
Zoek.exe v5.0.0.0 Updated 14-November-2014
Tool run by marleen on za 15/11/2014 at 10:45:17,10.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\marleen\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

15/11/2014 10:47:25 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\marleen\AppData\Roaming\WebExtend deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3574955231-1429911895-3831399447-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Adobe Flash Player 15 Plugin  
Adobe Reader XI (11.0.09) - Nederlands  
Avira Free Antivirus  
Belgium e-ID middleware 4.0.7 (build 7453)  
CCleaner  
Intel(R) Graphics Media Accelerator Driver  
Microsoft Office 2007 Service Pack 3 (SP3)  
Microsoft Office Access MUI (Dutch) 2007  
Microsoft Office Enterprise 2007  
Microsoft Office Excel MUI (Dutch) 2007  
Microsoft Office File Validation Add-In  
Microsoft Office Groove MUI (Dutch) 2007  
Microsoft Office InfoPath MUI (Dutch) 2007  
Microsoft Office Office 64-bit Components 2007  
Microsoft Office OneNote MUI (Dutch) 2007  
Microsoft Office Outlook MUI (Dutch) 2007  
Microsoft Office PowerPoint MUI (Dutch) 2007  
Microsoft Office Proof (Dutch) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (German) 2007  
Microsoft Office Proofing (Dutch) 2007  
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  
Microsoft Office Publisher MUI (Dutch) 2007  
Microsoft Office Shared 64-bit MUI (Dutch) 2007  
Microsoft Office Shared MUI (Dutch) 2007  
Microsoft Office Word MUI (Dutch) 2007  
Microsoft Silverlight  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Mozilla Firefox 33.1 (x86 nl)  
Mozilla Maintenance Service  
Security Update for CAPICOM (KB931906)  
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2899526) 32-Bit Edition   
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition   
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition   
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition   
Security Update for Microsoft Office Word 2007 (KB2899527) 32-Bit Edition   
Stuurprogrammapakket voor Windows - Fedict SmartCard  (03/25/2014 4.0.7.4)  
Tweaking.com - Windows Repair (All in One)  
Update for 2007 Microsoft Office System (KB967642)  
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2899525) 32-Bit Edition  
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition  
VASCO Card Reader Plug-In (64-Bit)  
VASCO Smart Card Reader Plug-In (User)  
WinRAR 4.20 (64-bit)  

==== Running Processes ======================

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
C:\Users\marleen\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\7amvwxd3.default-1415537532981

user.js not found
---- Lines {58e3c1c9-2dc1-4762-bd45-1df9da9d0820} removed from prefs.js ----
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.daysPassed", "{\"t2d\":true}");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.installtime", "1415797090.863");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.isFirstRun", "false");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.is_bundle", "true");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.lastC", "{\"sm\":393277,\"li\":393328,\"mo\":393325}");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.last_version", "");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.moEnabled", true);
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.server", "https://s7902.webovernet.com");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.src", "7902");
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.toolbarButtonInstalled", true);
user_pref("{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}.user_id", "259A97B9-C093-4CA6-A3EB-E3664C6B3D2F");
---- Lines {58e3c1c9-2dc1-4762-bd45-1df9da9d0820} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- Lines {d6b1a471-3776-48de-90e2-a0d90de70fd3} removed from prefs.js ----
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.installtime", "1415797090.863");
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.is_bundle", "true");
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.isFirstRun", "false");
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.last_version", "");
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.lastC", "{\"sm\":393277,\"li\":393304}");
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.server", "https://s7902.webovernet.com");
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.src", "7902");
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.toolbarButtonInstalled", true);
user_pref("{d6b1a471-3776-48de-90e2-a0d90de70fd3}.user_id", "259A97B9-C093-4CA6-A3EB-E3664C6B3D2F");
---- Lines trovi removed from prefs.js ----
user_pref("browser.search.defaultenginename", "Trovi search");
user_pref("browser.search.selectedEngine", "Trovi search");
---- FireFox user.js and prefs.js backups ---- 

prefs_20141511_1057_.backup

ProfilePath: C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\RbRqinRD.default

prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ---- 


ProfilePath: C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\sq9ky3bc.default-1415452047738

prefs.js not found
user.js not found
---- FireFox user.js and prefs.js backups ---- 


==== Deleting Files \ Folders ======================

C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\7amvwxd3.default-1415537532981\searchplugins\trovi-search.xml deleted
C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\7amvwxd3.default-1415537532981\extensions\{58e3c1c9-2dc1-4762-bd45-1df9da9d0820} deleted
C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\RbRqinRD.default\extensions\abs@avira.com deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 2038 MB
CPU Info: Intel(R) Core(TM)2 Duo CPU     E7400  @ 2.80GHz
CPU Speed: 2822,9 MHz
Sound Card: Luidsprekers (High Definition A | 
Digitale audio (S/PDIF) (High D | 
Display Adapters: Intel(R) G33/G31 Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
CD / DVD Drives: 2x (F: | G: | ) F: LITE-ON DVD SOHD-16P9S   | G: LITE-ON DVDRW SHM-165P6S
Ports: COM1 LPT1
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  29,3GB | D:  22,5GB | E:  22,8GB
Hard Disks - Free: C:  3,2GB | D:  22,3GB | E:  11,7GB
Manufacturer *: Award Software International, Inc.
BIOS Info: AT/AT COMPATIBLE | 02/09/09 | ACRSYS - 42302e31
Time Zone: Romance (standaardtijd)
Motherboard *: Gigabyte Technology Co., Ltd. EG31MF-S2
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Avira Desktop On-access scanning disabled (Outdated)
Anti-Spyware: Avira Desktop disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox	33.1
Internet Explorer Version: 11.0.9600.17420 
Mozilla Firefox version: 33.1 (x86 nl)
Adobe Reader version: 11.0.9.29
Flash Player version: 15.0.0.223

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-11-10 13:05:47	CA2A8AF1DBAD0F31F9B33A2827DFBC16	207	----a-w-	C:\Windows\tweaking.com-regbackup-PC52-Microsoft-Windows-7-Home-Premium-(64-bit).dat
====== C:\Users\marleen\AppData\Local\Temp ====
2014-11-12 12:52:15	A378E9EC422633CBB02EB0797BA61E83	112375	----a-w-	C:\Users\marleen\AppData\Local\Temp\SimBundD.exe
2014-11-12 12:52:15	848C92FE4CA42367B63875FF6789A858	5624256	----a-w-	C:\Users\marleen\AppData\Local\Temp\pcspeedup.exe
2014-11-12 12:36:10	80B1F46704D6E08EE1E6ECC18AEDEC49	52528	----a-w-	C:\Users\marleen\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-11-08 08:47:13	5C73E64374D9BA37AC5569D1F7DE5C9B	665682	----a-w-	C:\Users\marleen\AppData\Local\Temp\sqlite3.dll
2014-11-08 08:33:34	7AAB90847C56E6F7E922BB29D5B3EA8A	601088	----a-w-	C:\Users\marleen\AppData\Local\Temp\Quarantine.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-11-12 07:19:20	980EEEE8815DA7593708774D1225BD35	681984	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:19:19	9AB39ADD28C7C1A685B1EA8C6A25CF08	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:19:19	9216ABFD53F5EC1F35C3554AD1A175DE	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:19:19	13E5B1CD503A4B21E9F0A2D55A00198B	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:19:15	B6273619A3DF28F03B64E911E45A6AB2	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:19:15	A6E51BDCB8F4B84E874F918F0452763D	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:19:15	5D5640C34C4A97467F77489DBB157568	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:19:14	FB56C76FEA44693752BD99D7D9930ABA	341168	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:19:14	93074C4FA92A8399404D032F6AF72C1B	19781632	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:19:14	843BD9DAF03ABB6761DEE6D155301F28	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:19:14	66F4FFDBCD501260ABC198317D2B0D10	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:19:14	4772DB007FFBD4BBE3F526704BCA67FE	1310208	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:19:14	26EE6C9780A8FC872C60F9E35D7EBD4B	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:19:13	5E01004CBC35A78FE2AB4016CCAD4760	708096	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:19:13	5972510EF1C6097D9C14C17387A5EDB2	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:19:13	19D68FDEE62519C5A0387EB4E88A01EF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:19:12	FA310BD4A5DE904445DDDE54C5A654F2	2277376	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:19:12	7748B3DDDC92C7FC11F7462DB872E8E7	2051072	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:19:11	A1A2EE55A2C69F79AED00973E604B9C4	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:19:11	8A46404AC1AEB22AA2D4C906D0FC86C2	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:19:11	8585BC27224F97458C186AA085B754A7	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:19:11	6DDC0F44A70976C492CB1666BA9A7912	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:19:11	4F8CD74CD69A94ED1A5D7E837A356F4E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:19:11	36EE0A2A981617610F921BCBB997DB06	12819456	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:19:09	AE39939F1E25401B9A4952A7A8D372AC	4298240	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:19:09	4169C6A6613856D69224498620F0C2B5	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:19:08	9ED3132B7F0D36FA9911721E8B2CB968	501248	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:19:08	755D0A90CFC4BCB178D7070B0351F0AE	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:19:08	6DD7D61A8EF3DFEC4FAEFEB395E77424	1892864	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:19:08	139E85C4E5DF322AE1BF6544D8C32B0A	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:18:51	537184E7306E06BB22C5B93D2AFA4DF8	1237504	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:18:51	09FA271EE1F9AD68B2D1C1C210F4B71F	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:18:49	5FDBDEECA34E73325D87C5ACD16A3EEC	701440	----a-w-	C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:18:48	8D338464B851DDD76E2B876A3E09EB70	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:18:47	FD79B005E849DF3D7E9B5EB7A637C528	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:18:47	AA7325057A1E1CC401798C0B1238E182	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:18:45	B580A6B9932669DE703001AEE66D5BB1	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:18:45	9CEA80FFC617E6B6DD7B52E6225C0D38	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:18:45	8FE6AB488ECDC60930CE973A7051B0D4	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:18:45	8CFAEFCD7F1E004950FCAE870A501B3E	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:18:45	8205E55DFB11809E5F2AAD1C48840535	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:18:45	3B3B8BA16DC999EA17D075D2F1064DE4	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:18:45	37BC079204BF9B087D6DE6B728908B4B	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:18:35	0F39AC3274312EFFD03928291E8BA7CA	67584	----a-w-	C:\Windows\SysWOW64\packager.dll
2014-11-12 07:18:34	EDA54D2E17C0271D2CDA946ABE344110	571904	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-11-12 07:19:20	C4C1B73FC2FF151BA08E1EAFDE2A2FAF	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-11-12 07:19:20	58F87BF5659C8EBC61EB439C916F2F9A	681984	----a-w-	C:\Windows\Sysnative\adtschema.dll
2014-11-12 07:19:20	008CD4EBFABCF78D0F19B3778492648C	683520	----a-w-	C:\Windows\Sysnative\termsrv.dll
2014-11-12 07:19:19	7184AEACDA13E64B10F84E9DD79C8A01	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2014-11-12 07:19:15	854B230F5D77486B67D809FFB8A10C7E	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-11-12 07:19:15	7293701905DF1F40760C851F20DDC9EC	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-11-12 07:19:15	1F3794CE1AEA5DA12ACF90210EAE4ECB	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-11-12 07:19:14	4E47ABA3C6C5032446A2AF7EFD026037	716800	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-11-12 07:19:14	33098C85B789630865CD3F5D22FB0DFC	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-11-12 07:19:14	26BC4EC95E363DD59171710E22108F15	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-11-12 07:19:13	1C216980E7D21100A357B52B3C45F78D	388272	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-11-12 07:19:12	56651A76C63DAF2C593F1F767FC8A856	1550336	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-11-12 07:19:11	E17C34BECCD1388E9B386A9F82F01222	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-11-12 07:19:11	C6A719FD0B07B2DD0ADACD07636F4BAD	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-11-12 07:19:11	2A1A7F17C906941334C6A67E935F214B	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-11-12 07:19:11	1E30BECF0DB35481588FB72C9CF97CA2	800768	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-11-12 07:19:10	BD708EBEDB35E474F1A19747154ACC47	799232	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-11-12 07:19:10	6507CA9349500A535AF70670F248E525	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-11-12 07:19:10	5C9D58591D0091630452B04F35527240	2124288	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-11-12 07:19:09	BA4EC6139B8830BBA9CC5D065CA5796C	2884096	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-11-12 07:19:08	31F2A5ECFD2C75F970A3007ACD5627C7	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-11-12 07:19:08	277A4735954F1BF29EE3D138A5251BFE	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-11-12 07:19:08	08BCDD6C9E23D00309F359620461DFE8	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-11-12 07:19:07	69602F6259598A7837CB83D3608FE293	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-11-12 07:19:06	154B8555A118BCFD95F358390E418B00	14390272	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-11-12 07:19:03	98088A13F65BE35DA3693F264740CEEC	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-11-12 07:19:03	7EE5FBD190BF5B27F7977EA6CBF0DCAC	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-11-12 07:19:03	7EC80DB959695D4F927D2D601DA59F35	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-11-12 07:19:02	F208D7FB40FD80EA9F123BABF687359C	6040064	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-11-12 07:19:02	B6DC4597FF946B0C8B29650A71F52D4E	580096	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-11-12 07:19:02	6FC2819A4F80AAB2DADEDFC1EFEE3C3F	2365440	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-11-12 07:19:01	EE3592B010E3F69D141323E592C01A1A	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-11-12 07:19:01	4B6D9AB2ECD11AF5F6B1C42D938E0A85	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-11-12 07:19:00	BBD6A636AAA65D874F3863280CD8373D	25110016	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-11-12 07:18:51	D005697F0467BBDDAB7638496DA5DB52	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2014-11-12 07:18:51	364ECFF4ABD9D575F4F7CF7EB7928EF3	1882624	----a-w-	C:\Windows\Sysnative\msxml3.dll
2014-11-12 07:18:49	1FEBD408F32DFC523882E7DA5AC57819	878080	----a-w-	C:\Windows\Sysnative\IMJP10K.DLL
2014-11-12 07:18:48	DE3E38431B00C2EA247C53675DCF01A0	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2014-11-12 07:18:48	B1BB7B91C3C878FDB2874138CE81C4EF	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2014-11-12 07:18:48	A2C9E45F4069A002E985D1563D16813B	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2014-11-12 07:18:48	9383B21A4B77C130940262DDC5F3F49B	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2014-11-12 07:18:47	FAFCB80D42A65964B6F4945283B8C10F	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2014-11-12 07:18:45	DF30FC54FFF79BC744B22A4850A3CF92	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-11-12 07:18:45	A71B81AC2C14ABA013CCF1225D9E3E36	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-11-12 07:18:45	55F0CF40479A1FC89CFA578909A540F2	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-11-12 07:18:45	47C48C705F4F1EFC99B50B43AE4301FE	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-11-12 07:18:45	336BA030AB7B05300CB0B5C6AFB27176	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-11-12 07:18:45	109CC0DF72CC07A6CB59D2995255A1DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2014-11-12 07:18:45	028D99F83CBB31DB7995530B89EA13CF	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-11-12 07:18:35	93C055B6AAD76360A60CB7E59A491531	3198976	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-11-12 07:18:35	934735F508E297504460935B71E99F0B	77824	----a-w-	C:\Windows\Sysnative\packager.dll
2014-11-12 07:18:34	B938AF16A521C913791C6F7AFF032757	861696	----a-w-	C:\Windows\Sysnative\oleaut32.dll
====== C:\Windows\Sysnative\drivers =====
2014-11-12 13:19:16	F627BFFCC52587350E49FC2C2A03C7F9	43064	----a-w-	C:\Windows\Sysnative\drivers\avnetflt.sys
2014-11-12 13:19:16	AF61774060F277FE45CBD3A9A8E7D45A	131608	----a-w-	C:\Windows\Sysnative\drivers\avipbb.sys
2014-11-12 13:19:16	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\Sysnative\drivers\avkmgr.sys
2014-11-12 13:19:15	1B87A1F2FA5B91AC1A7D171B8D952441	119272	----a-w-	C:\Windows\Sysnative\drivers\avgntflt.sys
2014-11-12 07:19:20	41774FF331F609EF442B7398EE6202B1	155064	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-10-16 18:40:12	FE571E088C2D83619D2D48D4E961BF41	212480	----a-w-	C:\Windows\Sysnative\drivers\rdpwd.sys
2014-10-16 18:40:11	E232A3B43A894BB327FC161529BD9ED1	39936	----a-w-	C:\Windows\Sysnative\drivers\tssecsrv.sys
====== C:\Windows\Tasks ======
2014-11-12 12:41:41	0E7D3C590B447220B5E2AD1FD3C9C9DB	3124	----a-w-	C:\Windows\Sysnative\Tasks\{D8E20123-78B3-4952-BAA9-623FC9B89650}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-11-12 12:52:53	--------	d-----w-	C:\PROGRA~2\Avira
2014-11-10 13:02:59	--------	d-----w-	C:\PROGRA~2\Tweaking.com
2014-11-09 12:07:53	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
======= C: =====
====== C:\Users\marleen\AppData\Roaming ======
2014-11-12 13:27:33	--------	d-----w-	C:\Users\marleen\AppData\Roaming\Avira
2014-11-12 13:22:31	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Avira
2014-11-12 12:32:22	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AviraSpeedup
2014-11-12 12:30:31	615E7060F74C83A1C0F0C6AC0B2B0339	120600	----a-w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-11 07:49:25	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-11-11 07:49:25	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-11-11 07:49:25	--------	d-----w-	C:\Users\marleen\AppData\Local\Temp
2014-11-11 07:49:25	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2014-11-11 07:49:25	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2014-11-07 16:03:43	--------	d-----w-	C:\Users\marleen\AppData\Local\Apps
====== C:\Users\marleen ======
2014-11-15 08:22:30	5DCED6B6A9BF0C12079E8F9513B3C8C1	4974864	----a-w-	C:\Users\marleen\Desktop\ccsetup419.exe
2014-11-13 15:44:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-13 15:31:34	1A75D66595A9C48212B72FBCE154AE3C	150373936	----a-w-	C:\Users\marleen\Desktop\avira_free_antivirus_nl.exe
2014-11-12 17:59:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-11-12 13:15:15	--------	d-----w-	C:\ProgramData\Avira
2014-11-08 16:01:56	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\marleen\download\RSITx64.exe
2014-11-07 17:42:25	C94BBF350582A40F65B107F90198AA3A	61203592	----a-w-	C:\Users\marleen\download\EIE11_NL-NL_MCM_WIN764.EXE
2014-11-07 15:56:05	17E23888931AF88CF01F438748A0BDDD	61205128	----a-w-	C:\Users\marleen\download\EIE11_NL-NL_WOL_WIN764(1).EXE
2014-11-07 15:46:00	17E23888931AF88CF01F438748A0BDDD	61205128	----a-w-	C:\Users\marleen\download\EIE11_NL-NL_WOL_WIN764.EXE
2014-11-06 07:01:52	1A75D66595A9C48212B72FBCE154AE3C	150373936	----a-w-	C:\Users\marleen\download\avira_free_antivirus_nl.exe

====== C: exe-files ==
2014-11-15 08:22:30	5DCED6B6A9BF0C12079E8F9513B3C8C1	4974864	----a-w-	C:\Users\marleen\Desktop\ccsetup419.exe
2014-11-14 13:29:18	A6EFDDE5CD978ABFC0E7AA1561065191	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$I09MLW1.exe
2014-11-14 10:22:04	2D6E4367F30378AE2FB1FF77F6286F31	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$I1PVJ9H.exe
2014-11-14 10:20:43	32FA349AE36063615939CABECCD96D38	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$IV2MIPM.exe
2014-11-13 15:34:25	FE9F6E49159F2B45E0FEC20F860FC3CC	1834288	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe
2014-11-13 15:34:25	F1294E1F9F87FBCC74A885786BE2E9B4	547576	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe
2014-11-13 15:34:25	B870A0931F0A29FC7ED67C151EFF5B90	4763416	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avira_nl____fm.exe
2014-11-13 15:31:34	1A75D66595A9C48212B72FBCE154AE3C	150373936	----a-w-	C:\Users\marleen\Desktop\avira_free_antivirus_nl.exe
2014-11-13 06:57:50	40CA496413D2820D74FC1EEF0F98C8D0	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$ICUYR6T.exe
2014-11-12 13:19:57	09277E826B0367A0C1E1CA6A62229AE9	494328	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe
2014-11-12 13:19:33	B2AA6BBD6889F6D0FF2BC3DBB20191EC	394032	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
2014-11-12 13:19:33	590A2E799307D5956564D102CBF83088	1063728	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
2014-11-12 13:19:31	FCFCD84A3F84375CF2EADA10650C3289	431920	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
2014-11-12 13:19:31	066DC0E9DA8ABFB38AC9940DAD74142E	419064	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\setuppending.exe
2014-11-12 13:19:27	49768CB9D03114C9B0838CD184B818E7	485112	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\licmgr.exe
2014-11-12 13:19:26	9040C43001E664A7008A080D993989BC	451888	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
2014-11-12 13:19:26	23926D27C362393443D07AA7CC454E8A	488240	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\inssda64.exe
2014-11-12 13:19:25	B0DD12938D0F2FFCFF81991F49F5A1C9	658736	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe
2014-11-12 13:19:24	D137DBF23D975016FFE322544EA25569	880376	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\fact.exe
2014-11-12 13:19:24	6876A993D9710A16368C07DC2E6EDC0C	401200	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\checkt.exe
2014-11-12 13:19:23	4879026294748782074EE3AD12F72B35	465200	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
2014-11-12 13:19:21	90B0B5534700963525AEFE9D21F9C2C0	4586672	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avira_en____fm.exe
2014-11-12 13:19:19	E93FC828AFFAB5E79485C016DFFFDCF1	1043152	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
2014-11-12 13:19:19	D62CB48F2FA06D7A243928F2D09470D7	994552	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
2014-11-12 13:19:19	0454B4FE6D019E808A5292BBC27A057A	496432	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe
2014-11-12 13:19:18	E640A178BA85DF20D433F2DF1C6FC0DD	1014576	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
2014-11-12 13:19:18	B0BC20ADD485E48DDFC613941CBBCFD0	994096	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
2014-11-12 13:19:18	87A29C9801987DD6C6B25061B9F179DC	410360	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avupgsvc.exe
2014-11-12 13:19:18	2B4949F788C03B2DC92DCE3B1A280B8F	624432	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
2014-11-12 13:19:17	AE5F4AE5BD362B5BFE18B9F635CDD6C9	702712	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
2014-11-12 13:19:15	FCFCD84A3F84375CF2EADA10650C3289	431920	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
2014-11-12 13:19:15	DAA21DC0AA2E688370D356757892816D	703736	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
2014-11-12 13:19:14	40C23846D6E4E300559A0CA79AAC78C3	417072	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avadmin.exe
2014-11-12 13:19:14	25EA4BE5DB5CF97B59838D81F4EB76CB	819504	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe
2014-11-12 13:19:14	17466E1860F53BF0405D6CAAF25002F5	703280	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
2014-11-12 13:14:19	B3DD235865730EA58DD4DB8DBF7225F2	4583464	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$RCUYR6T.exe
2014-11-12 13:12:01	DB60F9A23937A1EBBE3E4CB661427E67	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$I6RYT04.exe
2014-11-12 13:02:37	C327BBE1ECE10A118D33B2A785E10414	732728	----a-w-	C:\Users\marleen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WLVT8YDM\OrbiterInstaller[1].exe
2014-11-12 13:02:35	8A15089480AE0CC703BF3A8C1D7922E6	7475096	----a-w-	C:\Users\marleen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUVHUZCO\SPSetup[1].exe
2014-11-12 13:02:32	AE9DC93C1788422A2AFFA1F804F498A6	177432	----a-w-	C:\Users\marleen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WLVT8YDM\spstub[1].exe
2014-11-12 12:52:15	A3EF50C9504E3DAF3C570F9062C73FDC	4585472	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$R6RYT04.exe
2014-11-12 12:52:15	A378E9EC422633CBB02EB0797BA61E83	112375	----a-w-	C:\Users\marleen\AppData\Local\Temp\SimBundD.exe
2014-11-12 12:52:15	848C92FE4CA42367B63875FF6789A858	5624256	----a-w-	C:\Users\marleen\AppData\Local\Temp\pcspeedup.exe
2014-11-12 12:51:08	CF7E6D182A3278ADE5A4454A06DCE073	371056	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$R1PVJ9H.exe
2014-11-12 12:49:27	5ECB13631F746599BCEA9E65005ABE83	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$ICYBBU8.exe
2014-11-12 12:29:17	B3DD235865730EA58DD4DB8DBF7225F2	4583464	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$RCYBBU8.exe
2014-11-12 12:27:42	F6C6026858019186489B14CDC260F369	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$IPDICL1.exe
2014-11-12 07:19:15	7293701905DF1F40760C851F20DDC9EC	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-11-12 07:19:14	B569522A58F9B53B20D16516D26E0DD8	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-11-12 07:19:14	4E47ABA3C6C5032446A2AF7EFD026037	716800	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-11-12 07:19:13	B5724D61C7CB3FC9BACD9F8E58A77A03	468992	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-11-12 07:19:13	2E1CAA313AAE151B8D6E81C0075DE88C	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-11-12 07:19:11	C6A719FD0B07B2DD0ADACD07636F4BAD	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-12 07:19:11	591C6FD1541BAFAEEE82B1F5831C8532	815280	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-11-12 07:19:11	4F8CD74CD69A94ED1A5D7E837A356F4E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:19:10	0A2FA344ABBE0D160CE9773256A42B21	484352	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-11-12 07:19:09	F00FC8AF1B04C4611F92BC3DA01A2F49	813744	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-11-12 07:19:08	08BCDD6C9E23D00309F359620461DFE8	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-11-12 07:18:49	7EEB4D2A17421D337F970FB5C3B24410	106496	----a-w-	C:\Windows\SysWOW64\IME\IMEJP10\imjpuexc.exe
2014-11-12 07:18:49	73E0DAD52482E65C478EA46081C8785A	141312	----a-w-	C:\Windows\System32\IME\IMEJP10\imjpuexc.exe
2014-11-10 13:48:14	1A75D66595A9C48212B72FBCE154AE3C	150373936	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$RPDICL1.exe
2014-11-10 13:03:00	2237B196DE74B2516360F2E0A4B302A0	1346048	----a-w-	C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\uninstall.exe
2014-11-10 13:01:47	029E39A95CDEA7F844FDB5DCD9D9DE67	9812288	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$RV2MIPM.exe
2014-11-09 12:07:56	253C4919C6A521555D758E8522CAF0A9	103588	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2014-11-09 12:07:54	DEA022193DF8C88F6E2B3E33D148A5DB	114288	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2014-11-08 16:01:56	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\marleen\download\RSITx64.exe
=== C: other files ==
2014-11-12 13:19:32	D66430ED8DF1E05D0F694B6BE3C1FB48	43040	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\sweb.zip
2014-11-12 13:19:16	F627BFFCC52587350E49FC2C2A03C7F9	43064	----a-w-	C:\Windows\System32\drivers\avnetflt.sys
2014-11-12 13:19:16	F627BFFCC52587350E49FC2C2A03C7F9	43064	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avnetflt.sys
2014-11-12 13:19:16	AF61774060F277FE45CBD3A9A8E7D45A	131608	----a-w-	C:\Windows\System32\drivers\avipbb.sys
2014-11-12 13:19:16	AF61774060F277FE45CBD3A9A8E7D45A	131608	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avipbb.sys
2014-11-12 13:19:16	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\System32\drivers\avkmgr.sys
2014-11-12 13:19:16	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avkmgr.sys
2014-11-12 13:19:15	1B87A1F2FA5B91AC1A7D171B8D952441	119272	----a-w-	C:\Windows\System32\drivers\avgntflt.sys
2014-11-12 13:19:15	1B87A1F2FA5B91AC1A7D171B8D952441	119272	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avgntflt.sys
2014-11-12 13:16:09	7468B9C673100AF1F7DC3CAD9C87F896	60979	----a-w-	C:\Windows\Temp\613083llang.bin.zip
2014-11-12 12:53:30	7468B9C673100AF1F7DC3CAD9C87F896	60979	----a-w-	C:\Windows\Temp\305730llang.bin.zip
2014-11-12 12:30:30	7468B9C673100AF1F7DC3CAD9C87F896	60979	----a-w-	C:\Windows\Temp\236840llang.bin.zip
2014-11-12 07:19:20	41774FF331F609EF442B7398EE6202B1	155064	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 07:18:35	93C055B6AAD76360A60CB7E59A491531	3198976	----a-w-	C:\Windows\System32\win32k.sys
2014-11-11 15:54:32	26021C8FCD59D99FDBA0B6D6C05D2285	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3574955231-1429911895-3831399447-1000\$IGK14V5.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3574955231-1429911895-3831399447-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/11/2014 07:19]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\{3D8915F4-4973-40E0-B8C7-85516461D1CA}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\7amvwxd3.default-1415537532981
- Undetermined - {58e3c1c9-2dc1-4762-bd45-1df9da9d0820}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\7amvwxd3.default-1415537532981
67D325B5AEB28E381B84E8DE1A90C7A8	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll -	Shockwave Flash
D2B5242013356AF422A42B9FAA4056C2	- C:\Users\marleen\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin
FD63DE29FE0A7E738BD81CA0EDDD8020	- C:\Users\marleen\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll -	VASCO Card Reader Plugin

Profilepath: C:\Users\marleen\AppData\Roaming\Mozilla\Firefox\Profiles\sq9ky3bc.default-1415452047738
D2B5242013356AF422A42B9FAA4056C2	- C:\Users\marleen\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin
FD63DE29FE0A7E738BD81CA0EDDD8020	- C:\Users\marleen\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll -	VASCO Card Reader Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.trovi.com/?gd=&ctid=CT3331213&octid=EB_ORIGINAL_CTID&ISID=M7AE6BA9A-B625-43D2-9F22-837660907D73&SearchSource=55&CUI=&UM=6&UP=SPDD316D12-EFC1-4774-912D-FA05D959DA75&SSPV="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\marleen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\marleen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\marleen\AppData\Local\Mozilla\Firefox\Profiles\7amvwxd3.default-1415537532981\cache2 emptied successfully
C:\Users\marleen\AppData\Local\Mozilla\Firefox\Profiles\sq9ky3bc.default-1415452047738\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=132 folders=31 2680510 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\marleen\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\marleen\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 15/11/2014 at 11:06:44,37 ======================