
Zoek.exe v5.0.0.0 Updated 24-12-2014
Tool run by Timur on do 25/12/2014 at 18:43:09,74.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Timur\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

25/12/2014 18:48:10 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handle within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\ScanWizard 5 deleted successfully
C:\PROGRA~2\COMMON~1\Intel deleted successfully
C:\Program Files\HitmanPro deleted successfully
C:\Program Files\TortoiseSVN deleted successfully
C:\Users\Timur\AppData\Roaming\.StarMade deleted successfully
C:\Users\Timur\AppData\Roaming\Gearbox Software deleted successfully
C:\Users\Timur\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Timur\AppData\Roaming\TP deleted successfully
C:\Users\Timur\AppData\Roaming\uTorrent deleted successfully
C:\Users\Timur\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Timur\AppData\Local\ms-drivers deleted successfully
C:\Users\Timur\AppData\Local\PokerStars.BE deleted successfully
C:\Users\Timur\AppData\Local\WarThunder deleted successfully
C:\Users\TTT.Timur-PC.006\AppData\Local\VirtualStore deleted successfully
C:\Users\TTT.Timur-PC.007\AppData\Local\VirtualStore deleted successfully
C:\Users\TTT.Timur-PC.008\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D017A00} deleted successfully
HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D017A00} deleted successfully
HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AEFE841-DCA1-4A95-80CB-BE935D018A00} deleted successfully
HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AEFE841-DCA1-4A95-80CB-BE935D018A00} deleted successfully
HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D017A00} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7AEFE841-DCA1-4A95-80CB-BE935D017A00} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AEFE841-DCA1-4A95-80CB-BE935D018A00} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7AEFE841-DCA1-4A95-80CB-BE935D018A00} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Timur\AppData\Roaming\Mra deleted
C:\Users\Timur\AppData\Roaming\Mail.Ru deleted
C:\Users\Timur\AppData\Local\BITF9E8.tmp deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Users\Timur\AppData\Local\{6636619E-3E1A-4544-B57C-65048620F87B}" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-12-11 20:46:59	B59EF013D567E5746F1DEE2565F747ED	43152	----a-w-	C:\Windows\avastSS.scr
====== C:\Users\Timur\AppData\Local\Temp ====
2014-12-24 18:26:32	4662F3F9DC9B8EAB0DAB124CFBFFF5E7	184320	------w-	C:\Users\Timur\AppData\Local\Temp\SRLDetectionLibrary7949117596796702168.dll
2014-12-24 18:25:37	4662F3F9DC9B8EAB0DAB124CFBFFF5E7	184320	------w-	C:\Users\Timur\AppData\Local\Temp\SRLDetectionLibrary5382572058148964895.dll
====== Java Cache =====
2014-11-28 15:39:33	763D5A9B8325E1BB195FEF900C12693E	81	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0\1c613f40-cb85cef48ab0c35bf9abdfc9cb321d93906d40b13c6d201e61188f36190e608f-6.0.lap
2014-12-24 18:25:53	FCE549C95F3578DF675773341880E2EF	104	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c0614c1-4fa55acf
2014-12-01 00:13:58	6CE51981F5C84A5AC77AF399214BD9C4	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\66448f01-798c1ae8
2014-11-30 13:41:09	F39CB5785355E57F8B7FD04A870AA733	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\1744854a-7b191be0
2014-11-29 02:22:30	20E1886E2E4938444836E079BF2C87C2	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\290bdd0a-7d99cbce
2014-11-28 14:23:54	E50473A0699A3BACCF31C02E14D25DC2	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\2fc11a8a-6c1e5bdc
2014-11-29 12:27:46	03580DC10D8615EE89D9C25D90E9A494	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\78f8f3ca-411b8872
2014-11-29 17:01:29	035081A3FAC2725E03333BFCBDE08120	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\53d1688b-5de49f08
2014-11-26 03:36:17	844F9506E3EB2BD71049F67235A1404A	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\58b1960c-61bd5f60
2014-12-01 22:36:52	63801617B497A98A4083A75EC082F6FF	3799	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1eca210d-5f0bfa57
2014-11-27 17:26:37	97893ACC082DBA74E1E618E0B9C7181A	81	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\20603493-ebe6fe1fb1ab6f7e326da17e5473c8515474f13a6238b6a20f9737b7cc0b7fe2-6.0.lap
2014-11-29 00:16:18	8207E41D3B955C16A466FFD0B1CC90EE	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\2bb57cd3-68e55c74
2014-12-01 04:05:53	D325C92DF80EA1FE5479BC642FA7A4C5	90151	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\13d9cc42-1cd665a4
2014-11-27 13:29:16	A291D911CA2D1C6514CD1EE8936DDC33	81	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\3ea111d4-b7e0eed99bf7fe51ce9c7c65df222a9289cd5b44a3eab05279939f89825add2c-6.0.lap
2014-11-28 16:33:09	3E752C98E0759A08C68FDF11EE95EBB1	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\4a915554-738ad600
2014-11-29 18:53:01	F0E4CE575A9DF96464223405B49F1F4D	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\5e1a2b58-69ae2fe2
2014-12-23 14:51:55	0FC554AA0BE89733BED7F5289030C9D2	3798	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\29a84fdc-25a6f15f
2014-11-29 18:16:14	6CE51981F5C84A5AC77AF399214BD9C4	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\11da849d-5aa71f83
2014-11-30 17:34:00	C5F52BDBC4152538265F061CEEE9C5B4	14160	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\244d9703-778db17b
2014-11-28 15:39:35	CCB326D128593F908DB72A13358BA48B	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\55628343-5c19e77b
2014-11-30 17:45:08	786A3C55359A5BEAD82590575A321464	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\8b8a823-7db21069
2014-12-02 03:50:47	C33CD7AD4EC2AE87D4677F96AA738EA1	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\6cbc07e4-28328697
2014-12-01 01:15:04	33D5E8DD9D0E9B13B82974DEA83F9575	29610	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\dd10d27-1b587c74
2014-11-28 00:03:53	A24D3A8BD0808763A66DD34A85F1F91C	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\257d8884-635bfa48
2014-11-27 18:56:37	A86BB9CE8E99B377C9F04F4E57762B45	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1bb24beb-7eec868e
2014-11-26 22:03:11	6CE51981F5C84A5AC77AF399214BD9C4	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\2feddcab-71a2020a
2014-12-07 19:26:59	3F4ED070946DDFC0CAC2286F4D739137	1476340	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\60b9266b-23d0c70c
2014-11-27 13:29:18	987555ADA08761F2774C73CF1B432095	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\12986d6d-2c5e8af6
2014-12-24 18:25:24	FDFBB09B012EEC84474E9CD49531CAA9	110	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\6c5f632d-e2eaed9145bd9ba9117e4efe154230e2fef1d40fdd181dcf14b87361efe2b840-6.0.lap
2014-11-26 03:37:07	12FCC3E3A935FF3A4FEAEF08B5778B3C	81	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\58a334ae-4320f4056e38e2b8d21b2849c6e72c9fd1608cb9e9d9e944f80fa90c1845d066-6.0.lap
2014-12-02 04:13:57	6EF54B80E46BC7FD19D94FE8526C3AFE	57537	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\35e8fd30-2daf9a20
2014-11-26 00:18:28	F20D71F3384DBE71737957200403BC42	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\489ed3f1-64979aa0
2014-11-26 03:37:08	22ECD16590362B7EBF9E664E86F5EAB6	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49\5e51bbf1-616ddc9a
2014-12-24 18:25:27	05AB3EE6C2C83E08A7152CC11C6E4886	343464	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\4741a4f4-2cef49bf
2014-11-28 18:53:57	22AF6C282A70258D241F56E92AB09BBB	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\189a01f5-642f41ac
2014-12-07 19:27:09	63801617B497A98A4083A75EC082F6FF	3799	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\19325ab5-556b390d
2014-12-23 14:51:47	25A4359280170D528525E6697ABC9ABA	1445672	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\2f692278-426c2d61
2014-12-01 03:31:42	AF10FF52B6C30CF67448DF9CAE78ABD5	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\33b11e7a-3d568631
2014-12-01 22:37:41	8DE4AA02D22D7BB2D27E73DA4FE3CE1F	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\6a5451fa-24691e29
2014-12-01 22:36:47	EB8892636DDF25CB274FB2377599603A	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\6de1d77b-5e5f0959
2014-11-26 13:58:02	53980D772A794AD040CFB61DDCA311E9	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\7e19a946-2a83206e
2014-11-27 17:26:39	2093F7291B5C4500B86802E76C4483D5	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\6244b7ff-1dce6e11
2014-11-30 16:35:27	C50960550BF629F5E86C068800ED5384	1454407	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\1bb99a87-26a16d64
2014-11-30 13:41:08	9DC38A92D9E8E8EE2EEAF4A115E32D6B	81	----a-w-	C:\Users\Timur\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\c5b2bc7-394d8fe778d89cfa83a7bd4cfe8b3efcb5fa01a07f91695131f62d9de89f1ce6-6.0.lap
====== C:\Windows\SysWOW64 =====
2014-12-18 14:54:36	0481346D0EF668C0D4FF69A7BBEFA846	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 20:30:24	E5C28C9C4DF7C374884E48F299621915	174112	----a-w-	C:\Windows\SysWOW64\EasyAntiCheat.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-12-21 19:45:44	E51835B65D4EB03E1714CAEF06D68BE0	5036680	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
2014-12-18 14:54:36	5564883BFB523D5078A5B1FE3128FD63	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-12-11 20:47:10	6663B30328C239D2AB10D2583054CF2E	364512	----a-w-	C:\Windows\Sysnative\aswBoot.exe
====== C:\Windows\Sysnative\drivers =====
2014-12-11 20:47:35	EAFC6970073525E98D4D0E2B56741227	28184	----a-w-	C:\Windows\Sysnative\drivers\aswKbd.sys
2014-12-11 20:45:44	8025E7521EB601207627E8B4722ACE19	449936	----a-w-	C:\Windows\Sysnative\drivers\aswNdisFlt.sys
2014-12-10 21:42:25	70988118145F5F10EF24720B97F35F65	119296	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-12-08 12:03:28	--------	d-----w-	C:\PROGRA~2\Citrix
======= C: =====
====== C:\Users\Timur\AppData\Roaming ======
2014-12-25 00:36:55	--------	d-----w-	C:\Users\Timur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-12-21 16:28:47	C117CB5B256F1B53FF19B36A4924D4B4	127144	----a-w-	C:\Users\Timur\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-16 19:37:31	--------	d-----w-	C:\Users\Timur\AppData\Roaming\java
2014-12-12 20:31:45	--------	d-----w-	C:\Users\Timur\AppData\Locallow\Unity
2014-12-12 20:31:19	--------	d-----w-	C:\Users\Timur\AppData\Locallow\Facepunch Studios LTD
2014-12-08 12:05:16	--------	d-----w-	C:\Users\Timur\AppData\Roaming\ICAClient
2014-12-08 12:03:31	--------	d-----w-	C:\Users\Timur\AppData\Local\Citrix
2014-12-01 15:30:38	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\ASUS WebStorage
2014-12-01 15:11:26	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Adobe
2014-12-01 15:11:25	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Local\Google
2014-12-01 15:11:23	--------	d-----r-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-12-01 15:11:23	--------	d-----r-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-12-01 15:11:13	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Identities
2014-12-01 15:11:12	--------	d-s---w-	C:\Users\TTT.Timur-PC.008\AppData\Locallow\Microsoft
2014-12-01 15:11:00	--------	d-s---w-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Microsoft
2014-12-01 15:11:00	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\TuneUp Software
2014-12-01 15:11:00	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2014-12-01 15:11:00	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Media Center Programs
2014-12-01 15:11:00	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Local\Temp
2014-12-01 15:11:00	--------	d-----w-	C:\Users\TTT.Timur-PC.008\AppData\Local\Microsoft
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
====== C:\Users\Timur ======
2014-12-25 09:50:00	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Timur\Desktop\RSITx64.exe
2014-12-25 00:36:55	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2014-12-12 18:29:02	--------	d-----w-	C:\ProgramData\Pattern Maker for cross stitch
2014-12-01 15:11:23	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Searches
2014-12-01 15:11:10	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Contacts
2014-12-01 15:11:01	6FC234AD3752E1267B34FB12BCD6718B	20	--sha-w-	C:\Users\TTT.Timur-PC.008\ntuser.ini
2014-12-01 15:11:00	--------	d--h--w-	C:\Users\TTT.Timur-PC.008\AppData
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Videos
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Saved Games
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Pictures
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Music
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Links
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Favorites
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Downloads
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Documents
2014-12-01 15:11:00	--------	d-----r-	C:\Users\TTT.Timur-PC.008\Desktop

====== C: exe-files ==
2014-12-25 10:02:46	A94943AFD01E064AA96C91FA9692B2FB	705184	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\DCF\SPREADSHEETCOMPARE.EXE
2014-12-25 10:02:34	6B417A514D2538C4A6E7751848951203	550584	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe
2014-12-25 10:02:28	F4C953B8D00CFC9964A01A13A30E07F5	1092816	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe
2014-12-25 10:02:28	145952D017DD84363F7D62AEAA83E825	39584	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe
2014-12-25 10:02:03	DE8AD4A570261E1A933229B0379D19A0	842440	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe
2014-12-25 10:02:03	56F3447EBB71F6035E10D8BFDB3831C9	5681880	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe
2014-12-25 10:02:03	412D869D86DFEBC54663B56F2CB61E8D	474336	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe
2014-12-25 10:02:02	9A1983566048049ECCD032A912CD0A57	7765720	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe
2014-12-25 10:02:02	59360FFECC83F76DCF786DB0477F622B	81640	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
2014-12-25 10:01:59	40489D0E1D38037BF53C3296CC338D46	528584	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe
2014-12-25 10:01:58	CFA27E4019358E2D6C811A72AAA003F1	480976	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe
2014-12-25 10:01:58	72A7D1D3B54044D56D0C3462FDE9B748	1923224	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\winword.exe
2014-12-25 10:01:55	F5CEA4709D46C0CE268122D934BE7EEE	665248	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe
2014-12-25 10:01:54	E948425B377ED9964E7E306BE8A4290E	18954400	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
2014-12-25 10:01:54	A76A48B94167494138DCDF4F54964D82	873640	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2014-12-25 10:01:49	200EAE90FD969B08F1271C22A3B0BC75	8706752	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\groove.exe
2014-12-25 10:01:47	E68E860F5161FC75512B92AB33195560	569592	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe
2014-12-25 10:01:45	EB5C25C812231B965DF747D024160396	1295560	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ocpubmgr.exe
2014-12-25 10:01:44	CBFD156C393231D1A35D2F70657E9734	497856	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msouc.exe
2014-12-25 10:01:44	980F4A6CDF85D29E80D2792FCAEED338	4522680	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\graph.exe
2014-12-25 10:01:43	F038F770DB4647D7FFA2819FC63FAA62	10758304	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\mspub.exe
2014-12-25 10:01:42	37A78032F8E4AE53640B671CF9E3AF66	15518888	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe
2014-12-25 10:01:41	F0D10D6DD8F649C50BA9E0FB018BC41F	1783976	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\infopath.exe
2014-12-25 10:01:41	B87FE2FEED3856CBB664F6572DE9DD39	517360	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe
2014-12-25 10:01:41	4CE4D38EEA77F9A3C2E2F17742838F7A	449216	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
2014-12-25 10:01:40	14A09D882EBEF612721F4C1F1E52C1C7	6484640	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe
2014-12-25 10:01:36	B975043CDCB0E8E68CC646F2EE0D1EE9	19052696	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\lync.exe
2014-12-25 10:01:32	60804F0D4D7D26500E20A5E70B9825CD	25704600	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excel.exe
2014-12-25 10:01:30	8B298F80490A813D849EEFC7495DA519	21937304	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2014-12-25 10:01:19	F6742BC6B070A4060BED78F7F59FEE0E	590536	----a-w-	C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe
2014-12-25 10:01:11	AF5B2B067DEAFCFB805289BFF70DBE93	280744	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\DCF\DATABASECOMPARE.EXE
2014-12-25 10:00:49	5EDC8FCE400CA9CDA27EFFC4AF4D7275	1765024	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE
2014-12-25 00:36:54	AE0567988F9265770BB94EBB34671BCD	601224	----a-w-	C:\Program Files (x86)\Steam\steamapps\common\Arma 2\BattlEye\UnInstallBE.exe
2014-12-21 16:27:52	AD56E40F561B9155297AE64688EC02B7	3976192	----a-w-	C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
2014-12-21 16:27:52	ACAC0EBA1A5C5151185EC55D67D4C5CF	1600220	----a-w-	C:\Program Files (x86)\Steam\steamapps\common\Terraria\dotNetFx40_Full_x86_x64.exe
2014-12-21 16:27:52	5738BCAB9E084A4B7BC2B68FB5645718	3865600	----a-w-	C:\Program Files (x86)\Steam\steamapps\common\Terraria\TerrariaServer.exe
2014-12-21 16:27:52	53406E9988306CBD4537677C5336ABA4	889416	----a-w-	C:\Program Files (x86)\Steam\steamapps\common\Terraria\dotNetFx40_Full_setup.exe
=== C: other files ==
2014-12-21 16:28:36	3798FB8EB473C4A6311314C6923FF485	123	----a-w-	C:\Program Files (x86)\Steam\steamapps\common\Terraria\start-server.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"ROC_JAN2013_TB"="C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe  /PROMPT /CMPID=JAN2013_TB"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"Google Update"="C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"
"Spotify Web Helper"="C:\Users\Timur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Timur\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-4130941160-3806457408-160441287-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"Google Update"="C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"
"Spotify Web Helper"="C:\Users\Timur\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Timur\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 "
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"Cm108Sound"="C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Startup Folders ======================

2013-05-13 06:45:38	1271	----a-w-	C:\Users\Timur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/12/2014 19:04]
C:\Windows\tasks\ASUS SmartLogon Console Sensor.job --a------ C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [15/11/2010 09:42]
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce0b15e35ba8d.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/01/2013 18:35]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/01/2013 18:35]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4130941160-3806457408-160441287-1002Core1ce0bca8438bd5c.job --a------ C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe [17/07/2012 21:54]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4130941160-3806457408-160441287-1002UA.job --a------ C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe [17/07/2012 21:54]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1ce0b15e35ba8d" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4130941160-3806457408-160441287-1002Core1ce0bca8438bd5c" [C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-4130941160-3806457408-160441287-1002UA" [C:\Users\Timur\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{E1BB329B-03C9-4552-AED2-08A512F3D57F}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{160884E8-B0C0-4219-AE41-D190978243D3}" [C:\Program Files (x86)\Steam\steamapps\common\Max Payne\maxpayne.exe]
"C:\Windows\SysNative\tasks\{410DAA62-A88E-4262-9451-8BAC9B33CC13}" [C:\Users\Timur\Desktop\Minecraft.exe]
"C:\Windows\SysNative\tasks\{5A6D726B-ACF9-4231-A19D-9AC279FC61CB}" [C:\Program Files (x86)\Steam\steamapps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe]
"C:\Windows\SysNative\tasks\{7D1A0914-9801-44AD-ABA1-742E5B3FFFF5}" [C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe]
"C:\Windows\SysNative\tasks\{7D812301-9B9F-443D-B742-1F387D15C8EB}" [C:\Program Files (x86)\Steam\steamapps\common\Max Payne\maxpayne.exe]
"C:\Windows\SysNative\tasks\{8D7B11C0-2283-4BA2-9867-65FE63F0E09B}" [C:\Users\Timur\Desktop\Minecraft.exe]
"C:\Windows\SysNative\tasks\{90249083-1400-4662-BE74-C43C389B5D3A}" [C:\Program Files (x86)\Steam\steamapps\common\Max Payne\maxpayne.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/12/2014 21:47]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\7frs1857.default
- Firefox Old Version Update Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Timur\AppData\Roaming\Mozilla\Firefox\Profiles\7frs1857.default
2AB6A7F373290AE20A19CF5F306E8C97	- C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npo1d.dll -	Google Talk Plugin Video Renderer
76EFD64CD206B93E2EB5320A23C19AD7	- C:\Users\Timur\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -	Google Talk Plugin
3C39B899EB79C85746124ABF44B83587	- C:\Users\Timur\AppData\Roaming\raidcall\plugins\nprcplugin.dll -	Raidcall plugin
CF25FDD7CA6BC88442A58F74DBB6CFA6	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll -	Shockwave for Director / Shockwave for Director
BB6EA6C984C82A210DB74AA988BE4CB9	- C:\Users\Timur\AppData\LocalLow\Square Enix\nprun3d.dll -	Square Enix Secure Launcher


==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11/12/2014 21:46]

Google Docs - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Raindrops - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil
YouTube - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Timur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
avast Online Security - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avast Online Security - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avast Online Security - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_lyrics.wikia.com_0.localstorage-journal deleted successfully
C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage-journal deleted successfully
C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage-journal deleted successfully
C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.powerreviews.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Timur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TTT.Timur-PC.006\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TTT.Timur-PC.007\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TTT.Timur-PC.008\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Timur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\TTT.Timur-PC.006\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\TTT.Timur-PC.007\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\TTT.Timur-PC.008\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=113 folders=36 3642190 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Timur\AppData\Local\Temp will be emptied at reboot
C:\Users\TTT.Timur-PC.006\AppData\Local\Temp emptied successfully
C:\Users\TTT.Timur-PC.007\AppData\Local\Temp emptied successfully
C:\Users\TTT.Timur-PC.008\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Timur\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 25/12/2014 at 19:42:47,43 ======================