
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Luc on za 16/05/2015 at 18:10:00,34.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Luc\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\44Q8HVDJ\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

16/05/2015 18:12:13 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4178574797-3882295203-3221447600-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_USERS\S-1-5-21-4178574797-3882295203-3221447600-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c0caa5fe-7c9c-4dca-a265-63cf55379d1a} deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\ilividbandoomoviestoolbar deleted
C:\ProgramData\Datamngr deleted
"C:\windows\SysNative\REN91E2.tmp" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Luc\AppData\Local\Temp ====
2015-05-14 12:40:38	C5182F64BC772A34AEA77FB19025656C	1792712	----a-w-	C:\Users\Luc\AppData\Local\Temp\MoviesAppHelper.DLL
====== Java Cache =====
2015-05-14 19:40:38	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Luc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-707c88f7
2015-05-14 19:40:46	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Luc\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\47c58863-7ea40865
====== C:\Windows\SysWOW64 =====
2015-05-13 01:03:49	858EB73F68B20A2A5C66B6C000D1C0DD	102608	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:10:08	D0CA74BE380498A0111A73EB9C76CF8F	342016	----a-w-	C:\Windows\SysWOW64\certcli.dll
2015-05-12 20:10:08	2665A3D34D1C62DF303723422215B001	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-05-12 20:09:51	CFCB89C0FE8EF502A7934C0D20E5DBD6	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 20:09:51	C3120D99E6DA7878A1DD2D88138AC60A	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-05-12 20:09:51	C2EB0AA5570CF8BC881B36EE55A59337	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 20:09:51	C1A32612710492D0C3339E46EC15E333	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-05-12 20:09:51	AA2F2D55DEF98007839D0189D721D70B	1310208	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-05-12 20:09:51	9025CA7BCD6B7956366FC90B3D6E3933	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 20:09:51	8C00AB01B1BC1E2F69765776BBC5A5D1	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 20:09:51	7B4FA4B41FBDBB12C5038FCB6E6652AA	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 20:09:51	746BBC86351D07859D8B40056447F7B2	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 20:09:51	6388FC82897DDDA607BBE3580D75AE15	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 20:09:50	E993B5E929F46A52E9F4EB68A7855CDF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-05-12 20:09:50	D74445161E58644309F858342F5E265C	19691008	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-05-12 20:09:50	63A2E3E9C771B1D4D7D84942D6FCB661	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 20:09:50	28313FF0DE83EAD8F5EF1B963D9078C3	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 20:09:50	136687227F11CE928CB05F4FD90319AC	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 20:09:49	F2DB87F164BC13AB8EF90FBF5D866B65	664576	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-05-12 20:09:49	CC4974FCF9387F32A0FF87BCE093A5AD	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 20:09:49	C525258A00ECFB4CE089F54C163268C3	2278400	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-05-12 20:09:49	BCFA71A878903B5F92A7AFEFCCC5CA97	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-05-12 20:09:49	5AAC24BF6C4A54DA526CC6244DEBE227	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 20:09:49	3CE5DE0730C22A54FE783DB8A989E8BD	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 20:09:49	1BBC9CFD29A62D80FB77BB69BFF7513C	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 20:09:49	0E22CD36FC3292CB812CC46CBCFD8444	12828672	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-05-12 20:09:48	CB5F450D21B9D76B7F01D006E4AEDB40	1882112	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-05-12 20:09:48	6E2B4875B968324E5844F35A37A79260	4305920	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-05-12 20:09:48	1C5C5B5EF9CFDFC897D4549A2385DB3A	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 20:09:47	37625FC1DAF886F1980E2D8F315B93AC	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-05-12 20:09:47	07E82A31808C8BC053D1DE547082C58F	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-05-12 20:08:35	8D50ED3F0FBE3590AB0D43BF7B60E57A	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 20:08:34	D0F574320615303ADECDCB452EBB8930	635392	----a-w-	C:\Windows\SysWOW64\tdh.dll
2015-05-12 20:08:34	A44680B810977EA64E280523E96F2EA9	1310744	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-05-12 20:08:34	7A5824DC9A85FCE4334F57FF0795853E	641536	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2015-05-12 20:08:34	1569F20BB9DB9FDC87A6D3C8A3726ABF	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-05-12 20:08:34	0A66C88B087249742381924AB8F9EFCC	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 20:08:33	EB058143B57ED460AC4F2DFBA104BBFF	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 20:08:33	8C45A65ED20B487085B79EEFCC08D160	92160	----a-w-	C:\Windows\SysWOW64\sechost.dll
2015-05-12 20:08:33	54A01CC4BC47B31C5CD082D064AB37BC	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-05-12 20:08:32	FCB1C8345C794FE89ABA03B4CA3131BB	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 20:08:32	F286528898342F0F1EB402606750C391	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-05-12 20:08:32	D9E25B4BD2120CC5183CCCE9421C7AFE	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-05-12 20:08:32	C6D2D384B6232B0B800234C03C50979F	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-05-12 20:08:32	AFFE5747054D03F8CEE18A8518A9AA34	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-05-12 20:08:32	ABA025664F9F42C568B2C022AADCB18F	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-05-12 20:08:32	99A508910BB06DFBE99D9AF7D6B4E950	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-05-12 20:08:32	97B30711DC6CA0EA4EACEDCE8080A3B4	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-05-12 20:08:32	850F756363237A2EB069B9B25EF8BEC3	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-05-12 20:08:32	7F99900705E249E9D5C55E490B7D076E	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-05-12 20:08:32	79AF005633B7E41B7A194A7E7B9D3D93	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-05-12 20:08:32	74C0EC1257698176E288DA282F318E1C	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-05-12 20:08:32	66D6A06936088E412E29A182679F0D71	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 20:08:32	3346701038E55BD366F3D5CE31F55483	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-05-12 20:08:32	0B6E937863837BA3383E9CE9200DDF1E	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 20:08:31	F43CB86F9536B17E5C7CFCFB48ACBE54	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-05-12 20:08:31	D9716B488CC27652C12B1B5E0944987E	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-05-12 20:08:31	9638DA21E965E23C85C4319F3F66D824	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-05-12 20:08:31	86B2AC15999BB4F8B5C84AB6154A1783	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-05-12 20:08:31	741DB93796E7D4F3F804C13537FB40F4	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-05-12 20:08:31	6BB13D5E12C5C4D829C1D640DF269EA0	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-05-12 20:08:30	D079A408CC3E22A09D1260A6F18FC0FD	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-05-12 20:08:30	BF9BB4113E9FCDABD4C703DDD06293F3	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-05-12 20:08:14	C22AB1781BC6F0BB1C9B352CF66DBFFC	1250816	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-05-12 20:08:12	418AEC0CE89A13200F2820079B9CDFD9	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
2015-05-12 20:08:10	744AB3C1A73A57DEED49D631F1BDEA1D	2311168	----a-w-	C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 20:08:08	C489D8B4D8C64F20CC75A93F541F7D91	123904	----a-w-	C:\Windows\SysWOW64\poqexec.exe
2015-05-12 20:08:07	DCA2C6E7990771209CDD8E9DA90ED0E2	5120	----a-w-	C:\Windows\SysWOW64\shimeng.dll
2015-05-12 20:08:07	D3E8C7FADB758E5D222C639CC65790AD	295936	----a-w-	C:\Windows\SysWOW64\apphelp.dll
2015-05-12 20:08:07	715C060150D969B0DE5DD5B365A712AF	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-05-13 01:03:49	189FB45D7442083AE8A2E4E612233EF7	124112	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:10:09	8AD8D17425C75D2621B2CDFE0DEABD21	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-05-12 20:10:08	ED4B980701D081AC42F7B121C1E42149	460800	----a-w-	C:\Windows\Sysnative\certcli.dll
2015-05-12 20:09:51	E802824B9B4A16355A5233A7B8215ECE	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-05-12 20:09:51	9DCD15027A13195ABA68B40A5EB26691	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-05-12 20:09:51	70EDB996FE1BCB699232A15CB0D0FA32	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-05-12 20:09:51	6D2787CD32595A91969502A399E7BA48	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-05-12 20:09:51	5EDC6AF7589B65C89CB1154B3377D0C4	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-05-12 20:09:51	1122DD841CCB7E07EF41039CBD66A29E	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-05-12 20:09:50	D7B9EEF960F68DC18724BB5F89A464DD	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-05-12 20:09:49	F28577138120BA7E5423820D4B4C4727	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-05-12 20:09:49	ED4EB5A0CDD251A17B946C515CB94D70	1547264	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-05-12 20:09:49	EB9FCD39D65E23380CB2C2F0E6F2ED53	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-05-12 20:09:49	E20B5098C8707B2CF0858024568234FF	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-05-12 20:09:49	2A2CDE78F9E9019AD0E4D804A02688A3	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-05-12 20:09:49	010F562B961AB8CAEC7A0C72F8FDD690	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-05-12 20:09:48	F918BE3C5ACA0B6485D725CC1A5348DC	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-05-12 20:09:48	B85ECB91C88F6E74045061B7F7DDEFA2	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-05-12 20:09:48	843D063E75B19188759CBEC82828BCB1	2885120	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-05-12 20:09:48	49B1935F131A44CD29857D6900CB643F	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-05-12 20:09:47	E061B5A1D0F9BBACA41149201ADF4A3B	14401536	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-05-12 20:09:47	CA0369799519F33DDE8FD26F5D87D014	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-05-12 20:09:47	29BBA65402DD568F49C837533F269482	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-05-12 20:09:47	1D610F215769E4FF56C7B1847DE4B86D	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-05-12 20:09:47	0B4E78E6E65D1FD2CE55C93CF1EFD623	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-05-12 20:09:46	FFC30231459FC44FD73E07532C707791	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-05-12 20:09:46	F0289B3A341429117696F0279DA977B6	2352128	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-05-12 20:09:46	DC1200D3C3AC1E69A4DAD053BC26BF0D	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-05-12 20:09:46	C1D6BD834E69E8F77C8B4DDFCEE073F6	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-05-12 20:09:46	79A4C71CD8B610DE9F66B72B5654C450	6025728	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-05-12 20:09:46	63061A0826839DE8F5B4713976C99F1B	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-05-12 20:09:46	1921A72BF1273BED72E569EF1F1A0611	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-05-12 20:09:45	F2A1718334172C0F4E231E998F6CB8AB	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-05-12 20:09:45	C31D57F7A58FACDA2671075CEBA75199	24971776	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-05-12 20:09:45	5A18ACE782C215300BE1C82D9EDC565B	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-05-12 20:08:40	71C85477DF9347FE8E7BC55768473FCA	328704	----a-w-	C:\Windows\Sysnative\services.exe
2015-05-12 20:08:35	EA8A3E8C674B03CB4AFA1D344DBD7BC1	1254400	----a-w-	C:\Windows\Sysnative\diagtrack.dll
2015-05-12 20:08:35	D449C36379EBEFD3CCDAEC328002BB5B	36864	----a-w-	C:\Windows\Sysnative\UtcResources.dll
2015-05-12 20:08:35	A985325F4FE72FB003749A2FBBA9952E	5569984	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-05-12 20:08:35	8453010B6512DAEAFC61CC0836FA137E	1728960	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-05-12 20:08:34	DA8B541825991F6699790E617FF0FF60	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-05-12 20:08:34	B01B21E15671ACD3F0AD131DC4CABFC7	879104	----a-w-	C:\Windows\Sysnative\advapi32.dll
2015-05-12 20:08:34	408A8232E84515E4AA819E0C95E65257	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-05-12 20:08:34	1C9F2F4A2C603739BD8CC8C64310AFD7	1162752	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-05-12 20:08:34	10D39E74B0D5011A8C199B9646579C3F	879104	----a-w-	C:\Windows\Sysnative\tdh.dll
2015-05-12 20:08:33	FDF1E0FD74DED0034BA6FFB665E0641E	424448	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-05-12 20:08:33	EE27E1D639E3807229C15AF94320CF0A	404992	----a-w-	C:\Windows\Sysnative\tracerpt.exe
2015-05-12 20:08:33	E55A72876BC5E244D0A8F7F07862A939	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-05-12 20:08:33	D17DD01601460F5899E5C154B3FD0BFA	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-05-12 20:08:33	CCAB9BE9C9100C5F54A5A8F355730841	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-05-12 20:08:33	A0BCD6A64281492EFAE02AC144A335F1	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-05-12 20:08:33	9C5DBA74D0C641C2A4ABDC79969B7BEF	104448	----a-w-	C:\Windows\Sysnative\logman.exe
2015-05-12 20:08:33	52146DBFE253B83FAB1980AA704C7974	113664	----a-w-	C:\Windows\Sysnative\sechost.dll
2015-05-12 20:08:33	0CD609B1143961F5C3BA691729A6A5DA	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-05-12 20:08:32	FE60A67032A5C94F6ACE483C8FE84105	47104	----a-w-	C:\Windows\Sysnative\typeperf.exe
2015-05-12 20:08:32	E1B0C7042BA7B8903D60DF3885F2DFE7	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-05-12 20:08:32	DA5EF2CC0764BE7097BAFA9CAF903FE8	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-05-12 20:08:32	D2602AC48B38FA10956E32D18E7143B0	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-05-12 20:08:32	CD3770C78AFFC223A3B9D38F27B7A309	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-05-12 20:08:32	BB7BAF9532DBA5AB4009E981687D1EA6	19456	----a-w-	C:\Windows\Sysnative\diskperf.exe
2015-05-12 20:08:32	ADC2D7B5BFF277E5A9FACE6A21A24ABC	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-05-12 20:08:32	ACE24D86D2714FCC1639F890DF54951B	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-05-12 20:08:32	A3DCC3D8BB57E31EA07949313CC3A3CF	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-05-12 20:08:32	9262D6E2C239EDD6D87B080F2BCCEC9F	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-05-12 20:08:32	8C711AF30BE3991050D0D011D92CFBE0	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-05-12 20:08:32	79F036EB691ABBA84E8EB1715E5F2B17	43008	----a-w-	C:\Windows\Sysnative\relog.exe
2015-05-12 20:08:32	52935C072F8D5A92508AA3A3CC9133C7	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-05-12 20:08:32	50EBA6640805F6D5EF4A0DCEF2D180AB	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-05-12 20:08:32	4DD0098FFAB4664DB979537C48AE055F	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-05-12 20:08:32	40C5EA47D4AEC96249B09BF0C076A60C	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-05-12 20:08:32	2292CD8500725B94B7D2E3C0C84F2D19	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-05-12 20:08:32	0D9BDBE780DD81757AC5AF87E8B1EBEC	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-05-12 20:08:31	D205305FB0E352A9D4CF922D6A016BF4	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-05-12 20:08:31	AF278DB00C43E925E58C8CA2C0CF4C71	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-05-12 20:08:31	90293AAC2AB0908BFF98ADB89CEBC931	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-05-12 20:08:30	90DC7B112F946B412C9CDC6F459F4053	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-05-12 20:08:30	7A448B8CED7F7348C36159D5CC8E19ED	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-05-12 20:08:15	E612E86FA15EA1EF9A52433A2743C447	1179136	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-05-12 20:08:15	D858C33B133740D5F1F1CF71C33F6355	3204608	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-05-12 20:08:15	490505F6E53EF046EC70A353BC9CD615	1647104	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-05-12 20:08:12	6B0F962B1EE486FFE7BCABBC9C736976	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
2015-05-12 20:08:12	2B36E0C5C262437E1B098344DEFA55F8	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2015-05-12 20:08:10	E5404072A5A9E0B452ADDF1D1339176C	2543104	----a-w-	C:\Windows\Sysnative\wpdshext.dll
2015-05-12 20:08:08	C7E50B04623FC6FF54EAF88938A8936E	142336	----a-w-	C:\Windows\Sysnative\poqexec.exe
2015-05-12 20:08:07	F55F287810AAF708618793764AF7D1BB	23552	----a-w-	C:\Windows\Sysnative\sdbinst.exe
2015-05-12 20:08:07	83BFCCAC53795E8A5055A93672D0C46C	72192	----a-w-	C:\Windows\Sysnative\aelupsvc.dll
2015-05-12 20:08:07	7E21D3072EB20D5400919D435D549A9B	6656	----a-w-	C:\Windows\Sysnative\shimeng.dll
2015-05-12 20:08:07	31D260ADAF1CCFEFC49DB9FBCE9986DA	342016	----a-w-	C:\Windows\Sysnative\apphelp.dll
====== C:\Windows\Sysnative\drivers =====
2015-05-12 20:08:33	F7DFAE6040AC910B7C64EE208A34157D	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-05-12 20:08:33	8FE94F2EF9BF444E93E35D87E210D02F	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-05-16 09:46:11	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-05-14 19:40:20	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Luc\AppData\Roaming ======
2015-05-14 12:41:01	--------	d-----w-	C:\Users\Luc\AppData\Local\ilividbandoomoviestoolbar
2015-05-14 12:40:51	--------	d-----w-	C:\Users\Luc\AppData\Locallow\ilividbandoomoviestoolbar
====== C:\Users\Luc ======
2015-05-16 09:43:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Luc\Desktop\RSITx64.exe

====== C: exe-files ==
2015-05-16 09:46:14	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Luc.exe
2015-05-16 09:43:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Luc\Desktop\RSITx64.exe
2015-05-14 19:36:40	FF589C55E0CB6A0A1BD9570217BB1A42	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe
2015-05-14 19:36:40	FD8978875A992C876AF430B35DF9CFA7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe
2015-05-14 19:36:40	D3DA34876B7F6D06D26D29CA77BD25A2	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe
2015-05-14 19:36:40	C57CA849D13177E1F43CFEF51374F1EE	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe
2015-05-14 19:36:40	B66ED84383EA6C6218CA47BC49C15615	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe
2015-05-14 19:36:40	A1A1BC927541346D840BBB511F557848	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe
2015-05-14 19:36:40	98903A3C01AA820E7FCC19A0A60126C0	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe
2015-05-14 19:36:40	5DF39BE82C777B7EDAD34E3A7A7EADB7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe
2015-05-14 19:36:40	2682BB5D60C30DCB5A2BC414D01D6764	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-05-14 19:36:40	1F29E31C6B9A487FF32006C4E223BA4F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe
2015-05-14 19:36:40	134D4B0A753808F8F8645DCF3FA00173	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe
2015-05-14 19:36:39	F16868F20E4701142FAEF8C9FA847D27	30304	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe
2015-05-14 19:36:39	EF66D96BC42BCE52686A7635AB11D8DD	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
2015-05-14 19:36:39	EED888394AC81A663F12C6EC43AB2838	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
2015-05-14 19:36:39	CF683290B3369A1491A5B8B4D19F79B3	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe
2015-05-14 19:36:39	88FFC43B0E3BB3E30F70CB7B08D499B4	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe
2015-05-14 19:36:39	4EA6A4DD2EB584C4C2BF39A9A7D0D580	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe
2015-05-14 19:36:39	4586CD8F1C929EF184098A22FE31A857	271968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe
2015-05-14 19:36:39	3C0A1F0D13A8998E9A1825A853FF3B39	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe
2015-05-14 19:36:39	1E2E159D0621A466CFA7CE06E4DA9CAE	190560	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe
2015-05-14 19:36:39	1CCD26E1E9FC582ABAA5D5FD1FA47A6B	76384	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-05-14 12:47:29	3E15DEE3A8AD7F73ED4B1E8F8E6FFBD3	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4178574797-3882295203-3221447600-1002\$IFHPL9D.exe
2015-05-14 12:39:21	4465C1D6D773326697011D1B95120BC1	1712640	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4178574797-3882295203-3221447600-1002\$RFHPL9D.exe
2015-05-13 05:42:45	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Install\{1D5A2CDF-EF32-4F6D-8748-C05122CA9616}\42.0.2311.152_42.0.2311.135_chrome_updater.exe
2015-05-13 05:42:45	D308FEE17FBACB94C2E27067AE2C57A6	1044048	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.152\42.0.2311.152_42.0.2311.135_chrome_updater.exe
2015-05-12 20:09:51	9DCD15027A13195ABA68B40A5EB26691	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-05-12 20:09:51	5EDC6AF7589B65C89CB1154B3377D0C4	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-05-12 20:09:51	4B3D652AACEE4FE636F74CB8015BF00E	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-05-12 20:09:50	A2A98DBD9E13B81AB68FB6A699A157CB	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-05-12 20:09:50	2AA6685FC67CDD231BA0345112DFEE89	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-05-12 20:09:49	EC75F14CC85659C780A0DC575F7B1242	815304	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-05-12 20:09:49	2A2CDE78F9E9019AD0E4D804A02688A3	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-05-12 20:09:49	1BBC9CFD29A62D80FB77BB69BFF7513C	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 20:09:48	CDBB6EFC96D0567951A13A6ABDCA1FDE	484864	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-05-12 20:09:48	ABE6FDB01D22FD63BB190BF95F5BC9B6	813776	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-05-12 20:09:47	29BBA65402DD568F49C837533F269482	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-05-12 20:08:40	71C85477DF9347FE8E7BC55768473FCA	328704	----a-w-	C:\Windows\System32\services.exe
2015-05-12 20:08:35	A985325F4FE72FB003749A2FBBA9952E	5569984	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-05-12 20:08:35	8D50ED3F0FBE3590AB0D43BF7B60E57A	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 20:08:34	0A66C88B087249742381924AB8F9EFCC	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 20:08:33	EE27E1D639E3807229C15AF94320CF0A	404992	----a-w-	C:\Windows\System32\tracerpt.exe
2015-05-12 20:08:33	EB058143B57ED460AC4F2DFBA104BBFF	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 20:08:33	E55A72876BC5E244D0A8F7F07862A939	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-05-12 20:08:33	9C5DBA74D0C641C2A4ABDC79969B7BEF	104448	----a-w-	C:\Windows\System32\logman.exe
2015-05-12 20:08:32	FE60A67032A5C94F6ACE483C8FE84105	47104	----a-w-	C:\Windows\System32\typeperf.exe
2015-05-12 20:08:32	F286528898342F0F1EB402606750C391	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-05-12 20:08:32	DA5EF2CC0764BE7097BAFA9CAF903FE8	112640	----a-w-	C:\Windows\System32\smss.exe
2015-05-12 20:08:32	D9E25B4BD2120CC5183CCCE9421C7AFE	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-05-12 20:08:32	C6D2D384B6232B0B800234C03C50979F	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-05-12 20:08:32	BB7BAF9532DBA5AB4009E981687D1EA6	19456	----a-w-	C:\Windows\System32\diskperf.exe
2015-05-12 20:08:32	AFFE5747054D03F8CEE18A8518A9AA34	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-05-12 20:08:32	97B30711DC6CA0EA4EACEDCE8080A3B4	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-05-12 20:08:32	9262D6E2C239EDD6D87B080F2BCCEC9F	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-05-12 20:08:32	79F036EB691ABBA84E8EB1715E5F2B17	43008	----a-w-	C:\Windows\System32\relog.exe
2015-05-12 20:08:32	74C0EC1257698176E288DA282F318E1C	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-05-12 20:08:32	52935C072F8D5A92508AA3A3CC9133C7	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-05-12 20:08:32	4DD0098FFAB4664DB979537C48AE055F	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-05-12 20:08:31	F43CB86F9536B17E5C7CFCFB48ACBE54	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-05-12 20:08:31	D9716B488CC27652C12B1B5E0944987E	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-05-12 20:08:12	D5E35700566B225CBF8ECD7F92C460C8	2164224	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2015-05-12 20:08:12	0DBC9BB05703CA0D8792E2075D62B3C3	51200	----a-w-	C:\Program Files\Windows Journal\PDIALOG.exe
2015-05-12 20:08:08	C7E50B04623FC6FF54EAF88938A8936E	142336	----a-w-	C:\Windows\System32\poqexec.exe
2015-05-12 20:08:08	C489D8B4D8C64F20CC75A93F541F7D91	123904	----a-w-	C:\Windows\SysWOW64\poqexec.exe
2015-05-12 20:08:07	F55F287810AAF708618793764AF7D1BB	23552	----a-w-	C:\Windows\System32\sdbinst.exe
2015-05-12 20:08:07	715C060150D969B0DE5DD5B365A712AF	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
=== C: other files ==
2015-05-14 19:36:40	5DDC15149346900F16B38C65502BACA9	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip
2015-05-14 08:20:56	0D9F9B35EC338868E0F0CCE3D008132B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4178574797-3882295203-3221447600-1002\$IKPH6V8.zip
2015-05-14 06:43:42	A29DB7C55063FA659E3DAA2316B5A5CE	39698714	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-4178574797-3882295203-3221447600-1002\$RKPH6V8.zip
2015-05-12 20:08:33	F7DFAE6040AC910B7C64EE208A34157D	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-05-12 20:08:33	8FE94F2EF9BF444E93E35D87E210D02F	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-05-12 20:08:15	D858C33B133740D5F1F1CF71C33F6355	3204608	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4178574797-3882295203-3221447600-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"EPSON SX410 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU C:\Windows\TEMP\E_S560D.tmp /EF HKCU"
"AshSnap"="C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe"
"Spotify Web Helper"="C:\Users\Luc\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Spotify"="C:\Users\Luc\AppData\Roaming\Spotify\Spotify.exe -autostart"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"EPSON SX410 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU C:\Windows\TEMP\E_S560D.tmp /EF HKCU"
"AshSnap"="C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe"
"Spotify Web Helper"="C:\Users\Luc\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Spotify"="C:\Users\Luc\AppData\Roaming\Spotify\Spotify.exe -autostart"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"MedionReminder"="C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MedionReminder"="C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey"

==== Startup Folders ======================

2012-06-18 16:18:17	995	----a-w-	C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/04/2015 22:32]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/10/2014 22:23]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/10/2014 22:23]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{09BFCCF2-23AF-4330-B56A-BE497B14A6D7}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-12-14 15:24:55	--------	d-----w-	C:\PROGRA~3\Applications
2015-03-07 06:33:50	--------	d-----w-	C:\PROGRA~3\APN

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com" [17/02/2015 11:42]

==== Chromium Look ======================

Google Chrome Version: 42.0.2311.152

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaaigjndjblmpeckabiffcpogflfgl - C:\Users\Luc\AppData\Local\ilividbandoomoviestoolbar\GC\toolbar.crx[03/07/2014 09:02]
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx[16/05/2013 19:41]
hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx[16/05/2013 19:41]
hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx[16/05/2013 19:41]
jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx[17/02/2015 11:42]
lpoimibckejjdjcfbdnajaicnklhfplh - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh[]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx[16/05/2013 19:41]

==== Chromium Startpages ======================

C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE",
"homepage": "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE",
"urls_to_restore_on_startup": [ "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE" ]
"urls_to_restore_on_startup": [ "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-1957&v=n15946-712&t=4"
"Default_Page_URL"="http://www.aldi.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{2EBBDAAB-9631-4324-BF60-074ABFA9C129}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{2EBBDAAB-9631-4324-BF60-074ABFA9C129} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"
{8CEE8125-D348-4E72-B4D4-E66AECA5835B} Ask Search Url="http://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^BE&gct=&itbv=12.24.1.51&apn_uid=0EB1F106-B884-4128-B2A4-602030A99CEA&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^BE&apn_dbr=ie_11.0.9600.17631&doi=2015-03-07&trgb=IE&q={searchTerms}&psv=&pt=tb"
{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Ask.com  Url="http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1957&systemid=406&v=n15946-712&apn_uid=3036531152214859&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\virtualKeyboard@kaspersky.ru deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\KavAntiBanner@Kaspersky.ru deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\linkfilter@kaspersky.ru deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Luc\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe 
C:\Users\Luc\Desktop\Spotify.lnk - C:\Users\Luc\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\Luc\Desktop\SpywareBlaster.lnk - C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe 
C:\Users\Luc\Desktop\SpywareGuard LiveUpdate.lnk - C:\Program Files (x86)\SpywareGuard\sgliveupdate.exe 
C:\Users\Luc\Desktop\SpywareGuard.lnk - C:\Program Files (x86)\SpywareGuard\sgmain.exe 
C:\Users\Luc\Desktop\Veilig Bankieren.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\starter_avp.exe -hidden safebanking

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe 
C:\Users\Public\Desktop\Epson Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe 
C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe 
C:\Users\Public\Desktop\Epson Stylus SX210_SX410_TX210_TX410 Handboek.lnk - C:\Program Files (x86)\epson\TPMANUAL\ESSX210_410_TX210_410\NLD\USE_G\index.htm 
C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe 
C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\starter_avp.exe 
C:\Users\Public\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.medion.com/lifestore
C:\Users\Public\Desktop\Maak uw eigen support dvd.lnk - C:\Program Files (x86)\CyberLink\PowerRecover\PowerRecover.exe 
C:\Users\Public\Desktop\Microsoft Office 2010.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe 
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe 
C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva64.exe 
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
C:\Users\Public\Desktop\MEDION MediaPack 2\Ashampoo Burning Studio.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Burning Studio\burningstudio.exe 
C:\Users\Public\Desktop\MEDION MediaPack 2\Ashampoo Photo Commander.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Photo Commander\apc.exe 
C:\Users\Public\Desktop\MEDION MediaPack 2\Ashampoo Photo Optimizer.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Photo Optimizer\photooptimizer.exe 
C:\Users\Public\Desktop\MEDION MediaPack 2\Ashampoo Snap.lnk - C:\Program Files (x86)\Medion MediaPack 2\Ashampoo Snap\ashsnap.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\Luc\AppData\Roaming\Spotify\Spotify.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerRecover\PowerRecover.lnk - C:\Program Files (x86)\CyberLink\PowerRecover\PowerRecover.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk - C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office 2010.lnk - C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe 
C:\Users\Luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\LIFESTORE.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 

==== C:\zoek_backup content ======================

C:\zoek_backup (files=488 folders=34 5015660 bytes)

==== EOF on za 16/05/2015 at 18:17:48,31 ======================