Zoek.exe v5.0.0.0 Updated 11-August-2014
Tool run by Student on 11/08/2014 at 19:15:23.98.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Users\Student\Downloads\zoek(1).exe [Scan all users] [Script inserted]
==== System Restore Info ======================
11/08/2014 19:20:28 Zoek.exe System Restore Point Created Succesfully.
==== Installed Programs ======================
æTorrent
Adobe AIR
Adobe Digital Editions 2.0
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader X (10.1.9) MUI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bluetooth Stack for Windows by Toshiba
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Network Tool
Canon MG3100 series MP Drivers
Canon MG3100 series On-screen Manual
Canon MG3100 series User Registration
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Secure Mobility Client
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dragon NaturallySpeaking 11
Dropbox
EndNote X6
EZ YouTube Video Downloader
Fotogalleri
Fotogalleriet
free-for-download bundle
Google Chrome
Google Drive
Google Update Helper
HTC Driver Installer
IBM SPSS Statistics 19
IBM SPSS Statistics 21
Intel PROSet Wireless
Intel(R) Management Engine Components
Intel(R) Network Connections Drivers
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Itibiti RTC
iTunes
Java Auto Updater
Java(TM) 6 Update 20
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Monster Resume Easy Submit
Movie Maker
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.1.0 (x86 en-GB)
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Nutritics
Open It
Optimizer Pro v3.2
PDFCreator
Photo Common
Photo Gallery
PlayReady PC Runtime amd64
PodTrans Pro 3.7.3
PreReq
Rapport
Realtek High Definition Audio Driver
RightSurf
RocketTab:
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2767915) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SmartDraw CI
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA HDD Protection
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Online Product Information
TOSHIBA PC Health Monitor
TOSHIBA Places Icon Utility
TOSHIBA Recovery Media Creator
TOSHIBA Recovery Media Creator Reminder
TOSHIBA ReelTime
TOSHIBA Resolution+ Plug-in for Windows Media Player
TOSHIBA Security Assist
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Sync Utility
TOSHIBA TEMPRO
TOSHIBA Value Added Package
TOSHIBA VIDEO PLAYER
TOSHIBA Web Camera Application
TOSHIBA Wireless Display Monitor
TOSHIBA Wireless LAN Indicator
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition
Valokuvavalikoima
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VLC media player 2.1.3
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalleri
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven peruspaketti
Zip Opener Packages
==== Running Processes ======================
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\BrowserSafeguard\BrowserSafeguard.exe
C:\Users\Student\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Users\Student\Downloads\zoek(1).exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\windows\SysWOW64\cmd.exe
==== Services (whitelist) ======================
Powered by
E Dev
R2 - [70e6ca8c] - Optimizer Pro Crash Monitor - "C:\windows\system32\rundll32.exe" "c:\Program Files (x86)\Optimizer Pro\OptProCrash.dll",SVC
R2 - [AdobeARMservice] - Adobe Acrobat Update Service - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
R2 - [Apple Mobile Device] - Apple Mobile Device - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
R2 - [cfWiMAXService] - ConfigFree WiMAX Service - "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
R2 - [ConfigFree Service] - ConfigFree Service - "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
R2 - [EvtEng] - Intel(R) PROSet/Wireless Event Log - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
R2 - [MsMpSvc] - Microsoft Antimalware Service - "C:\Program Files\Microsoft Security Client\MsMpEng.exe"
R2 - [RegSrvc] - Intel(R) PROSet/Wireless Registry Service - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
R2 - [Thpsrv] - TOSHIBA HDD Protection - C:\windows\system32\ThpSrv.exe
R2 - [TODDSrv] - TOSHIBA Optical Disc Drive Service - C:\windows\system32\TODDSrv.exe
R2 - [TosCoSrv] - TOSHIBA Power Saver - "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
R2 - [TOSHIBA eco Utility Service] - TOSHIBA eco Utility Service - "C:\Program Files\TOSHIBA\TECO\TecoService.exe"
R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
R2 - [vpnagent] - Cisco AnyConnect Secure Mobility Agent - "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe"
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
R2 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - "C:\Program Files\Windows Media Player\wmpnetwk.exe"
R2 - [WSearch] - Windows Search - C:\windows\system32\SearchIndexer.exe /Embedding
R3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
R3 - [osppsvc] - Office Software Protection Platform - "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
R3 - [TMachInfo] - TMachInfo - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
R3 - [VSS] - Volume Shadow Copy - C:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update Service (gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
S2 - [sppsvc] - Software Protection - C:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 - [ALG] - Application Layer Gateway Service - C:\windows\System32\alg.exe
S3 - [aspnet_state] - ASP.NET State Service - C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 - [COMSysApp] - COM+ System Application - C:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 - [ehRecvr] - Windows Media Center Receiver Service - C:\windows\ehome\ehRecvr.exe
S3 - [ehSched] - Windows Media Center Scheduler Service - C:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - C:\windows\system32\fxssvc.exe
S3 - [gupdatem] - Google Update Service (gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - C:\windows\system32\IEEtwCollector.exe /V
S3 - [iPod Service] - iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
S3 - [McAWFwk] - McAfee Activation Service - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
S3 - [Microsoft SharePoint Workspace Audit Service] - Microsoft SharePoint Workspace Audit Service - "C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
S3 - [MSDTC] - Distributed Transaction Coordinator - C:\windows\System32\msdtc.exe
S3 - [msiserver] - Windows Installer - C:\windows\system32\msiexec.exe /V
S3 - [MyWiFiDHCPDNS] - Wireless PAN DHCP Server - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
S3 - [NisSrv] - Microsoft Network Inspection - "C:\Program Files\Microsoft Security Client\NisSrv.exe"
S3 - [ose] - Office Source Engine - "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
S3 - [PerfHost] - Performance Counter DLL Host - C:\windows\SysWow64\perfhost.exe
S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - C:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP Trap - C:\windows\System32\snmptrap.exe
S3 - [TOSHIBA Bluetooth Service] - TOSHIBA Bluetooth Service - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
S3 - [TOSHIBA HDD SSD Alert Service] - TOSHIBA HDD SSD Alert Service - "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
S3 - [TPCHSrv] - TPCH Service - "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
S3 - [TrustedInstaller] - Windows Modules Installer - C:\windows\servicing\TrustedInstaller.exe
S3 - [vds] - Virtual Disk - C:\windows\System32\vds.exe
S3 - [WatAdminSvc] - Windows Activation Technologies Service - C:\windows\system32\Wat\WatAdminSvc.exe
S3 - [wbengine] - Block Level Backup Engine Service - "C:\windows\system32\wbengine.exe"
S3 - [wmiApSrv] - WMI Performance Adapter - C:\windows\system32\wbem\WmiApSrv.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
S4 - [PassThru Service] - Internet Pass-Through Service - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
S4 - [TemproMonitoringService] - Notebook Performance Tuning Service (TEMPRO) - "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe"
==== Folders Found ======================
==== Files Found ======================
==== System Specs ======================
Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4000 MB
CPU Info: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
CPU Speed: 2191.1 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter #2 | Microsoft Virtual WiFi Miniport Adapter | Intel(R) Centrino(R) Advanced-N 6230 | Intel(R) 82579V Gigabit Network Connection
CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8A2ES
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 2 Button Mouse Present
Hard Disks: C: 100.0GB | D: 182.3GB
Hard Disks - Free: C: 35.1GB | D: 3.1GB
Manufacturer *: TOSHIBA
BIOS Info: AT/AT COMPATIBLE | 08/23/11 | TOSHIB - 3
Time Zone: GMT Standard Time
Motherboard *: TOSHIBA Portable PC
Country: United Kingdom
Language: ENG
==== System Specs (Software) ======================
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Firefox 29.0.1
Internet Explorer Version: 11.0.9600.17207
Mozilla Firefox version: 29.0.1 (x86 en-US)
Google Chrome version: 31.0.1650.63
Adobe Reader version: 10.1.9.22
Sun Java version: 1.6.0_20 (32-bit)
Flash Player version: 14.0.0.145
==== Files Recently Created / Modified ======================
====== C:\windows ====
====== C:\Users\Student\AppData\Local\Temp ====
2014-08-11 15:44:30 D8BE96BC224FB9A6034A01156A527271 43008 ----a-w- C:\Users\Student\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptxckxu.dll
2014-08-11 15:44:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Student\AppData\Local\Temp\System.Data.SQLite52423.dll
2014-08-11 14:48:54 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Student\AppData\Local\Temp\System.Data.SQLite14098.dll
2014-08-11 13:41:02 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Student\AppData\Local\Temp\System.Data.SQLite54183.dll
2014-08-11 13:12:23 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Student\AppData\Local\Temp\System.Data.SQLite67137.dll
2014-08-11 13:12:18 D17946A23CAD0C21C6FD1DAA92C39A32 4599296 ----a-w- C:\Users\Student\AppData\Local\Temp\rtinstaller.exe
2014-08-11 13:11:55 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Student\AppData\Local\Temp\System.Data.SQLite34603.dll
2014-08-11 11:15:47 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Student\AppData\Local\Temp\System.Data.SQLite69423.dll
2014-08-11 11:03:14 0B1095D6FB36ACE9C3FB8D6AD6ACB83F 113230 ----a-w- C:\Users\Student\AppData\Local\Temp\nsm6FC.tmp.exe
2014-08-11 07:51:31 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Student\AppData\Local\Temp\System.Data.SQLite12275.dll
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2014-08-10 05:45:16 08C6B7E7B27C803BE59A5467D2BEFD87 108544 ----a-w- C:\windows\SysWOW64\hfnapi.dll
2014-08-10 05:45:06 F3EC41A4CF5E1D57474F61091F204BA4 246784 ----a-w- C:\windows\SysWOW64\hfpapi.dll
2014-08-01 15:33:05 372218B80DEF827063049EBEE76B7501 92672 ----a-w- C:\windows\SysWOW64\wudriver.dll
2014-08-01 15:33:04 867148EBF47E7E7E7B21C07B4A981929 581600 ----a-w- C:\windows\SysWOW64\wuapi.dll
2014-08-01 15:33:04 255F0417EC31C71585824269522EC8E9 36320 ----a-w- C:\windows\SysWOW64\wups.dll
2014-08-01 15:32:24 5AA2CAD923E9E647276A61387E83DDD0 179656 ----a-w- C:\windows\SysWOW64\wuwebv.dll
2014-08-01 15:32:23 F419D738BD2AE58D9DF2F9FEB5F43842 33792 ----a-w- C:\windows\SysWOW64\wuapp.exe
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2014-08-01 15:33:48 EAD9E413A6CEB9FD8E2AD9DC0716C061 58336 ----a-w- C:\windows\Sysnative\wuauclt.exe
2014-08-01 15:33:48 E76F105AD039B9E4DA9ECE839298C4A2 44512 ----a-w- C:\windows\Sysnative\wups2.dll
2014-08-01 15:33:47 6335F8B4B89F002A3801473C1A799237 2620928 ----a-w- C:\windows\Sysnative\wucltux.dll
2014-08-01 15:33:47 61FF576450CCC80564B850BC3FB6713A 2477536 ----a-w- C:\windows\Sysnative\wuaueng.dll
2014-08-01 15:33:05 7EC6617005F76714C7E16605E7A8AB06 38880 ----a-w- C:\windows\Sysnative\wups.dll
2014-08-01 15:33:05 1180B5ADFB507258DA10F51B46681A33 97792 ----a-w- C:\windows\Sysnative\wudriver.dll
2014-08-01 15:33:05 0DB2758CF1BAFE22E0970FDA0785B74C 700384 ----a-w- C:\windows\Sysnative\wuapi.dll
2014-08-01 15:32:23 45D4BDEA136E72E75CF008D3C38D949A 198600 ----a-w- C:\windows\Sysnative\wuwebv.dll
2014-08-01 15:32:23 29FE783F75362AD6D2D9C0555BA83BD2 36864 ----a-w- C:\windows\Sysnative\wuapp.exe
====== C:\windows\Sysnative\drivers =====
2014-07-31 20:20:42 9E34BF0784E087F7366DBD2BDA01C8EB 46376 ----a-w- C:\windows\Sysnative\drivers\netfilter64.sys
====== C:\windows\Tasks ======
2014-08-11 11:55:33 1525CE2E40C613379D1D314085711C61 3164 ----a-w- C:\windows\Sysnative\Tasks\{9E0C38D5-72FA-4795-8F31-457E622D4AE7}
2014-07-16 18:32:38 EDA5CE2CAC478E9CFB533C49213CA321 3262 ----a-w- C:\windows\Sysnative\Tasks\Optimizer Pro Schedule
====== C:\windows\Temp ======
======= C:\Program Files =====
2014-08-11 07:50:27 -------- d-----w- C:\Program Files\005
======= C:\PROGRA~2 =====
2014-08-11 07:51:36 -------- d-----w- C:\PROGRA~2\BrowserSafeguard
2014-08-11 07:42:33 -------- d-----w- C:\PROGRA~2\iMobie
2014-07-22 19:43:39 -------- d-----w- C:\PROGRA~2\VideoLAN
2014-07-16 18:31:04 -------- d-----w- C:\PROGRA~2\sweetpacks bundle uninstaller_Apache OpenOffice_1644551
======= C: =====
2014-08-11 13:16:08 F14F1EBB47CCBD9C1AE2348E8FF7BF9E 687 ----a-w- C:\awhF48B.tmp
2014-08-11 07:56:53 F14F1EBB47CCBD9C1AE2348E8FF7BF9E 687 ----a-w- C:\awh6EFC.tmp
====== C:\Users\Student\AppData\Roaming ======
2014-08-11 13:08:38 12A1F5C8C4FADEA32940E3D9F1CB65B5 4125624 ----a-w- C:\windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-08-11 07:51:54 -------- d-----w- C:\Users\Student\AppData\Local\9754
2014-08-11 07:42:55 -------- d-----w- C:\Users\Student\AppData\Local\iMobie_Inc
2014-08-11 07:42:52 -------- d-----w- C:\Users\Student\AppData\Roaming\iMobie
2014-08-06 17:39:05 -------- d-----w- C:\Users\Student\AppData\Local\Packages
2014-08-06 17:38:59 -------- d-----w- C:\Users\Student\AppData\Locallow\{998D0DD0-99B5-29FA-809C-0DE7FC7C6AE3}
2014-07-22 19:44:31 -------- d-----w- C:\Users\Student\AppData\Roaming\vlc
2014-07-22 19:38:27 -------- d-----w- C:\Users\Student\AppData\Roaming\uTorrent
2014-07-16 21:16:11 -------- d-----w- C:\Users\Student\AppData\Roaming\OpenOffice
2014-07-16 18:32:36 -------- d-----w- C:\Users\Student\AppData\Roaming\Optimizer Pro
====== C:\Users\Student ======
2014-08-11 07:42:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2014-08-06 17:38:57 -------- d-----w- C:\ProgramData\SmartCOmparee
2014-07-22 19:44:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-16 18:33:05 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free-for-download bundle
2014-07-16 18:32:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
====== C: exe-files ==
2014-08-11 15:13:32 FC2B0B710AB2EC61224C9411C6555743 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$I19M6S1.exe
2014-08-11 15:13:32 E9858E28FED97D7BF19B28DF17218E4E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$IGDWH5X.exe
2014-08-11 15:13:32 84B54D5C23ED311EA0325DB6DDC64C5A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$I7FOE34.exe
2014-08-11 15:13:32 80700E127F71BF9C2D5779A0E8E2C176 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$I15L0DD.exe
2014-08-11 13:12:18 D17946A23CAD0C21C6FD1DAA92C39A32 4599296 ----a-w- C:\Users\Student\AppData\Local\Temp\rtinstaller.exe
2014-08-11 11:03:14 0B1095D6FB36ACE9C3FB8D6AD6ACB83F 113230 ----a-w- C:\Users\Student\AppData\Local\Temp\nsm6FC.tmp.exe
2014-08-11 07:51:37 D17946A23CAD0C21C6FD1DAA92C39A32 4599296 ----a-w- C:\Program Files (x86)\BrowserSafeguard\uninstall.BrowserSafeguard.exe
2014-08-11 07:51:36 ED17F7213E399B1AF6E8665FF054B703 90112 ----a-w- C:\Program Files (x86)\BrowserSafeguard\Resources\certutil.exe
2014-08-11 07:51:36 C9B4E288D6E7AF76EF2F5D8C99047660 1413632 ----a-w- C:\Program Files (x86)\BrowserSafeguard\BrowserSafeguard.exe
2014-08-11 07:51:36 3DA54BD90C1A4EF9A12270102C047FC5 55632 ----a-w- C:\Program Files (x86)\BrowserSafeguard\makecert.exe
2014-08-11 07:42:36 6DB6E1E3D91BDBA4511B8057CFC17942 120312 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$R7FOE34.exe
2014-08-11 07:42:34 BFBDC87AECE10CF9A0C560CAD11D05D3 19749888 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$RGDWH5X.exe
2014-08-11 07:42:33 C9C210E604CE9BC46A334F4B81A30F1C 1545208 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$R19M6S1.exe
2014-08-11 07:42:33 63E0C7DD413B7082A898A633CA0B2558 9197048 ----a-w- C:\$Recycle.Bin\S-1-5-21-3180901244-3373960192-2221882467-1000\$R15L0DD.exe
=== C: other files ==
2014-08-11 15:44:29 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Student\AppData\Local\Temp\_MEI38882\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-3180901244-3373960192-2221882467-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"Optimizer Pro"="C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-21-3180901244-3373960192-2221882467-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Student\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Student\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
"Uninstall C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
"Uninstall C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60"
"Registry Helper"="C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe /boot"
"BrowserSafeguard"="C:\Program Files (x86)\BrowserSafeguard\BrowserSafeguard.exe"
"BrowserSafeguard Update Task"="C:\Program Files (x86)\BrowserSafeguard\uninstall.BrowserSafeguard.exe /CheckUpdate=true"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"Optimizer Pro"="C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Student\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Student\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
"Uninstall C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
"Uninstall C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Student\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"IntelWireless"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel Wireless Tray"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe "
"TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~3\\FASTAN~1\\FASTAN~2.DLL"
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Cisco AnyConnect Secure Mobility Agent for Windows"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnui.exe\" -minimized"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Conime]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Conime"
"hkey"="HKLM"
"command"="%windir%\\system32\\conime.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ISUSPM"
"hkey"="HKCU"
"command"="C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe -scheduler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ITSecMng]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ITSecMng"
"hkey"="HKLM"
"command"="%ProgramFiles%\\TOSHIBA\\Bluetooth Toshiba Stack\\ItSecMng.exe /START"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NBAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nero\\Nero 10\\Nero BackItUp\\NBAgent.exe\" /WinStart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OfficeSyncProcess]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OfficeSyncProcess"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\MSOSYNC.EXE\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Teco]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Teco"
"hkey"="HKLM"
"command"="\"%ProgramFiles%\\TOSHIBA\\TECO\\Teco.exe\" /r"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ThpSrv]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ThpSrv"
"hkey"="HKLM"
"command"="C:\\windows\\system32\\thpsrv /logon"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TOSDCR]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TOSDCR"
"hkey"="HKLM"
"command"="%ProgramFiles%\\TOSHIBA\\PasswordUtility\\TOSDCR.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toshiba Registration]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Toshiba Registration"
"hkey"="HKLM"
"command"="C:\\Program Files\\TOSHIBA\\Registration\\ToshibaReminder.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toshiba TEMPRO]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Toshiba TEMPRO"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Toshiba TEMPRO\\TemproTray.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosNC]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosNC"
"hkey"="HKLM"
"command"="%ProgramFiles%\\Toshiba\\BulletinBoard\\TosNcCore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosReelTimeMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosReelTimeMonitor"
"hkey"="HKLM"
"command"="%ProgramFiles%\\TOSHIBA\\ReelTime\\TosReelTimeMonitor.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosSENotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosSENotify"
"hkey"="HKLM"
"command"="C:\\Program Files\\TOSHIBA\\TOSHIBA HDD SSD Alert\\TosWaitSrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosVolRegulator]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosVolRegulator"
"hkey"="HKLM"
"command"="C:\\Program Files\\TOSHIBA\\TosVolRegulator\\TosVolRegulator.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosWaitSrv]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosWaitSrv"
"hkey"="HKLM"
"command"="%ProgramFiles%\\TOSHIBA\\TPHM\\TosWaitSrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TSleepSrv]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TSleepSrv"
"hkey"="HKLM"
"command"="%ProgramFiles(x86)%\\TOSHIBA\\TOSHIBA Sleep Utility\\TSleepSrv.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TSUScheduler]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TSUScheduler"
"hkey"="HKLM"
"command"="%ProgramFiles(x86)%\\TOSHIBA\\Sync Utility\\TosSyncScheduler.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TWebCamera]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TWebCamera"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\TOSHIBA\\TOSHIBA Web Camera Application\\TWebCamera.exe\" autorun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Toshiba Places Icon Utility.lnk"
"backup"="C:\\windows\\pss\\Toshiba Places Icon Utility.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\TOSHIBA\\TOSHIB~2\\TOSDIM~1.EXE "
"item"="Toshiba Places Icon Utility"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Student^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
"path"="C:\\Users\\Student\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MyPC Backup.lnk"
"backup"="C:\\windows\\pss\\MyPC Backup.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\MYPCBA~1\\MYPCBA~1.EXE "
"item"="MyPC Backup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AllDaySavingsService64]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdate]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\globalUpdatem]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IePluginServices]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\jxbalvtmyz64]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NetHttpService]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PassThru Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ServiceUpdater]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TemproMonitoringService]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Wajam Internet Enhancer Service]
==== Startup Folders ======================
2011-12-14 20:02:16 1262 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
2011-12-14 20:02:16 1262 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
2014-01-26 17:19:54 1064 ----a-w- C:\Users\Student\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
==== Task Scheduler Jobs ======================
C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/07/2014 22:11]
C:\windows\tasks\Digital Sites.job --a------ C:\Users\Student\AppData\Roaming\DIGITA1\UPDATE1\UPDATE1.exe []
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/08/2011 04:45]
C:\windows\tasks\SDMsgUpdate (SD).job --a------ C:\PROGRA2\SMARTD1\Messages\SDNotify.exe []
==== Other Scheduled Tasks ======================
"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\ConfigFree Startup Programs" [C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe]
"C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\windows\SysNative\tasks\Digital Sites" [C:\Users\Student\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\Launch HTC Sync Loader" [C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe]
"C:\windows\SysNative\tasks\LaunchApp" [C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe]
"C:\windows\SysNative\tasks\MsgUpdateCheck (1ec6db88-2177-414a-8b2a-39cbab7ef516)" ["C:\Program Files (x86)\SmartDraw CI\MarkedUp\tray\TrayNotifierNET35.exe"]
"C:\windows\SysNative\tasks\Optimizer Pro Schedule" ["C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe"]
"C:\windows\SysNative\tasks\QtraxPlayer" ["C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe"]
"C:\windows\SysNative\tasks\SDMsgUpdate (Local)" [C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe]
"C:\windows\SysNative\tasks\SDMsgUpdate (SD)" [C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe]
"C:\windows\SysNative\tasks\SDMsgUpdate (TE)" [C:\PROGRA~2\SMARTD~1\Messages\SDNotify.exe]
"C:\windows\SysNative\tasks\TOSHIBA Wireless Display Monitor" [C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe]
"C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{8167E8F2-A770-4EFB-BA53-8A511051CD9B}"="C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}" [30/06/2014 10:19]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{8167E8F2-A770-4EFB-BA53-8A511051CD9B}"="C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}" [30/06/2014 10:19]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Student\AppData\Roaming\Mozilla\Firefox\Profiles\fq8aaji8.default
- EZ YouTube Video Downloader - C:\Program Files (x86)\EZ YouTube Video Downloader\{8167E8F2-A770-4EFB-BA53-8A511051CD9B}
- FineDealSoft - %ProfilePath%\extensions\
p.lmxpl@fwx-aovd.com
ProfilePath: C:\Users\Student\AppData\Roaming\Thunderbird\Profiles\m6id9w2o.default
- AttachmentExtractor - %ProfilePath%\extensions\{35834d20-efdb-4f78-ab77-9635fb4e56c4}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Student\AppData\Roaming\Mozilla\Firefox\Profiles\fq8aaji8.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Student\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[05/05/2013 14:13]
Google Drive - Student\AppData\Local\Chromium\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Delta Toolbar - Student\AppData\Local\Chromium\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
SweetIM for Facebook - Student\AppData\Local\Chromium\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Skype for Chromium - Student\AppData\Local\Chromium\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
LyricXeeker - Student\AppData\Local\Chromium\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj
Google Drive - Student\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Screen Resolution Tester - Student\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbpeddmakpmblddofjnoghpjminhjph
Chrome Web Store Launcher - Student\AppData\Local\Google\Chrome\User Data\Default\Extensions\gecgipfabdickgidpmbicneamekgbaej
AdBlock - Student\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Student\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
YouTube - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Screen Resolution Tester - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnbpeddmakpmblddofjnoghpjminhjph
Google Search - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Chrome Web Store Launcher - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gecgipfabdickgidpmbicneamekgbaej
Savings com DealFinder - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gncemjbbfkgdhfiigkdebleebbhlelap
SweetIM for Facebook - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Skype Click to Call - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Gmail - Student\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - C:\windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chromium Startpages ======================
C:\Users\Student\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "
http://www.google.com/",
C:\Users\Student\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
"homepage": "
http://search.gboxapp.com/",
==== IE Start and Search Settings ======================
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="
http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="
http://www.istartsurf.com/web/?type...2A7A384_110916E2M312433RZ1JNX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="
http://www.istartsurf.com/web/?type...2A7A384_110916E2M312433RZ1JNX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="
www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="
www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="
http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Search Results Url="
http://dts.search-results.com/sr?sr...0653&apn_uid=4965345813324544&q={searchTerms}"
{AB62B9A1-C4F2-4562-B8B0-E01E01F51A6E} Mysearchdial Url="
http://start.mysearchdial.com/resul...CyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1500903132&ir="
{E225E52A-9638-4BFD-AA23-0AACEE828068} Yahoo! Search Url="Not_Found"
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on 11/08/2014 at 19:28:32.71 ======================