
Zoek.exe v5.0.0.0 Updated 24-12-2014
Tool run by Hayel on wo 24-12-2014 at 18:31:42,03.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Hayel\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

24-12-2014 18:34:42 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{192A6019-26D2-4611-AEAD-07CD7733B146} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully

==== File Information Results ======================


--- C:\Windows\PowerReg.dat ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 227
Created time: 2014-12-24 13:02:38
Modified time: 2014-12-24 13:02:48
MD5: 533ABCEEE0C35A693835CC3212A9F791
SHA1: 6D4249273BB8C0905BB25A461865D2C454B7ED86


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"Browser companion helper"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Funmoods not found
"C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job" deleted
"C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job" deleted
"C:\Windows\tasks\JLGBTT.job" deleted
"C:\Users\Hayel\AppData\Roaming\JLGBTT.exe" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\CMUtils.dll" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\Interop.IWshRuntimeLibrary.dll" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\MonoTorrent.Dht.dll" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\MonoTorrent.dll" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\TornTV Downloader.exe.config" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\TornTVSvc.exe" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\TornTvUpdater.exe" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com\uninst.exe" deleted
"C:\Program Files (x86)\BrowserCompanion\BCHelper.exe" deleted
"C:\Program Files (x86)\BrowserCompanion\sqlite3.dll" deleted
"C:\Program Files (x86)\BrowserCompanion\BCHelper.exe" deleted
"C:\Program Files (x86)\BrowserCompanion\sqlite3.dll" deleted
"C:\Users\Hayel\AppData\Roaming\TornTV.com" deleted
"C:\Program Files (x86)\BrowserCompanion" deleted
"C:\Program Files (x86)\BrowserCompanion" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-12-24 15:21:42	80E8A9D877445CD90EC72B630704AF0A	45568	----a-w-	C:\Windows\UniFish3.exe
2014-12-24 13:02:38	533ABCEEE0C35A693835CC3212A9F791	227	----a-w-	C:\Windows\PowerReg.dat
====== C:\Users\Hayel\AppData\Local\Temp ====
2014-12-24 15:32:57	7CBE02A02B5A7F377B2E19D42B57D6ED	43008	----a-w-	C:\Users\Hayel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplksbq4.dll
2014-12-24 13:11:28	FEFEF2F226FD6BE184BC4A3378B02AAF	155648	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\psmachine.dll
2014-12-24 13:11:28	FC7A2F466F7A0F3E873077505719C1A1	143360	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\GoogleUpdateHelper.msi
2014-12-24 13:11:28	C0A2D854DA879A5D55244E8DC4E7C8B8	761856	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\goopdate.dll
2014-12-24 13:11:28	AEF95394FF8029B9C17F81197C6AAB5A	220672	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\npGoogleUpdate4.dll
2014-12-24 13:11:28	8D90BB3A36521B50D0E512A781E36871	155648	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\psuser.dll
2014-12-24 13:11:28	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\GoogleUpdateOnDemand.exe
2014-12-24 13:11:27	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\GoogleUpdateBroker.exe
2014-12-24 13:11:27	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\GoogleUpdate.exe
2014-12-24 13:11:27	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Users\Hayel\AppData\Local\Temp\comh.188877\GoogleCrashHandler.exe
2014-12-23 11:57:28	6EB501E2269450CCD0CF64A540D7CA52	423976	----a-w-	C:\Users\Hayel\AppData\Local\Temp\ttv.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-12-22 13:39:13	0481346D0EF668C0D4FF69A7BBEFA846	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 10:58:24	D17954CA6343F43B62637F51996B4E95	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 10:58:24	52096F5F476733F2E2725CF346FF373B	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2014-12-12 10:58:23	FF0A6E76FAE624AC74780AB008752F98	3209728	----a-w-	C:\Windows\SysWOW64\mf.dll
2014-12-12 10:58:23	60FBCF033FF42A40C916C01A962A8802	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 10:58:23	20257A0BFB824B49055A6EEC29C72C03	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2014-12-11 16:18:23	E1456E7396022EBE4E5434188D1AC8B0	1230336	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 16:18:00	BB25F69463AD8E7E51B5D9D158B5F8DF	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-12-11 16:18:00	2EADED07BDA52C1FC5A6D4E1CC5858F0	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 16:17:59	F25284C763E728E4DAC248C211D1FC5B	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 16:17:58	F98B3860BB47089EA8C1504F043E90E9	342200	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 16:17:58	F34F6DC38A21FCDBB50CDD1EE97B1EA3	1307136	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-12-11 16:17:58	2ABC5587D582ACCEA30B4CF968C2A4A5	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 16:17:57	D7A98A4CEA2E89F544065A00BF37FC10	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 16:17:57	69AC6FD5B0B4DC963723E1EBDEE10A2C	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 16:17:57	220505B0B3E96C857DD01729AF0CD369	19749376	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-12-11 16:17:53	F0BCBD8FCDA145EED53ED66C45CC378B	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-12-11 16:17:53	DEB9476A3CD1A5819DD4504BB7C6BA66	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 16:17:52	543ADCEA31CF9C2B4EEB900D4AAFD0F9	2052096	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 16:17:52	41AFA61E061E98E97272AC02184C8C2C	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 16:17:51	EC5A3E4E21079B9D423AA0760828D678	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 16:17:51	01777AB557997E98691E322225314E57	2277888	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-12-11 16:17:50	759E2FAD5371512C6679FA346719493E	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 16:17:50	35BD045804B67E78F4CAB72CB820AF7F	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 16:17:49	CF9D05678B02B44FBC8D8AD8C9F30D58	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-12-11 16:17:48	B59E370277EDB6643083B62297175628	12836864	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-12-11 16:17:43	F728E7E9937117E0F32F39840EB6D737	4299264	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-12-11 16:17:43	2E9E105037AC1274656C3D1125323352	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 16:17:42	5E4E0E43E0A5BF9F089696DFA7A3D677	1888256	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-12-11 16:17:42	37F078B5B435AFC6BF316F2AD14B469A	501248	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-12-11 16:17:41	930F63D6BC43D4BCD937DFCECDA95F82	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-12-11 16:17:41	29CED1A4777A43526A4ED8A7B6936883	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 16:14:45	9EA3783672D21817B9DF1061B54C3B3C	155136	----a-w-	C:\Windows\SysWOW64\charmap.exe
2014-12-11 16:14:41	1DE9BD23AFA36150586C732D876D9B74	1177088	----a-w-	C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 16:14:38	B975C202F590BBC5AA63225FBD148791	198656	----a-w-	C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-11 16:14:38	B6AC69FFBAA159DD5CEED814245A286D	214016	----a-w-	C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 16:14:38	2C28FEC61C4AC68480A99CB7AA197FA9	248832	----a-w-	C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 16:14:37	5D9A1A3E5824CECE65871C60E5A08A1A	145920	----a-w-	C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 16:14:22	50C73E54062BA252350F3F29580E28DA	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-12-22 13:39:13	5564883BFB523D5078A5B1FE3128FD63	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-12-12 10:58:24	AB2EB93A982A2C26BA3E4D2D65328804	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2014-12-12 10:58:24	68E09E7CD4DC52F132A4B492ACE8C243	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2014-12-12 10:58:24	63578DB847FCC40883CB8F303E785D46	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2014-12-12 10:58:23	9797A23F773C0782A0D91BEC44054166	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2014-12-12 10:58:22	6E1DDE0E72FB8268F42F6777CE4C5036	4121600	----a-w-	C:\Windows\Sysnative\mf.dll
2014-12-11 16:18:33	8E64BB62AB3810D3C29ED50C405AD3BD	1232040	----a-w-	C:\Windows\Sysnative\aitstatic.exe
2014-12-11 16:18:32	F0356290BA3940F31AFF5566501495F7	192000	----a-w-	C:\Windows\Sysnative\aepic.dll
2014-12-11 16:18:32	D257AF48934D2167BE15AA4008176381	1083392	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-12-11 16:18:32	985558125FEEC89AB4AD142158B066D7	830976	----a-w-	C:\Windows\Sysnative\appraiser.dll
2014-12-11 16:18:31	E00981CF227CEEBE7B5A8D99C76D1116	741376	----a-w-	C:\Windows\Sysnative\invagent.dll
2014-12-11 16:18:29	DAF13A81A5FC895D68B1D9A72F65F4CB	413184	----a-w-	C:\Windows\Sysnative\generaltel.dll
2014-12-11 16:18:29	4253086737D81D7C9C160FDE6C037F44	396800	----a-w-	C:\Windows\Sysnative\devinv.dll
2014-12-11 16:18:28	5CD6E919CE938A98AB25A2EA2C8C4EDA	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-12-11 16:18:24	A9A0BFD706B3A24C403EEFEB0790D011	1424384	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2014-12-11 16:18:00	D471F7A428C21DB04D810445D12D68E0	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-12-11 16:18:00	0FABE2AB8CA2D5CC7C95798533B4D057	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-12-11 16:17:58	F987718A5CA053DC23E94A531F1754A4	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-12-11 16:17:58	39B512C643812FC2D4843C0D4206C759	718848	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-12-11 16:17:58	077AEB068A51B396F25BBCAB0944FC3A	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-12-11 16:17:57	9F07E8FC75C5F98A783ABFD3005EFC22	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-12-11 16:17:52	E7A2061ADF0F4D430FECDA1E8D6B7BA6	1548288	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-12-11 16:17:52	5BF0BAA1E5EF724287565E97C9219254	389296	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-12-11 16:17:51	B4E481E9498CE22113628C4E9EA24427	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-12-11 16:17:50	EBC8C9F61F4C148B8C6A28EDE80C51E4	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-12-11 16:17:50	0AF0AEF0BA9EF6169E61C78504DCAE55	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-12-11 16:17:49	14BA910E7731FC84EB85328BD0F1EE81	800768	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-12-11 16:17:47	EFBA893429814EA3244C87C2D1256618	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-12-11 16:17:47	23AE7A3B44D5C550B81347288CE3230E	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-12-11 16:17:45	982B871A25B5078093FAD82D0AB0E3FC	2885120	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-12-11 16:17:45	3FE71E2A5BD3EC652E64FC8BCEFEDD2C	2125312	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-12-11 16:17:41	DFECAE6D925FBC9078870E16F98C471F	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-12-11 16:17:40	F7CCA58B973FB5EAED8D1F12DD3E51F6	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-12-11 16:17:40	8EF01E2EF21D41A23FF70B28179F9ABE	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-12-11 16:17:39	556D271F4243B273EDA353512BF3608A	14412800	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-12-11 16:17:38	DB10D681314714E0D4623E4C0CF6654A	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-12-11 16:17:37	7AC115968B8856004920057B2271224C	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-12-11 16:17:36	8D64466AD12CA5677CD0099C43C58569	6039552	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-12-11 16:17:36	021DFF3CB0ADCD19B3AAA00A650FDEE2	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-12-11 16:17:34	1D294810D3A8A8F722E86AA001F54DCC	580096	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-12-11 16:17:33	4AF089160FE082E5EA5C4AA72782DCA2	2358272	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-12-11 16:17:31	89296EF4A3729A049DA25B7D67A04078	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-12-11 16:17:31	17A157A4225CF562202AC71DB8103177	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-12-11 16:17:28	D478A4CF07FB8ADF72FB16B88E8030B8	25059840	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-12-11 16:14:46	36E5E9D0400475230A7F57F274B88321	165888	----a-w-	C:\Windows\Sysnative\charmap.exe
2014-12-11 16:14:41	D929ABD465A2DED963DA8B30946A8D5C	2020352	----a-w-	C:\Windows\Sysnative\WsmSvc.dll
2014-12-11 16:14:40	FDEB5EE2E4DB9DE9251DDAF6A5BCA070	346624	----a-w-	C:\Windows\Sysnative\WSManMigrationPlugin.dll
2014-12-11 16:14:40	5C642B7B0365305451D579F3EFAD57D4	310272	----a-w-	C:\Windows\Sysnative\WsmWmiPl.dll
2014-12-11 16:14:40	41457C1909F6D1100C0F9B9CFF7960FC	266240	----a-w-	C:\Windows\Sysnative\WSManHTTPConfig.exe
2014-12-11 16:14:38	9B44CABE3536D0E3BF627176318AAFC9	181248	----a-w-	C:\Windows\Sysnative\WsmAuto.dll
2014-12-11 16:14:22	A026998E927FD2095505154CBD72F35B	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
====== C:\Windows\Sysnative\drivers =====
2014-12-24 14:42:12	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-12-24 14:40:44	CA43F8904E24BBE49982E4C0B29E6579	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2014-12-24 14:40:44	A646C2DDB8C46E9B20A326FAF566646C	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-12-24 14:40:44	478CC94C937D235CB0A96AB8F2359D81	93400	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-12-11 16:18:18	70988118145F5F10EF24720B97F35F65	119296	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
====== C:\Windows\Tasks ======
2014-12-24 13:35:34	B63AD96D5AB77552EFDB7D2277C3B0CB	3886	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
2014-12-24 13:31:59	F1096B2166180030F7FF0ECD1B85D96D	3962	----a-w-	C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{95B4CD98-4513-4427-8D06-6544C3178F1F}
2014-12-24 13:11:39	61FFFA9485428C92AD249F7251698EE4	3906	----a-w-	C:\Windows\Sysnative\Tasks\globalUpdateUpdateTaskMachineUA
2014-12-24 13:11:37	B2C3907039B3E5D98CF3C837A5444069	908	----a-w-	C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-12-24 13:11:35	20A701C35E6BF281AE1AE09CA5197DEE	3652	----a-w-	C:\Windows\Sysnative\Tasks\globalUpdateUpdateTaskMachineCore
2014-12-24 13:11:33	5D436B3CDE6E491472753DC92C4E57E1	904	----a-w-	C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-12-24 14:45:55	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-12-24 15:20:50	--------	d-----w-	C:\PROGRA~2\Hasbro Interactive
2014-12-24 13:11:29	--------	d-----w-	C:\PROGRA~2\globalUpdate
2014-12-22 17:41:31	--------	d-----w-	C:\PROGRA~2\Delicious - Emilys New Beginning Collectors Edition
2014-12-22 17:37:13	--------	d-----w-	C:\PROGRA~2\bfgclient
======= C: =====
====== C:\Users\Hayel\AppData\Roaming ======
2014-12-24 14:01:52	--------	d-sh--w-	C:\Users\Hayel\AppData\Locallow\EmieBrowserModeList
2014-12-24 13:51:18	--------	d-sh--w-	C:\Users\Hayel\AppData\Local\EmieBrowserModeList
2014-12-24 13:11:29	--------	d-----w-	C:\Users\Hayel\AppData\Local\globalUpdate
2014-12-24 13:10:30	--------	d-----w-	C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
2014-12-24 12:37:58	--------	d-----w-	C:\Users\Hayel\AppData\Roaming\PowerISO
2014-12-23 17:32:54	--------	d-----w-	C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Delicious 10 - Emilys New Beginning
2014-12-22 17:44:47	--------	d-----w-	C:\Users\Hayel\AppData\Roaming\GameHouse
2014-12-22 17:41:31	--------	d-----w-	C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Delicious - Emilys New Beginning Collectors Edition
====== C:\Users\Hayel ======
2014-12-24 15:42:27	E45823AE0D754FC0206F14C1FC43EB74	5317104	----a-w-	C:\Users\Hayel\Downloads\ccsetup501.exe
2014-12-24 14:45:36	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Hayel\Downloads\RSITx64.exe
2014-12-24 14:39:25	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\Hayel\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-24 14:26:46	F5839A79904549320B22B2DC436B0A27	324112	----a-w-	C:\Users\Hayel\Downloads\DropboxInstaller (1).exe
2014-12-24 13:56:48	A1100CD45293AEE9E46CE4B4910BF6CB	324112	----a-w-	C:\Users\Hayel\Downloads\DropboxInstaller.exe
2014-12-22 17:41:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delicious - Emilys New Beginning Collectors Edition

====== C: exe-files ==
2014-12-24 15:20:51	40DA9F8A54C96BC0B2D453FEFAD6EAF3	6013440	----a-w-	C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\rct.exe
2014-12-24 14:45:55	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Hayel.exe
2014-12-24 13:34:57	516C021FEBEDE2962C9252DF85606C76	382168	----a-w-	C:\ProgramData\Adobe\ARM\S\24730\AdobeARMHelper.exe
2014-12-24 13:16:21	9A704000981C58A2C597C098EF4B7F5C	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$IRSY4IH.exe
2014-12-24 13:11:32	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe
2014-12-24 13:11:32	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe
2014-12-24 13:11:31	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
2014-12-24 13:11:31	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe
2014-12-24 13:11:30	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe
2014-12-24 13:10:30	428CFFC714B032D972D6E72DFC6EF6C2	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$IRT7O62.exe
2014-12-24 13:09:51	7B3C578627B3D49ED6E72138F3B6FD7E	470400	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$RRT7O62.exe
2014-12-24 13:08:06	E797EE9FFC5C50ADC68AE44B8365D305	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$IA774CS.exe
2014-12-24 13:07:35	1575FBE05563F79AAFB744410CBAE940	3888880	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$RA774CS.exe
2014-12-24 12:36:42	D3820C76386210AF8BA961F6E714B224	2962832	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$RRSY4IH.exe
2014-12-23 17:31:44	D0D10A44A5B7B6B1BE02A0E97A153578	1364992	----a-w-	C:\Program Files (x86)\Foxy Games\Delicious 10 - Emilys New Beginning\uninstall.exe
2014-12-23 17:29:03	110F58907C62890B362206A0FA0B6632	352488472	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$RH1DAHN\Delicious 10 - Emily's New Beginning [FINAL] 2014 (PC) Foxy Games.exe
2014-12-22 17:44:06	3AA71F8D02C82512A2DE2E5D1D54A243	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$I82W8YP.exe
2014-12-22 17:43:56	417A1D4AF1D213E0944F475C45E76C6E	85669	----a-w-	C:\Program Files (x86)\Delicious - Emilys New Beginning Collectors Edition\Uninstall.exe
2014-12-22 17:37:39	F07368AB2A20FE7BDECA12F0CED46D9F	191875	----a-w-	C:\Program Files (x86)\bfgclient\uninstall.exe
2014-12-22 17:35:19	7EC86B3094B76AB39CFE287B8E3E6737	237568	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$R82W8YP.exe
2014-12-19 20:17:24	5E2387FED5ACD9AF65434F79F5D917F1	7768352	------w-	C:\Program Files (x86)\Delicious - Emilys New Beginning Collectors Edition\Delicious Emilys New Beginning Collectors Edition.exe
2014-12-19 20:17:22	0BE0D8D4231387C316BFB4E384889C55	2341152	----a-w-	C:\Program Files (x86)\Delicious - Emilys New Beginning Collectors Edition\mhnhfxr.exe
2014-12-19 07:48:18	FC5B75CA6A1DA31EDD4F8D53F5540B98	81088	----a-w-	C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2014-12-19 07:48:18	3E04F1E482357B1FC8B088197C3D9FF8	1022152	----a-w-	C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
2014-12-19 07:48:18	31657ADA786863B73FAC28E5BD0753AD	382168	----a-w-	C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
=== C: other files ==
2014-12-24 13:16:35	37472E91FB21DAE8B946817EFA672508	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$I16UZHE.zip
2014-12-24 13:16:25	987FA28F38EAB6F840D8301A2CC75C2B	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$I91WGAB.zip
2014-12-24 13:16:25	4A9EDC78981BD17FA7905DAEE1013444	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1956934913-172480106-3488795705-1002\$IIXT78A.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1956934913-172480106-3488795705-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"GoogleChromeAutoLaunch_B0D4029434297F9E5EE81F03250863BD"="C:\Users\Hayel\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"BrStsInd00"="C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe /AUTORUN"
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"GoogleChromeAutoLaunch_B0D4029434297F9E5EE81F03250863BD"="C:\Users\Hayel\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlusService]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PlusService"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Yuna Software\\Messenger Plus!\\PlusService.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Hayel\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"


==== Startup Folders ======================

2014-12-24 13:59:47	1135	----a-w-	C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2014 19:31]
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [24-12-2014 14:11]
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [24-12-2014 14:11]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-07-2013 11:29]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-07-2013 11:29]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1002Core.job --a------ C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe [26-10-2014 13:10]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1002UA.job --a------ C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe [26-10-2014 13:10]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1006Core.job --a------ C:\Users\Hilal.Hayel-HP\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1006UA.job --a------ C:\Users\Hilal.Hayel-HP\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\HPCeeScheduleForHAYEL-HP$.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13-09-2010 21:15]
C:\Windows\tasks\HPCeeScheduleForHayel.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Game_Booster_AutoUpdate" [C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA" [C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1002Core" [C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1002UA" [C:\Users\Hayel\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1006Core" [C:\Users\Hilal.Hayel-HP\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1956934913-172480106-3488795705-1006UA" [C:\Users\Hilal.Hayel-HP\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForHayel" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForHAYEL-HP$" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1956934913-172480106-3488795705-1002" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1956934913-172480106-3488795705-1002" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-1956934913-172480106-3488795705-1002" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-1956934913-172480106-3488795705-1002" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{05A45ABB-7DBD-4A15-A6A4-57026ADB5BFA}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{38219C7B-6E65-4528-903A-F13F3C4B85B6}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{95B4CD98-4513-4427-8D06-6544C3178F1F}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{A50C1102-C37F-4E48-B0E0-AC4A3A412B4C}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{C4A82967-80C8-4C31-BB0C-98F3C4FF2F1C}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{1E87617E-A2ED-4F2F-955E-3D48CCA6235D}" [C:\Program Files (x86)\Cybertek Games\Artist Colony\ArtistColonyRelease_.exe]
"C:\Windows\SysNative\tasks\{3F23178B-B0A2-450E-996D-25A903309FC2}" [C:\Program Files (x86)\Electronic Arts\De Sims 3\Game\Bin\Sims3Launcher.exe]
"C:\Windows\SysNative\tasks\{71B97876-AFAA-4216-90C1-608DCE422AAB}" [C:\Program Files (x86)\Electronic Arts\De Sims 3\Game\Bin\Sims3Launcher.exe]
"C:\Windows\SysNative\tasks\{A89A5E67-F905-4FA8-BB4A-B77A82C2551A}" [C:\Program Files (x86)\Electronic Arts\De Sims 3\Game\Bin\Sims3Launcher.exe]
"C:\Windows\SysNative\tasks\{C7BCC73E-4BBA-4778-8250-E82AEBCA6F18}" [C:\Program Files (x86)\Electronic Arts\De Sims 3\Game\Bin\Sims3Launcher.exe]
"C:\Windows\SysNative\tasks\{F0C5FA8F-D97C-4923-A307-F0912128522E}" [C:\Program Files (x86)\Cybertek Games\Artist Colony\ArtistColonyRelease_.exe]
"C:\Windows\SysNative\tasks\{FC1FF93E-56B3-4201-BA12-8367F4EE9394}" [C:\Program Files (x86)\Electronic Arts\De Sims 3\Game\Bin\Sims3Launcher.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-08-28 16:27:03	--------	d-----w-	C:\PROGRA~3\Avg_Update_0814tb
2014-10-17 12:02:32	--------	d-----w-	C:\PROGRA~3\AVG2015
2014-12-24 14:40:44	--------	d-----w-	C:\PROGRA~3\Malwarebytes

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{0153E448-190B-4987-BDE1-F256CADA672F}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [21-08-2012 13:50]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Hayel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Funmoods.com - %ProfilePath%\extensions\ffxtlbr@funmoods.com
- Wajam - %ProfilePath%\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

ExtDir: C:\Users\Hayel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- OneClickDownloader - %ExtDir%\OneClickDownload@OneClickDownload.com

ExtDir: C:\Users\Hayel\AppData\Roaming\Mozilla\Firefox\Profiles
- OneClickDownloader - %ExtDir%\extensions\OneClickDownload@OneClickDownload.com

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Hayel\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[26-08-2012 17:16]
cjpglkicenollcignonpgiafdgfeehoj - C:\Users\Hayel\AppData\Local\funmoods-speeddial.crx[10-06-2012 17:07]
fdloijijlkoblmigdofommgnheckmaki - C:\Users\Hayel\AppData\Local\funmoods.crx[10-06-2012 17:07]
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[21-08-2012 13:50]
kolgnaidildmdbfgdnoapjdianbpajne - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\17.3.0.49\avg.crx[]
pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Hayel\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[]
cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Hayel\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[26-08-2012 17:16]
cjpglkicenollcignonpgiafdgfeehoj - C:\Users\Hayel\AppData\Local\funmoods-speeddial.crx[10-06-2012 17:07]
fdloijijlkoblmigdofommgnheckmaki - C:\Users\Hayel\AppData\Local\funmoods.crx[10-06-2012 17:07]

HP Product Detection Plugin - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp
Show the YouTube Channel bar or the name. - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn
YouTube - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Adblock for Youtube - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk
Google Search - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
WonTube Video Converter - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfigjmcmfpplbaglfnfhdeoammgbegk
AdBlock - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Pin It Button - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic
DolceGabbana - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpfbmpaebheclpaopjodkelcihldloih
AdBlock OFFICIAL - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikojoaemggadlnnhhenfhconlmoghman
Google Wallet - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch
Gmail - Hayel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cap1.conduit-apps.com_0.localstorage-journal deleted successfully
C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrentbarnl.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.ask.com_0.localstorage-journal deleted successfully
C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage-journal deleted successfully
C:\Users\Hayel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_android.nl.softonic.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX"
"Backup.Old.Start Page"="http://www.google.nl/"
"Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX"
"Search Page"="http://www.bing.com/search?q={searchTerms}"
"Search Bar"="http://www.bing.com/search?q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX&q={searchTerms}"
"Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX"
"Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX"
"Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://isearch.omiga-plus.com/web/?type=ds&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX&q={searchTerms}"
"Default_Page_URL"="http://isearch.omiga-plus.com/?type=hp&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX"
"Start Page"="http://isearch.omiga-plus.com/?type=hp&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX"
"Search Page"="http://isearch.omiga-plus.com/web/?type=ds&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.bing.com/search?q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.bing.com/search?q={searchTerms}"
"SearchAssistant"="http://www.bing.com/search?q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Backup.Old.Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{006ee092-9658-4fd6-bd8e-a21a348e59f5} Bing  Url="http://www.bing.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
{08372405-225D-4FD3-A830-58BC06967613} Amazon (UK) Search Suggestions Url="http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}"
{0DC95107-ADE4-FE96-935A-2C4A979DF91B} AVG Secure Search Url="http://isearch.avg.com/search?cid={16228C18-DACD-4E03-8121-22F5C7A223AA}&mid=714ebc383dff47d19a5bc156325d5542-f69538eef5330acb63671c2a0317d76bad5ecf91&lang=nl&ds=st011&pr=sa&d=2012-03-19"
{2fa28606-de77-4029-af96-b231e3b8f827} Ask.com  Url="http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF"
{33BB0A4E-99AF-4226-BDF6-49120163DE86} omiga-plus  Url="http://isearch.omiga-plus.com/web/?type=ds&ts=1419426796&from=ild&uid=ST9500325AS_5VEKPEFX&q={searchTerms}"
{653D363F-4E1B-4A2F-A658-4B8D53DAF433} blekko  Url="http://blekko.com/ws/?source=5f97ddbe&tbp=rbox&u=524ca8e8000000000000ac811295beb3&q={searchTerms}&r=777"
{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="http://isearch.avg.com/search?cid={16228C18-DACD-4E03-8121-22F5C7A223AA}&mid=714ebc383dff47d19a5bc156325d5542-f69538eef5330acb63671c2a0317d76bad5ecf91&lang=nl&ds=AVG&pr=fr&d=2012-09-25"
{b7fca997-d0fb-4fe0-8afd-255e89cf9671} Yahoo  Url="http://nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF"
{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia  Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Hayel\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Hayel\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe 
C:\Users\Hayel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Hayel\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\Hasbro Interactive website.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\Hasbro Interactive.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\Installatie RollerCoaster Tycoon ongedaan maken.lnk - C:\Windows\UniFish3.exe C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.log
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\Leesmij.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\readme.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon website.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon Web Site.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive\RollerCoaster Tycoon\RollerCoaster Tycoon.lnk - C:\Program Files (x86)\Hasbro Interactive\RollerCoaster Tycoon\rct.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Hayel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6e6ee2078adb9e34\Google Chrome.lnk - C:\Users\Hayel\AppData\Local\Google\Chrome\Application\chrome.exe --profile-directory=Default
C:\Users\Hayel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Hayel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Verkenner.lnk - C:\Windows\explorer.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kolgnaidildmdbfgdnoapjdianbpajne deleted successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=33 folders=2 4089452 bytes)

==== EOF on wo 24-12-2014 at 18:52:17,38 ======================