
Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by juan on zo 15/06/2014 at 13:07:31,05.
Microsoft Windows 8.1 Pro 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\juan\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

15/06/2014 13:08:17 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Adblocker deleted successfully
C:\PROGRA~2\MyFree Codec deleted successfully
C:\PROGRA~2\saive on deleted successfully
C:\PROGRA~2\ssave oni deleted successfully
C:\PROGRA~2\SW-Booster deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\ssave oni deleted successfully
C:\Users\juan\AppData\Roaming\driver deleted successfully
C:\Users\juan\AppData\Roaming\Publish Providers deleted successfully
C:\Users\juan\AppData\Roaming\WinRAR deleted successfully
C:\Users\juan\AppData\Local\Bundled software uninstaller deleted successfully
C:\Users\juan\AppData\Local\CutePDF Writer deleted successfully
C:\Users\juan\AppData\Local\DriverToolkit deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\esgiguard deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\SW-Booster not found
C:\Program Files\Enigma Software Group deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\juan\AppData\Local\SwvUpdater deleted
C:\Users\juan\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\PROGRA~3\c7146c7d8288dab2\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140614093020" deleted
"C:\PROGRA~3\c7146c7d8288dab2\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140614092949" deleted
"C:\PROGRA~3\c7146c7d8288dab2\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140614092957" deleted
"C:\PROGRA~3\c7146c7d8288dab2\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140614093042" deleted
"C:\PROGRA~3\c7146c7d8288dab2\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140615115228" deleted
"C:\PROGRA~3\c7146c7d8288dab2\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140614093052" deleted
"C:\PROGRA~3\c7146c7d8288dab2" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-06-14 10:33:37	6D7FDBF9CEAC51A76750FD38CF801F30	3584	----a-w-	C:\Windows\SECOH-QAD.dll
2014-06-14 10:33:37	38DE5B216C33833AF710E88F7F64FC98	4608	----a-w-	C:\Windows\SECOH-QAD.exe
====== C:\Users\juan\AppData\Local\Temp ====
2014-06-15 09:12:24	5C28E508C83A3B0DDBB224B04B1418B9	47329360	----a-w-	C:\Users\juan\AppData\Local\Temp\SHSetup.exe
2014-06-14 07:31:58	771D40B0570FDED159E6CEED404A687C	114688	----a-w-	C:\Users\juan\AppData\Local\Temp\down.3248.setupnt.exe
2014-06-14 07:28:27	E717F6CE3A7429BFA6D7F3CF66737A4B	15968	--s---r-	C:\Users\juan\AppData\Local\Temp\{CD71812B-1FCD-4644-A4AF-57EF1692A3DD}\Setup.exe
2014-06-14 07:28:27	AF7CE801C8471C5CD19B366333C153C4	275552	--s---r-	C:\Users\juan\AppData\Local\Temp\TsuCD7F996B.dll
2014-06-14 07:28:27	A828740FD8E0DBB8E3ED806E2BE4EB36	177664	--s---r-	C:\Users\juan\AppData\Local\Temp\{CD71812B-1FCD-4644-A4AF-57EF1692A3DD}\_Setup.dll
2014-06-07 07:14:37	E2518378F77C5F0E42EF5AA8366FE157	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\es-ES\RzUpdateManager.resources.dll
2014-06-07 07:14:37	E1F8CF240E51345BDF55DF8D1A6A8C43	507392	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\RzUpdateManagerUI.dll
2014-06-07 07:14:37	D0F1BFF15FBFE912A3F2DD8277F77312	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\zh-CHT\RzUpdateManager.resources.dll
2014-06-07 07:14:37	CE326C95D7AA5DBE508E76AFF9F6A004	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\ja-JP\RzUpdateManager.resources.dll
2014-06-07 07:14:37	CDBDC8A208CAB616BA386CCB8986E619	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\ja-JP\RzSynapse.resources.dll
2014-06-07 07:14:37	C993854573F91FD2185662EB763ACD0F	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\de-DE\RzUpdateManager.resources.dll
2014-06-07 07:14:37	B4F396A86C23BA8F38AC92496F6F79F0	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\fr-FR\RzUpdateManager.resources.dll
2014-06-07 07:14:37	AE2CA25E2BAD3F37BBDBE0D81B1204AA	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\pt-BR\RzUpdateManager.resources.dll
2014-06-07 07:14:37	90770677872AD3CA4EC6DF36F1EA0B47	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\ko-KR\RzSynapse.resources.dll
2014-06-07 07:14:37	75570765EDD6FCEF4ED65150A7981C5A	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\zh-CN\RzUpdateManager.resources.dll
2014-06-07 07:14:37	6DED8FCBF5F1D9E422B327CA51625E24	462336	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\Ionic.Zip.dll
2014-06-07 07:14:37	6BD92EC1A29B1764929E86CE01E24CD2	312832	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\RzStorage.dll
2014-06-07 07:14:37	66D189F20285D26187FF4344218F5F5E	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\de-DE\RzSynapse.resources.dll
2014-06-07 07:14:37	66AF28C96D10B20DFC9E8F35C88A053B	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\ko-KR\RzUpdateManager.resources.dll
2014-06-07 07:14:37	5CB78EF5A32224510F93FC5BF0A80FBE	364784	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\RzUpdateManager.exe
2014-06-07 07:14:37	4990CABE0C643D532F6633E8282F2485	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\es-ES\RzSynapse.resources.dll
2014-06-07 07:14:37	39A49EA66B869C93EBD3B27B8B612E84	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\pt-BR\RzSynapse.resources.dll
2014-06-07 07:14:37	352F44CF6BF18DC914948B7A3FB5D940	112640	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\RzCommon.dll
2014-06-07 07:14:37	3168C378C1D81462DE0A557EBF5CFB0A	5632	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\ru-RU\RzUpdateManager.resources.dll
2014-06-07 07:14:37	203A00924FE344AAA78CF9DEA676064A	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\zh-CN\RzSynapse.resources.dll
2014-06-07 07:14:37	0F980B6C1A7C0ED343F98A89DF4A0978	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\zh-CHT\RzSynapse.resources.dll
2014-06-07 07:14:37	06D18352781D1A4C8C7DA91F3129607E	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\fr-FR\RzSynapse.resources.dll
2014-06-07 07:14:37	01346C05B7FAE908BDDE98EA87C63A29	4608	----a-w-	C:\Users\juan\AppData\Local\Temp\RzUpdater\ru-RU\RzSynapse.resources.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-06-15 09:50:16	CEE4C9E092168CEBD187491AF6FDA8FB	264616	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-06-15 09:50:15	ECB3AB701D6E26F5E54C58957E34E719	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-06-15 09:50:15	8C7C6D494D86307CDCF63E0478767C16	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-15 09:50:15	2251971694E17BAC4E344DC2B7CD7ADD	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-06-11 14:34:41	9EAAB4305536829D6B7D9C3A47E92861	2179072	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-06-11 14:34:41	7E27FB6AB8976897A530FB30F5FF7691	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 14:34:41	6D8E6A9A524FFAAFA4D2F6C8EF38D0BB	592896	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 14:34:41	0AFCE8EEF3751810FE2101FD608FB8B3	1143296	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-06-11 14:34:40	8DF06ACA017949D37C38B6A0EF747D4E	526336	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 14:34:40	017B99D09904DCA35D5F66AD79084B5F	368128	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 14:34:39	D5ECBB3BFDC73A59440D9CA79AB3A342	17271296	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-06-11 14:34:38	C69FDD49AB9E8BCF2BAAC469CE0CC756	1964544	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 14:34:38	5B5815477A53ED92B89955FFE7EDCB2E	242688	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 14:34:37	688227D38A6FF6403B293D0C50B454B9	11725312	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-06-11 14:34:36	C58E97EEB1CB80CE91D5E7FD5E78794F	4244992	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-06-11 14:34:36	22D7FFA4B94916F18EB1F1D107B86839	704512	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 14:34:32	771CDBC3D62437D6DB070820BB1EDCCF	1790976	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-06-11 14:34:30	D9F5B424C307B195E16A9B0A21E53BCC	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-06-11 14:34:11	CB1F941980DCC044542CEF180328D180	1064448	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2014-06-11 14:34:11	A8358D0521BC91CF30C5C1EE4541B695	754688	----a-w-	C:\Windows\SysWOW64\WSShared.dll
2014-06-11 14:34:11	55ADDA5B29D1151727470FA165460773	1312256	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2014-06-11 14:34:10	61F5222289E052C40274ECD182A8AA99	98816	----a-w-	C:\Windows\SysWOW64\drvinst.exe
2014-06-11 14:34:08	65FCEABE3128592F84B60140F814BDDB	1509888	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2014-06-11 14:34:05	A93E67D9084BEFC32C8E2B75FCC5B02E	11792384	----a-w-	C:\Windows\SysWOW64\twinui.dll
2014-06-11 14:34:05	A5358F64D4EB5ABE2829981CD9734901	18755672	----a-w-	C:\Windows\SysWOW64\shell32.dll
2014-06-11 14:34:02	A717D4AC0C44BCBE990DBF8B6EC979AA	12711424	----a-w-	C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-06-11 14:34:00	4550DC04464B86C5EB2CC77D9D27C06C	5833216	----a-w-	C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-06-11 14:34:00	0FDDBC46B0FE68B9516BED5CDC2A5296	5104640	----a-w-	C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-06-11 14:33:58	1E48870B29C7D7328A7D484A61250AE5	5774848	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2014-06-11 14:33:57	8EAD5F0BC40579B106CDD9D2591CFEC5	1797896	----a-w-	C:\Windows\SysWOW64\d3d9.dll
2014-06-11 14:33:56	E678126493997B951C6A6E91BC15C91C	836608	----a-w-	C:\Windows\SysWOW64\SearchFolder.dll
2014-06-11 14:33:56	E2AAB5EDC278D489C8EF87F277B5E3E6	888320	----a-w-	C:\Windows\SysWOW64\Windows.Media.dll
2014-06-11 14:33:56	87AB9959EC23455326C8C55E59DE0A88	669856	----a-w-	C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-06-11 14:33:56	561945C42E36012B4799C342E6A96498	800768	----a-w-	C:\Windows\SysWOW64\MFMediaEngine.dll
2014-06-11 14:33:55	EC4FA776548BF1A05DAE3B5EFB0FFE6F	1209616	----a-w-	C:\Windows\SysWOW64\winmde.dll
2014-06-11 14:33:55	C97E772120135CD320CB217C92105B12	370176	----a-w-	C:\Windows\SysWOW64\winspool.drv
2014-06-11 14:33:55	A54EB398BC2D792A0C603A97F7975FD8	357376	----a-w-	C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-06-11 14:33:55	A4F3682781DD8B36E97FD04BA50845A2	209920	----a-w-	C:\Windows\SysWOW64\rdpencom.dll
2014-06-11 14:33:55	90C83CF02C884315E595FA07CA9C64EF	387896	----a-w-	C:\Windows\SysWOW64\mfsvr.dll
2014-06-11 14:33:55	76892045ECB1D830185618DBD3467562	337408	----a-w-	C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-11 14:33:55	5FAEA469BCE03F8FABAFB63D7603DC3C	982016	----a-w-	C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-06-11 14:33:55	5AE9C90A51256F72C541A2FD81EAB7C4	2144984	----a-w-	C:\Windows\SysWOW64\mfcore.dll
2014-06-11 14:33:55	13CE2AA6D3ACAF0B485DBFE8AF2F5C48	305768	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2014-06-11 14:33:55	095419EC9E2CC85998B1824AAF6887D6	590336	----a-w-	C:\Windows\SysWOW64\gpprefcl.dll
2014-06-11 14:33:54	E697F1E4E819EB12C40AE01F88626BAB	219136	----a-w-	C:\Windows\SysWOW64\resutils.dll
2014-06-11 14:33:54	A9A027378882FFA14000612AE6FDA7AB	1200288	----a-w-	C:\Windows\SysWOW64\propsys.dll
2014-06-11 14:33:54	A624CA7CDFA7941EECD6F96F1A47CCA3	178184	----a-w-	C:\Windows\SysWOW64\MSVideoDSP.dll
2014-06-11 14:33:54	A3ECC0F6960AA699895CB48BC69BEA3B	326024	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2014-06-11 14:33:54	956D8170AD470804405C0564E10ED6ED	406504	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2014-06-11 14:33:54	8C25FBB338147754DA42DF990FB3AE4A	285144	----a-w-	C:\Windows\SysWOW64\MFCaptureEngine.dll
2014-06-11 14:33:54	88A821BC72CB1A935C92F453586233EF	518544	----a-w-	C:\Windows\SysWOW64\mf.dll
2014-06-11 14:33:54	6BAE2EB5EFCEAC999BB1A5BF267C711D	707048	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2014-06-11 14:33:54	619C6E72B8433B3F67738F7E6C972A96	230808	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2014-06-11 14:33:54	4874EB05C1BE374B8A4AC15DF3DB07B0	111528	----a-w-	C:\Windows\SysWOW64\gpapi.dll
2014-06-11 14:33:54	15905E6B799C1446A37915ED23CD17E5	144384	----a-w-	C:\Windows\SysWOW64\rpchttp.dll
2014-06-11 14:33:54	06AB75759A0B2D79680F52ACDAE702A1	313344	----a-w-	C:\Windows\SysWOW64\clusapi.dll
2014-06-11 14:33:54	008368626F3EFAEDB0C2CD4565BA6797	98584	----a-w-	C:\Windows\SysWOW64\dwmapi.dll
2014-06-11 14:33:53	FF28231D41465C253E9F9EF164DD619C	230400	----a-w-	C:\Windows\SysWOW64\wlanapi.dll
2014-06-11 14:33:53	D0E0E176F86C3B1048A67144DE0C5CD3	46592	----a-w-	C:\Windows\SysWOW64\tlscsp.dll
2014-06-11 14:33:53	CF3EA59E07BF906B43058C98B6750D16	855552	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-11 14:33:53	B6803C8A600E3F029A3D688D9E590CA3	300544	----a-w-	C:\Windows\SysWOW64\wlanmsm.dll
2014-06-11 14:33:53	68A23F58F6F16B81BCBFCAA07CDF0680	61440	----a-w-	C:\Windows\SysWOW64\srclient.dll
2014-06-11 14:33:53	5C74AC34C1CAA9C232836C580272B0DD	1029120	----a-w-	C:\Windows\SysWOW64\mispace.dll
2014-06-11 14:33:53	495C3945889DD59993474F2434863835	11776	----a-w-	C:\Windows\SysWOW64\d3d8thk.dll
2014-06-11 14:33:53	3CABBCB26C4E73F3440A8A064EB490FF	11264	----a-w-	C:\Windows\SysWOW64\wlanhlp.dll
2014-06-11 14:33:49	B8F28AAC003060E3B125D2447CFC19E2	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-06-11 14:33:49	6A06EB11F1E5BDAA795DAE7838F9FE20	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 14:33:47	7D6B20C69CC8EECB8F31D4FAF913BBE8	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 14:33:47	260D6B421E5551E8BA75D16B5CA90D9A	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 14:33:47	0E7B7C9F483300F9FF97C6A1E4BC4F57	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-06-11 14:33:45	260A56A8164CBDF9884BB9B2895F6AB2	2344448	----a-w-	C:\Windows\SysWOW64\Wpc.dll
2014-06-11 14:33:14	3DA5CD1E3B9BDAF79731CB6CB1029CB3	53248	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-06-15 10:00:06	8887DCEC5AD5BADB398CB2C553DC0058	7622	----a-w-	C:\Windows\Sysnative\.crusader
2014-06-11 14:34:41	063EF4239479F52DAF9F4849B0B304F1	2768384	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-06-11 14:34:38	3A1AB9DE852F2BC1ECE6403BDD01B9F0	1398272	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-06-11 14:34:38	12BA419E27DBC5DBF9262C8A885FA361	452096	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-06-11 14:34:37	867DD52B23D3B0390B88F3D7AD1E600C	631808	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-06-11 14:34:36	3FC3828E8820D1C93DBFBAD4BE456D85	2040832	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-06-11 14:34:35	CC603EF96BA456D4BCD9FF849ED07A2A	85504	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-06-11 14:34:35	CB8A91074AE1B5051E240B50A328DCF5	295424	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-06-11 14:34:35	2DBB9127794BC30BC31D26FA088F8BAB	13522944	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-06-11 14:34:34	AB3FA3D9B1F1D0571CBC43D1487CCD6F	5782528	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-06-11 14:34:34	9013D5BBE1B6D3A060F54B4B5BB2C3A3	846336	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-06-11 14:34:34	6B9925F498D4E91FB57576CC3776D428	752640	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-06-11 14:34:33	790FD40601502C5FE8213D4F335DA0BD	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-06-11 14:34:33	56803B20D168C1B740D12CE0BE4588F5	23414784	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-06-11 14:34:32	40BFD9D6EC8E174145F012246CA73CCD	2266112	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-06-11 14:34:30	EAAA62F272858695814A1F42D5E59BD3	608768	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-06-11 14:34:12	CCDFFC83004AF62D0153CF45289028AF	3360256	----a-w-	C:\Windows\Sysnative\rdpcorets.dll
2014-06-11 14:34:11	AA5A86B32FC3975284082C64059F92DF	79872	----a-w-	C:\Windows\Sysnative\WSReset.exe
2014-06-11 14:34:11	A4948EA65E584A88BE09029DB49E4D70	1336648	----a-w-	C:\Windows\Sysnative\gdi32.dll
2014-06-11 14:34:11	A28730EF44FCCBF0040B771CEFC8EE76	921088	----a-w-	C:\Windows\Sysnative\WSShared.dll
2014-06-11 14:34:11	201FE8AAD76FB1E7FB5A3B1337435DC1	2151424	----a-w-	C:\Windows\Sysnative\msxml3.dll
2014-06-11 14:34:10	BB7F878413AD3C2E7E89C96193D405DF	57856	----a-w-	C:\Windows\Sysnative\drvcfg.exe
2014-06-11 14:34:10	8E472AA2E916417B55BC1E6727957453	110592	----a-w-	C:\Windows\Sysnative\drvinst.exe
2014-06-11 14:34:09	CC8E86B9C18BCA38D3C467CFD661A466	1975296	----a-w-	C:\Windows\Sysnative\DWrite.dll
2014-06-11 14:34:08	3FA6DC6B29717E32E211C1FD821F2C75	1345536	----a-w-	C:\Windows\Sysnative\FntCache.dll
2014-06-11 14:34:04	AE7D8835A29FADB39C0D095BA32A9462	21268952	----a-w-	C:\Windows\Sysnative\shell32.dll
2014-06-11 14:34:04	AD2DE3982C7B6E62346098C7570F6A7D	13287936	----a-w-	C:\Windows\Sysnative\twinui.dll
2014-06-11 14:34:03	0C5C304C3A2D9E9633A7506CBB04929E	16872448	----a-w-	C:\Windows\Sysnative\Windows.UI.Xaml.dll
2014-06-11 14:34:02	151427E526E96471A45FF6CC2257FBA0	8652800	----a-w-	C:\Windows\Sysnative\Windows.UI.Search.dll
2014-06-11 14:34:01	AEDD44FDB8B521D443A07146F5CA3A53	7173120	----a-w-	C:\Windows\Sysnative\Windows.Data.Pdf.dll
2014-06-11 14:34:00	F4C09C622BC55A80F775DF7D8AB9984F	6645248	----a-w-	C:\Windows\Sysnative\mstscax.dll
2014-06-11 14:33:58	8ECEBEE92854C6705877911BA75889A8	2124840	----a-w-	C:\Windows\Sysnative\d3d9.dll
2014-06-11 14:33:58	7E4A8D95B9DBC2CB588B91848A0AE731	2688000	----a-w-	C:\Windows\Sysnative\SettingsHandlers.dll
2014-06-11 14:33:57	C2A06D6E746C42E6CE6CA020EE67FFA2	4269056	----a-w-	C:\Windows\Sysnative\SyncEngine.dll
2014-06-11 14:33:57	383DA813409316D69603C1D849834D24	1308160	----a-w-	C:\Windows\Sysnative\gpsvc.dll
2014-06-11 14:33:56	EAE6ED6C5076CF765EB731B92A237149	955904	----a-w-	C:\Windows\Sysnative\MFMediaEngine.dll
2014-06-11 14:33:56	CFB353B4E33AFE922C3A62DBC9C9B0A8	7425368	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2014-06-11 14:33:56	AE210430A150FF20A58E3C6B381A832F	1025024	----a-w-	C:\Windows\Sysnative\localspl.dll
2014-06-11 14:33:56	7FB9EC74ADFB2353B7782C3EF833F5B7	765408	----a-w-	C:\Windows\Sysnative\mfmpeg2srcsnk.dll
2014-06-11 14:33:56	6C6E26E0DB9AB2077F42FBBCDB153C84	2140888	----a-w-	C:\Windows\Sysnative\mfcore.dll
2014-06-11 14:33:56	6B7B2211C293218706D491204FCE8695	1126912	----a-w-	C:\Windows\Sysnative\SearchFolder.dll
2014-06-11 14:33:56	6873D09262D32B95D6AC3026FCF8B424	1230336	----a-w-	C:\Windows\Sysnative\Windows.Media.dll
2014-06-11 14:33:56	5661481164A164CAD67DBE5A0191207F	4190720	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-06-11 14:33:56	0BBD7EDAEA54D0E30445E9FC1179C60A	1411584	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-06-11 14:33:55	EEC46BC17F28C528AB7FAC20AFDF69E3	462336	----a-w-	C:\Windows\Sysnative\XpsGdiConverter.dll
2014-06-11 14:33:55	ED7C0A11E655CD8B89BE499F99D56098	486912	----a-w-	C:\Windows\Sysnative\winspool.drv
2014-06-11 14:33:55	D872C6095AACC13AD897DB5E4D2B5D91	805376	----a-w-	C:\Windows\Sysnative\win32spl.dll
2014-06-11 14:33:55	CB79B5D367376E7B49E2D95BFFB0BEEB	364640	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2014-06-11 14:33:55	BAF51BE2DEB387BD99CAC4E3B7850FEC	250368	----a-w-	C:\Windows\Sysnative\rdpencom.dll
2014-06-11 14:33:55	AF3FF97AC2A73E70F8A8D11FB694175B	449536	----a-w-	C:\Windows\Sysnative\defragsvc.dll
2014-06-11 14:33:55	A1CD5194ACC156A852136B303F087260	491744	----a-w-	C:\Windows\Sysnative\mfsvr.dll
2014-06-11 14:33:55	9ED0E72966FB08F7E6DB15E5519AF8D1	1379064	----a-w-	C:\Windows\Sysnative\wmpmde.dll
2014-06-11 14:33:55	98A184F6EC43B178901FCD5D4E2EC43B	1222656	----a-w-	C:\Windows\Sysnative\Windows.Media.Streaming.dll
2014-06-11 14:33:55	79B134ECE836B406B212E28C24011538	834048	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2014-06-11 14:33:55	6D0C8E13EDAA72F5DE5CE4C217A344A7	667648	----a-w-	C:\Windows\Sysnative\gpprefcl.dll
2014-06-11 14:33:55	626D19F1771E1AE72208AE9A8F3082F7	491520	----a-w-	C:\Windows\Sysnative\GeofenceMonitorService.dll
2014-06-11 14:33:55	5071E71CC05346D88C5A08EB8B5A05E3	1584128	----a-w-	C:\Windows\Sysnative\workfolderssvc.dll
2014-06-11 14:33:55	46378ECCB4A29AA81BF296641C2501EF	323072	----a-w-	C:\Windows\Sysnative\srvsvc.dll
2014-06-11 14:33:55	411DBFCD6ABAB75B6F7950677AEEFB7D	1403856	----a-w-	C:\Windows\Sysnative\winmde.dll
2014-06-11 14:33:55	0BDD786156C820F49EEF5D348B4ACFF4	335872	----a-w-	C:\Windows\Sysnative\MDEServer.exe
2014-06-11 14:33:55	067CB90C277DB4A737D5DEABA3055972	407016	----a-w-	C:\Windows\Sysnative\services.exe
2014-06-11 14:33:54	F4E351BB95D473CB55BB7C1A1FEB2798	467496	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2014-06-11 14:33:54	E369C59F2C0852DDD090C07E0DDE0051	1436160	----a-w-	C:\Windows\Sysnative\VSSVC.exe
2014-06-11 14:33:54	BF6FBC9D97A24FABB0AE8B878279CF0B	244880	----a-w-	C:\Windows\Sysnative\audiodg.exe
2014-06-11 14:33:54	AE2B9504C975B529D92D9E6603F6D33F	609448	----a-w-	C:\Windows\Sysnative\mf.dll
2014-06-11 14:33:54	99277BE68298288A0E27CF9E50FAD091	881616	----a-w-	C:\Windows\Sysnative\mfplat.dll
2014-06-11 14:33:54	9654DE19551093CD73874281E1573C94	135168	----a-w-	C:\Windows\Sysnative\wscsvc.dll
2014-06-11 14:33:54	95471DDCB3B3FF70015FD9AA13404F44	281600	----a-w-	C:\Windows\Sysnative\resutils.dll
2014-06-11 14:33:54	92B785213F856EC736673516C54FA791	233912	----a-w-	C:\Windows\Sysnative\mfps.dll
2014-06-11 14:33:54	88ACBA95BB55B8226D52117462B76CD4	307304	----a-w-	C:\Windows\Sysnative\wintrust.dll
2014-06-11 14:33:54	87CF824E47489DD972FB4FB9FC4EDD0A	324888	----a-w-	C:\Windows\Sysnative\MFCaptureEngine.dll
2014-06-11 14:33:54	850EBB87584484DC16F917E7B6F4A304	718336	----a-w-	C:\Windows\Sysnative\swprv.dll
2014-06-11 14:33:54	7B3255A0B833908E4A7ACEA6245D344E	426496	----a-w-	C:\Windows\Sysnative\clusapi.dll
2014-06-11 14:33:54	7B12172CCE581F76C9335D7A47E0AD50	130144	----a-w-	C:\Windows\Sysnative\gpapi.dll
2014-06-11 14:33:54	67176AA6EAF34FF2A962F14EB8F0478B	263424	----a-w-	C:\Windows\Sysnative\SystemSettingsAdminFlows.exe
2014-06-11 14:33:54	64B2A2630C964BF135A84A52FB2EEF9A	47616	----a-w-	C:\Windows\Sysnative\tlscsp.dll
2014-06-11 14:33:54	5EE916C3272A19B459717A8D2397B07A	55296	----a-w-	C:\Windows\Sysnative\energyprov.dll
2014-06-11 14:33:54	4684C8E852065C0A7937C395C165A24F	1466856	----a-w-	C:\Windows\Sysnative\propsys.dll
2014-06-11 14:33:54	414B81DE6CE46022ED43051C09EDB00B	467968	----a-w-	C:\Windows\Sysnative\srcore.dll
2014-06-11 14:33:54	315502228EB37F36E86EF75CB1DA1D44	201920	----a-w-	C:\Windows\Sysnative\MSVideoDSP.dll
2014-06-11 14:33:54	2A4177EE5446877BD24DD72504105603	191488	----a-w-	C:\Windows\Sysnative\rpchttp.dll
2014-06-11 14:33:54	22B8B1F946ACFCB03832793A25216D8C	186880	----a-w-	C:\Windows\Sysnative\WorkFoldersShell.dll
2014-06-11 14:33:54	1AF842C745A7625D0E8936B458FC6698	219136	----a-w-	C:\Windows\Sysnative\tscfgwmi.dll
2014-06-11 14:33:54	1697E09CDA4DD8741B8276F48A8514DE	32600	----a-w-	C:\Windows\Sysnative\ploptin.dll
2014-06-11 14:33:54	1517EE52367CABAA5615AC736DC96C7D	125496	----a-w-	C:\Windows\Sysnative\dwmapi.dll
2014-06-11 14:33:54	072A99F351C505A45C9FDA32E7324602	28408	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2014-06-11 14:33:54	01851563CB6FB986A4C0221C15AB6ADC	463256	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2014-06-11 14:33:53	F587513213947A4C7EF47B660DAAFBC5	271872	----a-w-	C:\Windows\Sysnative\rstrui.exe
2014-06-11 14:33:53	F2895547FC275642A29692DC344A847F	296960	----a-w-	C:\Windows\Sysnative\wlanapi.dll
2014-06-11 14:33:53	EF252510DB6C3511E30418BD2AC95A2D	1527296	----a-w-	C:\Windows\Sysnative\wlansvc.dll
2014-06-11 14:33:53	E86E7792A2A0854D5560371BBDDA760B	1057280	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
2014-06-11 14:33:53	E2C26EECF60D9DF94706DF981D074B98	721408	----a-w-	C:\Windows\Sysnative\SkyDriveTelemetry.dll
2014-06-11 14:33:53	DC61194C93DE9E5D549AEC5064A06BD4	872448	----a-w-	C:\Windows\Sysnative\SkyDrive.exe
2014-06-11 14:33:53	B6BD22DDEDDD8665080D664749ACFEF5	64512	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2014-06-11 14:33:53	B24960B79BDE7D5ED1EA638027F9E8F0	143872	----a-w-	C:\Windows\Sysnative\BootMenuUX.dll
2014-06-11 14:33:53	977D67467950D8048E94651EE6081B99	370176	----a-w-	C:\Windows\Sysnative\wlanmsm.dll
2014-06-11 14:33:53	9465F8E72887AC6CCDD97F738A5AB6B6	70656	----a-w-	C:\Windows\Sysnative\srclient.dll
2014-06-11 14:33:53	8E1866A4E96F1159B6625627860A0454	2100736	----a-w-	C:\Windows\Sysnative\SystemSettingsAdminFlowUI.dll
2014-06-11 14:33:53	88BCAEABEB2A46DB7B336B8432720AC8	443904	----a-w-	C:\Windows\Sysnative\wlansec.dll
2014-06-11 14:33:53	886767FD022213F7885416134E9082E5	201216	----a-w-	C:\Windows\Sysnative\AudioEndpointBuilder.dll
2014-06-11 14:33:53	82FE5F302FD7C7EF0E41465BB873EFC7	11264	----a-w-	C:\Windows\Sysnative\wlanhlp.dll
2014-06-11 14:33:53	78D26F162E015FF644785C8836B617CA	1287168	----a-w-	C:\Windows\Sysnative\mispace.dll
2014-06-11 14:33:53	69A374DE46C7BAAE30BFB1E40D69C5C6	761856	----a-w-	C:\Windows\Sysnative\WorkfoldersControl.dll
2014-06-11 14:33:47	FD08F8BA2437A85F500EFFE3FD3158A6	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-06-11 14:33:47	FCFAEDF0AA1A78A1875FDB798598408B	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-06-11 14:33:47	E77092C38028EB0A5C461B3436E0A6D5	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-06-11 14:33:47	E129D34089E70215B65EA611F802FA9A	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-06-11 14:33:47	C1E2C16D58D76323800C3EE5E2C5095A	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-06-11 14:33:47	338415F2E9A188875B6E43B5269620B0	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-06-11 14:33:46	1D1D7F52EC84294859642A4309FE648E	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-06-11 14:33:45	8838E982B803E9303ABE051E0CAB5A64	2861056	----a-w-	C:\Windows\Sysnative\WpcWebSync.dll
2014-06-11 14:33:45	60A4EAAA2964A3ECFD91A6EC9F8B72C0	3048904	----a-w-	C:\Windows\Sysnative\WpcMon.exe
2014-06-11 14:33:45	52E94AE3C9FF1E18A1EA125C4FFB0EEC	2834944	----a-w-	C:\Windows\Sysnative\wpccpl.dll
2014-06-11 14:33:45	416BE72F050166A6B5820833363AB0F2	3118080	----a-w-	C:\Windows\Sysnative\Wpc.dll
====== C:\Windows\Sysnative\drivers =====
2014-06-15 09:34:39	8A50D5304E6AE48664CF5838EC32F647	122584	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-06-15 09:34:23	F92B0E478C0FAA6D6661E6E977247E60	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2014-06-15 09:34:23	9D9ED48F841EA37AA5310D54B9E5D3C7	91352	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-06-15 09:34:23	0664F6335F108F38FE08C3CA747311EE	64216	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-06-11 14:34:11	D18EC2C83C2F773C9476A4FB0AA4C314	295424	----a-w-	C:\Windows\Sysnative\drivers\ks.sys
2014-06-11 14:34:11	A9749FD0A06E22009EA972D8B9CB046B	428888	----a-w-	C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-06-11 14:34:11	4B666AE119D2ADBAC816BEA7DB4D6881	2518872	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
2014-06-11 14:33:55	FD163F487CBA9C98AFFEB546C80F49A2	677376	----a-w-	C:\Windows\Sysnative\drivers\srv2.sys
2014-06-11 14:33:55	DBA635C6398782C549E3BE45CF1D0411	206848	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2014-06-11 14:33:55	7C7BE474915166B61B84C025F1F10157	563200	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2014-06-11 14:33:55	78514B073CC5775800A65BFB82A0D66B	443904	----a-w-	C:\Windows\Sysnative\drivers\nwifi.sys
2014-06-11 14:33:55	4BB9BC49DEE1A319EC58274A7BBED663	310616	----a-w-	C:\Windows\Sysnative\drivers\volsnap.sys
2014-06-11 14:33:55	0696F66E4D423793951A60562F794D14	402432	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2014-06-11 14:33:54	F152D55E497E12256290C43B31C7D0CE	589656	----a-w-	C:\Windows\Sysnative\drivers\fvevol.sys
2014-06-11 14:33:54	D90AB68D0FAC9F357F663670FDBB511E	275800	----a-w-	C:\Windows\Sysnative\drivers\msiscsi.sys
2014-06-11 14:33:54	CADCE0D6C30427F70A4BFA426256F68C	337240	----a-w-	C:\Windows\Sysnative\drivers\Classpnp.sys
2014-06-11 14:33:54	716059F37BCCB1ABEDE99EBE82E8E362	246272	----a-w-	C:\Windows\Sysnative\drivers\srvnet.sys
2014-06-11 14:33:54	6592D192E2823C043EDBC010E7774053	360792	----a-w-	C:\Windows\Sysnative\drivers\fltMgr.sys
2014-06-11 14:33:54	4C1E71E37B56C768900B1FCF81205027	372568	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
2014-06-11 14:33:54	498288DD5CA42C2D36D125893E968C53	77312	----a-w-	C:\Windows\Sysnative\drivers\hdaudbus.sys
2014-06-11 14:33:54	33977549C2CED09936E05BEE7659EAFF	384856	----a-w-	C:\Windows\Sysnative\drivers\spaceport.sys
2014-06-11 14:33:44	182561A14F2E93E81E66FE3700D17A5A	55328	----a-w-	C:\Windows\Sysnative\drivers\wpcfltr.sys
2014-05-19 06:47:28	D30A8C2D23A7AB6664028A9C72E1809E	155816	----a-w-	C:\Windows\Sysnative\drivers\rzudd.sys
====== C:\Windows\Tasks ======
2014-05-24 19:47:30	9AADEA6774987A0220B1E02DC0B5E0B1	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 19:47:30	869A9BB4B1EBD06CAC9193927BB29B09	3828	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-06-15 10:44:17	--------	d-----w-	C:\Program Files\trend micro
2014-06-14 10:33:34	--------	d-----w-	C:\Program Files\KMSpico
======= C:\PROGRA~2 =====
2014-06-15 09:50:17	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2014-06-15 09:13:00	--------	d-----w-	C:\PROGRA~2\COMMON~1\Wise Installation Wizard
2014-06-06 17:35:09	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2014-06-01 16:50:12	--------	d-----w-	C:\PROGRA~2\Razer
2014-05-25 14:04:18	--------	d-----w-	C:\PROGRA~2\Six Networks
======= C: =====
2014-06-15 09:14:00	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
====== C:\Users\juan\AppData\Roaming ======
2014-06-14 07:29:49	--------	d-----w-	C:\Users\juan\AppData\Local\Torch
2014-06-14 07:29:49	--------	d-----w-	C:\Users\juan\AppData\Local\Comodo
2014-06-14 07:29:49	--------	d-----w-	C:\Users\juan\AppData\Local\Chromatic Browser
2014-06-14 07:29:49	--------	d-----w-	C:\Users\Gast\AppData\Local\Torch
2014-06-14 07:29:49	--------	d-----w-	C:\Users\Gast\AppData\Local\Comodo
2014-06-14 07:29:49	--------	d-----w-	C:\Users\Gast\AppData\Local\Chromatic Browser
2014-06-14 07:29:49	--------	d-----w-	C:\Users\Administrator\AppData\Local\Torch
2014-06-14 07:29:49	--------	d-----w-	C:\Users\Administrator\AppData\Local\Comodo
2014-06-14 07:29:49	--------	d-----w-	C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-14 07:29:48	--------	d-----w-	C:\Users\Gast\AppData\Local\Google
2014-06-14 07:29:48	--------	d-----w-	C:\Users\Administrator\AppData\Local\Google
2014-06-03 14:32:24	--------	d-----w-	C:\Users\juan\AppData\Local\Razer
2014-06-02 14:28:48	--------	d-----w-	C:\Users\juan\AppData\Local\Razer_Inc
2014-06-02 14:25:56	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Razer
2014-06-01 16:51:11	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Razer_Inc
2014-06-01 08:24:52	--------	d-----w-	C:\Users\juan\AppData\Roaming\DVDVideoSoft
2014-05-24 18:36:32	--------	d-----w-	C:\Users\juan\AppData\Local\IsolatedStorage
2014-05-24 18:36:30	--------	d-----w-	C:\Users\juan\AppData\Roaming\SIX Networks
2014-05-24 18:36:30	--------	d-----w-	C:\Users\juan\AppData\Local\SIX Networks
2014-05-24 13:48:42	--------	d-----w-	C:\Users\juan\AppData\Local\Arma 3
====== C:\Users\juan ======
2014-06-15 10:44:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\juan\Downloads\RSITx64.exe
2014-06-15 10:43:25	C78EEFBC22F5507BFF4A0CF83567DB22	980480	----a-w-	C:\Users\juan\Downloads\WIGI.exe
2014-06-15 10:43:13	F4BC9F24AB2389F0D18812865157E97A	549426	----a-w-	C:\Users\juan\Downloads\WhyIGotInfected.exe
2014-06-15 09:55:20	--------	d-----w-	C:\ProgramData\HitmanPro
2014-06-15 09:55:11	98ADA896D51610D3412EEEAA5F12A53F	10971424	----a-w-	C:\Users\juan\Downloads\HitmanPro_x64.exe
2014-06-15 09:50:15	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-15 09:33:05	E90BF9E1562F40140161573B79CD5720	17292760	----a-w-	C:\Users\juan\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-15 09:12:19	29702C25639B549AC5221E546545D56B	728960	----a-w-	C:\Users\juan\Downloads\SpyHunter-Installer.exe
2014-06-14 10:33:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2014-06-14 07:30:42	6471C52810B8A50B8C7897FBE5F0E2D1	398	--sha-r-	C:\ProgramData\ntuser.pol
2014-06-14 07:30:20	--------	d-----w-	C:\ProgramData\Adblocker
2014-06-14 07:29:57	--------	d-----w-	C:\ProgramData\saive on
2014-06-14 07:29:48	--------	d-----w-	C:\Users\Gast\AppData
2014-06-14 07:29:48	--------	d-----w-	C:\Users\Administrator\AppData
2014-06-09 07:36:39	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\winhttp
2014-06-02 14:26:07	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-06-01 16:50:16	--------	d-----w-	C:\ProgramData\Razer
2014-05-24 18:37:32	--------	d-----w-	C:\ProgramData\SIX Networks
2014-05-24 13:48:42	--------	d-----w-	C:\ProgramData\Bohemia Interactive

====== C: exe-files ==
2014-06-15 10:44:17	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\juan.exe
2014-06-15 10:44:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\juan\Downloads\RSITx64.exe
2014-06-15 10:43:25	C78EEFBC22F5507BFF4A0CF83567DB22	980480	----a-w-	C:\Users\juan\Downloads\WIGI.exe
2014-06-15 10:43:13	F4BC9F24AB2389F0D18812865157E97A	549426	----a-w-	C:\Users\juan\Downloads\WhyIGotInfected.exe
2014-06-15 09:55:11	98ADA896D51610D3412EEEAA5F12A53F	10971424	----a-w-	C:\Users\juan\Downloads\HitmanPro_x64.exe
2014-06-15 09:50:16	CEE4C9E092168CEBD187491AF6FDA8FB	264616	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-06-15 09:50:15	ECB3AB701D6E26F5E54C58957E34E719	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-06-15 09:50:15	2251971694E17BAC4E344DC2B7CD7ADD	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-06-15 09:49:15	3842C46F2FBC7522EF625F1833530804	145408	----a-w-	C:\Users\juan\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe
2014-06-15 09:33:44	EDB10586A061A621BBA2CB32E5E3220B	190429	----a-w-	C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe
2014-06-15 09:33:44	25D473D7805261C752DA738B13E35816	185271	----a-w-	C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe
2014-06-15 09:33:05	E90BF9E1562F40140161573B79CD5720	17292760	----a-w-	C:\Users\juan\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-15 09:12:24	5C28E508C83A3B0DDBB224B04B1418B9	47329360	----a-w-	C:\Users\juan\AppData\Local\Temp\SHSetup.exe
2014-06-15 09:12:19	29702C25639B549AC5221E546545D56B	728960	----a-w-	C:\Users\juan\Downloads\SpyHunter-Installer.exe
2014-06-14 10:33:37	38DE5B216C33833AF710E88F7F64FC98	4608	----a-w-	C:\Windows\SECOH-QAD.exe
2014-06-14 10:33:34	CB2A3134D2B385C7D1E36E027EBDB446	730273	----a-w-	C:\Program Files\KMSpico\unins000.exe
2014-06-14 10:33:34	AC9B2624EF366742C9AD32B86225A251	240536	----a-w-	C:\Program Files\KMSpico\driver\tap-windows-9.9.2_3.exe
2014-06-14 10:33:34	5D8C3F0BE0B0878DE23830BC92E677AB	1095360	----a-w-	C:\Program Files\KMSpico\KMSELDI.exe
2014-06-14 10:33:34	245824502AEFE21B01E42F61955AA7F4	30208	----a-w-	C:\Program Files\KMSpico\UninsHs.exe
2014-06-14 10:33:34	0FDAA37867CA1A6B392FF5842B1AD167	974016	----a-w-	C:\Program Files\KMSpico\Service_KMS.exe
2014-06-14 10:31:43	8002F372CC85CA84CFD2064820E9CAB2	1272400	----a-w-	C:\Users\juan\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
2014-06-14 10:29:11	8C1AAE95EDA9058A50CB4C0439F33ECA	567296	----a-w-	C:\Users\juan\Downloads\W8.1 Act 1 new\WCP Watermark Editor.exe
2014-06-14 07:31:58	771D40B0570FDED159E6CEED404A687C	114688	----a-w-	C:\Users\juan\AppData\Local\Temp\down.3248.setupnt.exe
2014-06-14 07:31:58	771D40B0570FDED159E6CEED404A687C	114688	----a-w-	C:\Users\juan\AppData\Local\Microsoft\Windows\INetCache\IE\25NO9NX9\LlTLkFkT[1].exe
2014-06-14 07:31:48	7003F5B2B536E54AC1C27DF90351837A	835584	----a-w-	C:\Users\juan\AppData\Local\Microsoft\Windows\INetCache\IE\9PKUEMZA\sinstall[1].exe
2014-06-14 07:31:43	71F784969D24240764D5E5D752D55A41	1722581	----a-w-	C:\Users\juan\AppData\Local\Microsoft\Windows\INetCache\IE\N5AQ3EWI\ezdownloader[1].exe
2014-06-14 07:30:20	C2F76B2A4784CE0F8B5D1FBB149DE768	646144	----a-w-	C:\ProgramData\Adblocker\r9HCy.exe
2014-06-14 07:29:57	C2F76B2A4784CE0F8B5D1FBB149DE768	646144	----a-w-	C:\ProgramData\saive on\u6gqNTQ.exe
2014-06-14 07:28:27	E717F6CE3A7429BFA6D7F3CF66737A4B	15968	--s---r-	C:\Users\juan\AppData\Local\Temp\{CD71812B-1FCD-4644-A4AF-57EF1692A3DD}\Setup.exe
2014-06-12 16:57:12	6FA3748C659D1EB7CDB99AA4D8FA2857	1920000	------w-	C:\Users\juan\AppData\Local\Apps\2.0\699TZPD6.2QE\EA7QJLJR.01A\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\CurseClient.exe
2014-06-12 16:57:12	122787B85554A8D7B3D4C0B2B138A1DC	133632	----a-w-	C:\Users\juan\AppData\Local\Apps\2.0\699TZPD6.2QE\EA7QJLJR.01A\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6290e21932c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
2014-06-12 16:57:12	122787B85554A8D7B3D4C0B2B138A1DC	133632	----a-w-	C:\Users\juan\AppData\Local\Apps\2.0\699TZPD6.2QE\EA7QJLJR.01A\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee691605167f2968\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
2014-06-11 14:37:13	D8FA7F0CB132A1C61646FFC3B52072B1	1919488	------w-	C:\Users\juan\AppData\Local\Apps\2.0\699TZPD6.2QE\EA7QJLJR.01A\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6280da2836c\CurseClient.exe
2014-06-11 14:37:13	122787B85554A8D7B3D4C0B2B138A1DC	133632	----a-w-	C:\Users\juan\AppData\Local\Apps\2.0\699TZPD6.2QE\EA7QJLJR.01A\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b6280da2836c\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
2014-06-11 14:37:13	122787B85554A8D7B3D4C0B2B138A1DC	133632	----a-w-	C:\Users\juan\AppData\Local\Apps\2.0\699TZPD6.2QE\EA7QJLJR.01A\curs...exe_9e9e83ddf3ed3ead_0005.0001_none_ee691605167f2967\ESMODInstaller\Curse.CurseClient.CMODInstaller.exe
2014-06-11 14:34:41	D3BB3F9ADE86B1E1E36371195DC8A0B2	810160	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-06-11 14:34:39	A9EBEFD3FC125D31EB33A8BB1AB17BE8	812208	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-06-11 14:34:38	50989AAF09CDCEBC0FD8EB0FE79C2A98	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-06-11 14:34:36	159C5979C61F51EEFC84D9AB17C4E0E7	482816	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-06-11 14:34:30	EAAA62F272858695814A1F42D5E59BD3	608768	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-06-11 14:34:11	AA5A86B32FC3975284082C64059F92DF	79872	----a-w-	C:\Windows\System32\WSReset.exe
2014-06-11 14:34:11	A2C6F2D0CA2E69C4F210795A7CD9BFA7	25304	----a-w-	C:\Windows\WinStore\WSHost.exe
2014-06-11 14:34:10	BB7F878413AD3C2E7E89C96193D405DF	57856	----a-w-	C:\Windows\System32\drvcfg.exe
2014-06-11 14:34:10	8E472AA2E916417B55BC1E6727957453	110592	----a-w-	C:\Windows\System32\drvinst.exe
2014-06-11 14:34:10	61F5222289E052C40274ECD182A8AA99	98816	----a-w-	C:\Windows\SysWOW64\drvinst.exe
2014-06-11 14:33:56	CFB353B4E33AFE922C3A62DBC9C9B0A8	7425368	----a-w-	C:\Windows\System32\ntoskrnl.exe
2014-06-11 14:33:55	0BDD786156C820F49EEF5D348B4ACFF4	335872	----a-w-	C:\Windows\System32\MDEServer.exe
2014-06-11 14:33:55	067CB90C277DB4A737D5DEABA3055972	407016	----a-w-	C:\Windows\System32\services.exe
2014-06-11 14:33:54	E369C59F2C0852DDD090C07E0DDE0051	1436160	----a-w-	C:\Windows\System32\VSSVC.exe
2014-06-11 14:33:54	CA67486846839817EFE89926A32BFFDA	86808	----a-w-	C:\Windows\ImmersiveControlPanel\SystemSettings.exe
2014-06-11 14:33:54	BF6FBC9D97A24FABB0AE8B878279CF0B	244880	----a-w-	C:\Windows\System32\audiodg.exe
2014-06-11 14:33:54	67176AA6EAF34FF2A962F14EB8F0478B	263424	----a-w-	C:\Windows\System32\SystemSettingsAdminFlows.exe
2014-06-11 14:33:54	072A99F351C505A45C9FDA32E7324602	28408	----a-w-	C:\Windows\System32\mfpmp.exe
2014-06-11 14:33:53	F587513213947A4C7EF47B660DAAFBC5	271872	----a-w-	C:\Windows\System32\rstrui.exe
2014-06-11 14:33:53	DC61194C93DE9E5D549AEC5064A06BD4	872448	----a-w-	C:\Windows\System32\SkyDrive.exe
2014-06-11 14:33:53	B194DFF0C303121926CF5AAC3D5165ED	70656	----a-w-	C:\Windows\System32\InputMethod\SHARED\ChxPropertyUI.exe
2014-06-11 14:33:47	E129D34089E70215B65EA611F802FA9A	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-06-11 14:33:47	7D6B20C69CC8EECB8F31D4FAF913BBE8	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 14:33:47	338415F2E9A188875B6E43B5269620B0	139264	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-06-11 14:33:45	60A4EAAA2964A3ECFD91A6EC9F8B72C0	3048904	----a-w-	C:\Windows\System32\WpcMon.exe
=== C: other files ==
2014-06-15 10:30:31	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\juan\AppData\Roaming\Raptr\data\mrcold07\config\certificates\x509\tls_peers\xmpp-server6.raptr.com
2014-06-15 10:30:31	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\juan\AppData\Roaming\Raptr\data\mrcold07\config\certificates\x509\tls_peers\xmpp-server3.raptr.com
2014-06-15 09:43:55	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\juan\AppData\Roaming\Raptr\data\mrcold07\config\certificates\x509\tls_peers\xmpp-server5.raptr.com
2014-06-15 09:34:39	8A50D5304E6AE48664CF5838EC32F647	122584	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-15 09:34:23	F92B0E478C0FAA6D6661E6E977247E60	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2014-06-15 09:34:23	9D9ED48F841EA37AA5310D54B9E5D3C7	91352	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-15 09:34:23	0664F6335F108F38FE08C3CA747311EE	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2014-06-15 09:23:12	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\juan\AppData\Roaming\Raptr\data\mrcold07\config\certificates\x509\tls_peers\xmpp-server4.raptr.com
2014-06-15 09:23:12	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\juan\AppData\Roaming\Raptr\data\mrcold07\config\certificates\x509\tls_peers\xmpp-server2.raptr.com
2014-06-15 09:14:00	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
2014-06-14 07:25:37	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\juan\AppData\Roaming\Raptr\data\mrcold07\config\certificates\x509\tls_peers\xmpp-server8.raptr.com
2014-06-11 14:34:11	D18EC2C83C2F773C9476A4FB0AA4C314	295424	----a-w-	C:\Windows\System32\drivers\ks.sys
2014-06-11 14:34:11	A9749FD0A06E22009EA972D8B9CB046B	428888	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-11 14:34:11	4B666AE119D2ADBAC816BEA7DB4D6881	2518872	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2014-06-11 14:33:56	5661481164A164CAD67DBE5A0191207F	4190720	----a-w-	C:\Windows\System32\win32k.sys
2014-06-11 14:33:55	FD163F487CBA9C98AFFEB546C80F49A2	677376	----a-w-	C:\Windows\System32\drivers\srv2.sys
2014-06-11 14:33:55	DBA635C6398782C549E3BE45CF1D0411	206848	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2014-06-11 14:33:55	7C7BE474915166B61B84C025F1F10157	563200	----a-w-	C:\Windows\System32\drivers\afd.sys
2014-06-11 14:33:55	78514B073CC5775800A65BFB82A0D66B	443904	----a-w-	C:\Windows\System32\drivers\nwifi.sys
2014-06-11 14:33:55	4BB9BC49DEE1A319EC58274A7BBED663	310616	----a-w-	C:\Windows\System32\drivers\volsnap.sys
2014-06-11 14:33:55	0696F66E4D423793951A60562F794D14	402432	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2014-06-11 14:33:54	F152D55E497E12256290C43B31C7D0CE	589656	----a-w-	C:\Windows\System32\drivers\fvevol.sys
2014-06-11 14:33:54	D90AB68D0FAC9F357F663670FDBB511E	275800	----a-w-	C:\Windows\System32\drivers\msiscsi.sys
2014-06-11 14:33:54	CADCE0D6C30427F70A4BFA426256F68C	337240	----a-w-	C:\Windows\System32\drivers\Classpnp.sys
2014-06-11 14:33:54	716059F37BCCB1ABEDE99EBE82E8E362	246272	----a-w-	C:\Windows\System32\drivers\srvnet.sys
2014-06-11 14:33:54	6592D192E2823C043EDBC010E7774053	360792	----a-w-	C:\Windows\System32\drivers\fltMgr.sys
2014-06-11 14:33:54	4C1E71E37B56C768900B1FCF81205027	372568	----a-w-	C:\Windows\System32\drivers\storport.sys
2014-06-11 14:33:54	498288DD5CA42C2D36D125893E968C53	77312	----a-w-	C:\Windows\System32\drivers\hdaudbus.sys
2014-06-11 14:33:54	33977549C2CED09936E05BEE7659EAFF	384856	----a-w-	C:\Windows\System32\drivers\spaceport.sys
2014-06-11 14:33:44	182561A14F2E93E81E66FE3700D17A5A	55328	----a-w-	C:\Windows\System32\drivers\wpcfltr.sys
2014-06-08 13:35:08	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\juan\AppData\Roaming\Raptr\data\mrcold07\config\certificates\x509\tls_peers\xmpp-server7.raptr.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3791798080-547081399-4143443647-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Dxtory Update Checker 2.0"="C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1AR05KF505NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"uTorrent"="C:\Users\juan\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"AllShareAgent"="C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"UpdReg"="C:\Windows\UpdReg.EXE"
"Sound Blaster Recon3D PCIe SBX Control Panel"="C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel v2\SBRnPCIe.exe /r"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dxtory Update Checker 2.0"="C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"HP Photosmart 5510 series (NET)"="C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe -deviceID CN1AR05KF505NR:NW -scfn HP Photosmart 5510 series (NET) -AutoStart 1"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"uTorrent"="C:\Users\juan\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Program Files (x86)\\SW-Booster\\Assistant_x64.dll"

==== Startup Folders ======================

2014-04-07 17:25:34	0	----a-w-	C:\Users\juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
2013-12-18 20:58:10	1047	----a-w-	C:\Users\juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24/05/2014 21:47]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{EF33B0B0-87DB-4F71-9F9C-4998E0D97D0B}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19/01/2014 18:09]

ssave oni - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Administrator\AppData\Local\Torch\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Administrator\AppData\Local\Torch\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Administrator\AppData\Local\Torch\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - Gast\AppData\Local\Torch\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - Gast\AppData\Local\Torch\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - Gast\AppData\Local\Torch\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
AdBlock - juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Battlefield 4 - Determination - juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gilcnacgbnjkpclipjponheecjfpeefa
avast Online Security - juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
20-20 3D Viewer for IKEA - juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp
ssave oni - juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn
ssave oni - juan\AppData\Local\Torch\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik
save On - juan\AppData\Local\Torch\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh
Adblocker - juan\AppData\Local\Torch\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh
Code Cola - juan\AppData\Local\Torch\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn

==== Chrome Fix ======================

C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_google-sketchup.nl.softonic.com_0.localstorage deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_google-sketchup.nl.softonic.com_0.localstorage-journal deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\juan\AppData\Local\Torch\User Data\Default\Extensions\bhaklaicnlkhciggijhaegdmbfbjlpik deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\juan\AppData\Local\Torch\User Data\Default\Extensions\fgpannapdmioogajhoekofiggghcnnkh deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\juan\AppData\Local\Torch\User Data\Default\Extensions\bmdbgifnljibflddjaimheifkcolcpoh deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\juan\AppData\Local\Chromatic Browser\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\juan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\juan\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully
C:\Users\juan\AppData\Local\Torch\User Data\Default\Extensions\lomkpheldlbkkfiifcbfifipaofnmnkn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\juan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\juan\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=363 folders=177 81468403 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\juan\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\juan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 15/06/2014 at 13:17:28,55 ======================