
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Dirk on vr 15/05/2015 at 10:50:46,33.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Software 2015\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-05-11-094336.log	64671 bytes

==== Empty Folders Check ======================

C:\Program Files\log deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully

==== Installed Programs ======================

4500_G510nz_Help  
4500G510nz  
4500G510nz_Software_Min  
64 Bit HP CIO Components Installer  
ActiveX-kontroll f”r fj„rranslutningar f”r Windows Live Mesh  
Adobe AIR  
Adobe Flash Player 17 ActiveX  
Adobe Flash Player 17 NPAPI  
Adobe Reader X (10.1.13) MUI  
Adobe Refresh Manager  
Adobe Shockwave Player 11.6  
Apple Application Support  
Apple Mobile Device Support  
Apple Software Update  
ArcSoft Panorama Maker 5  
Ashampoo Burning Studio  
Ashampoo Photo Commander  
Ashampoo Photo Optimizer  
Ashampoo Snap  
Asmedia ASM104x USB 3.0 Host Controller Driver  
AVEO USB2.0 PC Camera(S5HVTV1P20821)  
AVG 2015  
AVG Security Toolbar  
Belgium e-ID middleware 4.0.7 (build 7466)  
Bonjour  
Brother MFL-Pro Suite MFC-7360N  
BufferChm  
CCleaner  
Control ActiveX de Windows Live Mesh para conexiones remotas  
Contr“le ActiveX Windows Live Mesh pour connexions … distance  
Controlo ActiveX do Windows Live Mesh para Liga‡äes Remotas  
Corel Graphics - Windows Shell Extension  
Corel Graphics - Windows Shell Extension 64 Bit  
CorelDRAW Essentials X5 - Common  
CorelDRAW Essentials X5 - Connect  
CorelDRAW Essentials X5 - Custom Data  
CorelDRAW Essentials X5 - DE  
CorelDRAW Essentials X5 - Draw  
CorelDRAW Essentials X5 - EN  
CorelDRAW Essentials X5 - ES  
CorelDRAW Essentials X5 - Extra Content  
CorelDRAW Essentials X5 - Filters  
CorelDRAW Essentials X5 - FR  
CorelDRAW Essentials X5 - IPM  
CorelDRAW Essentials X5 - IT  
CorelDRAW Essentials X5 - PHOTO-PAINT  
CorelDRAW Essentials X5 - Redist  
CorelDRAW Essentials X5 - Setup Files  
CorelDRAW Essentials X5 - WT  
CorelDRAW Essentials X5  
CyberLink LabelPrint  
CyberLink MediaEspresso  
CyberLink Power2Go  
CyberLink PowerDVD Copy  
CyberLink PowerRecover  
CyberLink YouPaint  
D3DX10  
Definition Update for Microsoft Office 2010 (KB3015642) 32-Bit Edition  
Destinations  
DeviceDiscovery  
DocMgr  
DocProc  
Dropbox  
Facebook Video Calling 3.1.0.521  
Fax  
Firebird 2.1.1.17910 (Win32)  
Firebird SQL Server - MAGIX Edition  
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych  
Fotogalerija Windows Live  
Galeria de Fotografias do Windows Live  
Galer¡a fotogr fica de Windows Live  
Galeria fotografii uslugi Windows Live  
Galerie de photos Windows Live  
Ginger  
Google Chrome  
Google Earth  
Google SketchUp 8  
Google Toolbar for Internet Explorer  
Google Update Helper  
GPBaseService2  
HiJackThis  
HP Customer Participation Program 13.0  
HP Document Manager 2.0  
HP Imaging Device Functions 13.0  
HP Officejet 4500 G510n-z  
HP Smart Web Printing 4.5  
HP Solution Center 13.0  
HP Update  
HPDiagnosticAlert  
HPProductAssistant  
HPSSupply  
IBM Lotus Symphony  
Intel(R) Management Engine Components  
Intel(R) Rapid Storage Technology  
IrfanView (remove only)  
iTunes  
Java 8 Update 45  
Java Auto Updater  
Junk Mail filter update  
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave  
Lotus Organizer 97  
MAGIX Foto Manager 2007 4.1.1.89 (NL)  
MAGIX Music Manager 2007 8.1.1.98 (NL)  
MAGIX Video deluxe 2008 PLUS 7.0.2.3 (NL)  
MAGIX Xtreme Photo Designer 6 6.0.20.0 (NL)  
Malwarebytes Anti-Malware versie 2.0.2.1012  
MarketResearch  
McAfee Security Scan Plus  
McAfee WebAdvisor  
Medion Home Cinema  
Mesh Runtime  
Microsoft .NET Framework 4.5.1  
Microsoft .NET Framework 4.5.1 (Nederlands)  
Microsoft .NET Framework 4.5.1 (NLD)  
Microsoft Application Error Reporting  
Microsoft Office Access MUI (Dutch) 2010  
Microsoft Office Excel MUI (Dutch) 2010  
Microsoft Office Home and Student 2010  
Microsoft Office Office 64-bit Components 2010  
Microsoft Office OneNote MUI (Dutch) 2010  
Microsoft Office Outlook MUI (Dutch) 2010  
Microsoft Office PowerPoint MUI (Dutch) 2010  
Microsoft Office Proof (Dutch) 2010  
Microsoft Office Proof (English) 2010  
Microsoft Office Proof (French) 2010  
Microsoft Office Proof (German) 2010  
Microsoft Office Proofing (Dutch) 2010  
Microsoft Office Publisher MUI (Dutch) 2010  
Microsoft Office Shared 64-bit MUI (Dutch) 2010  
Microsoft Office Shared MUI (Dutch) 2010  
Microsoft Office Single Image 2010  
Microsoft Office Word MUI (Dutch) 2010  
Microsoft Silverlight  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)  
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD  
Microsoft XML Parser  
MioMore Desktop  
Mozilla Firefox 38.0.1 (x86 nl)  
Mozilla Maintenance Service  
MSI to redistribute MS VS2005 CRT libraries  
MSVC90_x64  
MSVC90_x86  
MSVCRT  
MSVCRT_amd64  
MSXML 4.0 SP3 Parser  
MSXML 4.0 SP3 Parser (KB2721691)  
MSXML 4.0 SP3 Parser (KB2758694)  
MSXML 4.0 SP3 Parser (KB973685)  
MyFreeCodec  
Network64  
Nikon File Uploader 2  
Nikon Message Center 2  
Nitro Reader 3  
Nokia Connectivity Cable Driver  
Nokia PC Suite  
Nuance PaperPort 12  
Nuance PDF Viewer Plus  
NVIDIA-configuratiescherm 331.65  
NVIDIA 3D Vision controllerstuurprogramma 306.23  
NVIDIA 3D Vision stuurprogramma 331.65  
NVIDIA Grafisch stuurprogramma 331.65  
NVIDIA HD Audio-stuurprogramma 1.3.18.0  
NVIDIA Install Application  
NVIDIA PhysX  
NVIDIA PhysX systeemsoftware 9.12.0604  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 1.15.2  
NVIDIA Update Components  
OCR Software by I.R.I.S. 13.0  
Paint Shop Pro 7 Anniversary Edition  
PaperPort Image Printer 64-bit  
PC Connectivity Solution  
PCDJ Red 5.0  
Picture Control Utility  
Pimero 2011 R3 Free Edition  
PLATINUM PV-Monitor v2.2.1  
PlayReady PC Runtime amd64  
Poczta uslugi Windows Live  
Podstawowe programy Windows Live  
Posta Windows Live  
QuickTime 7  
Raccolta foto di Windows Live  
Realtek High Definition Audio Driver  
S?????? f?t???af??? t?? Windows Live  
Samsung Kies  
SAMSUNG USB Driver for Mobile Phones  
Scan  
Scansoft PDF Professional  
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)  
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)  
Security Update for Microsoft .NET Framework 4.5.1 (KB3023224)  
Security Update for Microsoft .NET Framework 4.5.1 (KB3035490)  
Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)  
Security Update for Microsoft Excel 2010 (KB2965240) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2965242) 32-Bit Edition  
Security Update for Microsoft Office 2010 (KB2999412) 32-Bit Edition  
Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition  
Security Update for Microsoft PowerPoint 2010 (KB2999420) 32-Bit Edition  
Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition  
Security Update for Microsoft Word 2010 (KB2965237) 32-Bit Edition  
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition  
Shop for HP Supplies  
Skype Click to Call  
SkypeT 7.0  
SmartWebPrinting  
SolutionCenter  
Speccy  
Spelling Dictionaries Support For Adobe Reader X  
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?æa???sæ??e? s??d?se??  
Status  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/30/2014 4.0.7.5)  
Sunny Design 2.20  
Switch Sound File Converter  
swMSM  
SyncBackFree  
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD  
TeamViewer 9  
TomTom HOME  
TomTom HOME Visual Studio Merge Modules  
Toolbox  
TrayApp  
Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition  
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition  
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition  
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2494150)  
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2965291) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2965301) 32-Bit Edition  
Update for Microsoft Office 2010 (KB2999439) 32-Bit Edition  
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition  
Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition  
Update for Microsoft Outlook 2010 (KB2965295) 32-Bit Edition  
Update for Microsoft Outlook 2010 (KB3015585) 32-Bit Edition  
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition  
Update for Microsoft Visio 2010 (KB2965292) 32-Bit Edition  
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition  
Uzak BaglantÕlar I‡in Windows Live Mesh ActiveX Denetimi  
VASCO Card Reader Plug-In (64-Bit)  
VASCO Smart Card Reader Plug-In (User)  
ViewNX 2  
Visual Studio 2008 x64 Redistributables  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
WavePad Sound Editor  
WebReg  
Windows-stuurprogrammapakket - Nokia Modem  (02/25/2011 4.7)  
Windows-stuurprogrammapakket - Nokia Modem  (02/25/2011 7.01.0.9)  
Windows-stuurprogrammapakket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Fotogalerie  
Windows Live Fotogalleri  
Windows Live Fotograf Galerisi  
Windows Live Fot¢t r  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen  
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger  
Windows Live Mesh ActiveX-objekt til fjernforbindelser  
Windows Live Mesh ActiveX-vez‚rlo t voli kapcsolatokhoz  
Windows Live Mesh ActiveX Control for Remote Connections  
Windows Live Mesh ActiveX control for remote connections  
Windows Live Meshin et„yhteyksien ActiveX-komponentti  
Windows Live Messenger  
Windows Live MIME IFilter  
Windows Live Movie Maker  
Windows Live Photo Common  
Windows Live Photo Gallery  
Windows Live PIMT Platform  
Windows Live Remote Client  
Windows Live Remote Client Resources  
Windows Live Remote Service  
Windows Live Remote Service Resources  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live Temel Par‡alar  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
Windows Liven asennusty”kalu  
Windows Liven s„hk”posti  
Windows Liven valokuvavalikoima  
WinZip 17.5  

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default

user.js not found
---- Lines {e4f94d1e-2f53-401e-8885-681602c0ddd8} removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"{e001c731-5e37-4538-a5cb-8168736a2360}\":{\"d\":\"C:\\\\Users\\\\Dirk\\\\AppData\\\\Roaming\\\\M
---- FireFox user.js and prefs.js backups ---- 

prefs_20151505_1114_.backup

ProfilePath: C:\Users\Dirk\AppData\Roaming\TomTom\HOME\Profiles\8iyol1o0.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20151505_1114_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\Run] 
"AVG-Secure-Search-Update_JUNE2013_TB"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\McAfee\SiteAdvisor not found
C:\ProgramData\McAfee Security Scan deleted

==== Registry Search Results for "{B658800C-F66E-4EF3-AB85-6C0C227862A9}" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol]
"CLSID"="{B658800C-F66E-4EF3-AB85-6C0C227862A9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE\CLSID]
@="{B658800C-F66E-4EF3-AB85-6C0C227862A9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1\CLSID]
@="{B658800C-F66E-4EF3-AB85-6C0C227862A9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\viprotocol]
"CLSID"="{B658800C-F66E-4EF3-AB85-6C0C227862A9}"

==== Registry Search Results for "{5513F07E-936B-4E52-9B00-067394E91CC5}" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest]
"CLSID"="{5513F07E-936B-4E52-9B00-067394E91CC5}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore]
"CLSID"="{5513F07E-936B-4E52-9B00-067394E91CC5}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\dssrequest]
"CLSID"="{5513F07E-936B-4E52-9B00-067394E91CC5}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\sacore]
"CLSID"="{5513F07E-936B-4E52-9B00-067394E91CC5}"

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Dirk\AppData\Local\Temp ====
2015-05-15 08:12:39	0CFC0308F76EC217C457F54DDFCB3077	43008	----a-w-	C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyq9nbw.dll
2015-05-12 16:22:31	FDCF03208012026400DA8626656983F8	298096	----a-w-	C:\Users\Dirk\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe
2015-05-12 09:27:03	939E521BA30E035C77757CE751E592FD	18952192	----a-w-	C:\Users\Dirk\AppData\Local\Temp\BeidMW64.msi
2015-05-12 09:27:03	712F20758FB7CBBC0E26C64E33C1C2D7	17205760	----a-w-	C:\Users\Dirk\AppData\Local\Temp\BeidMW.msi
====== Java Cache =====
2015-05-15 08:45:09	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-1c2bcd88
2015-05-15 08:45:09	735BC0FB6BB3415C1159D05D700D3CCB	100	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-05-15 08:45:08	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-3ca07d08
2015-05-15 08:45:38	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\47c58863-20b3cb1c
2015-05-15 08:45:09	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-737c9a79
====== C:\Windows\SysWOW64 =====
2015-05-13 09:54:38	858EB73F68B20A2A5C66B6C000D1C0DD	102608	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:58:18	CFCB89C0FE8EF502A7934C0D20E5DBD6	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 08:58:18	C3120D99E6DA7878A1DD2D88138AC60A	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-05-13 08:58:18	9025CA7BCD6B7956366FC90B3D6E3933	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 08:58:18	8C00AB01B1BC1E2F69765776BBC5A5D1	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 08:58:17	D74445161E58644309F858342F5E265C	19691008	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-05-13 08:58:17	C2EB0AA5570CF8BC881B36EE55A59337	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 08:58:17	C1A32612710492D0C3339E46EC15E333	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-05-13 08:58:17	AA2F2D55DEF98007839D0189D721D70B	1310208	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-05-13 08:58:17	7B4FA4B41FBDBB12C5038FCB6E6652AA	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 08:58:17	746BBC86351D07859D8B40056447F7B2	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 08:58:17	6388FC82897DDDA607BBE3580D75AE15	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 08:58:16	28313FF0DE83EAD8F5EF1B963D9078C3	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 08:58:15	F2DB87F164BC13AB8EF90FBF5D866B65	664576	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-05-13 08:58:15	E993B5E929F46A52E9F4EB68A7855CDF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-05-13 08:58:15	CC4974FCF9387F32A0FF87BCE093A5AD	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 08:58:15	C525258A00ECFB4CE089F54C163268C3	2278400	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-05-13 08:58:15	63A2E3E9C771B1D4D7D84942D6FCB661	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 08:58:15	3CE5DE0730C22A54FE783DB8A989E8BD	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 08:58:15	1BBC9CFD29A62D80FB77BB69BFF7513C	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 08:58:15	136687227F11CE928CB05F4FD90319AC	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 08:58:14	BCFA71A878903B5F92A7AFEFCCC5CA97	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-05-13 08:58:14	5AAC24BF6C4A54DA526CC6244DEBE227	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 08:58:14	0E22CD36FC3292CB812CC46CBCFD8444	12828672	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-05-13 08:58:13	CB5F450D21B9D76B7F01D006E4AEDB40	1882112	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-05-13 08:58:13	6E2B4875B968324E5844F35A37A79260	4305920	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-05-13 08:58:13	1C5C5B5EF9CFDFC897D4549A2385DB3A	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 08:58:12	37625FC1DAF886F1980E2D8F315B93AC	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-05-13 08:58:12	07E82A31808C8BC053D1DE547082C58F	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-05-13 08:57:56	D0CA74BE380498A0111A73EB9C76CF8F	342016	----a-w-	C:\Windows\SysWOW64\certcli.dll
2015-05-13 08:57:56	2665A3D34D1C62DF303723422215B001	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-05-13 08:53:50	8D50ED3F0FBE3590AB0D43BF7B60E57A	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 08:53:50	0A66C88B087249742381924AB8F9EFCC	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 08:53:49	D0F574320615303ADECDCB452EBB8930	635392	----a-w-	C:\Windows\SysWOW64\tdh.dll
2015-05-13 08:53:46	A44680B810977EA64E280523E96F2EA9	1310744	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-05-13 08:53:44	7A5824DC9A85FCE4334F57FF0795853E	641536	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2015-05-13 08:53:43	1569F20BB9DB9FDC87A6D3C8A3726ABF	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-05-13 08:53:42	EB058143B57ED460AC4F2DFBA104BBFF	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 08:53:39	54A01CC4BC47B31C5CD082D064AB37BC	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-05-13 08:53:38	8C45A65ED20B487085B79EEFCC08D160	92160	----a-w-	C:\Windows\SysWOW64\sechost.dll
2015-05-13 08:53:34	C6D2D384B6232B0B800234C03C50979F	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-05-13 08:53:34	66D6A06936088E412E29A182679F0D71	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 08:53:33	850F756363237A2EB069B9B25EF8BEC3	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-05-13 08:53:33	7F99900705E249E9D5C55E490B7D076E	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 08:53:32	FCB1C8345C794FE89ABA03B4CA3131BB	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 08:53:32	97B30711DC6CA0EA4EACEDCE8080A3B4	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-05-13 08:53:32	74C0EC1257698176E288DA282F318E1C	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-05-13 08:53:32	0B6E937863837BA3383E9CE9200DDF1E	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 08:53:31	D9E25B4BD2120CC5183CCCE9421C7AFE	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-05-13 08:53:31	AFFE5747054D03F8CEE18A8518A9AA34	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-05-13 08:53:30	F286528898342F0F1EB402606750C391	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-05-13 08:53:30	ABA025664F9F42C568B2C022AADCB18F	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-05-13 08:53:29	99A508910BB06DFBE99D9AF7D6B4E950	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-05-13 08:53:29	3346701038E55BD366F3D5CE31F55483	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 08:53:27	79AF005633B7E41B7A194A7E7B9D3D93	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-05-13 08:53:26	741DB93796E7D4F3F804C13537FB40F4	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-05-13 08:53:26	6BB13D5E12C5C4D829C1D640DF269EA0	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-05-13 08:53:23	F43CB86F9536B17E5C7CFCFB48ACBE54	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-05-13 08:53:22	D9716B488CC27652C12B1B5E0944987E	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-05-13 08:53:22	9638DA21E965E23C85C4319F3F66D824	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 08:53:21	D079A408CC3E22A09D1260A6F18FC0FD	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-05-13 08:53:21	BF9BB4113E9FCDABD4C703DDD06293F3	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-05-13 08:53:21	86B2AC15999BB4F8B5C84AB6154A1783	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-05-13 08:51:37	C22AB1781BC6F0BB1C9B352CF66DBFFC	1250816	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-05-13 08:51:30	418AEC0CE89A13200F2820079B9CDFD9	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
2015-05-13 08:51:24	744AB3C1A73A57DEED49D631F1BDEA1D	2311168	----a-w-	C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 08:51:20	C489D8B4D8C64F20CC75A93F541F7D91	123904	----a-w-	C:\Windows\SysWOW64\poqexec.exe
2015-05-13 08:51:16	DCA2C6E7990771209CDD8E9DA90ED0E2	5120	----a-w-	C:\Windows\SysWOW64\shimeng.dll
2015-05-13 08:51:16	D3E8C7FADB758E5D222C639CC65790AD	295936	----a-w-	C:\Windows\SysWOW64\apphelp.dll
2015-05-13 08:51:16	715C060150D969B0DE5DD5B365A712AF	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-05-13 09:54:38	189FB45D7442083AE8A2E4E612233EF7	124112	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:58:18	E802824B9B4A16355A5233A7B8215ECE	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-05-13 08:58:18	9DCD15027A13195ABA68B40A5EB26691	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-05-13 08:58:17	70EDB996FE1BCB699232A15CB0D0FA32	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-05-13 08:58:17	6D2787CD32595A91969502A399E7BA48	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-05-13 08:58:17	5EDC6AF7589B65C89CB1154B3377D0C4	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-05-13 08:58:17	1122DD841CCB7E07EF41039CBD66A29E	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-05-13 08:58:15	ED4EB5A0CDD251A17B946C515CB94D70	1547264	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-05-13 08:58:15	D7B9EEF960F68DC18724BB5F89A464DD	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-05-13 08:58:15	2A2CDE78F9E9019AD0E4D804A02688A3	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-05-13 08:58:15	010F562B961AB8CAEC7A0C72F8FDD690	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-05-13 08:58:14	F28577138120BA7E5423820D4B4C4727	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-05-13 08:58:14	EB9FCD39D65E23380CB2C2F0E6F2ED53	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-05-13 08:58:14	E20B5098C8707B2CF0858024568234FF	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-05-13 08:58:14	49B1935F131A44CD29857D6900CB643F	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-05-13 08:58:13	F918BE3C5ACA0B6485D725CC1A5348DC	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-05-13 08:58:13	B85ECB91C88F6E74045061B7F7DDEFA2	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-05-13 08:58:13	843D063E75B19188759CBEC82828BCB1	2885120	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-05-13 08:58:13	29BBA65402DD568F49C837533F269482	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-05-13 08:58:13	0B4E78E6E65D1FD2CE55C93CF1EFD623	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-05-13 08:58:12	E061B5A1D0F9BBACA41149201ADF4A3B	14401536	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-05-13 08:58:12	CA0369799519F33DDE8FD26F5D87D014	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-05-13 08:58:12	1D610F215769E4FF56C7B1847DE4B86D	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-05-13 08:58:11	FFC30231459FC44FD73E07532C707791	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-05-13 08:58:11	F0289B3A341429117696F0279DA977B6	2352128	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-05-13 08:58:11	DC1200D3C3AC1E69A4DAD053BC26BF0D	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-05-13 08:58:11	C1D6BD834E69E8F77C8B4DDFCEE073F6	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-05-13 08:58:11	79A4C71CD8B610DE9F66B72B5654C450	6025728	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-05-13 08:58:11	63061A0826839DE8F5B4713976C99F1B	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-05-13 08:58:11	1921A72BF1273BED72E569EF1F1A0611	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-05-13 08:58:10	F2A1718334172C0F4E231E998F6CB8AB	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-05-13 08:58:10	C31D57F7A58FACDA2671075CEBA75199	24971776	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-05-13 08:58:10	5A18ACE782C215300BE1C82D9EDC565B	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-05-13 08:57:56	ED4B980701D081AC42F7B121C1E42149	460800	----a-w-	C:\Windows\Sysnative\certcli.dll
2015-05-13 08:57:56	8AD8D17425C75D2621B2CDFE0DEABD21	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-05-13 08:56:16	71C85477DF9347FE8E7BC55768473FCA	328704	----a-w-	C:\Windows\Sysnative\services.exe
2015-05-13 08:53:58	EA8A3E8C674B03CB4AFA1D344DBD7BC1	1254400	----a-w-	C:\Windows\Sysnative\diagtrack.dll
2015-05-13 08:53:58	D449C36379EBEFD3CCDAEC328002BB5B	36864	----a-w-	C:\Windows\Sysnative\UtcResources.dll
2015-05-13 08:53:57	A985325F4FE72FB003749A2FBBA9952E	5569984	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-05-13 08:53:56	8453010B6512DAEAFC61CC0836FA137E	1728960	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-05-13 08:53:50	10D39E74B0D5011A8C199B9646579C3F	879104	----a-w-	C:\Windows\Sysnative\tdh.dll
2015-05-13 08:53:48	B01B21E15671ACD3F0AD131DC4CABFC7	879104	----a-w-	C:\Windows\Sysnative\advapi32.dll
2015-05-13 08:53:46	1C9F2F4A2C603739BD8CC8C64310AFD7	1162752	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-05-13 08:53:44	DA8B541825991F6699790E617FF0FF60	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-05-13 08:53:44	408A8232E84515E4AA819E0C95E65257	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-05-13 08:53:43	FDF1E0FD74DED0034BA6FFB665E0641E	424448	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-05-13 08:53:43	A0BCD6A64281492EFAE02AC144A335F1	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-05-13 08:53:42	EE27E1D639E3807229C15AF94320CF0A	404992	----a-w-	C:\Windows\Sysnative\tracerpt.exe
2015-05-13 08:53:42	52146DBFE253B83FAB1980AA704C7974	113664	----a-w-	C:\Windows\Sysnative\sechost.dll
2015-05-13 08:53:40	D17DD01601460F5899E5C154B3FD0BFA	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-05-13 08:53:40	9C5DBA74D0C641C2A4ABDC79969B7BEF	104448	----a-w-	C:\Windows\Sysnative\logman.exe
2015-05-13 08:53:40	0CD609B1143961F5C3BA691729A6A5DA	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-05-13 08:53:34	E55A72876BC5E244D0A8F7F07862A939	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-05-13 08:53:34	CCAB9BE9C9100C5F54A5A8F355730841	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-05-13 08:53:34	52935C072F8D5A92508AA3A3CC9133C7	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-05-13 08:53:33	DA5EF2CC0764BE7097BAFA9CAF903FE8	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-05-13 08:53:33	2292CD8500725B94B7D2E3C0C84F2D19	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-05-13 08:53:32	FE60A67032A5C94F6ACE483C8FE84105	47104	----a-w-	C:\Windows\Sysnative\typeperf.exe
2015-05-13 08:53:32	CD3770C78AFFC223A3B9D38F27B7A309	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-05-13 08:53:32	ACE24D86D2714FCC1639F890DF54951B	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-05-13 08:53:32	A3DCC3D8BB57E31EA07949313CC3A3CF	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-05-13 08:53:32	9262D6E2C239EDD6D87B080F2BCCEC9F	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-05-13 08:53:32	79F036EB691ABBA84E8EB1715E5F2B17	43008	----a-w-	C:\Windows\Sysnative\relog.exe
2015-05-13 08:53:32	4DD0098FFAB4664DB979537C48AE055F	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-05-13 08:53:32	40C5EA47D4AEC96249B09BF0C076A60C	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-05-13 08:53:31	BB7BAF9532DBA5AB4009E981687D1EA6	19456	----a-w-	C:\Windows\Sysnative\diskperf.exe
2015-05-13 08:53:30	E1B0C7042BA7B8903D60DF3885F2DFE7	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-05-13 08:53:30	8C711AF30BE3991050D0D011D92CFBE0	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-05-13 08:53:29	D2602AC48B38FA10956E32D18E7143B0	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-05-13 08:53:29	ADC2D7B5BFF277E5A9FACE6A21A24ABC	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-05-13 08:53:29	0D9BDBE780DD81757AC5AF87E8B1EBEC	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-05-13 08:53:28	50EBA6640805F6D5EF4A0DCEF2D180AB	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-05-13 08:53:26	D205305FB0E352A9D4CF922D6A016BF4	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-05-13 08:53:22	90293AAC2AB0908BFF98ADB89CEBC931	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-05-13 08:53:21	AF278DB00C43E925E58C8CA2C0CF4C71	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-05-13 08:53:21	90DC7B112F946B412C9CDC6F459F4053	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-05-13 08:53:21	7A448B8CED7F7348C36159D5CC8E19ED	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-05-13 08:51:40	E612E86FA15EA1EF9A52433A2743C447	1179136	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-05-13 08:51:39	D858C33B133740D5F1F1CF71C33F6355	3204608	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-05-13 08:51:39	490505F6E53EF046EC70A353BC9CD615	1647104	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-05-13 08:51:30	2B36E0C5C262437E1B098344DEFA55F8	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2015-05-13 08:51:29	6B0F962B1EE486FFE7BCABBC9C736976	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
2015-05-13 08:51:25	E5404072A5A9E0B452ADDF1D1339176C	2543104	----a-w-	C:\Windows\Sysnative\wpdshext.dll
2015-05-13 08:51:19	C7E50B04623FC6FF54EAF88938A8936E	142336	----a-w-	C:\Windows\Sysnative\poqexec.exe
2015-05-13 08:51:16	F55F287810AAF708618793764AF7D1BB	23552	----a-w-	C:\Windows\Sysnative\sdbinst.exe
2015-05-13 08:51:16	83BFCCAC53795E8A5055A93672D0C46C	72192	----a-w-	C:\Windows\Sysnative\aelupsvc.dll
2015-05-13 08:51:16	7E21D3072EB20D5400919D435D549A9B	6656	----a-w-	C:\Windows\Sysnative\shimeng.dll
2015-05-13 08:51:16	31D260ADAF1CCFEFC49DB9FBCE9986DA	342016	----a-w-	C:\Windows\Sysnative\apphelp.dll
====== C:\Windows\Sysnative\drivers =====
2015-05-13 08:53:41	8FE94F2EF9BF444E93E35D87E210D02F	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-05-13 08:53:40	F7DFAE6040AC910B7C64EE208A34157D	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-04-15 16:52:54	F61634BEC53F73702A10DE69F6DCAF57	754688	----a-w-	C:\Windows\Sysnative\drivers\http.sys
2015-04-15 11:06:02	4FB010DEA1028ED0A26F20D2F404210F	256992	----a-w-	C:\Windows\Sysnative\drivers\avgldx64.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-05-15 08:42:24	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-04-15 18:19:21	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Dirk\AppData\Roaming ======
2015-05-11 17:31:13	--------	d-----w-	C:\Users\Dirk\AppData\Roaming\AVG2015
2015-05-11 17:28:03	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015
2015-05-11 17:27:22	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015
2015-05-11 17:27:21	--------	d-----w-	C:\Users\Dirk\AppData\Roaming\TuneUp Software
2015-05-11 17:24:50	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015
2015-05-11 17:21:27	--------	d-----w-	C:\Users\Dirk\AppData\Local\Avg2015
2015-05-11 09:38:42	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\TEMP\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\TEMP.Dirk-PC\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\Public\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\Dirk\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\Dirk 2\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-05-11 09:38:42	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
====== C:\Users\Dirk ======
2015-05-15 08:31:23	EDD9003275DB08B8B4C131F5D934C99F	561760	----a-w-	C:\Users\Dirk\Downloads\JavaSetup8u45.exe
2015-05-14 08:45:20	24B463CCAA6D911EE1A149FCD0418E9A	88551496	----a-w-	C:\Users\Dirk\Downloads\avast_free_antivirus_setup.exe
2015-05-13 18:00:34	13B42954AB9766959FD42E70588C4F05	5499960	----a-w-	C:\Users\Dirk\Downloads\avast_free_antivirus_setup_online.exe
2015-05-13 09:00:37	EF8554FD1FAAB93BACD3210614340D63	2349664	----a-w-	C:\Users\Dirk\Downloads\VASCOSmartCardReaderPlugin.exe
2015-05-12 16:41:44	FEC2F27B4177267AE6CD92D71A42FCC1	45874680	----a-w-	C:\Users\Dirk\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853.exe
2015-05-11 17:25:05	--------	d-----w-	C:\ProgramData\AVG2015
2015-04-15 18:19:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==
2015-05-15 08:47:21	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Install\{70A46758-0F77-4FC9-9031-64F46F07BA35}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
2015-05-15 08:47:21	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.152\42.0.2311.152_42.0.2311.135_chrome_updater.exe
2015-05-15 08:41:25	EED888394AC81A663F12C6EC43AB2838	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-05-15 08:41:25	4586CD8F1C929EF184098A22FE31A857	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-05-15 08:41:25	1E2E159D0621A466CFA7CE06E4DA9CAE	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-05-15 08:41:19	FF589C55E0CB6A0A1BD9570217BB1A42	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe
2015-05-15 08:41:19	FD8978875A992C876AF430B35DF9CFA7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe
2015-05-15 08:41:19	F16868F20E4701142FAEF8C9FA847D27	30304	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe
2015-05-15 08:41:19	EF66D96BC42BCE52686A7635AB11D8DD	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
2015-05-15 08:41:19	EED888394AC81A663F12C6EC43AB2838	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
2015-05-15 08:41:19	D3DA34876B7F6D06D26D29CA77BD25A2	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe
2015-05-15 08:41:19	CF683290B3369A1491A5B8B4D19F79B3	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe
2015-05-15 08:41:19	C57CA849D13177E1F43CFEF51374F1EE	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe
2015-05-15 08:41:19	B66ED84383EA6C6218CA47BC49C15615	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe
2015-05-15 08:41:19	A1A1BC927541346D840BBB511F557848	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe
2015-05-15 08:41:19	98903A3C01AA820E7FCC19A0A60126C0	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe
2015-05-15 08:41:19	88FFC43B0E3BB3E30F70CB7B08D499B4	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe
2015-05-15 08:41:19	5DF39BE82C777B7EDAD34E3A7A7EADB7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe
2015-05-15 08:41:19	4EA6A4DD2EB584C4C2BF39A9A7D0D580	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe
2015-05-15 08:41:19	4586CD8F1C929EF184098A22FE31A857	271968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe
2015-05-15 08:41:19	3C0A1F0D13A8998E9A1825A853FF3B39	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe
2015-05-15 08:41:19	2682BB5D60C30DCB5A2BC414D01D6764	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-05-15 08:41:19	1F29E31C6B9A487FF32006C4E223BA4F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe
2015-05-15 08:41:19	1E2E159D0621A466CFA7CE06E4DA9CAE	190560	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe
2015-05-15 08:41:19	1CCD26E1E9FC582ABAA5D5FD1FA47A6B	76384	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-05-15 08:41:19	134D4B0A753808F8F8645DCF3FA00173	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe
2015-05-15 08:31:23	EDD9003275DB08B8B4C131F5D934C99F	561760	----a-w-	C:\Users\Dirk\Downloads\JavaSetup8u45.exe
2015-05-15 08:29:59	84A0F049DF8F19BDA8E7DDCCC39D8972	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-462824799-3137052604-784381099-1002\$IY3ZTDQ.exe
2015-05-15 08:23:26	DD370A8148862150BA81A3F5C56A1E40	148080	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
2015-05-14 08:45:20	24B463CCAA6D911EE1A149FCD0418E9A	88551496	----a-w-	C:\Users\Dirk\Downloads\avast_free_antivirus_setup.exe
2015-05-13 18:00:34	13B42954AB9766959FD42E70588C4F05	5499960	----a-w-	C:\Users\Dirk\Downloads\avast_free_antivirus_setup_online.exe
2015-05-13 09:00:37	EF8554FD1FAAB93BACD3210614340D63	2349664	----a-w-	C:\Users\Dirk\Downloads\VASCOSmartCardReaderPlugin.exe
2015-05-13 08:58:18	9DCD15027A13195ABA68B40A5EB26691	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-05-13 08:58:17	5EDC6AF7589B65C89CB1154B3377D0C4	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-05-13 08:58:17	4B3D652AACEE4FE636F74CB8015BF00E	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-05-13 08:58:15	EC75F14CC85659C780A0DC575F7B1242	815304	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-05-13 08:58:15	A2A98DBD9E13B81AB68FB6A699A157CB	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-05-13 08:58:15	2AA6685FC67CDD231BA0345112DFEE89	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-05-13 08:58:15	2A2CDE78F9E9019AD0E4D804A02688A3	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-13 08:58:15	1BBC9CFD29A62D80FB77BB69BFF7513C	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 08:58:14	CDBB6EFC96D0567951A13A6ABDCA1FDE	484864	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-05-13 08:58:13	ABE6FDB01D22FD63BB190BF95F5BC9B6	813776	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-05-13 08:58:13	29BBA65402DD568F49C837533F269482	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-05-13 08:56:16	71C85477DF9347FE8E7BC55768473FCA	328704	----a-w-	C:\Windows\System32\services.exe
2015-05-13 08:53:57	A985325F4FE72FB003749A2FBBA9952E	5569984	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-05-13 08:53:50	8D50ED3F0FBE3590AB0D43BF7B60E57A	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 08:53:50	0A66C88B087249742381924AB8F9EFCC	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 08:53:42	EE27E1D639E3807229C15AF94320CF0A	404992	----a-w-	C:\Windows\System32\tracerpt.exe
2015-05-13 08:53:42	EB058143B57ED460AC4F2DFBA104BBFF	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 08:53:40	9C5DBA74D0C641C2A4ABDC79969B7BEF	104448	----a-w-	C:\Windows\System32\logman.exe
2015-05-13 08:53:34	E55A72876BC5E244D0A8F7F07862A939	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-05-13 08:53:34	C6D2D384B6232B0B800234C03C50979F	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-05-13 08:53:34	52935C072F8D5A92508AA3A3CC9133C7	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-05-13 08:53:33	DA5EF2CC0764BE7097BAFA9CAF903FE8	112640	----a-w-	C:\Windows\System32\smss.exe
2015-05-13 08:53:32	FE60A67032A5C94F6ACE483C8FE84105	47104	----a-w-	C:\Windows\System32\typeperf.exe
2015-05-13 08:53:32	97B30711DC6CA0EA4EACEDCE8080A3B4	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-05-13 08:53:32	9262D6E2C239EDD6D87B080F2BCCEC9F	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-05-13 08:53:32	79F036EB691ABBA84E8EB1715E5F2B17	43008	----a-w-	C:\Windows\System32\relog.exe
2015-05-13 08:53:32	74C0EC1257698176E288DA282F318E1C	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-05-13 08:53:32	4DD0098FFAB4664DB979537C48AE055F	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-05-13 08:53:31	D9E25B4BD2120CC5183CCCE9421C7AFE	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-05-13 08:53:31	BB7BAF9532DBA5AB4009E981687D1EA6	19456	----a-w-	C:\Windows\System32\diskperf.exe
2015-05-13 08:53:31	AFFE5747054D03F8CEE18A8518A9AA34	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-05-13 08:53:30	F286528898342F0F1EB402606750C391	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-05-13 08:53:23	F43CB86F9536B17E5C7CFCFB48ACBE54	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-05-13 08:53:22	D9716B488CC27652C12B1B5E0944987E	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-05-13 08:51:30	D5E35700566B225CBF8ECD7F92C460C8	2164224	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2015-05-13 08:51:29	0DBC9BB05703CA0D8792E2075D62B3C3	51200	----a-w-	C:\Program Files\Windows Journal\PDIALOG.exe
2015-05-13 08:51:20	C489D8B4D8C64F20CC75A93F541F7D91	123904	----a-w-	C:\Windows\SysWOW64\poqexec.exe
2015-05-13 08:51:19	C7E50B04623FC6FF54EAF88938A8936E	142336	----a-w-	C:\Windows\System32\poqexec.exe
2015-05-13 08:51:16	F55F287810AAF708618793764AF7D1BB	23552	----a-w-	C:\Windows\System32\sdbinst.exe
2015-05-13 08:51:16	715C060150D969B0DE5DD5B365A712AF	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 16:41:44	FEC2F27B4177267AE6CD92D71A42FCC1	45874680	----a-w-	C:\Users\Dirk\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853.exe
2015-05-12 16:22:31	FDCF03208012026400DA8626656983F8	298096	----a-w-	C:\Users\Dirk\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe
2015-05-11 09:00:16	F68A5507E37C1FC1C17F6B1A6BFF582E	1308672	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-462824799-3137052604-784381099-1002\$RY3ZTDQ.exe
=== C: other files ==
2015-05-15 08:41:19	5DDC15149346900F16B38C65502BACA9	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip
2015-05-13 08:53:41	8FE94F2EF9BF444E93E35D87E210D02F	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-05-13 08:53:40	F7DFAE6040AC910B7C64EE208A34157D	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-05-13 08:51:39	D858C33B133740D5F1F1CF71C33F6355	3204608	----a-w-	C:\Windows\System32\win32k.sys
2015-05-11 17:26:08	61A7E0B02F82CFF3DB2445BBE50B3589	24144	----a-w-	C:\Program Files (x86)\AVG\AVG2015\Drivers\avgidsfilterx.sys
2015-05-11 17:26:08	0F293406F64B48D5D2F0D3A1117F3A83	29776	----a-w-	C:\Program Files (x86)\AVG\AVG2015\Drivers\avgidsfiltera.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"PPort12reminder"="C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s"
"TrayServer"="C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcSoft Connection Service"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrStsMon00]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BrStsMon00"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter4]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ControlCenter4"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IndexSearch"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PaperPort PTD"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PC Suite Tray"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF5 Registry Controller]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDF5 Registry Controller"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDFHook]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDFHook"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SymphonyPreLoad]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SymphonyPreLoad"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IBM\\Lotus\\Symphony\\framework\\shared\\eclipse\\plugins\\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\\IBM Lotus Symphony\" -nogui -nosplash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""


==== Startup Folders ======================

2015-02-12 09:33:38	1135	----a-w-	C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-01-31 18:50:58	1300	----a-w-	C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2013-02-28 09:22:25	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15/04/2015 19:41]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA.job --a------ C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe [06/08/2012 19:27]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/10/2014 11:28]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Registration Trigger IBM Lotus Symphony Task" [C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe]
"C:\Windows\SysNative\tasks\{0F149FCB-27FD-47FC-922C-1532BED19E87}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{25A9E8EC-8939-4E61-86D6-1774133BC7E8}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{4666BE53-331E-40A3-A3A3-CBFE04293AD6}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{663700EA-3034-1400-0A55-9177391EF801}" [C:\Users\Dirk\AppData\Roaming\raOLYQtH\dvAKIHAm\DViFzICi\oSIIWwOKX.exe]
"C:\Windows\SysNative\tasks\{71B44408-363F-4BCB-8943-1D25D40E036A}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{9E18404F-CACC-4243-BE17-DE6F5D38E8D2}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{AC56546B-526C-4297-A8FC-9670BF7B3764}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{B305BF8E-3081-4888-8652-590E4040904C}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{D633FEBC-526C-41F1-BA76-2427BDF84EF3}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=mcafee&p=");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"adapter@gingersoftware.com"="C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com" [20/10/2014 11:59]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [28/02/2013 11:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
- Ginger - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com
- Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

ProfilePath: C:\Users\Dirk\AppData\Roaming\TomTom\HOME\Profiles\8iyol1o0.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Ginger - %AppDir%\extensions\adapter@gingersoftware.com
- Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies
F475DAA3CF6D19DA49BE7BAC0A966DB3	- C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director
9AE02005247DA91AB1743F5208DBEF76	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll -	Shockwave Flash
CAF78E18A9E1380A0A38065B3B1210E0	- C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\Dirk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
1CDD28B47D8198F868349BDFBCD1281B	- C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll -	VASCO Card Reader Plugin


==== Chromium Look ======================

Google Chrome Version: 42.0.2311.152

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45]

Google Docs - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Skype Click to Call - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE",
"startup_urls": [ "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393BE460"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Dirk 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dirk 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\TEMP.Dirk-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dirk\AppData\Local\Mozilla\Firefox\Profiles\nnehaohk.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1552 folders=183 211190111 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Dirk\AppData\Local\Temp will be emptied at reboot
C:\Users\Dirk 2\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Users\TEMP.Dirk-PC\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dirk\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 15/05/2015 at 11:27:33,96 ======================