Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Alexander on za 13-06-2015 at 15:42:51,08.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alexander\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

13-6-2015 15:44:03 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Alexander\AppData\Local\EmieSiteList deleted successfully
C:\Users\Alexander\AppData\Local\EmieUserList deleted successfully
C:\Users\Alexander\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\ProgramData\FlashBeat not found
C:\ProgramData\TomorrowGames not found
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf deleted
C:\windows\SysNative\Tasks\MTCYOKLOLS1 deleted
C:\windows\SysNative\Tasks\RFFHUSEIZ1 deleted
C:\PROGRA~3\19a87fa1ec024bbcbb41931263354405 deleted
C:\PROGRA~3\28341ff220e0446c9fff27c4493d622e deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Alexander\AppData\Local\iConvertor deleted
C:\Users\Alexander\Downloads\FL_Studio_Producer_Edition_11.0.4_Plugins_Bundle_R2R_ChingLiu.zip deleted
C:\Users\Alexander\Downloads\avast_free_antivirus_setup_online_cnet.exe deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
"C:\Windows\tasks\MTCYOKLOLS1.job" deleted
"C:\Windows\tasks\RFFHUSEIZ1.job" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-06-11 14:43:26	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\prleth.sys
2015-06-11 14:43:26	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\hgfs.sys
2015-06-03 13:52:11	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\firstboot.dat
2015-06-03 13:52:11	36DADC207D52F4911EFCCFA285B9BB53	10	----a-w-	C:\Windows\getvol.scp
====== C:\Users\ALEXAN~1\AppData\Local\Temp ====
2015-06-12 10:53:26	FE30DC121CF05554D134666F5D4A60E4	8806352	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\Instup.dll
2015-06-12 10:53:26	9C3349C17D49917AC24FA8D585D722DF	1732288	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\avBugReport.exe
2015-06-12 10:53:26	89A40D4BF237AD4FECC2DD53E6C232B5	3451936	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\aswOfferTool.exe
2015-06-12 10:53:26	57ECCC846599D803C909CF4AC2F66D74	598336	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\instup.exe
2015-06-12 10:53:26	2427406F4AA14011911A18A4AAC865FA	3171728	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\HTMLayout.dll
2015-06-12 10:53:21	B5863A28626479912CAAF49D4A59B6A9	3171728	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\HTMLayout.dll
2015-06-12 10:53:21	2746ABA7E980058F1243AA0F06686F82	597824	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\instup.exe
2015-06-12 10:53:21	06A797AE17BAE3F37079C75D4A82435F	8768224	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\Instup.dll
2015-06-12 10:53:20	1F92151DB6C74613C1FC17EEB132DF8D	1723536	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\avBugReport.exe
2015-06-12 10:11:25	667384827BB3604D587780FD7E78260D	2999808	----a-w-	C:\Users\Alexander\AppData\Local\Temp\fsd88FD.exe
2015-06-11 18:34:22	667384827BB3604D587780FD7E78260D	2999808	----a-w-	C:\Users\Alexander\AppData\Local\Temp\fsd6DDF.exe
2015-06-11 16:29:03	667384827BB3604D587780FD7E78260D	2999808	----a-w-	C:\Users\Alexander\AppData\Local\Temp\fsd317B.exe
2015-06-11 14:40:35	7638B31860EDD186E9C4DA19B36787C6	2098983	----a-w-	C:\Users\Alexander\AppData\Local\Temp\olphbgycYa.exe
2015-06-11 14:40:28	E1F12B9982C847933F4A9C4A86202D7D	2106551	----a-w-	C:\Users\Alexander\AppData\Local\Temp\iTcyoUiZSG.exe
2015-06-11 14:40:28	61600927CF0236BEDCBCB607E4BD16CD	571338	----a-w-	C:\Users\Alexander\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_64.exe
2015-06-11 14:40:24	942C14C1A4F55FD2BA2B888AFD44E31A	89088	----a-w-	C:\Users\Alexander\AppData\Local\Temp\B20D2C3F-D441-4C89-195C-FE40D3E4CE26.dll
2015-06-11 14:40:24	7CFBE94ACED6510A67A42658E7DDBE96	850432	----a-w-	C:\Users\Alexander\AppData\Local\Temp\B20D2C3F-D441-4C89-195C-FE40D3E4CE26.exe
2015-06-11 14:40:24	027196552EBF348A7B5CCAC18499D01D	1014784	----a-w-	C:\Users\Alexander\AppData\Local\Temp\0CA74871-CACD-899B-42B6-E61E5904F328.exe
2015-06-11 14:40:12	2A5F246B97D00F77B78D15F72923839B	61981	----a-w-	C:\Users\Alexander\AppData\Local\Temp\Uninstall.exe
2015-06-11 14:40:01	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Alexander\AppData\Local\Temp\aeU8tblJIp.exe
2015-06-11 14:39:54	ACA87E07B0A7D42D2A03196BA0A100AA	596442	----a-w-	C:\Users\Alexander\AppData\Local\Temp\Uwo87zsMlJ.exe
2015-06-11 14:39:48	42088EF271CA8F06A0C9B14D9F3F63AA	695976	----a-w-	C:\Users\Alexander\AppData\Local\Temp\~ld60D8\fgrs\tmp\wpm_v20.0.0.2289.exe
2015-06-11 14:39:44	C4F87933948773FCF0CCACC080647D54	254464	----a-w-	C:\Users\Alexander\AppData\Local\Temp\s9Az9tV2JM.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-10 12:37:22	DA27A4EA7B7C77FAFDB3F94D83E310C1	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 12:37:22	A98E8F79C738CAF23C152DBCABD978FE	11411456	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-06-10 12:37:22	605E9B2CFA3445ED7716D0B345EE21EC	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-06-10 12:37:22	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 12:37:22	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 12:37:21	58788565442368B0615DDAF1D452B843	530432	----a-w-	C:\Windows\SysWOW64\comctl32.dll
2015-06-10 12:37:18	E21BBF10E7A7CAF0D1DF127B98CC0A8D	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 12:37:18	907BCBA1C7763CF27D4447E21123C443	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-10 12:37:18	8C21FA252235C632871A69B3768095BB	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-10 12:37:18	84433E17027542D333861AB5615DCA2D	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-06-10 12:37:18	83FD10FC6ED867B867ABC0100FE2C83B	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 12:37:18	280E393871630E9462995BCC1C4AB1BA	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-06-10 12:37:18	09693C45F4BFE86D6E35897A55CF7A95	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-10 12:37:16	8C3A03295F56D1FFB51D9D05DA42B12D	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 12:37:16	81C1182A9EE7AC4D21187811DE66A7D0	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-06-10 12:37:15	9F6066005D8B8620598085C7499E9B70	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 12:37:15	96837E5864777688477AF6DE2332C06D	503808	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-06-10 12:37:15	7C9F8DB66A56306C5BBE97F9FC0F01EF	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 12:37:15	6B7210618D7E2CE0404ECF748701253A	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 12:37:15	53E9614ADFA6A40A452BA014CEF6F261	1309696	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-06-10 12:37:15	185490A6C3BEDAC5EF547314F68AB07B	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 12:37:14	F26680AF396F89F7ABFDA1D1D6B62011	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 12:37:14	975421AC32F9F6E27A58F75DAB4B5871	19607040	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-06-10 12:37:14	2DED8A99E45053C42DD21D6937D3960C	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 12:37:13	E21AE910DF0C5CB7D46D8FA17A4567DE	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 12:37:13	DB254D50B4527C2821C537E0587B44E8	12829696	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-06-10 12:37:13	C93AE4D14AEF5169791B35D97AE7C9FC	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 12:37:13	C27C8CACEBC712BE2AD791715E9734EC	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-06-10 12:37:13	B6D8148C1C697A7BF04EE0FE82408B6A	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 12:37:13	927E38A35E4DFC4E294BD130BAA6F759	2278912	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-06-10 12:37:13	7DBCBB1647B7CD71E2039C1B50A12717	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 12:37:13	5C06EE62F06E990E9521EA80B8D4D4B8	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-06-10 12:37:13	4ABEEF30EA5B9F4718312DCB60B6C9BC	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 12:37:13	1A628C1F5470F0AF21E37E425026F27A	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-06-10 12:37:13	17B0852D8202A872C3E6D01B518B6A4E	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 12:37:12	8C8B8C78C0CCD5D36ABCB115B0B581E1	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 12:37:11	FB5C9234E4BF6BDAF4A954763A4582BA	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-06-10 12:37:11	EF853EA2A6A7BD891CCF31B0C2915352	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-06-10 12:37:11	E4EB138060BAE0DBAB1A3B71A3141FE7	1950720	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-06-10 12:37:11	85E21CCF38166E0D6DE2E42D9D3823BD	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 12:37:11	3FD7E6DB5D81FE400DB4D81D278596E6	4305920	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-06-04 13:43:32	858EB73F68B20A2A5C66B6C000D1C0DD	102608	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-06-04 13:36:38	AF6655214DEBB2C8446DE843A02AAEBA	99480	----a-w-	C:\Windows\SysWOW64\infocardapi.dll
2015-06-04 13:36:37	8D466B36076BCD7997838C0DDB69764C	619672	----a-w-	C:\Windows\SysWOW64\icardagt.exe
2015-06-04 13:36:35	370FC4421ADE62FC89AC93B345570388	8856	----a-w-	C:\Windows\SysWOW64\icardres.dll
2015-06-04 13:36:26	28A8B99DE70F376B18709E6B07D6A352	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2015-06-04 10:44:08	F91A59FB95541E209971CCBB7F3D6AE5	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-06-04 10:44:08	D8D4D751AC82BF3DDB28452878267DA5	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-06-04 10:44:08	D0CA74BE380498A0111A73EB9C76CF8F	342016	----a-w-	C:\Windows\SysWOW64\certcli.dll
2015-06-04 10:44:08	86E23CD282F2AE7A95CB8F48A70C3188	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-06-04 10:44:08	6954B10C2CF2D99E3F138FB9BDF32547	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-06-04 10:44:08	4279AF72FD8493586422C60BFCA08E07	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-06-04 10:44:08	2F47A9303208E8812660A3396EE31477	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-06-04 10:44:08	2665A3D34D1C62DF303723422215B001	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-06-04 10:44:07	FA518D40DEE715D3399B561AE94A1E4F	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-06-04 10:44:07	D7DDFF16973763EDAA28C824E0EFDDF7	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-06-04 10:44:07	A8822401C68B6080FB0C82FD667CF956	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-06-04 10:44:07	986E8181921B351C7D395DCFA1767DDC	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-06-04 10:44:07	590AF89D7836C7C019A4410BC778063C	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-06-04 10:44:07	280B8EA3F529A8A41AE3BF98B5272E1B	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-06-04 10:43:56	2CBD6D22499EB13A2666F62EF33D00E2	16303	----a-w-	C:\Windows\SysWOW64\ieuinit.inf
2015-06-04 10:43:34	965D6A2B30A95A9F7EF13653988D3D9F	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-06-04 10:43:34	55273844B66D77A2F1A2213C17A9EA4A	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-06-04 10:43:33	ABB358777FDF4AF51B2FE26137D2B8D4	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-06-04 10:43:33	274F0540FD4C88FC845C94CA1569688A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-06-04 10:43:33	01D9C9A70323BC7E5835B92442DD7EC2	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-06-04 10:43:27	C22AB1781BC6F0BB1C9B352CF66DBFFC	1250816	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-06-04 10:43:17	FB19FC5951A88F3C523E35C2C98D23C0	314880	----a-w-	C:\Windows\SysWOW64\webio.dll
2015-06-04 10:43:13	003C51B9FE38287BA4E0E58D3AE080BD	744960	----a-w-	C:\Windows\SysWOW64\blackbox.dll
2015-06-04 10:43:12	DCC148408770F2D55B201F8FC26438A1	988160	----a-w-	C:\Windows\SysWOW64\drmv2clt.dll
2015-06-04 10:43:11	833FCABCB5D95B1911BA6E62FC82AC04	617984	----a-w-	C:\Windows\SysWOW64\wmdrmsdk.dll
2015-06-04 10:43:11	5B0C6247027FCF5A2E2F150E298D2FFA	3209728	----a-w-	C:\Windows\SysWOW64\mf.dll
2015-06-04 10:43:10	BB73C907D1BD437B6C30F2C23BB089FC	406016	----a-w-	C:\Windows\SysWOW64\drmmgrtn.dll
2015-06-04 10:43:09	A56F4029FDCF4F817E78953CDA953E28	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2015-06-04 10:43:09	74264B7F57A16D25CB581C07964D324A	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-06-04 10:43:09	49474B3E37969AF4B5C076F42B623AFF	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-06-04 10:43:08	D5EC42139D6A6158CF188975C50B6A60	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-06-04 10:43:08	C5667EE72D7364BE81516C0707FEF724	354816	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2015-06-04 10:43:08	B7D2BB84C590F0AE9DA51DBB065A780E	1005056	----a-w-	C:\Windows\SysWOW64\cryptui.dll
2015-06-04 10:43:08	B54FD1991E659FD61EF1D34EC27AAECD	81408	----a-w-	C:\Windows\SysWOW64\cryptsp.dll
2015-06-04 10:43:08	98C1191C862B44567FCF3C18BAEE859E	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2015-06-04 10:43:08	96DB6A923DEDB58FC7CBBF5CFF73314D	1329664	----a-w-	C:\Windows\SysWOW64\quartz.dll
2015-06-04 10:43:08	2D4814D567E5A85C473228BA772A7AFB	489984	----a-w-	C:\Windows\SysWOW64\evr.dll
2015-06-04 10:43:08	2D21189858856316D55EAD55DF4964C2	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2015-06-04 10:43:07	50B8937A81360D16A5C772302BD32CFE	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2015-06-04 10:43:06	E0AB9CA912398BE1AAD14FF7AD75C397	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2015-06-04 10:43:06	70E96EBE87A38857619671FCB9C8EC7B	265216	----a-w-	C:\Windows\SysWOW64\msnetobj.dll
2015-06-04 10:43:06	3BAA4BAE71460C5CEB40D5E9339A61BC	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-06-04 10:43:06	320A8699369C43CF53B2DB4538D17C52	504320	----a-w-	C:\Windows\SysWOW64\msscp.dll
2015-06-04 10:43:05	08FF727297A97907AADED4BA86CF44E9	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-06-04 10:43:04	AF47EAA4ADDA9AA221FB7647EE22BF53	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2015-06-04 10:43:04	49F4EE8DF752CFA159B99046CD1FDD2B	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-06-04 10:43:03	2F3CE58D8C276570EEB69C99CFBAFD58	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2015-06-04 10:42:35	A139A5E6B34F136405B030EA04595A20	156824	----a-w-	C:\Windows\SysWOW64\mscorier.dll
2015-06-04 10:42:35	8580484193CE0A0788830FBAB97CF13B	1131664	----a-w-	C:\Windows\SysWOW64\dfshim.dll
2015-06-04 10:42:34	D5D5BBF6AA45D820BAA0BD1303B8AAF6	81560	----a-w-	C:\Windows\SysWOW64\mscories.dll
2015-06-04 10:41:58	418AEC0CE89A13200F2820079B9CDFD9	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
2015-06-04 10:41:38	FE48346938C1CDDDF4E4097DB9B99764	52224	----a-w-	C:\Windows\SysWOW64\nlaapi.dll
2015-06-04 10:41:38	92940397DFFB4D237EA5BB22FF912BDC	156672	----a-w-	C:\Windows\SysWOW64\ncsi.dll
2015-06-04 10:41:31	E981C27FA6C2F45C135DB4AF78D6FE1F	92672	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-06-04 10:41:31	C7E498E41D92CF8C2EAED9995781A7F7	29696	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-06-04 10:41:31	9D68CE45935C439D5082ECB56902124D	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-06-04 10:41:31	751C4859FD46A1461B3FB57252F541D8	33792	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-06-04 10:41:31	031C03C9639CE0D294695968C68A5775	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-06-04 10:41:26	B804EAA9E037580F96C22537C2ECB62A	171520	----a-w-	C:\Windows\SysWOW64\ubpm.dll
2015-06-04 10:41:22	340EECB781E6C06A6171B3068DA208AD	12875264	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-06-04 10:41:20	2B381229CCACA02AFF9D27B09073E523	311808	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2015-06-04 10:41:00	14800BD31701A5047AC3145BB1E698AE	3419136	----a-w-	C:\Windows\SysWOW64\d2d1.dll
2015-06-04 10:40:59	DA5B856A037872BE089CA6967C7050C5	1237504	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2015-06-04 10:40:59	78492CF3C3697FB5AF4EAABB2BAF8595	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2015-06-04 10:40:57	5FDBDEECA34E73325D87C5ACD16A3EEC	701440	----a-w-	C:\Windows\SysWOW64\IMJP10K.DLL
2015-06-04 10:40:47	A6A644BFAE31F111F35F8C3C7BA2A8A0	3976632	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-04 10:40:47	32B9FEE479FF55234ED6BCF1D7976189	1309696	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-06-04 10:40:47	11896E75E1A118ABFAD126BEB650A189	3920824	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-04 10:40:45	A169307F0105183092F2AEDA9A8BD15D	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-06-04 10:40:44	C557EB6CD735B4EE5076EA289B02CEAC	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-06-04 10:40:08	C489D8B4D8C64F20CC75A93F541F7D91	123904	----a-w-	C:\Windows\SysWOW64\poqexec.exe
2015-06-04 10:40:04	98B3C919C6B9C5F810FF2CAFA339822B	186880	----a-w-	C:\Windows\SysWOW64\pku2u.dll
2015-06-04 10:39:45	84B460BB65567ED42DD605FA044DB370	828928	----a-w-	C:\Windows\SysWOW64\msctf.dll
2015-06-04 10:39:44	37C395C075E6FA66623C82DE50A8FAED	372736	----a-w-	C:\Windows\SysWOW64\rastls.dll
2015-06-04 10:39:42	5F3628DCF926C4499BE1DC74431DFBC8	1230848	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2015-06-04 10:39:23	0F39AC3274312EFFD03928291E8BA7CA	67584	----a-w-	C:\Windows\SysWOW64\packager.dll
2015-06-04 10:39:21	3ABACF6D4EBEA5EF3014FEFA1D8FF5F8	3221504	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-06-04 10:39:21	0DBD0B4D4766CADEB8C30242A0611395	1051136	----a-w-	C:\Windows\SysWOW64\mstsc.exe
2015-06-04 10:39:20	FD67683FBA9B2C4BB551780BD8846F64	157696	----a-w-	C:\Windows\SysWOW64\winsta.dll
2015-06-04 10:39:20	97896EE4254176CFDD9010B5B243B89F	131584	----a-w-	C:\Windows\SysWOW64\aaclient.dll
2015-06-04 10:38:57	B3BC38B886CA53C92D52EF724A9F0D45	308224	----a-w-	C:\Windows\SysWOW64\scesrv.dll
2015-06-04 10:38:45	D824C1C235349B67E652A5CA70D1AA49	58880	----a-w-	C:\Windows\SysWOW64\clfsw32.dll
2015-06-04 10:38:44	EDA54D2E17C0271D2CDA946ABE344110	571904	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
2015-06-04 10:38:10	9566C8BBD2271A7962D4432A624762AD	417792	----a-w-	C:\Windows\SysWOW64\WMPhoto.dll
2015-06-04 10:27:04	86F34E7288DA428E38E2D8C7E806A871	826880	----a-w-	C:\Windows\SysWOW64\rdpcore.dll
2015-06-03 13:52:33	D06DE33F5EFD985D533D127030C50F16	1067584	----a-w-	C:\Windows\SysWOW64\mfc71.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-12 19:33:28	C9F9DA3B762563CADDE419A6F3EEB84C	277464	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
2015-06-10 12:37:23	9D80A82B0BB77AC3EF6A87FA0C534E20	14635008	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-06-10 12:37:22	834FD7C31EA16D59CC3B2DC60F2F2620	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-06-10 12:37:22	51ECEE70F33601310DDEF3EEE39550D3	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-06-10 12:37:22	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-06-10 12:37:22	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-06-10 12:37:21	51F89CE2D0FEC66070354504E6C4C3E4	633856	----a-w-	C:\Windows\Sysnative\comctl32.dll
2015-06-10 12:37:19	7531D546D99A09EBB85DD852EAA84ACB	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-06-10 12:37:19	6AA0DD89D7A90033FC3111CC83187C1D	1162752	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-06-10 12:37:19	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-06-10 12:37:18	EF7170DDCCF7EB24EA7CE61203A862FD	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-06-10 12:37:18	D7B8CFB3D17DC664049FE3B78D1016E2	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-06-10 12:37:18	BBFA57E64CE337686C2BC3F56881D55B	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-06-10 12:37:18	A171AC55EE4B4EE35C18EF0977017A72	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-06-10 12:37:18	737D7612774992D049EA3CAC53A93316	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-06-10 12:37:18	1500DFF62202840DCE0E3945B157F139	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-06-10 12:37:16	9DB8E01D5A546FAFCACE95489E351186	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-06-10 12:37:16	73509D13542A90E260F45D1D6D4100A8	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-06-10 12:37:15	9E2B8C0601E3D460F78F0233B509CE4F	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-06-10 12:37:15	70D24021ED327CE7FFA9DEE327BB4C6B	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-06-10 12:37:14	4BD747AAF01C480901B3E777EC48826B	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-06-10 12:37:13	D202078FBA3A77B85D39669EE4110DE2	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-06-10 12:37:13	86FDFEA67833DB261EC01A777594EDCF	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-06-10 12:37:13	6ABFC5736EC920C4436F32111F5CBCEE	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-06-10 12:37:13	57DFACB53ED16190EF732E2430B39741	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-06-10 12:37:13	3C3E159F284F51D55DB59C3D0B843979	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-06-10 12:37:13	36F3718E67F442F54AB4A39DCDD8FD19	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-06-10 12:37:13	083BCA14FCE290D682D8DAC9372CBF23	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-06-10 12:37:12	FF84182188CA8F0DC28CFED06C9B7816	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-06-10 12:37:12	7F8F9AE03D1BA4354671E05F07A40F1A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-06-10 12:37:12	6E295C7364DAEB151CC0E98434B6AC92	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-06-10 12:37:12	5F8EE9311ECF078CD9426874FFAD660C	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-06-10 12:37:11	AFF5C12099B87FA645F8867701729894	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-06-10 12:37:11	33B5F1A727FACDEA7CDA0E35FFAADDCF	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-06-10 12:37:11	0EDA3219FA027A486AA11269355AB279	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-06-10 12:37:10	8909A24DA8B5C426CF6595BA843B6CC5	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-06-10 12:37:10	35622F5A652C4E16774234DCA0026E74	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-06-10 12:37:09	CFA52E2FE8E623042A1EEF96EB1B9481	6026240	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-06-10 12:37:09	AE5A2843B4A2E1E558B9EE13EF62CCE5	14404096	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-06-10 12:37:09	ACD6FE6C82B93813F023FC01A51CB940	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-06-10 12:37:09	83781DF625A4448B39410D7FA2BDC48D	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-06-10 12:37:09	4A5A84B457C72E79A64AE4036EC6BB0E	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-06-10 12:37:09	3854BFE1C0F14872C94501421CC40813	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-06-10 12:37:08	A29BAFC1543F9D2234AFFFEA9BCE76C8	24917504	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-06-10 12:37:08	417F80E4AFBA1AA9EBBD618F1C6D9165	2426880	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-06-10 12:37:08	2BC2D3A41BB755487FD55C09938F00BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-06-10 12:37:08	16091938F6CDBCCCBA1CBE24600121BC	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-06-10 12:37:08	06A8CE6C3AE6B7916F026B0EFDDCAAA5	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-06-04 13:43:32	189FB45D7442083AE8A2E4E612233EF7	124112	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-06-04 13:36:38	9C44FB5B3A8A192FCE1103AC9BA4E576	171160	----a-w-	C:\Windows\Sysnative\infocardapi.dll
2015-06-04 13:36:37	8A08BB0D12BE40DC09632CD5D04A48A0	1389208	----a-w-	C:\Windows\Sysnative\icardagt.exe
2015-06-04 13:36:35	EE415EC9288182BCFB6E6896A376EA53	8856	----a-w-	C:\Windows\Sysnative\icardres.dll
2015-06-04 13:36:26	E4312738B500577BABC232A49F67A67D	35480	----a-w-	C:\Windows\Sysnative\TsWpfWrp.exe
2015-06-04 10:44:08	ED4B980701D081AC42F7B121C1E42149	460800	----a-w-	C:\Windows\Sysnative\certcli.dll
2015-06-04 10:44:08	C6430870504E2D73EAD55A863D6FB310	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-06-04 10:44:08	B6478E65EB03E84A1F01EB045A87AC19	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-06-04 10:44:08	966A19E354FF0568847CDCEF992BFBEB	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-06-04 10:44:08	8AD8D17425C75D2621B2CDFE0DEABD21	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-06-04 10:44:08	6938D6D4991BC86978034795BCE55AC8	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-06-04 10:44:08	4C3FAC816925F73A34AD52F1F7C0A7EA	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-06-04 10:44:08	3434F7DB9B6607284BAA14E7608D2D1A	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-06-04 10:44:08	2B95EFD44D9AB6626DE0E28041D02EAA	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-06-04 10:44:08	2A165B5B5F198D845CF8CFCBB564FAE5	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-06-04 10:44:08	119055C5ABE3DC76F8A3377FACA8EC71	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-06-04 10:44:07	D8B75DB69F6C0C4A48003FB19057B2CB	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-06-04 10:44:07	C39A5B69763458468AC3266B8AD752AB	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-06-04 10:44:07	95DC9317379EAD6C53D41FCE887CA621	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-06-04 10:44:07	43A8CFA9E1D829B4D42A063A85179A05	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-06-04 10:44:07	0A69BDE8FC718F208BC4FA5BF4ADF251	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-06-04 10:44:07	0182C300EAAC66C60CA8B915F5C3439D	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-06-04 10:43:55	2CBD6D22499EB13A2666F62EF33D00E2	16303	----a-w-	C:\Windows\Sysnative\ieuinit.inf
2015-06-04 10:43:44	71C85477DF9347FE8E7BC55768473FCA	328704	----a-w-	C:\Windows\Sysnative\services.exe
2015-06-04 10:43:43	5B9954AE9FD4682DADD5EBC0301366B0	52736	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2015-06-04 10:43:34	F351B0E520502552734BE70AA5940784	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-06-04 10:43:34	DB0BD8B8D68D8211CA23FBE52DACE549	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-06-04 10:43:34	85D3E918658C2766780F7DEE5F8FBE57	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-06-04 10:43:34	1307814243F21EB129852D59B5AB37FB	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-06-04 10:43:33	39A108604F51821F6F4E2001E9A1CB60	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-06-04 10:43:27	E612E86FA15EA1EF9A52433A2743C447	1179136	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-06-04 10:43:27	490505F6E53EF046EC70A353BC9CD615	1647104	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-06-04 10:43:17	603EBD34E216C5654A2D774EAC98D278	395776	----a-w-	C:\Windows\Sysnative\webio.dll
2015-06-04 10:43:13	A53A63831185FF5339E76221BE45E6B9	842240	----a-w-	C:\Windows\Sysnative\blackbox.dll
2015-06-04 10:43:12	DF6104DCED89E13A78BA5539CEF5100A	1202176	----a-w-	C:\Windows\Sysnative\drmv2clt.dll
2015-06-04 10:43:11	7F4D59E70DD6E757E96B40570B498D5C	782848	----a-w-	C:\Windows\Sysnative\wmdrmsdk.dll
2015-06-04 10:43:11	7BC64DEEFD0E6812E21DE89F0CF50A49	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2015-06-04 10:43:11	29143C7827F9F2AC543E792A8C63FBB0	4121600	----a-w-	C:\Windows\Sysnative\mf.dll
2015-06-04 10:43:10	B2F02AB28864B6D5B5B9BEDA565D41BB	497664	----a-w-	C:\Windows\Sysnative\drmmgrtn.dll
2015-06-04 10:43:10	3FECBED0EACABD22E024EF4E50CF987B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-06-04 10:43:09	B7E752FFD95DC61FCB7A6E70E37175E5	693176	----a-w-	C:\Windows\Sysnative\winload.efi
2015-06-04 10:43:09	999A7FD4D9F8B1656F1167D94743E50A	457400	----a-w-	C:\Windows\Sysnative\ci.dll
2015-06-04 10:43:09	8DFDB70E3E56C2F1AE09CB3C03E266E5	1574400	----a-w-	C:\Windows\Sysnative\quartz.dll
2015-06-04 10:43:09	7A4064169FBA91F39DB1FDC094A18DA8	619056	----a-w-	C:\Windows\Sysnative\winload.exe
2015-06-04 10:43:09	73D81B5B4B2655CB1B5662E770F755D5	532176	----a-w-	C:\Windows\Sysnative\winresume.exe
2015-06-04 10:43:09	6AEEC5677AD522786CED371A7BEE620C	616360	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-06-04 10:43:09	6968D02DC38757C3FBE7ED7C2F9670AA	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-06-04 10:43:09	5FFEE6CA63E27CBA1F32002743E58F3C	631808	----a-w-	C:\Windows\Sysnative\evr.dll
2015-06-04 10:43:09	577D0B947B49DB83E2054FA169B2ECBF	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-06-04 10:43:09	1CD76A83B9E8E9A5A3519B39E28354D9	187904	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-06-04 10:43:08	F88B4A9EA1A956F09D5001D08B546228	641024	----a-w-	C:\Windows\Sysnative\msscp.dll
2015-06-04 10:43:08	DB2D62AA2DF6B1F3D690A9EC9701AA2C	188416	----a-w-	C:\Windows\Sysnative\pcasvc.dll
2015-06-04 10:43:08	C0AE7ABD87254B2789C8CB34AF274A65	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2015-06-04 10:43:08	94BC902494AFC9F5EBC5FBB61445D73F	82432	----a-w-	C:\Windows\Sysnative\cryptsp.dll
2015-06-04 10:43:08	56FD1BC602EE0E7949F92EE2EE327B72	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2015-06-04 10:43:08	410F6B1BE785F3630B4782F8E3D85A24	1069056	----a-w-	C:\Windows\Sysnative\cryptui.dll
2015-06-04 10:43:08	3A7BC2DC99D3C5B172465E890B3C3B14	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2015-06-04 10:43:08	3029D8E78E4BF18A0551E22CD4CB892C	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
2015-06-04 10:43:08	0BC72EA80234382701EAFC1BE0ECD7E4	432128	----a-w-	C:\Windows\Sysnative\mfplat.dll
2015-06-04 10:43:07	AE66D26930CA536706078537CB5AC840	325632	----a-w-	C:\Windows\Sysnative\msnetobj.dll
2015-06-04 10:43:06	CBE684883A45E5B047DA6B4AC46C2112	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2015-06-04 10:43:06	84DB8EB3C184BB549ED90A842020F278	58880	----a-w-	C:\Windows\Sysnative\appidapi.dll
2015-06-04 10:43:06	72D4757510FDA69D729169C00AFC211E	32256	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2015-06-04 10:43:06	6E974F1C384615DEB0710E44F4847351	126464	----a-w-	C:\Windows\Sysnative\audiodg.exe
2015-06-04 10:43:06	1BE9877B199184D7657BC4CFCB7B4A99	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-06-04 10:43:04	ED6BF1E1C4F40F600DFEC0CB101A1789	9728	----a-w-	C:\Windows\Sysnative\pcalua.exe
2015-06-04 10:43:04	EA285B947EE48103697CDA53D76C9EEC	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2015-06-04 10:43:04	C4937B9D6EF4D309A60054D4D00EE9DB	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2015-06-04 10:43:04	A84C94CF795E08BBB99E4E145F9E81A3	11264	----a-w-	C:\Windows\Sysnative\pcawrk.exe
2015-06-04 10:43:04	947938F265D7CB99653CDFF2B3C0468D	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2015-06-04 10:43:04	589852B65C91F574E980ABDB8205080A	146944	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2015-06-04 10:43:04	27793FE3FF2D0123896D1A01A2D222C7	37376	----a-w-	C:\Windows\Sysnative\pcadm.dll
2015-06-04 10:43:04	0F79883E27BB1AFE2D9BB4656A1CEFCD	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-06-04 10:43:04	00EE5D3E16D42F25F7813ACFA10EC803	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2015-06-04 10:43:03	FE03B35A22C3D2714B494FC2AB32AC5B	8704	----a-w-	C:\Windows\Sysnative\pcaevts.dll
2015-06-04 10:43:03	8364A0F7633414DC5C50A37295B1FAFF	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2015-06-04 10:42:35	B6A58491307B4CADA572583D863DC602	210432	----a-w-	C:\Windows\Sysnative\profsvc.dll
2015-06-04 10:42:35	5083CC5456FE8A5D21ECF9E32ACC779F	1943696	----a-w-	C:\Windows\Sysnative\dfshim.dll
2015-06-04 10:42:35	2D6C77A3DB3D8EE00FB55834A67E4073	156312	----a-w-	C:\Windows\Sysnative\mscorier.dll
2015-06-04 10:42:34	50EC828370CB5F5E9FF08B10F1B701C8	73880	----a-w-	C:\Windows\Sysnative\mscories.dll
2015-06-04 10:41:58	6B0F962B1EE486FFE7BCABBC9C736976	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
2015-06-04 10:41:58	2B36E0C5C262437E1B098344DEFA55F8	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2015-06-04 10:41:44	008CD4EBFABCF78D0F19B3778492648C	683520	----a-w-	C:\Windows\Sysnative\termsrv.dll
2015-06-04 10:41:38	8B301D474B478E9A92823BAB50A7BC49	303616	----a-w-	C:\Windows\Sysnative\nlasvc.dll
2015-06-04 10:41:31	C5D90D20035928387FE27E4485EE463F	36864	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-06-04 10:41:31	AEA602B4036CF95522818E911654F52E	135168	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-06-04 10:41:31	95A9A336CFF6AC51B33BBFDBEA6D848B	60416	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-06-04 10:41:31	6C21C983C1F83900DBEDE51DCA247B72	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-06-04 10:41:30	AECC03D0A794619E15FF1CB92D65EF9E	191488	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-06-04 10:41:30	6BAC8DCC6C58755A1B9E6D3B04C28FC5	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-06-04 10:41:30	2ADEA6F221BBF0992FDF9A3E25BA9F59	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-06-04 10:41:30	2A77BD58F0A8D3743D4299434390922E	35328	----a-w-	C:\Windows\Sysnative\wups.dll
2015-06-04 10:41:30	21DF773EF8EFEF531E7E0BF477E03047	3298816	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-06-04 10:41:30	21CA4277E6918B019525ECCD748EF401	37376	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-06-04 10:41:30	0814A74C853F50B354F08F83DDA9F7FB	2553856	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-06-04 10:41:26	1FB81632476857E8451DDA8A456EF3CE	215552	----a-w-	C:\Windows\Sysnative\ubpm.dll
2015-06-04 10:41:23	01F9FEB7F0C84EA1AC6A9B4D7C6B0435	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-06-04 10:41:20	72098048AB8AE2CAFA4ECE35D5051D62	404480	----a-w-	C:\Windows\Sysnative\gdi32.dll
2015-06-04 10:41:00	C676E5EA388AF7C4C031F56F9B42E362	3928064	----a-w-	C:\Windows\Sysnative\d2d1.dll
2015-06-04 10:40:59	2AA1704C1475AD9D18560AD07BDA66DF	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2015-06-04 10:40:59	0B85F3551337FE233477DA31545DC45C	1882624	----a-w-	C:\Windows\Sysnative\msxml3.dll
2015-06-04 10:40:57	1FEBD408F32DFC523882E7DA5AC57819	878080	----a-w-	C:\Windows\Sysnative\IMJP10K.DLL
2015-06-04 10:40:48	DCB7D8034C773ADB660FA8F1139AC0A0	5557696	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-06-04 10:40:47	96C2380819EBAC0BF592A7E8977E9E8A	1727904	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-06-04 10:40:46	F87B5878D7621A16A0A5CF1D94BE5A53	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-06-04 10:40:46	5E9E31A2F213E757184EB2CA4B562E6C	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-06-04 10:40:46	0B6514A14631E41DE4D6D40D1C80BE68	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-06-04 10:40:45	CFDA43CD05B94C4853042E4A9561B156	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-06-04 10:40:45	2ABF1BA930E5CE0017D6197A06B03E07	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-06-04 10:40:44	39D0217773202CF09F13C1E420CBA6CA	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-06-04 10:40:08	C7E50B04623FC6FF54EAF88938A8936E	142336	----a-w-	C:\Windows\Sysnative\poqexec.exe
2015-06-04 10:40:04	1306E6A1BF4D506CD687DF9F947270F2	241152	----a-w-	C:\Windows\Sysnative\pku2u.dll
2015-06-04 10:39:45	E88A78273D429554B6B2D2BDA945ED9B	1067520	----a-w-	C:\Windows\Sysnative\msctf.dll
2015-06-04 10:39:44	DD7C31F12936795C0516BB6C59CBCCD8	424448	----a-w-	C:\Windows\Sysnative\rastls.dll
2015-06-04 10:39:42	0A4D03A4C0F908B15B8A4C48FB18F197	1424896	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2015-06-04 10:39:23	934735F508E297504460935B71E99F0B	77824	----a-w-	C:\Windows\Sysnative\packager.dll
2015-06-04 10:39:21	8516703179C3BDE90A3ED31B9EC16F8D	1118720	----a-w-	C:\Windows\Sysnative\mstsc.exe
2015-06-04 10:39:21	467D0E831D6DF8DA16BF856D0537A153	3722240	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-06-04 10:39:20	C23B6D9D16FD86F446BE607CA18389D9	235520	----a-w-	C:\Windows\Sysnative\winsta.dll
2015-06-04 10:39:20	8CEBD9D0A0A879CDE9F36F4383B7CAEA	455168	----a-w-	C:\Windows\Sysnative\winlogon.exe
2015-06-04 10:39:20	0374D83D003043E7DE33036294A2EFAE	150528	----a-w-	C:\Windows\Sysnative\rdpcorekmts.dll
2015-06-04 10:38:57	FE72C89986E1BA32AD926A820491F23F	406528	----a-w-	C:\Windows\Sysnative\scesrv.dll
2015-06-04 10:38:45	745DE455E02693423B1B78F448D52961	79360	----a-w-	C:\Windows\Sysnative\clfsw32.dll
2015-06-04 10:38:45	404B7DF9CA4D1CB675045AF220FF3285	367552	----a-w-	C:\Windows\Sysnative\clfs.sys
2015-06-04 10:38:44	B938AF16A521C913791C6F7AFF032757	861696	----a-w-	C:\Windows\Sysnative\oleaut32.dll
2015-06-04 10:38:10	CBA2694BFC61F371181F2BE2BCD66C40	465920	----a-w-	C:\Windows\Sysnative\WMPhoto.dll
2015-06-04 10:27:04	4474A8AEABD056DF636FD4FBEF49353B	1031680	----a-w-	C:\Windows\Sysnative\rdpcore.dll
====== C:\Windows\Sysnative\drivers =====
2015-06-12 21:08:11	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-06-12 21:07:52	F49FB3C88E263AE9A246593B0BB29294	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-06-12 21:07:52	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-06-12 21:07:52	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-06-04 10:44:08	C93EB3A92540830168F2057ECA7DE49A	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-06-04 10:44:08	43F45C59A472993E5063F2DB2D22C509	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-06-04 10:43:09	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2015-06-04 10:43:08	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-06-04 10:43:06	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-06-04 10:41:26	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2015-06-04 10:41:24	FFA06EF43987ED0DD42AD59B260C0C78	7808	----a-w-	C:\Windows\Sysnative\drivers\usbd.sys
2015-06-04 10:41:24	DCA68B0943D6FA415F0C56C92158A83A	99840	----a-w-	C:\Windows\Sysnative\drivers\usbccgp.sys
2015-06-04 10:41:24	8D1196CFBB223621F2C67D45710F25BA	343040	----a-w-	C:\Windows\Sysnative\drivers\usbhub.sys
2015-06-04 10:41:24	18A85013A3E0F7E1755365D287443965	53248	----a-w-	C:\Windows\Sysnative\drivers\usbehci.sys
2015-06-04 10:41:24	12FEB33791920678F8433701C822BCFD	325120	----a-w-	C:\Windows\Sysnative\drivers\usbport.sys
2015-06-04 10:40:47	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-06-04 10:39:58	F61634BEC53F73702A10DE69F6DCAF57	754688	----a-w-	C:\Windows\Sysnative\drivers\http.sys
2015-06-04 10:39:20	FE571E088C2D83619D2D48D4E961BF41	212480	----a-w-	C:\Windows\Sysnative\drivers\rdpwd.sys
2015-06-04 10:39:20	E232A3B43A894BB327FC161529BD9ED1	39936	----a-w-	C:\Windows\Sysnative\drivers\tssecsrv.sys
2015-06-04 10:38:46	6C02A83164F5CC0A262F4199F0871CF5	90624	----a-w-	C:\Windows\Sysnative\drivers\bowser.sys
2015-06-04 10:28:53	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2015-06-04 10:27:04	51C5ECEB1CDEE2468A1748BE550CFBC8	23552	----a-w-	C:\Windows\Sysnative\drivers\tdtcp.sys
====== C:\Windows\Tasks ======
2015-06-11 15:38:44	B38CE0800C51D9B74B524D3C075A2D2F	1056	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-11 15:38:44	9230028E07202EF5613B1081FD4CC3D0	4052	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2015-06-11 15:38:43	F95F5EFA6A42040E6458B6D860FCC0CD	1052	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 15:38:43	55E1EE2FFAE4468467CBD0A599AC4C6C	3800	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2015-06-11 15:13:46	33E980CAEA65D64EAAF4A3FB4EF8BC0E	3170	----a-w-	C:\Windows\Sysnative\Tasks\{A84CF176-42EA-4BC5-A1A8-63B16B2CD174}
2015-06-11 15:13:06	D61DF580240B28D2E95C3E654385B358	3178	----a-w-	C:\Windows\Sysnative\Tasks\{120CAE2E-32CA-43A8-8E5A-C4DBBE9E0B27}
2015-06-04 19:30:28	1942F3726A5D881DD60FCE3BEE97083F	2996	----a-w-	C:\Windows\Sysnative\Tasks\PMTask
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-06-12 20:13:21	--------	d-----w-	C:\Program Files\trend micro
2015-06-10 15:59:56	--------	d-----w-	C:\Program Files\Microsoft Silverlight
======= C:\PROGRA~2 =====
2015-06-10 15:59:56	--------	d-----w-	C:\PROGRA~2\Microsoft Silverlight
2015-06-03 16:23:26	--------	d-----w-	C:\PROGRA~2\Hearthstone
2015-06-03 15:47:16	--------	d-----w-	C:\PROGRA~2\Battle.net
2015-06-03 14:09:49	--------	d-----w-	C:\PROGRA~2\Google
======= C: =====
2015-06-12 21:30:54	AF54994800FC83DA3E96ABF3AF801F5A	13018	----a-w-	C:\mbam results.txt
====== C:\Users\Alexander\AppData\Roaming ======
2015-06-12 21:08:42	--------	d-----w-	C:\Users\Alexander\AppData\Local\CrashDumps
2015-06-12 19:34:30	CF7F79ED56C62FB6A067E33D0B48B760	63104	----a-w-	C:\Users\Alexander\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-05 04:14:52	--------	d-s---w-	C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2015-06-04 19:28:18	--------	d-----w-	C:\Users\Alexander\AppData\Local\Programs
2015-06-04 12:18:11	--------	d-----w-	C:\Users\Alexander\AppData\Local\Lenovo
2015-06-03 18:36:41	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\java
2015-06-03 18:36:39	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\.minecraft
2015-06-03 17:34:26	--------	d-----w-	C:\Users\Alexander\AppData\Local\Spotify
2015-06-03 17:33:52	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\Spotify
2015-06-03 17:16:22	--------	d-----w-	C:\Users\Alexander\AppData\Local\Blizzard
2015-06-03 15:47:32	--------	d-----w-	C:\Users\Alexander\AppData\Local\Blizzard Entertainment
2015-06-03 15:47:25	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\Battle.net
2015-06-03 15:47:25	--------	d-----w-	C:\Users\Alexander\AppData\Local\Battle.net
2015-06-03 14:09:47	--------	d-----w-	C:\Users\Alexander\AppData\Local\Google
2015-06-03 14:09:37	--------	d-----w-	C:\Users\Alexander\AppData\Local\Deployment
2015-06-03 14:09:37	--------	d-----w-	C:\Users\Alexander\AppData\Local\Apps
2015-06-03 14:02:53	--------	d-----w-	C:\Users\Alexander\AppData\Local\Adobe
2015-06-03 14:02:17	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\LSC
2015-06-03 14:02:16	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Nitro PDF
2015-06-03 13:54:29	--------	d-sh--w-	C:\Users\Alexander\AppData\Locallow\EmieUserList
2015-06-03 13:53:48	--------	d-sh--w-	C:\Users\Alexander\AppData\Locallow\EmieSiteList
2015-06-03 13:53:48	--------	d-----w-	C:\Users\Alexander\AppData\Locallow\Microsoft
2015-06-03 13:53:22	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\Leadertech
2015-06-03 13:53:05	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\Adobe
2015-06-03 13:52:59	--------	d-----r-	C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-06-03 13:52:59	--------	d-----r-	C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2015-06-03 13:52:50	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\Identities
2015-06-03 13:52:47	--------	d-----w-	C:\Users\Alexander\AppData\Local\Power2Go
2015-06-03 13:52:05	--------	d-s---w-	C:\Users\Alexander\AppData\Roaming\Microsoft
2015-06-03 13:52:05	--------	d-----w-	C:\Users\Alexander\AppData\Roaming\Media Center Programs
2015-06-03 13:52:05	--------	d-----w-	C:\Users\Alexander\AppData\Local\Temp
2015-06-03 13:52:05	--------	d-----w-	C:\Users\Alexander\AppData\Local\Microsoft
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
====== C:\Users\Alexander ======
2015-06-12 21:05:30	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Alexander\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-12 20:37:24	D56605A4F5CE2DBEBA1540304827B394	2231296	----a-w-	C:\Users\Alexander\Downloads\adwcleaner_4.206.exe
2015-06-12 20:36:07	2074B7475FB2766E652B50DBC9539D62	1963296	----a-w-	C:\Users\Alexander\Downloads\OneSafe_PC_Cleaner.exe
2015-06-12 20:12:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Alexander\Downloads\RSITx64 (1).exe
2015-06-12 20:12:25	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Alexander\Downloads\RSITx64.exe
2015-06-12 09:51:39	8611C95230B655AE661AAEDC17BAA152	6549184	----a-w-	C:\Users\Alexander\Downloads\ccsetup506.exe
2015-06-11 15:39:06	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-11 14:40:43	9EDBB6648A6CBF03FA67DFC18CE59BDD	396	--sha-r-	C:\ProgramData\ntuser.pol
2015-06-10 15:59:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-10 15:58:39	054DD4C30B92E21AA06487112BE34B93	13095136	----a-w-	C:\Users\Alexander\Downloads\Silverlight_x64.exe
2015-06-04 12:27:48	12B0836D10022CFC6BE3B5A669D9E16B	2001540	----a-w-	C:\Users\Alexander\Downloads\pc-decrapifier-3.0.0.exe
2015-06-03 18:35:23	F28C19973BD82EE50BB16A5A39C1BA83	1294088	----a-w-	C:\Users\Alexander\Desktop\Minecraft.exe
2015-06-03 17:33:43	59752A317DFE9D3025955F212E6B613C	155296	----a-w-	C:\Users\Alexander\Downloads\SpotifySetup.exe
2015-06-03 16:23:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-06-03 15:47:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-06-03 15:47:16	--------	d-----w-	C:\ProgramData\Blizzard Entertainment
2015-06-03 15:46:32	--------	d-----w-	C:\ProgramData\Battle.net
2015-06-03 15:46:21	1578635EBCD0E374ED221F72B2B949E1	3057720	----a-w-	C:\Users\Alexander\Downloads\Hearthstone-Setup-enUS.exe
2015-06-03 13:52:59	--------	d-----r-	C:\Users\Alexander\Searches
2015-06-03 13:52:48	--------	d-----r-	C:\Users\Alexander\Contacts
2015-06-03 13:52:06	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Alexander\ntuser.ini
2015-06-03 13:52:05	--------	d--h--w-	C:\Users\Alexander\AppData
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Videos
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Saved Games
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Pictures
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Music
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Links
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Favorites
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Downloads
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Documents
2015-06-03 13:52:05	--------	d-----r-	C:\Users\Alexander\Desktop

====== C: exe-files ==
2015-06-12 21:05:30	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Alexander\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-12 20:37:24	D56605A4F5CE2DBEBA1540304827B394	2231296	----a-w-	C:\Users\Alexander\Downloads\adwcleaner_4.206.exe
2015-06-12 20:36:07	2074B7475FB2766E652B50DBC9539D62	1963296	----a-w-	C:\Users\Alexander\Downloads\OneSafe_PC_Cleaner.exe
2015-06-12 20:13:21	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Alexander.exe
2015-06-12 20:12:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Alexander\Downloads\RSITx64 (1).exe
2015-06-12 20:12:25	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Alexander\Downloads\RSITx64.exe
2015-06-12 19:52:56	975BF33FC24E2315213754D2A368E2B5	13154784	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF8TAEL8\row[2].exe
2015-06-12 19:40:44	FDB228E0FC2971E309BED90630EA2B56	10615952	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OUUHFUN4\Rapid_Media_Converter_Clean[1].exe
2015-06-12 19:40:42	82BA30A996E10E38611982A8A1EEDDF2	383056	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF8TAEL8\RapidMediaConverterSetup[1].exe
2015-06-12 19:40:37	53F306D5251DAAAA626DCDE54BBF680D	135544	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF8TAEL8\Setup[2].exe
2015-06-12 10:53:26	9C3349C17D49917AC24FA8D585D722DF	1732288	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\avBugReport.exe
2015-06-12 10:53:26	89A40D4BF237AD4FECC2DD53E6C232B5	3451936	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\aswOfferTool.exe
2015-06-12 10:53:26	57ECCC846599D803C909CF4AC2F66D74	598336	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\New\instup.exe
2015-06-12 10:53:21	2746ABA7E980058F1243AA0F06686F82	597824	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\instup.exe
2015-06-12 10:53:20	1F92151DB6C74613C1FC17EEB132DF8D	1723536	----a-w-	C:\Users\Alexander\AppData\Local\Temp\_av_iup.tm~a01472\avBugReport.exe
2015-06-12 10:12:45	2A5F246B97D00F77B78D15F72923839B	61981	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC5TAEY1\Validate[1].exe
2015-06-12 10:12:44	502BFD3298490529CCF12F35674782C9	57110	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MG9QBTRE\policyname[1].exe
2015-06-12 10:11:25	667384827BB3604D587780FD7E78260D	2999808	----a-w-	C:\Users\Alexander\AppData\Local\Temp\fsd88FD.exe
2015-06-12 10:11:23	667384827BB3604D587780FD7E78260D	2999808	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MG9QBTRE\FinalInstaller_dotnet4[1].exe
2015-06-12 10:11:21	0CCF900044E0E4EDF36E89008E2C6AA7	254464	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OUUHFUN4\setup_362[1].exe
2015-06-12 10:11:20	D9E52A16CB487E5D0A70DBA83AB03001	41444	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF8TAEL8\cmmdWriter[1].exe
2015-06-12 10:10:56	41E2B5D519DB7FFB2FC75AEEC6E105A1	597039	----a-w-	C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RF8TAEL8\Setup[1].exe
2015-06-12 09:51:39	8611C95230B655AE661AAEDC17BAA152	6549184	----a-w-	C:\Users\Alexander\Downloads\ccsetup506.exe
2015-06-12 09:44:41	F6EEE6848E933962E12E7B3F25C73C88	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe
2015-06-12 09:44:41	C990A8EAD57DA59FA8156CC02D3B7DA5	931408	----a-w-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
2015-06-12 09:44:41	6732C4A894855042FD3618406B6BBD48	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe
2015-06-12 09:44:41	0894890F30B5F6510DF953BC50B5504F	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe
2015-06-12 09:44:36	BB3045B399D898061B926B447C446E05	127816	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe
2015-06-12 09:44:36	8715A0D10CFFC8DEE923957F07DAA042	244040	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
2015-06-12 09:44:36	6509A96DAE25340772B51AC020CB1094	304968	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
2015-06-12 09:44:35	0C03FB91E17987EED93F60007B08DAA0	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe
2015-06-12 09:44:32	C990A8EAD57DA59FA8156CC02D3B7DA5	931408	----a-w-	C:\Program Files (x86)\Google\Update\Install\{FF31BBC5-C116-4CAD-89CF-44430A9CA5DB}\GoogleUpdateSetup.exe
2015-06-12 09:44:32	C990A8EAD57DA59FA8156CC02D3B7DA5	931408	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
2015-06-11 18:34:22	667384827BB3604D587780FD7E78260D	2999808	----a-w-	C:\Users\Alexander\AppData\Local\Temp\fsd6DDF.exe
2015-06-11 16:32:57	B1798BC27E40983B12FEFD0D85C05B3F	873800	----a-w-	C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe
2015-06-11 16:29:03	667384827BB3604D587780FD7E78260D	2999808	----a-w-	C:\Users\Alexander\AppData\Local\Temp\fsd317B.exe
2015-06-11 15:38:57	E9E39FDA16E98FFB4722A24D572E0250	42089552	----a-w-	C:\Program Files (x86)\Google\Update\Install\{63591915-5E5F-489B-BB0F-4BED414B64D6}\43.0.2357.124_chrome_installer.exe
2015-06-11 15:38:57	E9E39FDA16E98FFB4722A24D572E0250	42089552	----a-w-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\43.0.2357.124\43.0.2357.124_chrome_installer.exe
2015-06-11 15:38:41	E1B44A75947137F4143308D566889837	107848	----atw-	C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2015-06-11 15:38:39	F6414DD3B23979312F8EBB91DE794178	11080	------w-	C:\Users\Alexander\AppData\Local\Apps\2.0\5DOH2GGX.0QC\5RA2N9GB.3VE\inst...app_86fd5b6b43e66935_0001.0003_8cc1e8369c183a46\clickonce_bootstrap.exe
2015-06-11 14:40:35	7638B31860EDD186E9C4DA19B36787C6	2098983	----a-w-	C:\Users\Alexander\AppData\Local\Temp\olphbgycYa.exe
2015-06-11 14:40:28	E1F12B9982C847933F4A9C4A86202D7D	2106551	----a-w-	C:\Users\Alexander\AppData\Local\Temp\iTcyoUiZSG.exe
2015-06-11 14:40:28	61600927CF0236BEDCBCB607E4BD16CD	571338	----a-w-	C:\Users\Alexander\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_64.exe
2015-06-11 14:40:24	7CFBE94ACED6510A67A42658E7DDBE96	850432	----a-w-	C:\Users\Alexander\AppData\Local\Temp\B20D2C3F-D441-4C89-195C-FE40D3E4CE26.exe
2015-06-11 14:40:24	027196552EBF348A7B5CCAC18499D01D	1014784	----a-w-	C:\Users\Alexander\AppData\Local\Temp\0CA74871-CACD-899B-42B6-E61E5904F328.exe
2015-06-11 14:40:12	2A5F246B97D00F77B78D15F72923839B	61981	----a-w-	C:\Users\Alexander\AppData\Local\Temp\Uninstall.exe
2015-06-11 14:40:01	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Alexander\AppData\Local\Temp\aeU8tblJIp.exe
2015-06-11 14:39:54	ACA87E07B0A7D42D2A03196BA0A100AA	596442	----a-w-	C:\Users\Alexander\AppData\Local\Temp\Uwo87zsMlJ.exe
2015-06-11 14:39:48	42088EF271CA8F06A0C9B14D9F3F63AA	695976	----a-w-	C:\Users\Alexander\AppData\Local\Temp\~ld60D8\fgrs\tmp\wpm_v20.0.0.2289.exe
2015-06-11 14:39:44	C4F87933948773FCF0CCACC080647D54	254464	----a-w-	C:\Users\Alexander\AppData\Local\Temp\s9Az9tV2JM.exe
2015-06-10 15:58:39	054DD4C30B92E21AA06487112BE34B93	13095136	----a-w-	C:\Users\Alexander\Downloads\Silverlight_x64.exe
2015-06-10 12:40:25	F202EA75E4196A9DD9004FED8DB2C304	5536816	----a-w-	C:\ProgramData\Battle.net\Agent\Agent.4098\Agent.exe
2015-06-10 12:37:22	E39D7E7FCC5D4B77B8CBA52FEF8753DE	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2015-06-10 12:37:22	8D3316795ACCC0EC0DD6A844E046DA68	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2015-06-10 12:37:22	6F139F39295000E6301C0D08F7493CC6	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-06-10 12:37:22	5F7B628B5F10531E8DE3E711ED73AAD7	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-06-10 12:37:22	44854DDB738BF2C507FC2162245361D6	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2015-06-10 12:37:22	3505E5A7664FD84AC8AE51FE3B545AE1	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-06-10 12:37:18	BBFA57E64CE337686C2BC3F56881D55B	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-06-10 12:37:18	907BCBA1C7763CF27D4447E21123C443	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-10 12:37:18	8C21FA252235C632871A69B3768095BB	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-10 12:37:18	09693C45F4BFE86D6E35897A55CF7A95	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-10 12:37:16	73509D13542A90E260F45D1D6D4100A8	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-06-10 12:37:15	70D24021ED327CE7FFA9DEE327BB4C6B	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-06-10 12:37:15	2B3CF8F7903266E2AA5C9D9850FAA8F6	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-06-10 12:37:13	E21AE910DF0C5CB7D46D8FA17A4567DE	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 12:37:13	9F45DA24EBAE4180F70D03503580E8CA	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-06-10 12:37:13	8D4E75DEAA0FFBEFB5F366A4770D9644	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-06-10 12:37:13	57DFACB53ED16190EF732E2430B39741	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-06-10 12:37:13	29874C10D7D0088CD8743EC8F5DABBE4	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-06-10 12:37:12	52956B4DD1899CB09BB50FB939F6E99D	490496	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-06-10 12:37:11	FF9877ABCA06D539264275321C97BB07	814288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-06-10 12:37:11	0EDA3219FA027A486AA11269355AB279	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
=== C: other files ==
2015-06-12 21:08:11	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-06-12 21:07:52	F49FB3C88E263AE9A246593B0BB29294	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-06-12 21:07:52	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-06-12 21:07:52	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-06-11 14:43:26	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\prleth.sys
2015-06-11 14:43:26	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\hgfs.sys
2015-06-10 12:37:19	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3239934883-776162143-1995868664-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Alexander\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"GoogleChromeAutoLaunch_ADE45C68FEF2280A34B6F5DB75C94C09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"Power Manager Startup Utility"="C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe"
"Lenovo Registration"="C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Alexander\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"GoogleChromeAutoLaunch_ADE45C68FEF2280A34B6F5DB75C94C09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Skd8821"="C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe"
"LENOVO.TPKNRRES"="C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe"
"Enhanced Performance Keyboard"="C:\Program Files\Lenovo\USB Enhanced Performance Keyboard\SKDaemon.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-06-2015 17:38]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-06-2015 17:38]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CLMLSvc" [C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\PMTask" [C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe]
"C:\Windows\SysNative\tasks\RtHDVBg_LENOVO_MICPKEY" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe]
"C:\Windows\SysNative\tasks\Lenovo\Message Center Plus Launcher" ["%programfiles(x86)%\Lenovo\message center plus\mcplaunch.exe"]
"C:\Windows\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe]
"C:\Windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\Windows\SysNative\tasks\Lenovo\LSC\LSCHardwareScanPostpone" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan]
"C:\Windows\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124


TweetDeck Themed - New Tab Page - Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognaecglidcnlcaccgpijhlipjnlcmnb

==== Chromium Startpages ======================

C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Preferences
nt.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13078615394840825","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"x.v.leeuwen@gmail.com","username":"x.v.leeuwen@gmail.com"}},"homepage":"http://www.google.com","homepage_is_newtabpage":true,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"71D2238B901A25D275241AAED0D113D32797018DB677873434D5419570E8D4E2"},"default_search_provider":{"keyword":"2D916916E9FB205376B5E10AED5BB5A103B209FA1EF77DB192F552F2F1936994","name":"1FC4421B3E59E1E80BAD75556E7A26A8090352B01CD1A3EDF7D2F16573E5FB68","search_url":"D9ADDD26FA7BA1B5907FE265CB376A25DD11415D3DEBFBFB99F8092DA0D5CB0E"},"default_search_provider_data":{"template_url_data":"F8D1FEEB054FE0D8A66A196AF45133E1E9CF24130F59434668918A22FD78E3AB"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"DC3F06A33F8EF32A5B1695F1E09FA2AA28C0903D5FC33EF69BD2AD5BDD986BD3","amiilmbcnilooblicjijbpeamnapmgjd":"996BFA6E5A2F578DEF65E174F1E1DF40FC42765B072854FC98740DEEF146D053","bepbmhgboaologfdajaanbcjmnhjmhfn":"BFD81048F6CA9BBAC1BAD17C7194550FF416A43C0534BF8FA7195AF9E56E5C03","celnaknmndcdcjcagffhbhciignkeokb":"53785669FB7B2D979BDBD1F278EF524AA93288C16A0C55EE64E1C706931AFE4A","dgneifdladngpklmchbdcolhmkijpjam":"097C60392258BABB2E626E8576A429B8223055DC01219FA593EA604DE2FFF70D","dpgajkeidjocjdkjfmdfcgebpbeegila":"A200227521DD6792DE31BC9D7E5B83F825F5E1BD39AB9E1BA8896E9B1151023F","eemcgdkfndhakfknompkggombfjjjeno":"78BFB15E093FF9505C2F985A38652C466CDBEF7BA8BA76274207150CD4AB73E7","emombociacpioeiacljhoeeebbijeaia":"6275A5586D37AE1BBFDC2F92515877E5839395A2C6B13C641791AE4AC9A05D33","ennkphjdgehloodpbhlhldgbnhmacadg":"11BF16404D28DEBAE4FCE1B85E29DD103B78A3FEEFEF727BB2BC404CC623F5EB","epiicilgnbpfnegffjjmpgokhpcpkieo":"A32FDAFEDAE228C574C6B56645E49EC970C25ECD468EFE45600E903393FAE131","fnjpmfnlobhajmgbcnenhndmdaochmjl":"2236681CBD7E46EAF02679CF1900B50FABE652EB0D41682FE909044CCA994519","gabonkhoempkfigaplhieecekhjnaeae":"1AA84416373C7489C62621374E043CBD7FB8BC733DC0DE640425533D5628187B","gfdkimpbcpahaombhbimeihdjnejgicl":"9D9164D6CBAB353E722F06EF187B8D6B15B8F6086E05C7778F89A40D02817533","gljmkepedihfojjfmjambblgjemocehi":"EFD357C67130AB874685FAC047795581C14F867C4C77B0BE8BB3B59FD0DC15D2","hgpnjlcnkmmepelhpnjonofhjgemjinj":"335F63D64846A30AB97FA41D3DE818705B5E1A518B1B9F118E3A2F0129AB8EC8","kmendfapggjehodndflmmgagdbamhnfd":"7F547E80F9662C4D38C3083DD33FDDC56290245F2D61B7434D2FAD759D162C78","mfehgcgbbipciphmccgaenjidiccnmng":"5F8E1C5BFF3DE4B0FF3E0E60993EF28193D4656930B9E4A0DFE232251FFD63DE","mfffpogegjflfpflabcdkioaeobkgjik":"F468D642352D3F9B806D487AA2DEC63ADAEF15325DFEDE86D457B7DF27BD730B","mgndgikekgjfcpckkfioiadnlibdjbkf":"F4D99481314934542C4798D78D34EA2AE4C85AC07316A1437CDF8A523BAD4320","mhjfbmdgcfjbbpaeojofohoefgiehjai":"A5DAFD844D902A51860CC6BABC4FC2806E7DEF9542644B775D489DBD0632D1C5","mihcahmgecmbnbcchbopgniflfhgnkff":"6F213BDA9547A1C146761F336CF93997744348E1833639E09BE3298F355A96FB","naiiadhmoanbcldnbnndohpiodjlojla":"1079B8D2C74A893F044B19D3568C80C5273C25D19AF997351023BF8EEDDA6450","neajdppkdcdipfabeoofebfddakdcjhd":"0F199B6F39C3A87CDEC3916F5B1860E63FE371D915A7A493273F5B5D9C0B52DC","nkeimhogjdpnpccoofpliimaahmaaome":"A5B2D29264103343BC10A1D635567CAEE320D9D5D473231E8A99346BB4DC0847","nmmhkkegccagdldgiimedpiccmgmieda":"68CB2E897C5125A575F7060D353668F554CB906D2C9F5B5E1EDCFF713DC03438","oengojpccdildlbefkeehncfgoenahim":"FA59AEAE22F000C80EE92187CF66304BE80A733BD24B6DA3E0508140EFE0E059","ognaecglidcnlcaccgpijhlipjnlcmnb":"AD66A5688A59E2053A7EA2321F6A9DA59B08B9BADFCBA9828619D20335C53C48","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"9EFFB67BD4094C66C92905CDB4EDE2FDAA2586149907633C0616C7A73536F21C"}},"google":{"services":{"last_username":"E37F0FD968BDF981C524F441339683B5F1220D591E5E93CE5702D208133A2FB1","username":"743F2DBD974F4FBCDC717597B75A85E252637F2A2EC24CA57CCB2F942A230EC0"}},"homepage":"A3886E750B3A38F3515D511E6AD0B0CAB959E5793FE7540A0B93189B336412BD","homepage_is_newtabpage":"5081908D553A7D251E0025741B44DA5F25FE7BCA35B0010786F175B2B8CEC993","pinned_tabs":"F05D07810EB67CCBCB36B7C5F3DF9EFD4A65FBC284DEF7DD700D2BD19303A005","prefs":{"preference_reset_time":"3A8229F1CE28AE5681154F0C9AA8BD713944B270D1E45D8787C6B47C9243F973"},"profile":{"reset_prompt_memento":"7C7A16A25996A9E2182EBA4475CCB913C0A8B69FAC9FDEB9C9542220AB80871D"},"safebrowsing":{"incidents_sent":"EDAC16D21A2275F39EC4C225E01AA54D14223A728BEF177B93407955C75874EB"},"search_provider_overrides":"29996B7E5D9AAE4B0212618D4D17D12A31E788C90822B11AF0FECFEB51611556","session":{"restore_on_startup":"01BB476E3ED811A4A319042C867BE28ECEAC5379BABF3742BBAFB10A6931345A","startup_urls":"97702C92702897F58AAB35B0752C7FAF7E43E508E3CC8EFDB45A8294870D6519"},"software_reporter":{"prompt_reason":"D46BCE8C564CE063E4BE1DC3E2AE78494195CB667CC0F429EAAAC4A2FDB254E5","prompt_seed":"9237EFCDD3F00E8BAA7A8A2FCC3777B337299F97FCCAF5921057539264BBE16A","prompt_version":"640622A2AD5FA5413C38C5C96E72DCA9FE877DF34DBABEC36B86029DE451A449"},"sync":{"remaining_rollback_tries":"E549746ACA79F48E0A6FC9788BD6E3868DA88154B32CA088B38A6421FC14DB5A"}},"super_mac":"6C75CF71F6AA4FFC2309DA7F3A86A5A25A012C0DE6D0C9D245EC6B10D251B663"},"session":{"restore_on_startup":5,"startup_urls":["http://www.ru.nl/fnwi","http://www.oursurfing.com/?type=hp&ts=1434033580&z=c553150c707d37a9036a4ceg0z1cczde3cfc8wdmac&from=exp&uid=WDCXWD5000AAKX-08U6AA0_WD-WMC2E0J1WESK1WESK","http://www.oursurfing.com/?type=hppp&ts=1434033590&z=df477fac7a255a2abd72646gdzecbz7edccc9w1b5c&from=exp&uid=WDCXWD5000AAKX-08U6AA0_WD-WMC2E0J1WESK1WESK","https://www.google.com/?trackid=sp-006"]},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ognaecglidcnlcaccgpijhlipjnlcmnb deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=21 folders=14 8755527 bytes)

==== Empty Temp Folders ======================

C:\Users\Alexander\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ALEXAN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 13-06-2015 at 16:01:43,93 ======================