
Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by Gebruiker on ma 20-04-2015 at 11:00:28,23.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\zoek.exe    [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

20-4-2015 11:06:57 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\Avid deleted successfully
C:\PROGRA~3\Karen's Power Tools deleted successfully
C:\PROGRA~3\Media Get LLC deleted successfully
C:\PROGRA~3\Nalpeiron deleted successfully
C:\PROGRA~3\PhotoStitch deleted successfully
C:\PROGRA~3\YYouTubeAdBlockke deleted successfully
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Gebruiker\AppData\Roaming\dvdcss deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Opera Software deleted successfully
C:\Users\Gebruiker\AppData\Roaming\PhotoScape deleted successfully
C:\Users\Gebruiker\AppData\Roaming\WiseUpdate deleted successfully
C:\Users\Gebruiker\AppData\Local\CrashDumps deleted successfully
C:\Users\Gebruiker\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Gebruiker\AppData\Local\GGEmpire deleted successfully
C:\Users\Gebruiker\AppData\Local\Opera Software deleted successfully
C:\Users\Gebruiker\AppData\Local\Sparta deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3785999238-3893435594-3349046317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{183F86A7-97CC-4F8F-B36F-9B77CD461377} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WtuSystemSupport deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\KompoZer\Profiles\9rkknv2t.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20-04-2015_1131_.backup

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155

user.js not found
---- Lines isearch removed from prefs.js ----
user_pref("weboftrust.search.avg.url", "^http(s)?\\:\\/\\/isearch\\.avg\\.com\\/search\\?");
---- FireFox user.js and prefs.js backups ---- 

prefs_20-04-2015_1131_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~2\File Scanner Library (Spybot - Search & Destroy) deleted
C:\Users\Gebruiker\AppData\Local\MediaGet2 deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\iobitascsurfingprotection@iobit.com deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37} deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\{d184bb9a-da59-4370-8e68-7e763aecf1cb} deleted
C:\ComboFix deleted
C:\Qoobox deleted
C:\Users\Gebruiker\AppData\Local\AVG Web TuneUp deleted
C:\Users\Gebruiker\.android deleted
C:\PROGRA~2\FreeFileViewer deleted
C:\PROGRA~2\SnadBoy's Revelation v2 deleted
C:\Users\Gebruiker\AppData\Roaming\Media Get LLC deleted
C:\Users\Gebruiker\AppData\Roaming\GEBRUIK-G0AD337.MTBF.txt deleted
C:\Users\Gebruiker\AppData\Roaming\__AvidCloudManager.log deleted
C:\Users\Gebruiker\AppData\Roaming\__AvidCloudManagerPrevious.log deleted
C:\Users\Gebruiker\AppData\Roaming\ProductData deleted
C:\Users\Gebruiker\XOBGLU16.DLL deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Gebruiker\AppData\Local\Media Get LLC deleted
C:\Users\Gebruiker\AppData\Local\Software deleted
C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 deleted
C:\Users\Gebruiker\AppData\LocalLow\AVG Web TuneUp deleted
C:\Users\Gebruiker\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Gebruiker\Documents\BitLord deleted
C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\searchplugins\mp3-search.xml deleted
C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\jetpack deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\TFToolbarX@torrent-finder.xpi deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\kango-170503fa-3349-4f17-bc86-001888a5c8e2.sqlite" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\kango-f6c1b294-cac9-4106-8962-a277f1d47f19.sqlite" deleted
"C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\kango-whodeletedmedeletedio.sqlite" deleted
"C:\Users\Gebruiker\AppData\Roaming\Ditto\Ditto.db" not deleted
"C:\PROGRA~2\AVG Web TuneUp\TBAPI.dll" deleted
"C:\Users\Gebruiker\AppData\Roaming\Ditto" not deleted
"C:\PROGRA~2\AVG Web TuneUp" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-04-19 12:39:26	CA2A8AF1DBAD0F31F9B33A2827DFBC16	207	----a-w-	C:\Windows\tweaking.com-regbackup-GEBRUIK-G0AD337-Windows-7-Ultimate-(64-bit).dat
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2015-04-19 12:39:01	FDD26A402322F212DCA153FF8B1FFB6E	78816	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\pcwintech_tasksch.dll
2015-04-19 12:39:01	E0DC8C6BBC787B972A9A468648DBFD85	1008128	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\libiconv2.dll
2015-04-19 12:39:01	DC7A3BC0FC185CD68848DC6F7D7B026B	40960	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\SSubTmr6.dll
2015-04-19 12:39:01	D202BAA425176287017FFE1FB5D1B77C	103424	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\libintl3.dll
2015-04-19 12:39:01	A107DE2D120C0571B544EEC53D1971AB	1406208	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe
2015-04-19 12:39:01	57CAC848FA14AE38F14F9441F8933282	140288	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\pcre3.dll
2015-04-19 12:39:01	547C43567AB8C08EB30F6C6BACB479A3	79360	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\regex2.dll
2015-04-19 12:39:01	1B128828BF5E4353811B6DA58156B7F4	6656	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe
2015-04-19 12:34:07	2E0323A94915FAAB10A25F3BABF82584	157696	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2015-04-18 20:57:37	6C2517362F2C436D93E8EE6FDEA7725B	608208	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\xcrashreport\XCrashReport.exe
====== Java Cache =====
2015-04-20 08:58:05	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-1afb2f9e
2015-04-20 08:57:49	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-305a07af
2015-04-20 08:57:49	46E48ED5F64849E9EB459FDEBEE25D23	425	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-04-20 08:57:46	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-6ff5f4b1
2015-04-20 08:57:50	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-2c8635fa
====== C:\Windows\SysWOW64 =====
2015-04-20 08:53:35	4E6A6CCB4A46F25CDAE35BA60B7934C2	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-13 15:06:35	3B9E2AB1F3ABC53D4A423E699EB625C8	419936	----a-w-	C:\Windows\SysWOW64\locale.nls
2015-04-13 14:04:19	5F3628DCF926C4499BE1DC74431DFBC8	1230848	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2015-04-13 14:04:16	DDE994E9159497D0D5AB2CDF66D1EAD6	76800	----a-w-	C:\Windows\SysWOW64\wdi.dll
2015-04-13 14:03:50	DCC148408770F2D55B201F8FC26438A1	988160	----a-w-	C:\Windows\SysWOW64\drmv2clt.dll
2015-04-13 14:03:50	003C51B9FE38287BA4E0E58D3AE080BD	744960	----a-w-	C:\Windows\SysWOW64\blackbox.dll
2015-04-13 14:03:46	833FCABCB5D95B1911BA6E62FC82AC04	617984	----a-w-	C:\Windows\SysWOW64\wmdrmsdk.dll
2015-04-13 14:03:45	B378B6A865C28CE5C1E23C35760A1199	11411968	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-04-13 14:03:45	5B0C6247027FCF5A2E2F150E298D2FFA	3209728	----a-w-	C:\Windows\SysWOW64\mf.dll
2015-04-13 14:03:42	6C2D4DC5D2E271F4AE4016FD4587B0B2	3973048	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-13 14:03:41	BB73C907D1BD437B6C30F2C23BB089FC	406016	----a-w-	C:\Windows\SysWOW64\drmmgrtn.dll
2015-04-13 14:03:40	2CFE69A0A8AFDA8DB9A773D728000BB7	3917760	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-13 14:03:39	74264B7F57A16D25CB581C07964D324A	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-04-13 14:03:37	49474B3E37969AF4B5C076F42B623AFF	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-04-13 14:03:34	D5EC42139D6A6158CF188975C50B6A60	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-04-13 14:03:34	2D4814D567E5A85C473228BA772A7AFB	489984	----a-w-	C:\Windows\SysWOW64\evr.dll
2015-04-13 14:03:32	C5667EE72D7364BE81516C0707FEF724	354816	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2015-04-13 14:03:32	B7D2BB84C590F0AE9DA51DBB065A780E	1005056	----a-w-	C:\Windows\SysWOW64\cryptui.dll
2015-04-13 14:03:32	96DB6A923DEDB58FC7CBBF5CFF73314D	1329664	----a-w-	C:\Windows\SysWOW64\quartz.dll
2015-04-13 14:03:31	B54FD1991E659FD61EF1D34EC27AAECD	81408	----a-w-	C:\Windows\SysWOW64\cryptsp.dll
2015-04-13 14:03:27	98C1191C862B44567FCF3C18BAEE859E	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2015-04-13 14:03:27	3BAA4BAE71460C5CEB40D5E9339A61BC	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-04-13 14:03:27	320A8699369C43CF53B2DB4538D17C52	504320	----a-w-	C:\Windows\SysWOW64\msscp.dll
2015-04-13 14:03:26	E0AB9CA912398BE1AAD14FF7AD75C397	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2015-04-13 14:03:26	70E96EBE87A38857619671FCB9C8EC7B	265216	----a-w-	C:\Windows\SysWOW64\msnetobj.dll
2015-04-13 14:03:24	2D21189858856316D55EAD55DF4964C2	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2015-04-13 14:03:23	08FF727297A97907AADED4BA86CF44E9	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-04-13 14:03:22	A56F4029FDCF4F817E78953CDA953E28	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2015-04-13 14:03:21	AF47EAA4ADDA9AA221FB7647EE22BF53	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2015-04-13 14:03:20	A4A2EFB40015B76467F09E6DC388BC26	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-04-13 14:03:20	50B8937A81360D16A5C772302BD32CFE	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2015-04-13 14:03:19	49F4EE8DF752CFA159B99046CD1FDD2B	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-04-13 14:03:18	FCD5137A10C8943B34C9BE891C50159F	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-04-13 14:03:18	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-04-13 14:03:18	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2015-04-13 14:03:18	8B07DBA0D77346545C6359AC67DCB980	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-04-13 14:03:17	7C1CADCA0E674212412559B0EAD0919A	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-04-13 14:03:15	2F3CE58D8C276570EEB69C99CFBAFD58	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2015-04-13 14:01:18	D5063B86DC3F85B93D02AF68099F4C9A	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-04-13 14:01:18	69925A266D265DAD96C6FCBB861FA5CD	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-04-13 14:01:18	0485899A035E02C53014C0545D912405	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-04-13 14:01:17	C7D334A01C66BF07B92D04CD7A981B7F	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-04-13 14:01:17	B06A4105DD22E91A1D922D7310803140	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-04-13 14:01:17	7A71DA6D6F75AB73475128F787DD8EAD	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-04-13 14:01:17	5E76C26CAE2810EA71C161ED9A2CF0D1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-04-13 14:01:17	4E15E2D20AE755FDEACD96F359F732DB	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-04-13 14:01:16	ACD0CA819E279E1C17BE5C8A077EF448	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-04-13 14:01:16	84974782ED5D108DA2EFAF3C6534A760	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-04-13 14:01:16	7407DDA27838C393DE67A0BDCDD044D0	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-04-13 14:01:16	30F5B3E28636009A0B194057AAE4392A	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-04-13 14:01:16	04934912B1317F2F8816208067A32B96	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-04-13 13:59:59	A208DAC2932649CFF82A6A684D8BB1F6	571904	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
2015-04-13 13:59:55	EE88CADD249395CC12741D88EEA3BC35	154624	----a-w-	C:\Windows\SysWOW64\iisRtl.dll
2015-04-13 13:59:54	D6280BDDB45463C8CA6A647E2CFABA94	50688	----a-w-	C:\Windows\SysWOW64\admwprox.dll
2015-04-13 13:59:54	479B88F7F2AA681060E40A4B01791E80	15360	----a-w-	C:\Windows\SysWOW64\iisreset.exe
2015-04-13 13:59:53	E6DA0BCF9660745FEAB85ED1BE3B092E	26624	----a-w-	C:\Windows\SysWOW64\ahadmin.dll
2015-04-13 13:59:53	9DDC99B7B0A004EE28B2EDE5F9C708D6	8192	----a-w-	C:\Windows\SysWOW64\iisrstap.dll
2015-04-13 13:59:53	41F9727BD583653674A37F1136707480	10752	----a-w-	C:\Windows\SysWOW64\wamregps.dll
2015-04-13 13:59:18	FE48346938C1CDDDF4E4097DB9B99764	52224	----a-w-	C:\Windows\SysWOW64\nlaapi.dll
2015-04-13 13:59:18	92940397DFFB4D237EA5BB22FF912BDC	156672	----a-w-	C:\Windows\SysWOW64\ncsi.dll
2015-04-13 13:59:10	340EECB781E6C06A6171B3068DA208AD	12875264	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-04-13 13:59:07	ABB358777FDF4AF51B2FE26137D2B8D4	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-04-13 13:59:07	965D6A2B30A95A9F7EF13653988D3D9F	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-04-13 13:59:07	55273844B66D77A2F1A2213C17A9EA4A	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-04-13 13:59:07	274F0540FD4C88FC845C94CA1569688A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-04-13 13:59:07	01D9C9A70323BC7E5835B92442DD7EC2	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-04-13 13:59:03	B3BC38B886CA53C92D52EF724A9F0D45	308224	----a-w-	C:\Windows\SysWOW64\scesrv.dll
2015-04-13 13:59:02	B804EAA9E037580F96C22537C2ECB62A	171520	----a-w-	C:\Windows\SysWOW64\ubpm.dll
2015-04-13 13:59:00	84B460BB65567ED42DD605FA044DB370	828928	----a-w-	C:\Windows\SysWOW64\msctf.dll
2015-04-13 13:58:49	FDF0B4DC83627A859D18EE439B8E5A26	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-13 13:58:49	B8445B89D0EA5C2575C98EA7BD180C5C	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-04-13 13:58:49	00F39165D6D14302618C20CDD7BB213A	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-04-13 13:58:48	6108ED659B5962DE73DACB3B04D86ED3	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-13 13:58:47	B35C35C55FED3DD7F995C77F63CBC29B	1311232	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-04-13 13:58:47	29EDBC5C381F1406A5262351E69BC87A	342696	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-04-13 13:58:46	AD1BA932AC31D2BC8C9105DA59BEA6BE	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-04-13 13:58:46	AD13E719AE506AA0E0BB5D49E0D5B44A	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-04-13 13:58:46	95CB6079B3E62D4301958023C2070A48	19720192	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-04-13 13:58:46	8FDE1162C9DCF7B180AA702DD9EB6071	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-13 13:58:44	08B30EB9751858C1C369E8775492D732	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-04-13 13:58:43	BD838E2129623E8311720AA86C5DFBBF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-04-13 13:58:43	A41C85FDB2275FA9AAA821A118807FDB	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-04-13 13:58:43	A34897A1A39316BDECCA3E61986F98F2	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-04-13 13:58:43	52B4DECDC70B8758380D37EA2CDD4254	2278400	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-04-13 13:58:42	F5F730ED126DCFBEBDB9BB629BD482C4	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-04-13 13:58:42	BA10D970EB39913357B224F4473D535B	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-04-13 13:58:42	988AB676FBF4484508BA134CAAB711EB	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-04-13 13:58:42	756B4F77945C61ADBE68150D7D2EC7A6	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-04-13 13:58:41	AC35DA94A14679E8E515A44A8CF90804	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-04-13 13:58:40	E868396BC5F8957A9E39BD9A28EA814D	12827648	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-04-13 13:58:37	FC5FE9F2D140435FC95CB3EF6724EF0A	4300288	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-04-13 13:58:37	EA6EA6912F27F05C61D8D747517EB47E	1888256	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-04-13 13:58:37	BC9CE46C3F05CCC40F8F1EFC7E4B41C7	503296	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-04-13 13:58:37	02C0770DA3BE9231EFAF7185EE51020C	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-13 13:58:36	B0B83B31853E15C619FDB91B64F8349A	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-04-13 13:49:59	9566C8BBD2271A7962D4432A624762AD	417792	----a-w-	C:\Windows\SysWOW64\WMPhoto.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-04-17 22:37:34	3322C3CD787EBF45DFCA62648AAF6631	5227080	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
2015-04-13 15:06:35	3B9E2AB1F3ABC53D4A423E699EB625C8	419936	----a-w-	C:\Windows\Sysnative\locale.nls
2015-04-13 14:04:19	0A4D03A4C0F908B15B8A4C48FB18F197	1424896	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2015-04-13 14:04:17	D713D6446DDBB474D801F361B4B186EA	950272	----a-w-	C:\Windows\Sysnative\perftrack.dll
2015-04-13 14:04:17	AA7079AD52B8BFBAE94167D54C32F84F	29696	----a-w-	C:\Windows\Sysnative\powertracker.dll
2015-04-13 14:04:16	C6F7473B55510F0B93961DA03D8E3B38	91136	----a-w-	C:\Windows\Sysnative\wdi.dll
2015-04-13 14:03:51	A53A63831185FF5339E76221BE45E6B9	842240	----a-w-	C:\Windows\Sysnative\blackbox.dll
2015-04-13 14:03:50	DF6104DCED89E13A78BA5539CEF5100A	1202176	----a-w-	C:\Windows\Sysnative\drmv2clt.dll
2015-04-13 14:03:48	FDA5F186596288F0B9ECE9DC7A5AA868	5554104	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-04-13 14:03:47	BD311BB00DD0D656C091AC8888C2369D	14632960	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-04-13 14:03:46	7F4D59E70DD6E757E96B40570B498D5C	782848	----a-w-	C:\Windows\Sysnative\wmdrmsdk.dll
2015-04-13 14:03:42	B2F02AB28864B6D5B5B9BEDA565D41BB	497664	----a-w-	C:\Windows\Sysnative\drmmgrtn.dll
2015-04-13 14:03:42	3FECBED0EACABD22E024EF4E50CF987B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-04-13 14:03:40	999A7FD4D9F8B1656F1167D94743E50A	457400	----a-w-	C:\Windows\Sysnative\ci.dll
2015-04-13 14:03:40	6AEEC5677AD522786CED371A7BEE620C	616360	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-04-13 14:03:39	B7E752FFD95DC61FCB7A6E70E37175E5	693176	----a-w-	C:\Windows\Sysnative\winload.efi
2015-04-13 14:03:39	1CD76A83B9E8E9A5A3519B39E28354D9	187904	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-04-13 14:03:38	8DFDB70E3E56C2F1AE09CB3C03E266E5	1574400	----a-w-	C:\Windows\Sysnative\quartz.dll
2015-04-13 14:03:38	7A4064169FBA91F39DB1FDC094A18DA8	619056	----a-w-	C:\Windows\Sysnative\winload.exe
2015-04-13 14:03:37	73D81B5B4B2655CB1B5662E770F755D5	532176	----a-w-	C:\Windows\Sysnative\winresume.exe
2015-04-13 14:03:36	5FFEE6CA63E27CBA1F32002743E58F3C	631808	----a-w-	C:\Windows\Sysnative\evr.dll
2015-04-13 14:03:36	577D0B947B49DB83E2054FA169B2ECBF	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-04-13 14:03:34	410F6B1BE785F3630B4782F8E3D85A24	1069056	----a-w-	C:\Windows\Sysnative\cryptui.dll
2015-04-13 14:03:32	DB2D62AA2DF6B1F3D690A9EC9701AA2C	188416	----a-w-	C:\Windows\Sysnative\pcasvc.dll
2015-04-13 14:03:32	483221CC1AAC288368292899E32B6B9B	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-04-13 14:03:32	0BC72EA80234382701EAFC1BE0ECD7E4	432128	----a-w-	C:\Windows\Sysnative\mfplat.dll
2015-04-13 14:03:31	94BC902494AFC9F5EBC5FBB61445D73F	82432	----a-w-	C:\Windows\Sysnative\cryptsp.dll
2015-04-13 14:03:31	29143C7827F9F2AC543E792A8C63FBB0	4121600	----a-w-	C:\Windows\Sysnative\mf.dll
2015-04-13 14:03:30	F88B4A9EA1A956F09D5001D08B546228	641024	----a-w-	C:\Windows\Sysnative\msscp.dll
2015-04-13 14:03:28	AE66D26930CA536706078537CB5AC840	325632	----a-w-	C:\Windows\Sysnative\msnetobj.dll
2015-04-13 14:03:28	84DB8EB3C184BB549ED90A842020F278	58880	----a-w-	C:\Windows\Sysnative\appidapi.dll
2015-04-13 14:03:27	93C7D1C3941086162B433107D9E8BCE3	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-04-13 14:03:27	72D4757510FDA69D729169C00AFC211E	32256	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2015-04-13 14:03:27	6968D02DC38757C3FBE7ED7C2F9670AA	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-04-13 14:03:27	1BE9877B199184D7657BC4CFCB7B4A99	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-04-13 14:03:26	C0AE7ABD87254B2789C8CB34AF274A65	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2015-04-13 14:03:26	7BC64DEEFD0E6812E21DE89F0CF50A49	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2015-04-13 14:03:26	6E974F1C384615DEB0710E44F4847351	126464	----a-w-	C:\Windows\Sysnative\audiodg.exe
2015-04-13 14:03:25	3029D8E78E4BF18A0551E22CD4CB892C	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
2015-04-13 14:03:24	3A7BC2DC99D3C5B172465E890B3C3B14	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2015-04-13 14:03:24	27793FE3FF2D0123896D1A01A2D222C7	37376	----a-w-	C:\Windows\Sysnative\pcadm.dll
2015-04-13 14:03:23	CBE684883A45E5B047DA6B4AC46C2112	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2015-04-13 14:03:23	589852B65C91F574E980ABDB8205080A	146944	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2015-04-13 14:03:22	C4937B9D6EF4D309A60054D4D00EE9DB	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2015-04-13 14:03:22	63D3C30B497347495B8EA78A38188969	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-04-13 14:03:21	947938F265D7CB99653CDFF2B3C0468D	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2015-04-13 14:03:20	ED6BF1E1C4F40F600DFEC0CB101A1789	9728	----a-w-	C:\Windows\Sysnative\pcalua.exe
2015-04-13 14:03:20	A84C94CF795E08BBB99E4E145F9E81A3	11264	----a-w-	C:\Windows\Sysnative\pcawrk.exe
2015-04-13 14:03:20	29088A5723C81BF75AD909AAB6A91610	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-04-13 14:03:20	0F79883E27BB1AFE2D9BB4656A1CEFCD	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-04-13 14:03:20	00EE5D3E16D42F25F7813ACFA10EC803	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2015-04-13 14:03:19	EA285B947EE48103697CDA53D76C9EEC	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2015-04-13 14:03:19	BE7DA70C9F4A97CCA9ED78B70BCFC9AC	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-04-13 14:03:19	56FD1BC602EE0E7949F92EE2EE327B72	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2015-04-13 14:03:18	FE03B35A22C3D2714B494FC2AB32AC5B	8704	----a-w-	C:\Windows\Sysnative\pcaevts.dll
2015-04-13 14:03:18	F43B09E257121ADC501ABE9367FAA850	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-04-13 14:03:18	DBCD54B841F2B216B2F0F86E18205C22	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-04-13 14:03:18	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-04-13 14:03:18	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-04-13 14:03:16	77D49942BD5DC97723ABC8A6D2757B6E	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-04-13 14:03:15	8364A0F7633414DC5C50A37295B1FAFF	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2015-04-13 14:02:46	B6A58491307B4CADA572583D863DC602	210432	----a-w-	C:\Windows\Sysnative\profsvc.dll
2015-04-13 14:01:18	DB2904A4CEBC39DF8892A613BEC71512	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-04-13 14:01:18	65CF54B1D8CB1B085B6D8BC210E2C45F	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-04-13 14:01:18	3807605BDA83C0DA729A5219CEBB9041	341504	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-04-13 14:01:18	1DB278E5834B08F9A184F953F2D31FF7	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-04-13 14:01:17	FB95F6E11AAD62F24C2DB01E6E9D7BE7	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-04-13 14:01:17	E1404987DCD392AF9D67F6A26CE21175	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-04-13 14:01:17	B6C7729936AAF8E0697F0A7DCA82CED8	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-04-13 14:01:17	9B644AC070576AAE701910874C241DBD	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-04-13 14:01:17	7BC39275661EA7DEE54135AA26DF733E	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-04-13 14:01:17	6536829F6EA1149527728A210F493B79	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-04-13 14:01:17	28CC69865D5DC458EDDCEA35F01D71DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-04-13 14:01:16	92F920EE9EAF7306B4AB8124D474AB52	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-04-13 14:01:16	54CD467B3A6DA02E9449DB7FB1830612	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-04-13 14:01:16	543553AD3E30CB261C8B436DF644F23E	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-04-13 14:01:16	473BCBFFC55C9FE33D502035322E759D	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-04-13 14:01:16	378B175D0F0A1C38026F280BF6C8D0C6	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-04-13 14:00:45	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2015-04-13 13:59:59	AE4FEDD98096C09A8A86E021FC5E9D67	861696	----a-w-	C:\Windows\Sysnative\oleaut32.dll
2015-04-13 13:59:55	EDC5E337D2CCD95150E89AD9E777778F	55296	----a-w-	C:\Windows\Sysnative\admwprox.dll
2015-04-13 13:59:55	54CB2D6909E6CCDC3177E1D2B68D7610	192000	----a-w-	C:\Windows\Sysnative\iisRtl.dll
2015-04-13 13:59:54	AAA1E0A0BC59365370CE1624D9FC23FE	16896	----a-w-	C:\Windows\Sysnative\iisreset.exe
2015-04-13 13:59:54	059A7E2F57BB2668DCDA5880D3A31CFC	60928	----a-w-	C:\Windows\Sysnative\ahadmin.dll
2015-04-13 13:59:53	80CA0CCD8356DD20A82F5DDF32B46AD0	11264	----a-w-	C:\Windows\Sysnative\iisrstap.dll
2015-04-13 13:59:53	8055165FC1D534AB338A2C3E09496B55	14848	----a-w-	C:\Windows\Sysnative\wamregps.dll
2015-04-13 13:59:18	8B301D474B478E9A92823BAB50A7BC49	303616	----a-w-	C:\Windows\Sysnative\nlasvc.dll
2015-04-13 13:59:10	01F9FEB7F0C84EA1AC6A9B4D7C6B0435	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-04-13 13:59:08	1307814243F21EB129852D59B5AB37FB	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-04-13 13:59:07	F351B0E520502552734BE70AA5940784	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-04-13 13:59:07	DB0BD8B8D68D8211CA23FBE52DACE549	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-04-13 13:59:07	85D3E918658C2766780F7DEE5F8FBE57	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-04-13 13:59:07	39A108604F51821F6F4E2001E9A1CB60	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-04-13 13:59:06	A0DEE06D68F210CA090FD4D9A33CDC12	3204096	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-04-13 13:59:03	FE72C89986E1BA32AD926A820491F23F	406528	----a-w-	C:\Windows\Sysnative\scesrv.dll
2015-04-13 13:59:02	1FB81632476857E8451DDA8A456EF3CE	215552	----a-w-	C:\Windows\Sysnative\ubpm.dll
2015-04-13 13:59:00	E88A78273D429554B6B2D2BDA945ED9B	1067520	----a-w-	C:\Windows\Sysnative\msctf.dll
2015-04-13 13:58:54	B5CBA15C9DEDBE914D24AA1494A82DF5	3179520	----a-w-	C:\Windows\Sysnative\rdpcorets.dll
2015-04-13 13:58:54	35308B0F821CE1E8EDC2FAB96F3073F3	16384	----a-w-	C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2015-04-13 13:58:54	15C3986C015EA186BCB4E6096528D656	243200	----a-w-	C:\Windows\Sysnative\rdpudd.dll
2015-04-13 13:58:49	2CA6A98547E799812489E5ADF2774D97	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-04-13 13:58:49	289581F0FDA6B93A0FAFE979486AD6FA	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-04-13 13:58:48	08892A4ED848386E6B901723C1EF611B	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-04-13 13:58:47	D2BF72C0A9E26BE91C1DEEACF7C430E0	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-04-13 13:58:47	7FA2B43D940DF41E46B8049B59AB6639	718848	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-04-13 13:58:46	D3EA5B5E606EF17804B5BF565BEAD937	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-04-13 13:58:43	F5E5E96E188934BAB22C0916C91F46B3	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-04-13 13:58:43	585B29EFB4954902FD53C4F8F9A0D39F	389800	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-04-13 13:58:43	501A38B72FA264605123B4FACF53F057	1548288	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-04-13 13:58:42	132862B0FC4A1B7CB45C274DE169DBB2	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-04-13 13:58:41	80B3AD73027A2CCD42C47EBF5C89124F	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-04-13 13:58:41	5443F21A33DB376734DBE47F7635542C	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-04-13 13:58:40	D0767EA3A59FA70C7ACF59EE0C8CD42A	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-04-13 13:58:39	9E9B757A677927110393A505822D9174	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-04-13 13:58:38	62269DEFF17AB006217330A24EA8577B	2886144	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-04-13 13:58:38	22C4867C690C38B18B2C1A0B072CD0C4	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-04-13 13:58:36	A1264D16AF506125C974775C833A063C	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-04-13 13:58:36	1EC0BF321D3B14D02B9A8BAC134570F4	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-04-13 13:58:35	FB8C4EE9889790466A0174923410649E	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-04-13 13:58:35	76B53D2150284E138B46410EA54967FA	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-04-13 13:58:34	D373113A84C12BA7F07CE1E9CAF4747F	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-04-13 13:58:34	2335F6BF8A127E31EB0E2D9A82F188A0	14398976	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-04-13 13:58:33	A9190899A35431CF8ABBEF5E1BB0C8F9	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-04-13 13:58:33	4870B24EA7D4EEF5E1C4675AC47796B8	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-04-13 13:58:33	40DF85D8B2B0171EF5F23AA1B5CD9A62	6035456	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-04-13 13:58:32	687E11F36832BFF65EF0CD2FA3DB1966	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-04-13 13:58:32	36F99BD8A0F09BDBB7850A138845A014	2358784	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-04-13 13:58:31	667229C8F194D619D12F05943D7F61F0	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-04-13 13:58:31	1C393E42928BF55B3796E732B678CD5B	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-04-13 13:58:30	1193400D8E29A5A010135FB09A4EB1E8	25021440	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-04-13 13:49:59	CBA2694BFC61F371181F2BE2BCD66C40	465920	----a-w-	C:\Windows\Sysnative\WMPhoto.dll
====== C:\Windows\Sysnative\drivers =====
2015-04-18 00:04:01	4778EEECB75C6FB419745BEED3530B9D	26024	----a-w-	C:\Windows\Sysnative\drivers\rsdrvx64.sys
2015-04-13 14:03:40	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2015-04-13 14:03:31	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-04-13 14:03:26	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-04-13 14:01:18	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-04-13 14:01:18	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-04-13 14:01:18	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-04-13 13:58:57	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2015-03-25 09:21:34	079F75EE36CD275620298DA7D7636006	281056	----a-w-	C:\Windows\Sysnative\drivers\avgidsdrivera.sys
====== C:\Windows\Tasks ======
2015-04-17 07:52:23	31919BE94325E5D399210984FC36A488	3384	----a-w-	C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3785999238-3893435594-3349046317-1000
2015-04-03 23:44:22	F89EE04FCE7D62499F6B86730252A57D	2858	----a-w-	C:\Windows\Sysnative\Tasks\ASC7_SkipUac_Gebruiker
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-18 00:03:53	--------	d-----w-	C:\Program Files\Remo Recover 4.0
2015-04-17 09:37:47	--------	d-----w-	C:\Program Files\Defraggler
======= C:\PROGRA~2 =====
2015-04-20 08:54:46	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-04-20 08:52:13	--------	d-----w-	C:\PROGRA~2\Java
2015-04-13 16:10:30	--------	d-----w-	C:\PROGRA~2\SpeedFan
======= C: =====
2015-04-17 11:56:17	AD255572F4F2CFF0A1474FAD0FCD04EA	3536	------w-	C:\bootsqm.dat
====== C:\Users\Gebruiker\AppData\Roaming ======
2015-04-19 12:45:27	8680054F2A94941228D5A057E648E00D	7604	----a-w-	C:\Users\Gebruiker\AppData\Local\Resmon.ResmonCfg
2015-04-17 12:12:44	3F7F027401B87F0A11F303EBF6D6D475	164496	----a-w-	C:\Users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-14 13:40:21	--------	d-----w-	C:\Users\Voorbeelden van afbeeldingen\AppData\Local\temp
2015-04-14 13:40:21	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2015-04-14 13:40:21	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\temp
2015-04-14 13:40:21	--------	d-----w-	C:\Users\Gast\AppData\Local\temp
2015-04-14 13:40:21	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\temp
2015-04-14 13:40:21	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-04-14 13:40:21	--------	d-----w-	C:\Users\Administrator\AppData\Local\temp
2015-04-13 15:18:56	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\PDF Architect 3
====== C:\Users\Gebruiker ======
2015-04-20 08:52:57	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-04-20 08:40:35	2FE492CEF9188068FC87AA4F8665A564	561576	----a-w-	C:\Users\Gebruiker\Desktop\jxpiinstall.exe
2015-04-19 12:38:01	0EFDC1550592DC0C4E73AFFB54B35C3E	2217984	----a-w-	C:\Users\Gebruiker\VIRRUS\adwcleaner_4.201.exe
2015-04-19 12:34:28	2B75AC0607AA0D16A0BCBD41C2BA03EB	2686254	----a-w-	C:\Users\Gebruiker\VIRRUS\JRT_NEW.exe
2015-04-18 00:03:57	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover
2015-04-17 09:37:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2015-04-13 16:10:31	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-04-13 15:28:58	--------	d-----r-	C:\Users\Gebruiker\Virtual Machines
2015-04-03 23:43:53	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7

====== C: exe-files ==
2015-04-20 08:53:03	B175AD07294EB83FD12947B47B009D66	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-04-20 08:53:03	6045943DD4B9731735DB0774B25AE114	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-04-20 08:53:03	12F3D9FC2D1D68BB1C9AF782F94E4CF8	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-04-20 08:52:48	F65FA872AB42C3F0DBDDE26DF9609F5C	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe
2015-04-20 08:52:48	D7168BCC2877E533EB32E0E00DCEEAE6	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe
2015-04-20 08:52:48	B406B32BDFDE96384C5F0A93D0090403	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe
2015-04-20 08:52:47	EEF1E60EE8CD91EB27B465DF7D97D747	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-04-20 08:52:47	E830232219E9156AF3E7F0ACB1B85FC8	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe
2015-04-20 08:52:47	BDFE80354D388518D8C4E71F2734796D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe
2015-04-20 08:52:47	B2ED82B1A6ACCED29498BB9BA43D430F	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe
2015-04-20 08:52:47	9A78F5C33E24C55B7025416C79658759	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe
2015-04-20 08:52:47	90D8F0F8665DFE0F5616902F8A0E8561	76712	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-04-20 08:52:47	6EE11615820FCCBC8879FD86DD033515	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe
2015-04-20 08:52:47	57631CADE6FE87A131913D6241A5343A	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe
2015-04-20 08:52:47	33EF14CDCDD35CB53D3C3FCB3C2819CC	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe
2015-04-20 08:52:47	11EEA5DB4A0B073867E3DCBCDBF12118	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe
2015-04-20 08:52:47	01E2DB324E5D3C31D1C31D7E3B9748CF	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe
2015-04-20 08:52:46	7AEB4F5D482E1167E1FE9A726584BCD6	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
2015-04-20 08:52:46	6045943DD4B9731735DB0774B25AE114	191400	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
2015-04-20 08:52:46	3C07B66A8BB9F028DC8EB87F84915DF0	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe
2015-04-20 08:52:46	12F3D9FC2D1D68BB1C9AF782F94E4CF8	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe
2015-04-20 08:52:45	EECA4389069973E098AC4A167D58DC47	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe
2015-04-20 08:52:45	C885370364208460FD31001113F2B2A2	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe
2015-04-20 08:52:45	B175AD07294EB83FD12947B47B009D66	190888	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe
2015-04-20 08:40:35	2FE492CEF9188068FC87AA4F8665A564	561576	----a-w-	C:\Users\Gebruiker\Desktop\jxpiinstall.exe
2015-04-19 13:30:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\pc clean\CHEKUP\RSITx64.exe
2015-04-19 12:39:01	A107DE2D120C0571B544EEC53D1971AB	1406208	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\TweakingRegistryBackup.exe
2015-04-19 12:39:01	1B128828BF5E4353811B6DA58156B7F4	6656	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\tweaking.com_registry_backup_portable\files\dosdev.exe
2015-04-19 12:38:01	0EFDC1550592DC0C4E73AFFB54B35C3E	2217984	----a-w-	C:\Users\Gebruiker\VIRRUS\adwcleaner_4.201.exe
2015-04-19 12:34:28	2B75AC0607AA0D16A0BCBD41C2BA03EB	2686254	----a-w-	C:\Users\Gebruiker\VIRRUS\JRT_NEW.exe
2015-04-19 12:34:07	2E0323A94915FAAB10A25F3BABF82584	157696	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2015-04-18 20:57:37	6C2517362F2C436D93E8EE6FDEA7725B	608208	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\xcrashreport\XCrashReport.exe
2015-04-18 00:03:57	B731C051EA2F1FB8D52746C81F5B9F02	26456	----a-w-	C:\Program Files\Remo Recover 4.0\installdrv.exe
2015-04-18 00:03:57	40989ACAE5B6238A28E472202B3B058A	674304	----a-w-	C:\Program Files\Remo Recover 4.0\rsupdate.EXE
2015-04-18 00:03:57	3433C41EBE4BD50BA2159FCC58B0494F	738136	----a-w-	C:\Program Files\Remo Recover 4.0\rs-viewer.exe
2015-04-18 00:03:57	1E48298FD1CD84B542ADD5AA01F26E22	520536	----a-w-	C:\Program Files\Remo Recover 4.0\rs-recover.exe
2015-04-18 00:03:57	00A72719F40F7DA727BC93145C0377A8	147800	----a-w-	C:\Program Files\Remo Recover 4.0\rs-mplayer.exe
2015-04-18 00:03:56	ECD38CB936FFD9784EDA8B8DF748F572	3010392	----a-w-	C:\Program Files\Remo Recover 4.0\32\rs-recover32.exe
2015-04-18 00:03:56	84EDB8286E22CA46E679C5BD11EDE91A	1412952	----a-w-	C:\Program Files\Remo Recover 4.0\32\actkey32.exe
2015-04-18 00:03:55	77C2DACF547006FFABFBD19BD3B95C05	1797976	----a-w-	C:\Program Files\Remo Recover 4.0\64\actkey64.exe
2015-04-18 00:03:55	3562E13AF9C0F1EA33399DAF310D9B41	3444568	----a-w-	C:\Program Files\Remo Recover 4.0\64\rs-recover64.exe
2015-04-18 00:03:54	30A6A9D26D1F62CA44656612FEC6814F	1162592	----a-w-	C:\Program Files\Remo Recover 4.0\unins000.exe
2015-04-17 23:58:02	88A78975B67AE74B4319317BCAB4AFCE	42496	----a-w-	C:\Program Files\Remo Recover 4.0\Remo Recover 4.0.exe
2015-04-16 08:47:21	675411373A4F984C1288D1713FD28884	1258784	----a-w-	C:\Program Files (x86)\IObit\Smart Defrag 3\SDFreeBigUpgrade.exe
2015-04-13 16:10:31	3CA9655CFEEEB1B341A247EDC1678C01	36867	----a-w-	C:\Program Files (x86)\SpeedFan\uninstall.exe
2015-04-13 14:03:48	FDA5F186596288F0B9ECE9DC7A5AA868	5554104	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-04-13 14:03:42	6C2D4DC5D2E271F4AE4016FD4587B0B2	3973048	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-13 14:03:40	2CFE69A0A8AFDA8DB9A773D728000BB7	3917760	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-13 14:03:38	7A4064169FBA91F39DB1FDC094A18DA8	619056	----a-w-	C:\Windows\System32\winload.exe
2015-04-13 14:03:38	7A4064169FBA91F39DB1FDC094A18DA8	619056	----a-w-	C:\Windows\System32\Boot\winload.exe
2015-04-13 14:03:37	73D81B5B4B2655CB1B5662E770F755D5	532176	----a-w-	C:\Windows\System32\winresume.exe
2015-04-13 14:03:37	73D81B5B4B2655CB1B5662E770F755D5	532176	----a-w-	C:\Windows\System32\Boot\winresume.exe
2015-04-13 14:03:34	6B4BE7F9923F727C0298E9CB0FB2A406	497080	----a-w-	C:\Windows\Boot\PCAT\memtest.exe
2015-04-13 14:03:27	93C7D1C3941086162B433107D9E8BCE3	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-04-13 14:03:26	6E974F1C384615DEB0710E44F4847351	126464	----a-w-	C:\Windows\System32\audiodg.exe
2015-04-13 14:03:23	CBE684883A45E5B047DA6B4AC46C2112	55808	----a-w-	C:\Windows\System32\rrinstaller.exe
2015-04-13 14:03:23	589852B65C91F574E980ABDB8205080A	146944	----a-w-	C:\Windows\System32\appidpolicyconverter.exe
2015-04-13 14:03:23	08FF727297A97907AADED4BA86CF44E9	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-04-13 14:03:22	63D3C30B497347495B8EA78A38188969	112640	----a-w-	C:\Windows\System32\smss.exe
2015-04-13 14:03:20	ED6BF1E1C4F40F600DFEC0CB101A1789	9728	----a-w-	C:\Windows\System32\pcalua.exe
2015-04-13 14:03:20	A84C94CF795E08BBB99E4E145F9E81A3	11264	----a-w-	C:\Windows\System32\pcawrk.exe
2015-04-13 14:03:20	00EE5D3E16D42F25F7813ACFA10EC803	24576	----a-w-	C:\Windows\System32\mfpmp.exe
2015-04-13 14:03:19	EA285B947EE48103697CDA53D76C9EEC	17920	----a-w-	C:\Windows\System32\appidcertstorecheck.exe
2015-04-13 14:03:19	D1D03ED0A40B9EA7D45CD09E585415ED	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2015-04-13 14:03:19	733F15A545DCB45295EEB1E409F2D63A	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2015-04-13 14:03:19	49F4EE8DF752CFA159B99046CD1FDD2B	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-04-13 14:03:19	3CB513A4E2D3666282725B09FF66D2B1	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-04-13 14:03:18	FEB8566E798B2F6BA40AC39C90E354B3	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2015-04-13 14:03:18	E357783E1561251E25513247B534D423	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-04-13 14:03:18	201283E93160A0EBBA8CC9F3F2388FDA	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-04-13 14:01:17	FB95F6E11AAD62F24C2DB01E6E9D7BE7	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-04-13 14:01:17	B6C7729936AAF8E0697F0A7DCA82CED8	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-04-13 14:01:17	5E76C26CAE2810EA71C161ED9A2CF0D1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-04-13 14:00:45	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\System32\TSWbPrxy.exe
2015-04-13 13:59:56	CB23BF5867C9E97CFD7422A646F01581	293888	----a-w-	C:\Windows\System32\inetsrv\iissetup.exe
2015-04-13 13:59:55	C6BFDACD415946850E5B1EB04469DBCA	195584	----a-w-	C:\Windows\SysWOW64\inetsrv\aspnetca.exe
2015-04-13 13:59:55	8F42AE45969066A9584A96868168D06E	241152	----a-w-	C:\Windows\SysWOW64\inetsrv\iissetup.exe
2015-04-13 13:59:55	640FBED072E1858ABCA7F6D6C00CEBA2	229376	----a-w-	C:\Windows\System32\inetsrv\aspnetca.exe
2015-04-13 13:59:54	F6ECFF08B341337E92DE3A9FF623CE40	155648	----a-w-	C:\Windows\SysWOW64\inetsrv\appcmd.exe
2015-04-13 13:59:54	AAA1E0A0BC59365370CE1624D9FC23FE	16896	----a-w-	C:\Windows\System32\iisreset.exe
2015-04-13 13:59:54	8461383FAA13684C62A0394BBD2B4816	34816	----a-w-	C:\Windows\System32\inetsrv\iisrstas.exe
2015-04-13 13:59:54	479B88F7F2AA681060E40A4B01791E80	15360	----a-w-	C:\Windows\SysWOW64\iisreset.exe
2015-04-13 13:59:54	1EF2C27F93C1BCF3A71F05059B208082	193536	----a-w-	C:\Windows\System32\inetsrv\appcmd.exe
2015-04-13 13:59:13	A6C3E3120AC125BABE410959083A0108	459264	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-04-13 13:59:13	86345D30828786E1CC6AF12DF769D136	392704	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2015-04-13 13:59:13	771215B601C7D7E88D015D974AF7BEC7	393216	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-04-13 13:59:13	29038FF696BB007224872DA9645EA324	353048	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2015-04-13 13:59:12	E32AAB3E477398B78E9D8F2418D1989C	658944	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-04-13 13:58:49	2CA6A98547E799812489E5ADF2774D97	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-04-13 13:58:47	B5F3C8A860C39AEC1356A708C2A701A1	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-04-13 13:58:47	7FA2B43D940DF41E46B8049B59AB6639	718848	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-04-13 13:58:43	E931C01E7DD7CEC0BD26CD1B9DA967A3	815272	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-04-13 13:58:43	9C7990C221DC5C283BFF5A05CF52D69B	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-04-13 13:58:43	5CC34CBBBD90696FD82DB670C38B13FD	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-04-13 13:58:42	988AB676FBF4484508BA134CAAB711EB	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-04-13 13:58:42	132862B0FC4A1B7CB45C274DE169DBB2	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-04-13 13:58:39	EF3BE302619A2C85A1E33FBFAB4C60F8	484864	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-04-13 13:58:38	D3D00B950A174882DAC32F45AB589864	813736	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-04-13 13:58:36	1EC0BF321D3B14D02B9A8BAC134570F4	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
=== C: other files ==
2015-04-20 08:52:48	34AD992DE8D6023490DB5C9017FAE6E8	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip
2015-04-19 12:39:00	AA0C656F898523BEDF2DA6923197BB80	1264	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\surfvox.bat
2015-04-19 12:39:00	080CFDE64F31E7B50EECF4552033E84D	9937	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\mws.bat
2015-04-19 12:34:07	F859F80A06427E26FB91D3345811DAA7	15355	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\get.bat
2015-04-19 12:34:07	EEF2A6B6D8AC635899BAC1ABE7FBADE4	153704	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\firefox.bat
2015-04-19 12:34:07	DD1E4D974B1672ABD09EFFB225791C4A	1230	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\TDL4.bat
2015-04-19 12:34:07	CC6C23C02BE66014AD87F2678BBB3A1D	8117	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\modules.bat
2015-04-19 12:34:07	B964B792D3692699CD7D4FDB63EE470E	1239	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\FWPolicy.bat
2015-04-19 12:34:07	AD2F52DC72B10AF331692E4A4DD80DFC	18670	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\medfos.bat
2015-04-19 12:34:07	93A6196509429319C854A941F14F1E7C	252	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\ev_clear.bat
2015-04-19 12:34:07	8E6020C14F982CF11B3FE7DBB0CB8EDE	24738	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\searchlnk.bat
2015-04-19 12:34:07	6D8B1278456C1903364B4BD2B62B662D	135290	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\misc.bat
2015-04-19 12:34:07	654E9FE74B930A454EE5BDE165794B65	85	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\delorphans.bat
2015-04-19 12:34:07	62D7034C831C2A80790CD778051D5B9D	35577	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\prelim.bat
2015-04-19 12:34:07	5AE8F4442CA6D69FE9A6738E8DB411F2	10261	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\JRT.bat
2015-04-19 12:34:07	38A0BDF322ACCC968B0A824C38D50157	29635	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\ask.bat
2015-04-19 12:34:07	335DFF8F23E5EC02B5426362F0F8509B	31401	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\iexplore.bat
2015-04-19 12:34:07	0C4649A62845AB5D5DBCC4998477FF6D	1813	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\delfolders.bat
2015-04-19 12:34:07	048407135C9B1FB6A355E256BD96160D	14192	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\chrome.bat
2015-04-19 12:34:07	024E00B8DDF3FB2FB32C31870AE8540A	8227	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\jrt\runvalues.bat
2015-04-18 00:04:01	4778EEECB75C6FB419745BEED3530B9D	26024	----a-w-	C:\Windows\System32\drivers\rsdrvx64.sys
2015-04-18 00:03:57	B8EAC99B14772BDC36CA963AED109FA2	22312	----a-w-	C:\Program Files\Remo Recover 4.0\rsdrv.sys
2015-04-18 00:03:57	4778EEECB75C6FB419745BEED3530B9D	26024	----a-w-	C:\Program Files\Remo Recover 4.0\rsdrvx64.sys
2015-04-13 14:03:40	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\System32\drivers\PEAuth.sys
2015-04-13 14:03:31	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-04-13 14:03:26	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\System32\drivers\appid.sys
2015-04-13 14:01:18	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-04-13 14:01:18	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-04-13 14:01:18	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-04-13 13:59:06	A0DEE06D68F210CA090FD4D9A33CDC12	3204096	----a-w-	C:\Windows\System32\win32k.sys
2015-04-13 13:58:57	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\System32\drivers\mrxdav.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3785999238-3893435594-3349046317-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Ditto"="C:\Program Files\Ditto\Ditto.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"AdobeCEPServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe -launchedbylogin"
"TkBellExe"="C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe  -osboot"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Ditto"="C:\Program Files\Ditto\Ditto.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IntelliPoint"="c:\Program Files\Microsoft IntelliPoint\ipoint.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"TkBellExe"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\adblock pro]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="adblock pro"
"hkey"="HKLM"
"command"="C:\\Program Files\\Adblock Pro\\abpmain.exe -m"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 7]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Advanced SystemCare 7"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IObit\\Advanced SystemCare 7\\ASCTray.exe\" /auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ToolwizCareFree]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ToolwizCareFree"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\ToolwizCareFree\\ToolwizCares.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ulead AutoDetector]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ulead AutoDetector"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Ulead Systems\\AutoDetector\\Monitor.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\vProt]
"command"="\"C:\\Program Files (x86)\\AVG Web TuneUp\\vprot.exe\""
"hkey"="HKLM"
"item"="vProt"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\RealPlayer Cloud Service UI.lnk"
"backup"="C:\\Windows\\pss\\RealPlayer Cloud Service UI.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\Real\\REALPL~1\\RPDS\\Bin64\\RPSYST~1.EXE "
"item"="RealPlayer Cloud Service UI"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\GEBRUI~1\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk]
"path"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\EOS Utility.lnk"
"backup"="C:\\Windows\\pss\\EOS Utility.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\Canon\\EOSUTI~1\\EOSUTI~1.EXE /AutoStartUp"
"item"="EOS Utility"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LiveUpdateSvc]


==== Startup Folders ======================

2014-06-01 17:59:43	226720	----a-w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MSOFFICE.EXE
2014-06-06 20:15:08	1134592	----a-w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\stickies.exe
2014-05-30 21:21:47	1376	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-10-2014 00:12]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-10-2014 00:12]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\ASC7_SkipUac_Gebruiker" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Gebruiker)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Real Player-online actualiseringsprogramma" [C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe]
"C:\Windows\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3785999238-3893435594-3349046317-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3785999238-3893435594-3349046317-1000" [C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe]
"C:\Windows\SysNative\tasks\SlimComputer Run" ["C:\Program Files (x86)\SlimComputer\SlimComputer.exe"]
"C:\Windows\SysNative\tasks\ToolwizCareFree" [C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155
user_pref("browser.startup.homepage", "https://www.facebook.com/hobbyfotograaf");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"pdf_architect_3_conv@pdfarchitect.org"=hex(2):43,00,3a,00,5c,00,50,00,72,00,\ []

==== Firefox Extensions ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\KompoZer\Profiles\9rkknv2t.default
- Undetermined - %ProfilePath%\extensions\installed-extensions.txt
- KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155
- Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\{7E7165E2-0767-448c-852F-5FA8714F2C37}
- PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
- Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Add Bookmark Here - %ProfilePath%\extensions\abhere2@moztw.org.xpi
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Classic Theme Restorer Customize UI - %ProfilePath%\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
- Element Hiding Helper for Adblock Plus - %ProfilePath%\extensions\elemhidehelper@adblockplus.org.xpi
- YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
- YouTube mp3 - %ProfilePath%\extensions\info@youtube-mp3.org.xpi
- Facebook Select All - %ProfilePath%\extensions\jid0-n2ISP7BOUOHLqFZBUsiANkm14Ck@jetpack.xpi
- Who Deleted Me - %ProfilePath%\extensions\whodeletedme@deleted.io.xpi
- 1-Click YouTube Video Downloader - %ProfilePath%\extensions\YoutubeDownloader@PeterOlayev.com.xpi
- Best Video Downloader 2 - %ProfilePath%\extensions\{170503FA-3349-4F17-BC86-001888A5C8E2}.xpi
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Fastest Facebook - %ProfilePath%\extensions\{288479BE-1B9E-11E2-80EA-F3246188709B}.xpi
- Facebook Bookmarks - %ProfilePath%\extensions\{50fa8145-5954-4508-9124-e61bbc85c08b}.xpi
- Fasterfox - %ProfilePath%\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Protect My Choices - %ProfilePath%\extensions\{dc501fe1-520b-41f2-9421-ecbb2e7f0255}.xpi
- Adblock Edge - %ProfilePath%\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155
C62322C77D1AAB77B1CF1130FCC3673A	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll -	Shockwave Flash
9E2ACEFA9A03FA35133459B0F8613B40	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll -	Shockwave for Director / Shockwave for Director
A09367798BC0A7B61E565EAA91F2A3D6	- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll -	RealPlayer Video Downloader for HTML5  (32-bit)
78000F6EBF10A7117E61EB3B2645C59A	- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll -	RealPlayer Video Downloader for PepperFlash  (32-bit)
560D8D18213A40A56047800888674FD6	- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll -	RealPlayer Video Downloader  (32-bit)


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Gebruiker\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Gebruiker\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[13-05-2014 13:13]
nfengeggddojhakldhlpjdlddgkkjkdd - No path found[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\pdf_architect_3_conv@pdfarchitect.org deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\brwj5z6q.default-1424455973155\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1471 folders=362 699492976 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\temp emptied successfully
C:\Users\Gast\AppData\Local\temp emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Users\HomeGroupUser$\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Voorbeelden van afbeeldingen\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Gebruiker\AppData\Roaming\Ditto\Ditto.db"  not found
"C:\PROGRA~2\AVG Web TuneUp"  not found
"C:\Users\Gebruiker\AppData\Roaming\Ditto"  not found

==== EOF on ma 20-04-2015 at 11:49:34,00 ======================