
Zoek.exe v5.0.0.0 Updated 18-01-2015
Tool run by Administrator on za 24-01-2015 at 18:24:20,43.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Administrator\Desktop\Zoek\zoek.exe.pif [Scan all users] [Script inserted] 

==== System Restore Info ======================

24-1-2015 18:26:07 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Citrix deleted successfully
C:\PROGRA~2\Fraveen 1.4 deleted successfully
C:\PROGRA~2\Tuguu SL deleted successfully
C:\PROGRA~2\COMMON~1\XCPCSync.OEM deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\Citrix deleted successfully
C:\PROGRA~3\WinZip deleted successfully
C:\Users\Administrator\AppData\Roaming\BrowserCompanion deleted successfully
C:\Users\Administrator\AppData\Roaming\MPMAN deleted successfully
C:\Users\Administrator\AppData\Roaming\uTorrent deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{119D6B7C-A01F-45B0-853C-82D2351B3888} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19B42784-7C5A-4842-A6B0-ABD8AD7AB418} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19D85D77-B0E6-416D-B23C-D18658B48366} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1AEF43C8-6896-4C55-B022-49E3492686} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDA8B49-4D5A-44EC-825D-AE4D1659622B} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{203E05E5-566-4B06-A4A5-BBF6A92410} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2783A2D4-2056-4A2C-ADC4-053994D4010} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{297EDD47-87E8-49A2-94B1-E038658B2B60} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D29204-8982-4177-BFCD-FA36B73EF730} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31BB5A8E-BD36-4613-B25B-6993C86C8A} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{324AB359-B9BF-47DB-A21D-848AA2B9820} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{355EBE6-603C-4471-B2D0-CB386676C9} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EC4301-9FA6-45E4-A087-A61D10C94279} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FFC5F7B-6970-47CD-A14D-F936396E825} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{458018B3-ACD7-4B0D-9CB0-A926F357A0FC} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46241102-FDD5-4287-B1D5-B3A26380EE1E} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46EC1A04-4450-42AF-8984-BB3B5772D44} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D779817-23C9-41F3-93E9-A7D784DFA136} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54DFAF49-AADA-40A3-A5BD-DB17ACBF9BC3} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C442133-6890-455C-95E1-6ACAF4CDF98C} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E5460CF-E04A-4E9B-9A9-79D95F13F64} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f090b77-5f65-4d7c-82bc-c753efec6863} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66E60B8B-CEFB-4080-B4F4-A1AF774816CF} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6D4A67CD-9403-47A1-8BB0-A83CD9204990} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74BB866A-1D3E-4651-AA68-B0ADE3B9AB53} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75AD0A4E-5E88-4EA3-8B6E-6071A5372AED} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7740CC0-EA58-4136-BF36-D786488FE0B9} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B0B1AE6-91C5-42EC-8ED-ADB627962737} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D0ABF3E-DF75-4780-9BD6-EFF3783A60CC} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7EC00424-5EBB-423C-AF58-35CF66C6844D} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85C8792-6E00-458A-A318-4D4066C523DB} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87fe7da6-8d53-4568-bd0a-e7a301f8b419} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C1F5CA0-19FE-4441-81E2-3447A1A93242} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92152657-5B-4227-80E6-445F6CC4AD2F} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{92C6FDEF-23F6-4A87-B193-B1203F258B5B} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94C46950-52B7-4052-A25D-DC86DB44078} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95B80DBF-C3CA-4BD4-A697-54222BEEE3D} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96F0D2DE-E7AF-4FAC-A756-AE6DA34BA517} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A40F9EE5-6CD8-49DE-B89E-996829680C6} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A50B1179-F2E0-4FB1-82AD-FD256A1CFC63} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB3D6A3D-6610-4E82-A4B0-1BF611636D3E} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1AC6D3C-9A62-48EC-BCF-F5AB2F314017} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2FBDE16-BF51-4936-9EAC-CAEC3DA637BB} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C36FB7A4-F1FE-4CC7-B8A-EAD36AC94B99} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3A4570C-9697-4FD8-805C-B2506D81558A} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C426218D-9B1B-48D1-8940-AAD99CA361C2} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE3C8CE-32E2-4336-A9E2-46DF5ADF9751} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3F3582D-A184-43C4-ADFB-4597DB2EB7A} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4DAE086-3579-4FE4-886D-432EB1F7DB3E} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9943894-3F7B-412D-B3D2-7DED2651DCBE} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAAB6706-3F60-47B9-973F-5C28AF1528FD} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DADCC92D-5729-4487-966C-9708AA1951} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF41B4B-BFE-4251-8BCE-578E46849B1C} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E007066B-2AD8-421A-88C6-56A22B7FF59C} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0B85801-955-4E58-B6C-138E59D636B0} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E174ADDA-2C8C-4A6C-8F7D-F82A83EC25D} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3A35F03-D678-4A92-912E-385D46122CA} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5AA3E8B-592C-4A29-B9C0-61B19ABC6F76} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E8B4985-1BCD-45E7-B0EF-6B60CBBC42DB} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4082638-60D0-472A-91A3-DAD8AE9FA0E5} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F61BAA62-872F-429E-A0B6-E6491A79FA1} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F67C6FE8-3853-40AE-B193-15D8AAA856} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5f090b77-5f65-4d7c-82bc-c753efec6863} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87fe7da6-8d53-4568-bd0a-e7a301f8b419} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Mozilla\Firefox\Extensions\{2E8FD54B-FE37-E2EA-34F0-B1A424CDBC84} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\64ffxtbr@TelevisionFanatic.com deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\winzipersvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\otshot deleted
C:\PROGRA~2\Optimizer Pro deleted
C:\PROGRA~2\globalUpdate deleted
C:\MININT deleted
C:\user.js deleted
C:\Users\Administrator\AppData\Roaming\istartsurf deleted
C:\Users\Administrator\AppData\Roaming\Complitly deleted
C:\Users\Administrator\AppData\Roaming\WinZipper deleted
C:\Users\Administrator\AppData\Roaming\Babylon deleted
C:\Users\Administrator\AppData\Roaming\Optimizer Pro deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\IePluginServices deleted
C:\PROGRA~3\QuickSet deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\WindowsMangerProtect deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\WinterSoft deleted
C:\Users\Administrator\AppData\Local\globalUpdate deleted
C:\Users\Administrator\AppData\Local\com deleted
C:\Users\Administrator\AppData\Local\IAC deleted
C:\Users\Administrator\AppData\Local\Local_Weather_LLC deleted
C:\Users\Administrator\AppData\Local\WeatherAlerts deleted
C:\Users\Administrator\AppData\Local\CrashRpt deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\newplayer deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\com deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro deleted
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts deleted
C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-1.job deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-11.job deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-3.job deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-4.job deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-5.job deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-5_user.job deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-6.job deleted
C:\Windows\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-7.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-1.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-11.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-2.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-3.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-4.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-5.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-6.job deleted
C:\Windows\Tasks\5796474d-97b8-4260-8252-29df7674f39f-7.job deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-1 deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-11 deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-3 deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-4 deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-5 deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-5_user deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-6 deleted
C:\windows\SysNative\Tasks\1b0f644d-eed6-49ff-8457-65d31f0f2af1-7 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-1 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-11 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-2 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-3 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-4 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-5 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-6 deleted
C:\windows\SysNative\Tasks\5796474d-97b8-4260-8252-29df7674f39f-7 deleted
C:\Users\Administrator\AppData\LocalLow\BabylonToolbar deleted
C:\Users\Administrator\AppData\LocalLow\TelevisionFanatic deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\RGMDMNF.job deleted
C:\windows\SysNative\tasks\RGMDMNF deleted
C:\Windows\tasks\TCUCBK.job deleted
C:\windows\SysNative\tasks\TCUCBK deleted
C:\Windows\tasks\Plus-HD-2.2-chromeinstaller.job deleted
C:\windows\SysNative\tasks\Plus-HD-2.2-chromeinstaller deleted
C:\Windows\tasks\Torntv 2-codedownloader.job deleted
C:\Windows\tasks\Torntv 2-enabler.job deleted
C:\Windows\tasks\Torntv 2-updater.job deleted
C:\windows\SysNative\tasks\Torntv 2-codedownloader deleted
C:\windows\SysNative\tasks\Torntv 2-enabler deleted
C:\windows\SysNative\tasks\Torntv 2-updater deleted
C:\windows\SysNative\Tasks\LaunchSignup deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA1cfc78b66d27018.job deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA1cfc78b66d27018 deleted
C:\windows\SysNative\tasks\temp_1b0f644d-eed6-49ff-8457-65d31f0f2af1-6 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Administrator\Documents\Add-in Express deleted
C:\Users\Administrator\AppData\Roaming\RGMDMNF.exe deleted
C:\Users\Administrator\AppData\Roaming\TCUCBK.exe deleted
C:\Users\Administrator\Downloads\Download.exe deleted
"C:\Windows\Installer\d59e7.msi" deleted
"C:\Windows\Installer\d59e7.msi" deleted
"C:\Users\Administrator\AppData\Roaming\RGMDMNF" deleted
"C:\Users\Administrator\AppData\Roaming\TCUCBK" deleted
"C:\PROGRA~2\WinZipper\eshellctx64.dll" deleted
"C:\PROGRA~2\SupTab\Loader32.exe" deleted
"C:\PROGRA~2\SupTab\Loader64.exe" deleted
"C:\PROGRA~2\SupTab\msvcp110.dll" deleted
"C:\PROGRA~2\SupTab\msvcr110.dll" deleted
"C:\PROGRA~2\SupTab\WindowsSupportDll32.dll" deleted
"C:\PROGRA~2\SupTab\WindowsSupportDll64.dll" deleted
"C:\PROGRA~2\WinZipper" not deleted
"C:\PROGRA~2\SupTab" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\ADMINI~1\AppData\Local\Temp ====
2015-01-19 13:49:20	F3EB31F6051EA6F7BC6ECB3028940216	1072816	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\4z_ask.exe
2015-01-19 13:49:20	A83701F688E1D78ED439148FD0B17A7E	1499312	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\eUpgrade\eupgrade.exe
2015-01-19 13:49:20	A1F72D2459D7C52AB6AE3D98784EAB8A	150192	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\eshellctx64.dll
2015-01-19 13:49:20	88AA346AC02A605CCDEDFE5A60201F9D	424624	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\winzipersvc.exe
2015-01-19 13:49:20	7A5B6C1DBB60F848D5CAD4B62167058B	1647792	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\ouilibnl.dll
2015-01-19 13:49:20	77909F730D8B052AC1BA3045EE76D36F	261808	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\dup.exe
2015-01-19 13:49:20	45545B2C9E83489252EB160577AAB5D3	726192	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\ebase.dll
2015-01-19 13:49:20	2E92872F4FB563A4D9E4B07BAC070D15	389840	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\wz_ydl.exe
2015-01-19 13:49:20	2CD84058264D8B04EE7AD18BA439692C	1389232	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\airzip_ws.exe
2015-01-19 13:49:20	10F28D475615F1117C2E8F062E14A0C4	506544	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\WinZipper.exe
2015-01-19 13:49:20	0F7663FEC490C79EF52827C4D7F1C490	73904	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\eshellctx.dll
2015-01-19 12:38:40	E2BAF00967934696C4AA063ECA56B6B8	166792	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\psmachine.dll
2015-01-19 12:38:40	D2377C9458EFEB094E38B8C874AA214C	604040	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\npGoogleUpdate3.dll
2015-01-19 12:38:40	665975CF6E511115B931B2E6BB27BA40	189320	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\psuser_64.dll
2015-01-19 12:38:40	41448ABDE73D0FF1898DC6ED7700A66A	189320	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\psmachine_64.dll
2015-01-19 12:38:40	3579D443DF2FC0A9692334B6380FE276	166792	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\psuser.dll
2015-01-19 12:38:39	F172AD4E906D97ED8F071896FC6789DC	107912	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdate.exe
2015-01-19 12:38:39	EDD3E562684CB4C50704B471BEAB1F86	114568	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateComRegisterShell64.exe
2015-01-19 12:38:39	CB8C1CC4F46FBAC78150754D77460C73	230792	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleCrashHandler.exe
2015-01-19 12:38:39	87EB5AFD21E52CB08883E04605B55829	880784	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateSetup.exe
2015-01-19 12:38:39	72888A4512084F0DF9B4D02EA508679F	26112	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateHelper.msi
2015-01-19 12:38:39	7161E8E31B7FD3B1CE083C2CA5FD5F44	285064	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleCrashHandler64.exe
2015-01-19 12:38:39	5B4ED5734945619EE3BCDB9825D2F526	51080	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateOnDemand.exe
2015-01-19 12:38:39	06036279056145E0F08FC095CB789E6A	51080	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateBroker.exe
2015-01-19 12:38:39	0562DF97934FC271893BD916A0262E6D	1689480	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\goopdate.dll
2015-01-19 12:33:10	1974579DD29DF870EC488568A5B526D9	511152	------w-	C:\Users\Administrator\AppData\Local\Temp\.zylominstallertemp1421670790\ZylomGameInstallerTemp.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-01-19 11:37:58	9606307F5E1EABA98ACB61206EFC2127	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-01-19 11:37:58	8A289EF0AE709327D6AA9769E108B5A6	3916728	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-19 11:37:58	2AF481C03C0383ADE09FFEDA0C583140	3971512	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 07:29:57	FE48346938C1CDDDF4E4097DB9B99764	52224	----a-w-	C:\Windows\SysWOW64\nlaapi.dll
2015-01-16 07:29:57	92940397DFFB4D237EA5BB22FF912BDC	156672	----a-w-	C:\Windows\SysWOW64\ncsi.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-01-19 11:37:58	F4846789B3795F14DCB7D92ED1DAF74F	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-01-19 11:37:58	DE595EACC79006E7B15B848BF0831E78	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-01-19 11:37:58	BA6D609BAB615991E8791CA1DFFD034C	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-01-19 11:37:58	0A70B8D78AF95894E221DDAC6482DF6D	5553592	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-01-16 07:30:00	B6A58491307B4CADA572583D863DC602	210432	----a-w-	C:\Windows\Sysnative\profsvc.dll
2015-01-16 07:29:59	DCD00561CBDE7FC42A49D84783F4C00B	62976	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2015-01-16 07:29:57	8B301D474B478E9A92823BAB50A7BC49	303616	----a-w-	C:\Windows\Sysnative\nlasvc.dll
====== C:\Windows\Sysnative\drivers =====
2015-01-19 13:49:30	F03FDF0B8A73CAA8169391033E13CE8D	45224	----a-w-	C:\Windows\Sysnative\drivers\iSafeKrnlBoot.sys
2015-01-19 13:49:30	8EE84CC87D67CE4DE7AF907CCA559F52	52392	----a-w-	C:\Windows\Sysnative\drivers\iSafeNetFilter.sys
2015-01-19 11:38:00	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
2015-01-22 15:03:47	2448D9DFDDCC02878E13E10B50B3898A	5090	----a-w-	C:\Windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for MININT-3C3SRN2-Administrator MININT-3C3SRN2
2015-01-19 14:05:04	A603FA996F448D09282F0A3056872FC9	3380	----a-w-	C:\Windows\Sysnative\Tasks\AutoPico Daily Restart
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-23 10:07:54	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-01-19 13:49:28	--------	d-----w-	C:\PROGRA~2\Elex-tech
2015-01-19 13:02:55	196488	----a-w-	C:\PROGRA~2\8hres.dll
2015-01-19 13:02:55	1037896	----a-w-	C:\PROGRA~2\8hUninstall Allin1Convert.dll
======= C: =====
====== C:\Users\Administrator\AppData\Roaming ======
2015-01-23 13:59:13	--------	d-----w-	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-19 13:49:27	--------	d-----w-	C:\Users\Administrator\AppData\Roaming\Elex-tech
====== C:\Users\Administrator ======
2015-01-23 13:59:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-23 11:14:11	5FFAEDD4098ADA44CB0F48BD2F8A0922	815144	----a-w-	C:\Users\Administrator\Downloads\setup_GXVA-KBH4-CMTV-N24Y-1A76_isp.exe
2015-01-23 10:07:41	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Administrator\Desktop\RSITx64.exe
2015-01-19 14:05:03	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico

====== C: exe-files ==
2015-01-24 17:20:49	6D4B13C19C3D9CDC4B31BF5468C796C7	384568	----a-w-	C:\Windows\temp\fs_upgrade_notifier\fs_upgrade_notifier.exe
2015-01-23 13:59:13	D0B45AB63F5974FAC91C32A95DD4EB9C	521816	----a-w-	C:\Program Files\WinRAR\Rar.exe
2015-01-23 13:59:13	8AF23D9A01907042A6F7805F456D0411	1313880	----a-w-	C:\Program Files\WinRAR\WinRAR.exe
2015-01-23 13:59:13	688FECB72EAF4776C6895A757DAD452F	149592	----a-w-	C:\Program Files\WinRAR\Uninstall.exe
2015-01-23 13:59:13	02916E95A97D892C6F0D747AE4DC6739	329816	----a-w-	C:\Program Files\WinRAR\UnRAR.exe
2015-01-23 11:14:11	5FFAEDD4098ADA44CB0F48BD2F8A0922	815144	----a-w-	C:\Users\Administrator\Downloads\setup_GXVA-KBH4-CMTV-N24Y-1A76_isp.exe
2015-01-23 10:07:55	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Administrator.exe
2015-01-23 10:07:41	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Administrator\Desktop\RSITx64.exe
2015-01-19 14:05:01	6185516BF6BA747388BCC0A208B20B0D	1102016	----a-w-	C:\Program Files\KMSpico\KMSELDI.exe
2015-01-19 14:05:01	245824502AEFE21B01E42F61955AA7F4	30208	----a-w-	C:\Program Files\KMSpico\UninsHs.exe
2015-01-19 14:05:01	049B38B8508B2F3F9A449262CFA68DC6	980672	----a-w-	C:\Program Files\KMSpico\Service_KMS.exe
2015-01-19 14:05:00	C4B0C32F55152DD8758088A485B883A5	981184	----a-w-	C:\Program Files\KMSpico\AutoPico.exe
2015-01-19 14:05:00	30C7E8E918403B9247315249A8842CE5	731809	----a-w-	C:\Program Files\KMSpico\unins001.exe
2015-01-19 14:05:00	05230AFDEEB13718E926FD654DE63F12	225448	----a-w-	C:\Program Files\KMSpico\driver\tap-windows-9.21.0.exe
2015-01-19 13:49:30	BC3754D84F2DAE596C4729614E65D48E	684840	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iDesk.exe
2015-01-19 13:49:30	B97E05F0F93EDCDA1E5A03E2C62F545F	156520	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\ipcdl.exe
2015-01-19 13:49:30	A968FA4E0859E51DDA21266BB1D76EF1	409896	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\feedback.exe
2015-01-19 13:49:30	9F80EC3CD2E0BB4C710836285D1831F9	306984	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\bugreport.exe
2015-01-19 13:49:30	956A2ED4F66AAFD5F20AF4D5E3BF854A	284968	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\isafeLottery.exe
2015-01-19 13:49:30	818FC2F8CDE07418DFCDEE2992659CFC	455080	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp64.exe
2015-01-19 13:49:30	3AB213A417CB57248C7BCD5074395F37	514344	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeVirusScanner.exe
2015-01-19 13:49:30	13D30AC83EA06D11F1022AC480DB3C11	296744	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeBugReport.exe
2015-01-19 13:49:30	0E6C02D4624A77D8E55E2FD5C8C6683C	595240	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeTHlp.exe
2015-01-19 13:49:30	08E390FBBD23B035ECF4F2D813305BE0	605672	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\YacLuckySpin.exe
2015-01-19 13:49:29	C67CD077C70301402A77B3611DCC7BC1	354088	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
2015-01-19 13:49:29	C470390E9E9DCDDEC597988D3BB77DDD	977320	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\uninstall.exe
2015-01-19 13:49:29	A03A95B389479B2ADE3A288FA2EA11D1	118048	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
2015-01-19 13:49:29	72DF56A7472E6849BEF13669F6B509B5	303912	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iStart.exe
2015-01-19 13:49:29	6C4805D26A9CAD1B50DAD2BE37113968	811304	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafe.exe
2015-01-19 13:49:29	1EC45DC4F84777759EB6620325FCAD89	120128	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
2015-01-19 13:49:20	F3EB31F6051EA6F7BC6ECB3028940216	1072816	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\4z_ask.exe
2015-01-19 13:49:20	A83701F688E1D78ED439148FD0B17A7E	1499312	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\eUpgrade\eupgrade.exe
2015-01-19 13:49:20	88AA346AC02A605CCDEDFE5A60201F9D	424624	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\winzipersvc.exe
2015-01-19 13:49:20	77909F730D8B052AC1BA3045EE76D36F	261808	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\dup.exe
2015-01-19 13:49:20	2E92872F4FB563A4D9E4B07BAC070D15	389840	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\wz_ydl.exe
2015-01-19 13:49:20	2CD84058264D8B04EE7AD18BA439692C	1389232	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\airzip_ws.exe
2015-01-19 13:49:20	10F28D475615F1117C2E8F062E14A0C4	506544	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{B8A53280-7AE6-4BCA-886E-653914881DF4}\{8A2CDD52-C24D-424F-9AAE-76C74062B22D}\OmigaZip_patch\WinZipper.exe
2015-01-19 12:39:07	0446920FEC618F01F4262C09B330878B	40756304	----a-w-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\39.0.2171.99\39.0.2171.99_chrome_installer.exe
2015-01-19 12:38:39	F172AD4E906D97ED8F071896FC6789DC	107912	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdate.exe
2015-01-19 12:38:39	EDD3E562684CB4C50704B471BEAB1F86	114568	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateComRegisterShell64.exe
2015-01-19 12:38:39	CB8C1CC4F46FBAC78150754D77460C73	230792	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleCrashHandler.exe
2015-01-19 12:38:39	87EB5AFD21E52CB08883E04605B55829	880784	----a-w-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateSetup.exe
2015-01-19 12:38:39	7161E8E31B7FD3B1CE083C2CA5FD5F44	285064	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleCrashHandler64.exe
2015-01-19 12:38:39	5B4ED5734945619EE3BCDB9825D2F526	51080	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateOnDemand.exe
2015-01-19 12:38:39	06036279056145E0F08FC095CB789E6A	51080	----atw-	C:\Users\Administrator\AppData\Local\Temp\{FA50A7B0-5085-494A-A50A-89B5290D4F6D}\GoogleUpdateBroker.exe
2015-01-19 12:33:10	1974579DD29DF870EC488568A5B526D9	511152	------w-	C:\Users\Administrator\AppData\Local\Temp\.zylominstallertemp1421670790\ZylomGameInstallerTemp.exe
2015-01-19 11:37:58	DE595EACC79006E7B15B848BF0831E78	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-01-19 11:37:58	8A289EF0AE709327D6AA9769E108B5A6	3916728	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-19 11:37:58	2AF481C03C0383ADE09FFEDA0C583140	3971512	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-19 11:37:58	0A70B8D78AF95894E221DDAC6482DF6D	5553592	----a-w-	C:\Windows\System32\ntoskrnl.exe
=== C: other files ==
2015-01-23 11:29:39	899D1720B6399062ECC403AABC838537	9687197	----a-w-	C:\Users\Public\Desktop\fsdiag.zip
2015-01-23 11:22:15	A8FB7C948067C25EB19FA065305DEFC1	123195	----a-w-	C:\ProgramData\F-Secure\MySA\latebound\45123\1\customization.zip
2015-01-23 11:22:15	A8FB7C948067C25EB19FA065305DEFC1	123195	----a-w-	C:\ProgramData\F-Secure\MySA\latebound\45123\1\backup\customization.zip
2015-01-23 11:22:15	72F86D6EB8180839F46756B9EBAE885F	37044	----a-w-	C:\ProgramData\F-Secure\MySA\latebound\45123\1\localization.zip
2015-01-23 11:22:15	72F86D6EB8180839F46756B9EBAE885F	37044	----a-w-	C:\ProgramData\F-Secure\MySA\latebound\45123\1\backup\localization.zip
2015-01-22 15:03:35	084D0B26A4FF8B7972772443E21B69B2	40364	----a-w-	C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3RUSCPM3\ResReader[1].zip
2015-01-19 13:49:30	FA3032D10D756F1352816335D464EDEF	249000	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys
2015-01-19 13:49:30	F03FDF0B8A73CAA8169391033E13CE8D	45224	----a-w-	C:\Windows\System32\drivers\iSafeKrnlBoot.sys
2015-01-19 13:49:30	F03FDF0B8A73CAA8169391033E13CE8D	45224	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlBoot.sys
2015-01-19 13:49:30	BFF3097E412DA68F00B8DBD6D923F962	99496	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys
2015-01-19 13:49:30	9B3C4F2588037E54B10B7379DD17BDDA	42152	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys
2015-01-19 13:49:30	8EE84CC87D67CE4DE7AF907CCA559F52	52392	----a-w-	C:\Windows\System32\drivers\iSafeNetFilter.sys
2015-01-19 13:49:30	8EE84CC87D67CE4DE7AF907CCA559F52	52392	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeNetFilter.sys
2015-01-19 13:49:30	4A5ED618E6D0D57DCC195BFCE9AD3C57	93352	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys
2015-01-19 12:45:30	C82AB54C276A1734876D911EC622A7C2	53	----a-w-	C:\Users\Administrator\AppData\Local\Temp\utt4328.tmp.bat
2015-01-19 11:38:00	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\System32\drivers\mrxdav.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Allin1Convert_8hbar Uninstall]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
"item"="Allin1Convert_8hbar Uninstall"
"hkey"="HKLM"
"command"="rundll32 C:\\PROGRA~2\\8HUNIN~1.DLL,O -3 uninstalltype=IE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PLFSetI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PLFSetI"
"hkey"="HKLM"
"command"="C:\\Windows\\PLFSetI.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk]
"item"="Weather Alerts"
"path"="C:\\Users\\Administrator\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Weather Alerts.lnk"
"backup"="C:\\Windows\\pss\\Weather Alerts.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\ADMINI~1\\AppData\\Local\\WEATHE~1\\WEATHE~1.EXE"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24-01-2015 18:20]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-10-2014 19:29]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-10-2014 19:29]
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cff2dd2a86d451.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-10-2014 19:29]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cff2dd2a86d451" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1409757915&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611&q={searchTerms}"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1409757915&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611&q={searchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1418974143&from=wpm12173&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1409757915&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611&q={searchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1418974143&from=wpm12173&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611"
"Start Page"="http://www.delta-homes.com/?type=hp&ts=1418974143&from=wpm12173&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611"
"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1409757915&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1409757915&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611&q={searchTerms}"
"Default_Page_URL"="http://www.delta-homes.com/?type=hp&ts=1418974143&from=wpm12173&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611"
"Start Page"="http://www.delta-homes.com/?type=hp&ts=1418974143&from=wpm12173&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611"
"Search Page"="http://www.istartsurf.com/web/?type=ds&ts=1409757915&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{53986483-B3B0-4F4B-A756-42E502839A24}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Bueno Search Url="http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=60D816DE2BEB6503&affID=128491&tsp=5184"
{33BB0A4E-99AF-4226-BDF6-49120163DE86} istartsurf  Url="http://www.istartsurf.com/web/?type=ds&ts=1409757915&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WX31CC1S2611S2611&q={searchTerms}"
{53986483-B3B0-4F4B-A756-42E502839A24} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7NDKB_nlNL553"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="https://www.google.com/search?q={searchTerms}"
{75b4241f-171e-44a3-bf44-23613b6e3e03} Ask Web Search Url="http://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm525^YYA^nl&si=flvrunner&ptb=170323CE-A719-4B76-934E-48078F7E53CC&ind=2015011017&n=781aa0c9&psa=&st=sb&searchfor={searchTerms}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-3931447112-2252560855-137403047-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully

==== Deleting CLSID Registry Values ======================


==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X .lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AA1000000001}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\accicons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\xlicons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneDrive for Business 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\grv_icons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\joticon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\outicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\pptico.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Verzenden naar OneNote 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\joticon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\wordicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Lync opnamebeheer.lnk - C:\Windows\Installer\{91150000-0011-0000-1000-0000000FF1CE}\lyncicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR-handleiding.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Wat is nieuw in de meest recente versie.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BF32E65-97BD-4C43-AEA8-DF9F90100C93} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{85AC570B-042A-428D-A066-4C085E4F75FD} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=463 folders=135 49914718 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ADMINI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found
"C:\PROGRA~2\WinZipper"  not found
"C:\PROGRA~2\SupTab"  not found

==== EOF on za 24-01-2015 at 18:44:28,24 ======================