _____ () C:\ComboFix.txt
2014-09-13 18:57 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-09-13 18:51 - 2014-09-13 07:34 - 00000000 ____D () C:\Windows\erdnt
2014-09-13 18:50 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-09-13 12:19 - 2014-09-13 12:19 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact(1)
2014-09-13 12:12 - 2014-09-13 12:12 - 00119333 _____ () C:\Users\Rob\Downloads\flyer lotgenotencontact
2014-09-13 10:34 - 2014-05-30 12:49 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-13 07:35 - 2014-09-13 07:35 - 00016712 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP113.SYS
2014-09-13 07:33 - 2013-02-10 21:44 - 00000000 ____D () C:\Users\Rob\Documents\Algemene Passwords
2014-09-13 06:41 - 2014-09-13 06:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 06:40 - 2014-09-13 06:39 - 00000000 ____D () C:\Users\Rob\Documents\Attachments_2014913
2014-09-13 06:36 - 2014-09-13 06:36 - 20954978 _____ () C:\Users\Rob\Downloads\Attachments_2014913.zip
2014-09-13 06:36 - 2014-09-13 06:36 - 18449013 _____ () C:\Users\Rob\Downloads\Attachments_2014913(1).zip
2014-09-13 05:42 - 2014-09-11 07:34 - 00000000 ____D () C:\Users\Rob\Downloads\The.War.Diaries.1940.Fall.Of.Paris.2008.SweSub.DvDRip.XviD-SWAXXON
2014-09-13 05:26 - 2014-09-13 04:51 - 00000000 ____D () C:\Users\Rob\Downloads\Outlander S01E05 HDTV x264-KILLERS[ettv]
2014-09-13 05:03 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-13 05:01 - 2013-04-02 10:57 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\CheckPoint
2014-09-13 05:00 - 2014-09-10 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
2014-09-12 16:36 - 2013-01-27 16:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3091740776-465430269-2068346934-1001
2014-09-12 16:20 - 2014-09-10 09:36 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-12 12:05 - 2013-02-15 12:30 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-09-12 12:04 - 2013-02-15 12:30 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-09-12 09:28 - 2014-09-12 09:28 - 00003828 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-12 08:41 - 2014-09-12 08:41 - 00003162 _____ () C:\Windows\System32\Tasks\{A60D6119-2E7F-424B-92C6-800E68E76B0F}
2014-09-12 08:24 - 2014-09-12 08:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 08:23 - 2014-09-12 08:23 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 08:23 - 2014-09-12 08:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 08:23 - 2014-09-12 08:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 07:50 - 2014-09-11 07:34 - 00000000 ____D () C:\Users\Rob\Downloads\Red.Shoe.Diaries.The.Movie.1992.DVDRip.X264-NCAXA[rarbg]
2014-09-11 07:34 - 2014-09-11 05:29 - 367311842 _____ () C:\Users\Rob\Downloads\White.Collar.S01E06.All.In.HDTV.XviD-FQM.avi
2014-09-11 05:38 - 2014-09-11 05:28 - 367473076 _____ () C:\Users\Rob\Downloads\White.Collar.S01E09.Bad.Judgment.HDTV.XviD-FQM.avi
2014-09-10 11:19 - 2013-03-17 10:40 - 00000000 ____D () C:\Users\Rob\AppData\Local\Paint.NET
2014-09-10 09:09 - 2014-09-10 09:09 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-09-10 09:08 - 2014-09-10 09:08 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-09-10 08:36 - 2014-09-10 08:24 - 366923402 _____ () C:\Users\Rob\Downloads\White.Collar.S01E05.The.Portrait.HDTV.XviD-FQM.avi
2014-09-10 07:24 - 2014-07-10 15:47 - 00093184 ___SH () C:\Users\Rob\Desktop\Thumbs.db
2014-09-10 07:15 - 2014-09-02 07:01 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\DiskDefrag
2014-09-09 23:37 - 2014-03-10 12:15 - 00000000 ____D () C:\Users\Rob\Documents\Magento
2014-09-09 23:01 - 2014-09-09 22:55 - 367055506 ____R () C:\Users\Rob\Downloads\White.Collar.S01E04.Flip.of.the.Coin.HDTV.XviD-FQM.avi
2014-09-09 17:38 - 2014-09-09 17:38 - 00000000 ____D () C:\Program Files\Reason
2014-09-09 17:37 - 2014-09-09 17:37 - 00002530 _____ () C:\Users\Rob\Desktop\Rkill.txt
2014-09-09 17:26 - 2014-09-09 17:26 - 00000000 ____D () C:\Users\Rob\Documents\RN Connect
2014-09-09 16:21 - 2014-09-09 16:21 - 00173731 _____ () C:\Users\Rob\AppData\Local\ars.cache
2014-09-09 16:21 - 2014-09-09 16:21 - 00126405 _____ () C:\Users\Rob\AppData\Local\census.cache
2014-09-09 16:19 - 2014-09-09 16:19 - 00000010 _____ () C:\Users\Rob\AppData\Local\sponge.last.runtime.cache
2014-09-09 15:54 - 2014-09-09 15:54 - 00000036 _____ () C:\Users\Rob\AppData\Local\housecall.guid.cache
2014-09-09 11:29 - 2014-09-09 11:23 - 366868718 _____ () C:\Users\Rob\Downloads\White.Collar.S01E03.Book.of.Hours.HDTV.XviD-FQM.avi
2014-09-09 10:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\registration
2014-09-09 08:15 - 2014-09-08 18:03 - 00000000 ____D () C:\d28db38384b9ad43a8a6e0
2014-09-09 08:15 - 2014-09-08 17:20 - 00000000 ____D () C:\52e2fcfe236db1b0ed80ff
2014-09-09 08:13 - 2014-09-08 06:44 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.SceneTime.com ] - The.Chair.S01E01.HDTV.XviD-AFG
2014-09-09 08:13 - 2014-09-07 05:53 - 00000000 ____D () C:\Users\Rob\Downloads\The Strain (2014)S01E01 1080p NL Subs X264-NLU002
2014-09-09 08:13 - 2014-09-06 13:06 - 00000000 ____D () C:\Users\Rob\Downloads\Adobe Audition CC 2014
2014-09-09 08:13 - 2014-09-06 12:37 - 00000000 ___RD () C:\Users\Rob\Creative Cloud Files
2014-09-09 08:13 - 2014-09-06 10:54 - 00000000 ____D () C:\Users\Rob\AppData\Local\WinZip
2014-09-09 08:13 - 2014-09-06 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-09-09 08:13 - 2014-07-26 07:20 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-09-09 08:13 - 2013-02-11 07:33 - 00000000 ____D () C:\Users\Rob\Documents\XSitePro-Data
2014-09-09 08:13 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-09-08 18:33 - 2014-09-08 17:44 - 00431451 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-09-08 18:32 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-09-08 17:44 - 2014-09-08 17:44 - 00000762 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-09-08 17:44 - 2014-09-08 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-09-08 17:44 - 2014-09-08 17:40 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-09-08 17:19 - 2014-09-08 17:17 - 30517960 _____ (Microsoft Corporation) C:\Users\Rob\Downloads\Windows-KB890830-x64-V5.15.exe
2014-09-07 06:42 - 2014-09-07 06:41 - 00000000 ____D () C:\Users\Rob\Downloads\Paradisemosaics
2014-09-06 12:53 - 2014-09-06 12:51 - 00000000 ____D () C:\Program Files\Adobe
2014-09-06 12:52 - 2014-09-06 12:52 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2014.lnk
2014-09-06 12:52 - 2014-09-06 12:49 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-06 12:52 - 2013-02-11 15:52 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-06 12:51 - 2013-01-27 16:11 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Adobe
2014-09-06 12:48 - 2014-09-06 12:48 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-09-06 12:34 - 2014-09-06 12:34 - 00001309 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2014-09-06 12:34 - 2014-09-06 12:34 - 00001297 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2014-09-06 12:34 - 2014-09-06 12:33 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 12:30 - 2013-02-21 12:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-06 12:28 - 2014-09-06 12:28 - 00615304 _____ (Adobe Systems Incorporated) C:\Users\Rob\Downloads\CreativeCloudSet-Up.exe
2014-09-06 11:04 - 2014-09-06 11:04 - 00000000 ____D () C:\Users\Rob\Documents\libmp3lame-win-3.98.2-1
2014-09-06 11:00 - 2014-09-06 10:54 - 00000000 ____D () C:\ProgramData\WinZip
2014-09-06 10:54 - 2014-09-06 10:54 - 00002251 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00002245 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-09-06 10:54 - 2014-09-06 10:54 - 00000000 ____D () C:\Program Files\WinZip
2014-09-06 10:00 - 2014-09-06 05:41 - 00000000 ____D () C:\Users\Rob\Downloads\White Collar S01E02 Threads HDTV XviD DutchReleaseTeam
2014-09-06 09:54 - 2013-02-11 18:45 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Spotify
2014-09-06 09:49 - 2014-09-06 09:49 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-09-06 09:49 - 2014-09-06 09:49 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-09-06 09:49 - 2014-09-06 09:48 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-09-06 05:18 - 2014-08-27 08:12 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 2006 PB
2014-09-06 05:18 - 2014-08-27 08:07 - 00000000 ____D () C:\Users\Rob\Downloads\UNCUT John Lennon - The Ultimate Music Guide - September 2010
2014-09-06 05:18 - 2013-10-06 08:26 - 00000000 ____D () C:\Users\Rob\Downloads\Smart Calling Eliminaate the fear OnlyGill
2014-09-06 05:18 - 2013-08-07 17:32 - 00000000 ____D () C:\Users\Rob\Downloads\Muscle Guides
2014-09-05 00:36 - 2014-09-14 18:30 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 22:01 - 2014-09-04 22:00 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison
2014-09-04 18:56 - 2014-09-04 18:56 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord(1).xlsx
2014-09-04 18:38 - 2014-09-04 18:37 - 00000000 ____D () C:\Users\Rob\Downloads\George Harrison - Beware Of ABKCO!
2014-09-04 18:19 - 2014-09-04 18:19 - 00616394 _____ () C:\Users\Rob\Downloads\Bestelformulier sv Ommoord.xlsx
2014-09-03 22:10 - 2014-09-03 21:56 - 576705870 _____ () C:\Users\Rob\Downloads\White.Collar.S01E01.Pilot.HDTV.XviD-FQM.avi
2014-09-03 21:58 - 2014-09-03 21:20 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.torrenting.com ] - Inquisition.S01E01.HDTV.XviD-AFG
2014-09-03 03:49 - 2014-09-14 18:30 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-02 21:32 - 2014-08-15 16:59 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:32 - 2014-08-15 16:59 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 20:34 - 2014-09-02 20:34 - 00000000 ____D () C:\Users\Rob\Downloads\Call of the Valley
2014-09-02 18:15 - 2014-09-02 18:15 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-02 18:15 - 2014-09-02 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-02 18:15 - 2014-09-02 18:13 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-02 18:15 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files\iTunes
2014-09-02 18:15 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-02 18:13 - 2014-09-02 18:13 - 00000000 ____D () C:\Program Files\iPod
2014-09-02 18:12 - 2014-09-02 18:12 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Users\Rob\AppData\Local\Apple
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-02 18:12 - 2014-09-02 18:12 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-02 18:11 - 2012-09-18 14:13 - 00000000 ____D () C:\ProgramData\Apple
2014-09-02 17:56 - 2013-02-11 18:46 - 00000000 ____D () C:\Users\Rob\AppData\Local\Spotify
2014-09-02 07:03 - 2014-09-02 07:03 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 14:26 - 2014-08-26 14:25 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The First VIKING King of England (July 2013)
2014-08-31 21:35 - 2014-08-31 21:28 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney - Wings At The Speed Of Sound (DCC GZS-1096).cue ape scans-server alliance
2014-08-31 21:33 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\Rob\Downloads\Paul McCartney (Wings) - Venus And Mars (3 bonus tracks) [1975]  FLAC
2014-08-30 07:08 - 2013-02-10 21:44 - 00000000 ____D () C:\Users\Rob\Documents\prive
2014-08-28 13:34 - 2014-09-14 18:40 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 08:05 - 2014-09-14 18:40 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 08:05 - 2014-09-14 18:40 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 08:05 - 2014-09-14 18:40 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 08:05 - 2014-09-14 18:40 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-28 08:02 - 2014-09-14 18:40 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 08:01 - 2014-09-14 18:40 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 08:01 - 2014-09-14 18:40 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 08:01 - 2014-09-14 18:40 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 08:01 - 2014-09-14 18:40 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-28 08:01 - 2014-09-14 18:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-28 08:01 - 2014-09-14 18:40 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 08:01 - 2014-09-14 18:40 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 08:01 - 2014-09-14 18:40 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-08-28 06:57 - 2014-08-27 21:11 - 1412346484 _____ () C:\Users\Rob\Downloads\SHANGHAI_SURPRISE-Madonna Dvdrip AVI (English).avi
2014-08-27 08:46 - 2014-08-27 08:22 - 00000000 ____D () C:\Users\Rob\Downloads\Guitar World 1997 PB
2014-08-27 08:14 - 2014-08-27 08:11 - 00000000 ____D () C:\Users\Rob\Downloads\The Fender Stratocaster (693)
2014-08-27 08:11 - 2014-08-27 08:10 - 00000000 ____D () C:\Users\Rob\Downloads\Star Guitars - 101 Guitars That Rocked the World
2014-08-27 08:08 - 2014-08-27 08:08 - 00000000 ____D () C:\Users\Rob\Downloads\Guitarist (WorldMags) - September 2013
2014-08-27 07:48 - 2014-08-26 21:55 - 1404431662 _____ () C:\Users\Rob\Downloads\BBC.Richard.Attenborough.A.Life.In.Film.720p.HDTV.x264.AAC.MVGroup.org.mp4
2014-08-26 21:55 - 2014-08-26 11:39 - 00000000 ____D () C:\Users\Rob\Downloads\The Borgias S01E01 HDTV XviD DutchReleaseTeam
2014-08-26 13:42 - 2014-08-26 13:42 - 00000000 ____D () C:\Users\Rob\Downloads\BBC History - The Invasion Of Tudor England + Napoleons Last Game (September 2013)
2014-08-24 20:28 - 2014-08-24 20:28 - 00025278 _____ () C:\Users\Rob\Downloads\Untitled.pdn
2014-08-24 13:19 - 2014-08-24 13:19 - 06052529 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-24 11:52 - 2014-08-24 11:52 - 00000000 ____D () C:\Users\Rob\Documents\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD]
2014-08-24 10:28 - 2013-03-26 06:45 - 00000000 ____D () C:\Users\Rob\AppData\Local\xheader-data
2014-08-24 05:32 - 2014-03-11 06:19 - 00000000 ____D () C:\Users\Rob\Documents\Mindfulness
2014-08-23 19:35 - 2014-08-19 14:47 - 00000000 ____D () C:\Users\Rob\Downloads\Leonard_Cohen
2014-08-23 08:47 - 2014-08-28 06:11 - 04036096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 17:43 - 2014-08-21 17:41 - 00000000 ____D () C:\Users\Rob\Downloads\Wild Beasts - Present Tense (2014) [FLAC]
2014-08-20 19:31 - 2014-08-20 14:43 - 202450249 _____ () C:\Users\Rob\Downloads\Edward Elgar - Complete Symphonies, Pomp and Circumstance, etc. [2CD].rar
2014-08-20 14:51 - 2014-08-20 14:51 - 00000000 ____D () C:\Users\Rob\AppData\Local\Macromedia
2014-08-20 09:45 - 2013-02-10 10:55 - 00000000 ____D () C:\Users\Rob\AppData\Local\Mozilla
2014-08-20 09:33 - 2013-02-10 10:55 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Mozilla
2014-08-20 08:59 - 2013-03-24 09:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-20 08:56 - 2014-07-13 20:53 - 00000000 ____D () C:\Users\Rob\Downloads\Pink Floyd Ultimate Discography
2014-08-20 08:56 - 2014-07-12 20:27 - 00000000 ____D () C:\Users\Rob\Downloads\Thea Beckman - Triologie - NLT RELEASE - Audioboek - Dutch -
2014-08-20 08:56 - 2013-05-13 08:26 - 00000000 ____D () C:\Users\Rob\Rob Nieuwveld B.V
2014-08-20 08:56 - 2013-03-26 07:23 - 00000000 ____D () C:\Users\Rob\Downloads\Microsoft Office 2010 DutchReleaseTeam
2014-08-20 08:55 - 2014-01-12 11:06 - 00000000 ____D () C:\Users\Rob\AppData\Local\cache
2014-08-20 08:55 - 2013-07-17 07:39 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\RapidContentWizard
2014-08-20 08:55 - 2013-06-26 20:26 - 00000000 ____D () C:\Users\Rob\AppData\Local\Windows Live
2014-08-20 08:55 - 2013-06-18 17:38 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\ConverterLite
2014-08-20 08:55 - 2013-05-13 09:53 - 00000000 ____D () C:\Users\Rob\Boeken
2014-08-20 08:55 - 2013-05-13 09:48 - 00000000 ____D () C:\Users\Rob\Documents\Beatles
2014-08-20 08:55 - 2013-04-13 19:26 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\dvdcss
2014-08-20 08:55 - 2013-04-09 08:37 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\MOVAVI
2014-08-20 08:55 - 2013-04-04 13:51 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Canon
2014-08-20 08:55 - 2013-03-24 09:45 - 00000000 ____D () C:\Users\Rob\AppData\Local\Google
2014-08-20 08:55 - 2013-02-13 18:53 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\CyberLink
2014-08-20 08:55 - 2013-02-13 09:57 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\Apple Computer
2014-08-20 08:55 - 2013-02-11 08:26 - 00000000 ____D () C:\Users\Rob\Documents\Paint.NET
2014-08-20 08:55 - 2013-02-11 07:48 - 00000000 ____D () C:\Users\Rob\Documents\Affiliate Marketing
2014-08-20 08:54 - 2013-05-13 12:33 - 00000000 ____D () C:\Users\Rob\Affiliate Marketing
2014-08-20 08:52 - 2014-09-10 09:11 - 00048656 _____ (Anvisoft) C:\Windows\system32\Drivers\asd2fsm.sys
2014-08-20 08:52 - 2014-08-20 08:52 - 00047632 _____ (Anvisoft) C:\Windows\system32\Drivers\asdids.sys
2014-08-20 08:46 - 2014-05-09 09:25 - 00000000 ____D () C:\Users\Rob\Downloads\Last Tango In Halifax
2014-08-20 08:46 - 2013-07-10 11:37 - 00000000 ____D () C:\Users\Rob\Angst
2014-08-20 08:46 - 2013-07-09 19:56 - 00000000 ____D () C:\Users\Rob\Downloads\Eckhart Tolle - Bringing Stillness Into Everyday Life - full
2014-08-20 08:46 - 2013-04-18 06:49 - 00000000 ____D () C:\Users\Rob\Downloads\Eckhart_Tolle-The_Flowering_of_Human_Consciousness-2CD.XVID.DVDRip
2014-08-20 08:46 - 2013-02-10 21:33 - 00000000 ____D () C:\Users\Rob\Documents\Lessen
2014-08-20 08:44 - 2014-07-08 14:20 - 00000000 ____D () C:\Users\Rob\Downloads\[ www.Torrentday.com ] - The.7.Wonders.Of.The.Ancient.World.H264.AAC-BladeBDP
2014-08-20 08:44 - 2013-02-11 07:30 - 00000000 ____D () C:\Users\Rob\Documents\Project Karel
2014-08-20 08:43 - 2014-06-16 09:48 - 00000000 ____D () C:\Users\Rob\Downloads\Elizabeth Is Missing
2014-08-20 08:43 - 2013-09-11 13:38 - 00000000 ____D () C:\Users\Rob\Downloads\Bert Wagendorp - Ventoux  DutchReleaseTeam
2014-08-20 08:42 - 2014-07-06 21:48 - 00000000 ____D () C:\Users\Rob\Documents\mApple_v1.6.2rc
2014-08-20 08:42 - 2013-10-02 08:58 - 00000000 ____D () C:\Users\Rob\Downloads\Photography Monthly - 50 years of The Beatles + Landscapes Portraits, Travel & Nature (May 2013)
2014-08-20 08:03 - 2014-03-16 08:09 - 00000000 ____D () C:\ProgramData\GlarySoft
2014-08-20 08:02 - 2014-08-20 08:02 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-08-20 08:02 - 2014-08-20 08:02 - 00002964 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-08-20 08:02 - 2014-08-20 08:02 - 00002610 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-08-20 08:02 - 2014-08-20 08:02 - 00001092 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00001080 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-20 08:02 - 2014-08-20 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-08-20 08:02 - 2013-02-18 23:16 - 00000000 ____D () C:\Users\Rob\AppData\Roaming\GlarySoft
2014-08-20 03:32 - 2014-08-20 03:30 - 01058200 _____ (Adobe) C:\Users\Rob\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-18 15:19 - 2014-08-18 15:18 - 01515369 _____ () C:\Users\Rob\Downloads\Layayoga_ The Definitive Guide to the Chakras and Kundalini - Goswami, Shyam Sundar.epub
2014-08-18 14:00 - 2014-08-18 14:00 - 00000000 ____D () C:\Windows\Sun
2014-08-18 03:06 - 2014-08-20 08:02 - 00118048 _____ (Glarysoft Ltd) C:\Windows\system32\BootDefrag.exe
2014-08-17 21:30 - 2014-08-17 21:29 - 00000000 ____D () C:\Users\Rob\Downloads\Gary Puckett & The Union Gap - Woman Woman
2014-08-16 16:28 - 2014-05-31 18:06 - 00000000 ____D () C:\Users\Rob\Downloads\1970 - Layla And Other Assorted Love Songs
2014-08-16 11:34 - 2014-09-15 11:03 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 11:34 - 2014-09-15 11:03 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 11:34 - 2014-09-15 11:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-16 11:34 - 2014-09-15 11:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-16 11:33 - 2014-09-15 11:03 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 11:33 - 2014-09-15 11:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 11:33 - 2014-09-15 11:03 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 11:32 - 2014-09-15 11:03 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 11:32 - 2014-09-15 11:03 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 11:32 - 2014-09-15 11:03 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 11:32 - 2014-09-15 11:03 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 11:32 - 2014-09-15 11:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-16 11:32 - 2014-09-15 11:03 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 11:32 - 2014-09-15 11:03 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 11:32 - 2014-09-15 11:03 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-16 09:37 - 2014-09-15 11:03 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 09:37 - 2014-09-15 11:03 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 09:36 - 2014-09-15 11:03 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 09:35 - 2014-09-15 11:03 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-12 17:04

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Rob at 2014-09-15 18:15:35
Running from C:\Users\Rob\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ZoneAlarm Free Firewall Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Free Firewall Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
ConverterLite 1.6.3 (HKLM-x32\...\ConverterLite) (Version: 1.6.3 - ConverterLite)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Gebruikersregistratie voor Canon MG2200 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG2200 series) (Version:  - Canon Inc.‎)
Glary Utilities 5.6 (HKLM-x32\...\Glary Utilities 5) (Version: 5.6.0.13 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{8A9B16F0-A84E-4EC5-BDA7-0ACCE79FB043}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{4983EBE7-5117-43C9-8DE1-FFEBFDBD35DB}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6417.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 nl)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Renee Undeleter 2013.5.27.0 (HKLM-x32\...\{BECFEA3A-6E81-436B-9D2B-6B01185004A5}}_is1) (Version: 2013.5.27.0 - Rene.e Laboratory)
Revo Uninstaller Pro 3.0.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.2 - VS Revo Group, Ltd.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Traffic Travis 3.3.36 (HKLM-x32\...\Traffic Travis_is1) (Version:  - Affilorama Ltd.)
Traffic Travis 4.1.0 (HKLM-x32\...\Traffic Travis 4.1 Setup Wizard_is1) (Version:  - Affilorama Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinSCP 5.1.6 (HKLM-x32\...\winscp3_is1) (Version: 5.1.6 - Martin Prikryl)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
XHeader (HKLM-x32\...\XHeader) (Version: 1.215 - Intellimon)
XSitePro2 (HKLM\...\XSitePro2) (Version: 2.550 - Intellimon Ltd)
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3091740776-465430269-2068346934-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Rob\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

06-09-2014 10:31:38 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
09-09-2014 06:01:46 Herstelbewerking
10-09-2014 06:07:02 WinZip 18.5 is verwijderd
12-09-2014 07:24:31 WinZip 18.5 is verwijderd
14-09-2014 18:13:33 Installed Samsung Kies

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2014-09-13 18:49 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06406AC3-86F9-411A-8DD8-D3D01B9B35E3} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-08-18] (Glarysoft Ltd)
Task: {10349588-A29C-499E-9FFD-8EC908E6E024} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-31] (Microsoft Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21376736-1465-43C9-9B10-64B5319C6277} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {262C479E-B3D5-43A3-A6A3-5EBDDC35EEB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {267550A0-6542-42ED-A54D-8507B348775E} - System32\Tasks\HPCeeScheduleForRob => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {3B43F8BA-8FEC-4AD0-BF49-2E6174317601} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {4F438B00-235D-40DC-8EE3-5503AF09A6C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {537B3EAD-61D0-4587-9F4B-1EED81DE7C81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {56BE67FB-36FF-4F3E-AFC9-E9C1950A7359} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {641C1A1F-D986-4D5F-89F2-5A680F9DAE46} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {71CA839C-E505-4B95-ACEC-27FEA4B63949} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {96995BF8-3D3C-4299-99D9-6A68A574235D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9A70035F-AC8A-4FEE-9AF5-65F9CD25E323} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-08-18] (Glarysoft Ltd)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B24A59EA-2FF5-4C62-860E-2CE54E10BCBD} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {BCA6B07B-0007-412D-9CF9-3660EED5733B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D406967C-4B74-48E9-9288-C6D3EB2FA72B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-30] (Google Inc.)
Task: {D60ECB78-8168-4B74-B225-F05E40768F41} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5758498-9753-4C32-81E2-1C8F6EE3B662} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: {F6459777-59E6-43FC-BAAD-004B428AFF0B} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRob.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-04-03 14:18 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-05-02 09:13 - 2014-05-02 09:14 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-07-23 20:04 - 2014-07-23 20:04 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-18 03:06 - 2014-08-18 03:06 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2012-09-18 14:09 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_B1D8CA6DAFB1420975D4C101565EBF87"
HKCU\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/15/2014 06:10:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/15/2014 06:10:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/15/2014 11:00:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2 op regel C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Onderdeel 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Error: (09/15/2014 09:35:39 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/15/2014 09:35:34 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 06:53:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/14/2014 06:53:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 05:48:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma Explorer.EXE, versie 6.2.9200.16628 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.

Proces-id: fec

Starttijd: 01cfd031d0464bca

Eindtijd: 297

Toepassingspad: C:\Windows\Explorer.EXE

Rapport-id: 929b6158-3c26-11e4-bef4-28924a576adf

Volledige pakketnaam met fout: 

Relatieve toepassings-id van pakket met fout:

Error: (09/14/2014 05:37:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 05:37:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: De licentieactivering (slui.exe) is mislukt met de volgende foutcode:
hr=0xC004F074
Opdrachtregelargumenten:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable


System errors:
=============
Error: (09/15/2014 06:08:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 17:54:03 op ‎15-‎9-‎2014 is onverwacht gebeurd.

Error: (09/15/2014 09:33:27 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 20:57:36 op ‎14-‎9-‎2014 is onverwacht gebeurd.

Error: (09/14/2014 06:50:29 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000109 (0xa3a039d89dea152f, 0xb3b7465ef069c327, 0xfffff880009a4680, 0x0000000000000002)C:\Windows\MEMORY.DMP091414-36000-01

Error: (09/14/2014 06:50:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 18:35:57 op ‎14-‎9-‎2014 is onverwacht gebeurd.

Error: (09/14/2014 05:35:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 17:11:35 op ‎14-‎9-‎2014 is onverwacht gebeurd.

Error: (09/14/2014 04:34:00 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (09/14/2014 04:33:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Google Update-service (gupdate)-service kan vanwege de volgende fout niet worden gestart: 
%%1053

Error: (09/14/2014 04:33:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Google Update-service (gupdate).

Error: (09/14/2014 02:13:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (09/14/2014 02:13:41 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service Windows Search is gestopt met de volgende specifieke servicefout: 
%%2147749126


Microsoft Office Sessions:
=========================
Error: (09/15/2014 06:10:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/15/2014 06:10:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/15/2014 11:00:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe

Error: (09/15/2014 09:35:39 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/15/2014 09:35:34 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 06:53:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (09/14/2014 06:53:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 05:48:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.2.9200.16628fec01cfd031d0464bca297C:\Windows\Explorer.EXE929b6158-3c26-11e4-bef4-28924a576adf

Error: (09/14/2014 05:37:46 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (09/14/2014 05:37:23 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c04ed6bf-55c8-4b47-9f8e-5a1f31ceee60;NotificationInterval=1440;Trigger=NetworkAvailable


CodeIntegrity Errors:
===================================
  Date: 2014-09-15 18:13:20.173
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 18:12:10.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 18:12:10.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 18:11:06.757
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 18:03:18.814
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 17:55:49.511
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 17:33:38.969
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 17:29:49.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 17:28:24.077
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-09-15 17:22:16.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 69%
Total physical RAM: 3986.27 MB
Available physical RAM: 1203.07 MB
Total Pagefile: 8082.27 MB
Available Pagefile: 5077.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.44 GB) (Free:277.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.55 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:247.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 458C4708)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

This is it.

Thank you
Rob


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 16 September 2014 - 05:29 AM

Going over your logs I noticed that you have Bittorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click the downloaded setup file and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 Rotterdam

Rotterdam
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 17 September 2014 - 12:11 AM

Thank you.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Rob at 2014-09-16 13:44:25 Run:1
Running from C:\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {D60ECB78-8168-4B74-B225-F05E40768F41} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF Plugin HKCU: iMeshPlugin -> C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll No File
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=aw0202ff&cd=2XzuyEtN2Y1L1QzutBzzzytByE0AyDyByC0A0D0FyByEyByBtN0D0Tzu0SyBzyyEtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2SyC0C0C0F0ByC0E0DtG0CtA0AtCtG0Bzyzz0FtGtAyDzy0DtGyBzzzy0BtByByD0B0E0CyCyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtDzy0DyBzy0F0EtGyB0B0EyDtGyBzztC0FtG0B0ByEzztGtAyDzztAtAtA0D0CyBtByC0B2Q&cr=921755135&ir=
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  No File
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=EN&gu=372fc66bbe124cf8a2b5683021dd171a&tu=10GXy00E82D13P0&sku=&tstsId=&ver=&

S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-03-26] () [File not signed]
S0 vgtpub; System32\drivers\lolxx.sys [X]

C:\Windows\AutoKMS
C:\Program Files (x86)\iMesh Applications

EmptyTemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{D60ECB78-8168-4B74-B225-F05E40768F41}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D60ECB78-8168-4B74-B225-F05E40768F41}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKCU\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKCU\Software\MozillaPlugins\iMeshPlugin" => Key deleted successfully.
C:\Program Files (x86)\iMesh Applications\iMesh\npiMeshPlugin.dll not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => value deleted successfully.
"HKCR\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" => Key not found.
Firefox homepage deleted successfully.
KMService => Service deleted successfully.
vgtpub => Service deleted successfully.
C:\Windows\AutoKMS => Moved successfully.
"C:\Program Files (x86)\iMesh Applications" => File/Directory not found.
EmptyTemp: => Removed 642.6 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 16-9-2014
Scantijd: 22:57:03
Logbestand: Malwarebytes log Sept 16.txt
Beheerder: Ja

Versie: 2.00.2.1012
Malwaredatabase: v2014.09.16.09
Rootkitdatabase: v2014.09.15.01
Licentie: Gratis
Malwarebescherming: Uitgeschakeld
Kwaadaardige Website Bescherming: Uitgeschakeld
Self-protection: Uitgeschakeld

Besturingssysteem: Windows 8
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Rob

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten Gescand: 328807
Verstreken Tijd: 3 u, 29 m, 57 s

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristics: Ingeschakeld
POP: Waarschuwen
POA: Ingeschakeld

Processen: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registersleutels: 0
(No malicious items detected)

Registerwaardes: 0
(No malicious items detected)

Registerdata: 0
(No malicious items detected)

Mappen: 0
(No malicious items detected)

Bestanden: 0
(No malicious items detected)

Fysieke Sectoren: 0
(No malicious items detected)


(end)


#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 18 September 2014 - 08:17 AM

Scan with ESET Online Scan

Go here to run an online scannner from ESET. Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan. Here's how.
  • Click the blue Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
  • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
  • Click on Advanced Settings
  • Make sure that the option Remove found threats is unticked.
  • Ensure these options are ticked
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 Rotterdam

Rotterdam
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 18 September 2014 - 12:09 PM

Thanks

 

Here is the list of Threats Found. Should't they be removed before I can see how things are?

Last two days I regularly get a warning that Script doe not work Script: https://intext.nav-links.com/js/intext.js?afid=wolfpack&subid=VTFJPQ%3D%3D&maxlinks=4&linkcolor=006bff&wiki=1:5713

C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$R2A2K6B	JS/Kryptik.I trojan
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RIXTBYW	JS/Kryptik.I trojan
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RJ8058P	JS/Kryptik.I trojan
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RR9SCGD	JS/Kryptik.I trojan
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe	a variant of Win32/Systweak potentially unwanted application
C:\Program Files (x86)\CheckPoint\Install\CUninstallerZA.exe	Win32/Toolbar.Conduit potentially unwanted application
C:\Program Files (x86)\CheckPoint\Install\zatb.exe	Win32/Toolbar.Montiera.I potentially unwanted application
C:\Users\Rob\AppData\Local\Anvisoft\Anvi Slim Toolbar\FFToobar\Extensions\plugin@getwebcake.com\content\overlay.js	JS/Adware.Yontoo.C application
C:\Users\Rob\AppData\Local\Mozilla\Firefox\Profiles\0fqetbzi.default\cache2\entries\D44A8E61CADFD6D11FC8551C40090CA7C8F0D76D	JS/Kryptik.I trojan
C:\Windows\Installer\8da0144.msi	a variant of Win32/Systweak potentially unwanted application


Edited by Rotterdam, 18 September 2014 - 12:11 PM.


#12 Rotterdam

Rotterdam
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 19 September 2014 - 01:12 AM

To add about how things are now.

No significant changes yet.



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 19 September 2014 - 04:32 AM

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.

 

  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also



Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2



  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 Rotterdam

Rotterdam
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:15 AM

Posted 19 September 2014 - 08:21 AM

Thanks

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Rob at 2014-09-19 13:57:39 Run:2
Running from C:\FRST
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$R2A2K6B
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RIXTBYW
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RJ8058P
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RR9SCGD
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe
C:\Program Files (x86)\CheckPoint\Install\CUninstallerZA.exe
C:\Program Files (x86)\CheckPoint\Install\zatb.exe
C:\Users\Rob\AppData\Local\Anvisoft\Anvi Slim Toolbar\FFToobar
C:\Users\Rob\AppData\Local\Mozilla\Firefox\Profiles\0fqetbzi.default\cache2\entries\D44A8E61CADFD6D11FC8551C40090CA7C8F0D76D
C:\Windows\Installer\8da0144.msi


*****************

C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$R2A2K6B => Moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RIXTBYW => Moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RJ8058P => Moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-3091740776-465430269-2068346934-1001\$RR9SCGD => Moved successfully.
C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe => Moved successfully.
C:\Program Files (x86)\CheckPoint\Install\CUninstallerZA.exe => Moved successfully.
C:\Program Files (x86)\CheckPoint\Install\zatb.exe => Moved successfully.
C:\Users\Rob\AppData\Local\Anvisoft\Anvi Slim Toolbar\FFToobar => Moved successfully.
C:\Users\Rob\AppData\Local\Mozilla\Firefox\Profiles\0fqetbzi.default\cache2\entries\D44A8E61CADFD6D11FC8551C40090CA7C8F0D76D => Moved successfully.
C:\Windows\Installer\8da0144.msi => Moved successfully.

==== End of Fixlog ====
# AdwCleaner v3.310 - Rapport aangemaakt 19/09/2014 op 14:07:52
# Laatste Update 12/09/2014 door Xplode
# Besturingssysteem : Windows 8  (64 bits)
# Gebruikersnaam : Rob - LAPTOP
# Gestart vanuit : C:\Users\Rob\Downloads\adwcleaner_3.310.exe
# Optie : Verwijderen

***** [ Services ] *****


***** [ Bestanden / Mappen ] *****


***** [ Taken ] *****


***** [ Snelkoppelingen ] *****


***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Sleutel Verwijderd : HKCU\Software\SecuredDownload

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v32.0.2 (x86 nl)

[ Bestand : C:\Users\Rob\AppData\Roaming\Mozilla\Firefox\Profiles\0fqetbzi.default\prefs.js ]


-\\ Google Chrome v37.0.2062.120

[ Bestand : C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [14481 octets] - [13/09/2014 04:56:48]
AdwCleaner[R1].txt - [1052 octets] - [14/09/2014 06:10:07]
AdwCleaner[R2].txt - [2157 octets] - [19/09/2014 14:00:36]
AdwCleaner[R3].txt - [2217 octets] - [19/09/2014 14:04:54]
AdwCleaner[R4].txt - [2277 octets] - [19/09/2014 14:07:06]
AdwCleaner[S0].txt - [14556 octets] - [13/09/2014 05:01:15]
AdwCleaner[S1].txt - [2161 octets] - [19/09/2014 14:07:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2221 octets] ##########

 Results of screen317's Security Check version 0.99.87  
   x64 (UAC is enabled)  
 Internet Explorer 10 [color=red][b]Out of date![/b][/color] 
[b][u]``````````````Antivirus/Firewall Check:``````````````[/b][/u] 
 Windows Firewall Disabled!  
Windows Defender                    
ZoneAlarm Free Firewall Antivirus   
 Antivirus up to date!  (On Access scanning [b]disabled[/b]!) 
[b][u]`````````Anti-malware/Other Utilities Check:`````````[/b][/u] 
 Java 7 Update 67  
 Adobe Flash Player 	15.0.0.152  
 Adobe Reader XI  
 Mozilla Firefox (32.0.2) 
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
[b][u]````````Process Check: objlist.exe by Laurent````````[/b][/u]  
 CheckPoint ZoneAlarm vsmon.exe  
 CheckPoint ZoneAlarm ZaPrivacyService.exe  
 CheckPoint ZoneAlarm zatray.exe  
[b][u]`````````````````System Health check`````````````````[/b][/u] 
 Total Fragmentation on Drive C:  % 
[b][u]````````````````````End of Log``````````````````````[/b][/u] 



#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:15 AM

Posted 19 September 2014 - 09:07 AM

Are any problems left or may I post the last reply? :)


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users