
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Ihsane on di 16-06-2015 at 21:57:22,43.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ihsane\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

16-6-2015 21:59:59 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\PDF Complete deleted successfully
C:\PROGRA~2\VST deleted successfully
C:\PROGRA~3\PDFC deleted successfully
C:\Users\Ihsane\AppData\Roaming\SynthMaker deleted successfully
C:\Users\Thuis\AppData\Roaming\Syncios deleted successfully
C:\Users\Ihsane\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Ihsane\AppData\Local\EmieSiteList deleted successfully
C:\Users\Ihsane\AppData\Local\EmieUserList deleted successfully
C:\Users\Ihsane\AppData\Local\PDFC deleted successfully
C:\Users\Rachid\AppData\Local\PDFC deleted successfully
C:\Users\Thuis\AppData\Local\PDFC deleted successfully
C:\Users\Thuis\AppData\Local\VirtualStore deleted successfully

==== File Information Results ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] 
"MISPInst"=- 

==== Deleting Files \ Folders ======================

"C:\windows\SysNative\drivers\asw*.tmp" not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-06-16 11:29:40	0A34066D56D57C0DA73BFFC1E4169FF2	85	----a-w-	C:\Windows\wininit.ini
====== C:\Users\Ihsane\AppData\Local\Temp ====
2015-06-16 19:46:19	0265653D5B51653398B6F18659EC5AA3	883024	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\0061411434483979mcinst.exe
2015-06-16 11:32:10	E1FB152BFBF1CF7F907FA66DFCAA2F91	264488	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\MSS\3.11.128.2\McInstallerRes.dll
2015-06-16 11:32:10	9D221FAA7794C53253E1E4DD9CDE515B	769736	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\MSS\3.11.128.2\McInstallerStartup.dll
2015-06-16 11:32:10	451C52826AB3C6EFE11942B5F65FCCB0	153760	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\MSS\3.11.128.2\McInstallerRes_LD.dll
2015-06-16 11:32:09	C4CF03B998D4D758B89CD07F22D7A7F9	645168	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\MSS\3.11.128.2\McUICnt.exe
2015-06-16 11:32:09	43A07A01F731A01F6B5158A034EBBFD0	560664	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\MSS\3.11.128.2\mcbrwsr2.dll
2015-06-16 11:31:24	2DAE7659798B8B85D77A0BF9399253FD	166192	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\McTemp\7441\Download_Files\InstProg.dll
2015-06-16 11:25:12	C7B5AC9AF60585B75B8A2F5DA360C591	406152	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\McInstrumentationTemp\McUtil.dll
2015-06-16 11:25:12	8EAA3905FDEAD7ACD8BA4EC93AB8066E	274312	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\McInstrumentationTemp\McIIHlp.dll
2015-06-16 11:25:12	6BBCA7D72403BB8584719AB9C53C1A2C	826880	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\McInstrumentationTemp\McItInfo.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-15 20:47:04	2CA16814DA3C5B2D8C7E70DC47A45ED1	551424	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-06-15 20:47:02	9E68E1BDEBD85FC8803707370BE0FC6E	641536	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2015-06-15 20:47:02	641A14E6AC492ED45BC68815E2E2F566	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-15 20:46:59	3C1BE79C3CE6EB378108B11D94CA1072	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-06-15 20:46:58	EA141596564AE0C670EDD0F2636EC29C	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-06-15 20:46:58	BBABC6702529CFADAC0EC2B28168A288	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-06-15 20:46:58	8C7635292CFF4901F058269454A1D64E	1310744	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-06-15 20:46:58	583FFF12D2F0D6E1A8746462C433895F	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-15 20:46:57	3B5DA649BF7B7D07510C06DE0AEEB4EB	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-06-15 20:46:56	9A50B2567918BF7DDD600ECE5DB5ED76	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-06-15 20:46:56	6C06D2B1CF88AB83F1CFB24928F63107	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-15 20:46:56	65A5E27C2217D606E212B6088CCD6104	92160	----a-w-	C:\Windows\SysWOW64\sechost.dll
2015-06-15 20:46:56	5643A88C6DA8AAEC9CE2845431942650	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-06-15 20:46:56	4238391DE3E3FDCD2C731C1E4E0F402C	635392	----a-w-	C:\Windows\SysWOW64\tdh.dll
2015-06-15 20:46:55	F85FA29340A536C8E0A16151B9B03923	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-06-15 20:46:55	A9E8F961F7FE1EDEEF8F46EEB800F2D8	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-06-15 20:46:55	629AD3FDA168D82D459164044A29F9BB	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-06-15 20:46:55	3E6731BF36A7D6C62D09671B427B6B67	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-06-15 20:46:54	FCA6EFFEE6D7D42E794F0E538297026C	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-06-15 20:46:54	FB224B0A63B8F58E91FE8A314AD295AD	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-06-15 20:46:54	D877133532CE090502B1166B360E9516	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-06-15 20:46:54	7A9F94E0F53C8F6E09405351AC104A3C	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-06-15 20:46:54	558227F567E977D71B9182013EF03E9C	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-06-15 20:46:54	2D23A10FBFA09DC1B61799128BBA91A2	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-06-15 20:46:53	F81920ADB15012CF4E9FF8238C85686A	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-06-15 20:46:53	F72A9953199EF5807D595AE3694B5D01	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-06-15 20:46:53	6C730482615C97B923B88C648FF554A3	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-06-15 20:46:49	EEA17E843EE2EE50D623BEACF50BD815	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-15 20:46:49	EC6E5AE2ECFE7A335B370865A1158EF8	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-15 20:46:49	619D5101114C71E1A4A585C5E68301B7	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-06-15 20:46:49	52C869A640B8169D7C8460FB1646ABF5	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-06-15 20:46:49	2E65BF3D85BB2C831669FBCBDE6C9879	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-06-15 20:46:48	7E7933E63BBE2BE71CC908EF140458EF	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-06-12 17:02:34	A98E8F79C738CAF23C152DBCABD978FE	11411456	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-06-12 17:02:33	605E9B2CFA3445ED7716D0B345EE21EC	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-06-12 17:02:33	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2015-06-12 17:02:32	DA27A4EA7B7C77FAFDB3F94D83E310C1	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-06-12 17:02:32	2401379E0610D15FAB78A4B1646F5B8D	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-06-12 17:02:18	58788565442368B0615DDAF1D452B843	530432	----a-w-	C:\Windows\SysWOW64\comctl32.dll
2015-06-12 17:02:02	8C3A03295F56D1FFB51D9D05DA42B12D	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-12 17:02:02	81C1182A9EE7AC4D21187811DE66A7D0	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-06-12 17:02:02	6B7210618D7E2CE0404ECF748701253A	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-06-12 17:02:01	9F6066005D8B8620598085C7499E9B70	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-12 17:02:01	96837E5864777688477AF6DE2332C06D	503808	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-06-12 17:02:01	7C9F8DB66A56306C5BBE97F9FC0F01EF	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-06-12 17:02:01	53E9614ADFA6A40A452BA014CEF6F261	1309696	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-06-12 17:02:00	185490A6C3BEDAC5EF547314F68AB07B	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-12 17:01:59	F26680AF396F89F7ABFDA1D1D6B62011	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-06-12 17:01:59	975421AC32F9F6E27A58F75DAB4B5871	19607040	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-06-12 17:01:59	2DED8A99E45053C42DD21D6937D3960C	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-06-12 17:01:58	B6D8148C1C697A7BF04EE0FE82408B6A	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-06-12 17:01:58	5C06EE62F06E990E9521EA80B8D4D4B8	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-06-12 17:01:58	4ABEEF30EA5B9F4718312DCB60B6C9BC	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-06-12 17:01:57	E21AE910DF0C5CB7D46D8FA17A4567DE	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-06-12 17:01:57	C93AE4D14AEF5169791B35D97AE7C9FC	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-06-12 17:01:57	C27C8CACEBC712BE2AD791715E9734EC	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-06-12 17:01:57	927E38A35E4DFC4E294BD130BAA6F759	2278912	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-06-12 17:01:57	7DBCBB1647B7CD71E2039C1B50A12717	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-06-12 17:01:56	DB254D50B4527C2821C537E0587B44E8	12829696	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-06-12 17:01:56	8C8B8C78C0CCD5D36ABCB115B0B581E1	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-06-12 17:01:56	1A628C1F5470F0AF21E37E425026F27A	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-06-12 17:01:56	17B0852D8202A872C3E6D01B518B6A4E	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-06-12 17:01:54	E4EB138060BAE0DBAB1A3B71A3141FE7	1950720	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-06-12 17:01:54	85E21CCF38166E0D6DE2E42D9D3823BD	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-12 17:01:54	3FD7E6DB5D81FE400DB4D81D278596E6	4305920	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-06-12 17:01:53	FB5C9234E4BF6BDAF4A954763A4582BA	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-06-12 17:01:53	EF853EA2A6A7BD891CCF31B0C2915352	341504	----a-w-	C:\Windows\SysWOW64\html.iec
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-16 19:44:31	F9881B099DD511A9A53B0B9DB668EA9D	250672	----a-w-	C:\Windows\Sysnative\mfevtps.exe
2015-06-15 20:47:05	AA5319FA8602676B5D3A2B4A1355896D	1255424	----a-w-	C:\Windows\Sysnative\diagtrack.dll
2015-06-15 20:47:05	6ECD6D92F43C2DC55099F892978D5BE7	728576	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-06-15 20:47:04	8DCA1C70AF170C3FBCE47A4F49BFC887	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-06-15 20:47:03	93A05407F8E53BC731C42AAD56163F80	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-06-15 20:47:03	6FDF03A3B110C5264F52F979335AE301	1162752	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-06-15 20:47:03	4FFD08A01047EF6B58F6EB4E6D001A8D	879104	----a-w-	C:\Windows\Sysnative\advapi32.dll
2015-06-15 20:47:02	9E2A2028228645DD57EF45A02CAC0CCE	5569984	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-06-15 20:47:02	53042708C242959B3924242FBBE297B1	1728960	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-06-15 20:46:59	FF9BBFAE899091C1FF0D1A3F2C587911	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-06-15 20:46:59	CCB352B939B77B38983DD878C547451F	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-06-15 20:46:59	6703266C1E56157B5965F9AC868A20AC	404992	----a-w-	C:\Windows\Sysnative\tracerpt.exe
2015-06-15 20:46:59	48C30C54194142910FB6B86D308220ED	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-06-15 20:46:59	2313AF8D5A9CEB4A55400A01DD311A95	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-06-15 20:46:58	37DFCC91E419952772E02F2B3BBB2E2B	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-06-15 20:46:58	16154A6682B1552DEAB953BFA4B8E955	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-06-15 20:46:57	AD54856A16B635720B0BE5FAF44526FC	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-06-15 20:46:57	996EE6571ADB880A60846DD02C8D5869	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-06-15 20:46:57	7C5E375F20F639607376351A8BCC0647	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-06-15 20:46:57	66DF73B202105406602941778792FE3D	879104	----a-w-	C:\Windows\Sysnative\tdh.dll
2015-06-15 20:46:57	4F90A7A0FCBC0ED18E573917860062FF	113664	----a-w-	C:\Windows\Sysnative\sechost.dll
2015-06-15 20:46:57	210E7D1EA34369194BE09493784E27BE	104448	----a-w-	C:\Windows\Sysnative\logman.exe
2015-06-15 20:46:56	A929B9ABA1083AF35ECE7BD63AF3E42F	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-06-15 20:46:56	A5F57F4866C2DC7F8215058D7D56BD21	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-06-15 20:46:56	9BBEA639884C0338DD78654277BD188A	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-06-15 20:46:56	17A6A9AAD04CCC6EE53290585BFC43AF	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-06-15 20:46:55	E20BF3FA89DE67B00ED713B5254C0BF0	47104	----a-w-	C:\Windows\Sysnative\typeperf.exe
2015-06-15 20:46:55	858F04B3C39239972959E9EE97CACAE4	43008	----a-w-	C:\Windows\Sysnative\relog.exe
2015-06-15 20:46:55	11D5815F0DC571CE3C72213B375860B1	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-06-15 20:46:55	03BA5D20751137F3A705B389C52DB8D6	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-06-15 20:46:54	D68690450978D127E030FB14E9B2023B	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-06-15 20:46:54	6ACD3C75BE449F039E1A4E43424D5B6F	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-06-15 20:46:54	5EC57AC6DC16CB8A058CA019AA2C188D	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-06-15 20:46:54	5A17FF38EDE95B2313E428BF444126D7	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-06-15 20:46:54	289D99B0879C6ED5C6D1B3A856CA6DA3	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-06-15 20:46:54	1B93381366141875D8EE7EC1085236B9	19456	----a-w-	C:\Windows\Sysnative\diskperf.exe
2015-06-15 20:46:54	13DE715D959DD502CFD52DC920408B33	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-06-15 20:46:53	20BD408AC3F8576997D6A47F48A1C5B2	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-06-15 20:46:49	AF557D115972A73964FC8F209300948A	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-06-15 20:46:49	6E882D7CA34073890107559B5A515A24	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-06-15 20:46:49	6ACFCC28E4D60B5A931D8749332A14E2	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-06-15 20:46:48	8A4EB32C7C948F70EAC6F85063596A39	36864	----a-w-	C:\Windows\Sysnative\UtcResources.dll
2015-06-15 20:46:48	837BBE4170D5A75F293BD6F294A8FE34	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-06-12 17:02:34	9D80A82B0BB77AC3EF6A87FA0C534E20	14635008	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-06-12 17:02:33	834FD7C31EA16D59CC3B2DC60F2F2620	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-06-12 17:02:33	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-06-12 17:02:33	1A8C5D4BE449E4A9D8667A341E535E22	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-06-12 17:02:32	51ECEE70F33601310DDEF3EEE39550D3	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-06-12 17:02:29	E87D4371B24BC9E5BAE95AEA60FFD959	193536	----a-w-	C:\Windows\Sysnative\aepic.dll
2015-06-12 17:02:29	CFF429F2234C1D1A5993E80F46C37CFB	1119232	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-06-12 17:02:29	B23AB4C401E2DE02C47B7497D41E2318	757248	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-06-12 17:02:29	6F07FC190DBCB42C8A5319235F72F906	423424	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-06-12 17:02:29	52DEF4C743C2EABD6BD3EDC790A0E778	1021440	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-06-12 17:02:29	2DCA988113A02EB9BCB98A5DC2D34E57	700416	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-06-12 17:02:28	6E2EB5A36C3CCD917F7FF9BED7C1390E	45568	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-06-12 17:02:28	587BBA3B3959144334700EC48232712F	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-06-12 17:02:18	51F89CE2D0FEC66070354504E6C4C3E4	633856	----a-w-	C:\Windows\Sysnative\comctl32.dll
2015-06-12 17:02:17	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-06-12 17:02:02	9DB8E01D5A546FAFCACE95489E351186	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-06-12 17:02:02	73509D13542A90E260F45D1D6D4100A8	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-06-12 17:02:01	9E2B8C0601E3D460F78F0233B509CE4F	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-06-12 17:02:01	70D24021ED327CE7FFA9DEE327BB4C6B	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-06-12 17:01:59	4BD747AAF01C480901B3E777EC48826B	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-06-12 17:01:58	D202078FBA3A77B85D39669EE4110DE2	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-06-12 17:01:58	6ABFC5736EC920C4436F32111F5CBCEE	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-06-12 17:01:58	3C3E159F284F51D55DB59C3D0B843979	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-06-12 17:01:57	36F3718E67F442F54AB4A39DCDD8FD19	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-06-12 17:01:56	86FDFEA67833DB261EC01A777594EDCF	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-06-12 17:01:56	57DFACB53ED16190EF732E2430B39741	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-06-12 17:01:56	083BCA14FCE290D682D8DAC9372CBF23	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-06-12 17:01:55	FF84182188CA8F0DC28CFED06C9B7816	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-06-12 17:01:55	7F8F9AE03D1BA4354671E05F07A40F1A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-06-12 17:01:55	6E295C7364DAEB151CC0E98434B6AC92	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-06-12 17:01:55	5F8EE9311ECF078CD9426874FFAD660C	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-06-12 17:01:54	33B5F1A727FACDEA7CDA0E35FFAADDCF	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-06-12 17:01:53	AFF5C12099B87FA645F8867701729894	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-06-12 17:01:53	8909A24DA8B5C426CF6595BA843B6CC5	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-06-12 17:01:53	35622F5A652C4E16774234DCA0026E74	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-06-12 17:01:53	0EDA3219FA027A486AA11269355AB279	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-06-12 17:01:52	AE5A2843B4A2E1E558B9EE13EF62CCE5	14404096	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-06-12 17:01:52	ACD6FE6C82B93813F023FC01A51CB940	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-06-12 17:01:52	83781DF625A4448B39410D7FA2BDC48D	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-06-12 17:01:52	4A5A84B457C72E79A64AE4036EC6BB0E	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-06-12 17:01:51	CFA52E2FE8E623042A1EEF96EB1B9481	6026240	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-06-12 17:01:51	417F80E4AFBA1AA9EBBD618F1C6D9165	2426880	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-06-12 17:01:51	3854BFE1C0F14872C94501421CC40813	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-06-12 17:01:50	2BC2D3A41BB755487FD55C09938F00BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-06-12 17:01:50	16091938F6CDBCCCBA1CBE24600121BC	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-06-12 17:01:50	06A8CE6C3AE6B7916F026B0EFDDCAAA5	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-06-12 17:01:49	A29BAFC1543F9D2234AFFFEA9BCE76C8	24917504	----a-w-	C:\Windows\Sysnative\mshtml.dll
====== C:\Windows\Sysnative\drivers =====
2015-06-16 19:50:24	D26D16C88B75AA381909A19042F7D085	2233	----a-w-	C:\Windows\Sysnative\drivers\mfencrk.inf
2015-06-16 19:50:18	F1CC8C30C81F2D67F22B0BB8ED7BE374	2151	----a-w-	C:\Windows\Sysnative\drivers\mfencbdc.inf
2015-06-16 19:50:11	29F981739E50305128022CBE10B3659C	197704	----a-w-	C:\Windows\Sysnative\drivers\HipShieldK.sys
2015-06-16 19:49:46	6ADFC3C6E3CDBF3235A1468D3B1DA5AA	76064	----a-w-	C:\Windows\Sysnative\drivers\McPvDrv.sys
2015-06-15 20:47:00	272C27711C8AA6E7815EE33F8ACA9C66	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-06-15 20:46:57	BF69D973523D539A35807946C6DA7E16	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-06-12 17:02:10	36E0DDD19038C92B7C7709BFA03F813F	69888	----a-w-	C:\Windows\Sysnative\drivers\stream.sys
====== C:\Windows\Tasks ======
2015-06-16 11:12:50	--------	d-----w-	C:\Windows\Sysnative\Tasks\Safer-Networking
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-06-16 11:58:42	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-06-16 10:44:02	--------	d-----w-	C:\PROGRA~2\Audacity
======= C: =====
2015-05-29 10:55:30	847FF89DB3DB27FB527E6FDE794F81C6	303	----a-w-	C:\ftconfig.ini
====== C:\Users\Ihsane\AppData\Roaming ======
2015-06-16 10:45:43	--------	d-----w-	C:\Users\Ihsane\AppData\Roaming\Audacity
2015-06-16 10:32:12	--------	d-----w-	C:\Users\Ihsane\AppData\Local\GWX
2015-06-06 16:35:52	--------	d-----w-	C:\Users\Thuis\AppData\Local\GWX
2015-05-25 09:35:43	--------	d-----w-	C:\Users\Rachid\AppData\Roaming\vlc
2015-05-25 08:29:16	--------	d-----w-	C:\Users\Rachid\AppData\Roaming\NVIDIA
====== C:\Users\Ihsane ======
2015-06-16 11:58:19	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Ihsane\Downloads\RSITx64.exe
2015-06-16 11:24:19	D6196FD82A5F018FB98E592EA0D67C63	7721712	----a-w-	C:\Users\Ihsane\Downloads\Setup_serial_6UpsS4C8MA_hG0Z7fI8TTQ2_key.exe
2015-06-16 10:39:15	79943BE44F8288EDC375E3599331F8FF	22892794	----a-w-	C:\Users\Ihsane\Downloads\audacity-win-2-0-6.exe

====== C: exe-files ==
2015-06-16 19:56:09	5082F48A1E7FF9CF499A0CF7EB8C0C13	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2279217210-3855026583-970737385-1003\$I1R7G7P.exe
2015-06-16 19:54:38	F68A5507E37C1FC1C17F6B1A6BFF582E	1308672	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2279217210-3855026583-970737385-1003\$R1R7G7P.exe
2015-06-16 19:46:19	0265653D5B51653398B6F18659EC5AA3	883024	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\0061411434483979mcinst.exe
2015-06-16 19:44:31	F9881B099DD511A9A53B0B9DB668EA9D	250672	----a-w-	C:\Windows\System32\mfevtps.exe
2015-06-16 11:58:43	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Ihsane.exe
2015-06-16 11:58:19	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Ihsane\Downloads\RSITx64.exe
2015-06-16 11:50:06	E9E39FDA16E98FFB4722A24D572E0250	42089552	----a-w-	C:\Program Files (x86)\Google\Update\Install\{EF04DB39-8C04-416E-8FDE-61E4ADF011C1}\43.0.2357.124_chrome_installer.exe
2015-06-16 11:50:05	E9E39FDA16E98FFB4722A24D572E0250	42089552	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.124\43.0.2357.124_chrome_installer.exe
2015-06-16 11:43:20	F6EEE6848E933962E12E7B3F25C73C88	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateBroker.exe
2015-06-16 11:43:20	6732C4A894855042FD3618406B6BBD48	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateOnDemand.exe
2015-06-16 11:43:20	0894890F30B5F6510DF953BC50B5504F	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateWebPlugin.exe
2015-06-16 11:43:10	C990A8EAD57DA59FA8156CC02D3B7DA5	931408	----a-w-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateSetup.exe
2015-06-16 11:42:52	BB3045B399D898061B926B447C446E05	127816	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdateComRegisterShell64.exe
2015-06-16 11:42:51	8715A0D10CFFC8DEE923957F07DAA042	244040	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
2015-06-16 11:42:51	6509A96DAE25340772B51AC020CB1094	304968	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
2015-06-16 11:42:23	0C03FB91E17987EED93F60007B08DAA0	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleUpdate.exe
2015-06-16 11:41:26	C990A8EAD57DA59FA8156CC02D3B7DA5	931408	----a-w-	C:\Program Files (x86)\Google\Update\Install\{942C21EF-0478-407B-A765-9FD837C09B1B}\GoogleUpdateSetup.exe
2015-06-16 11:41:26	C990A8EAD57DA59FA8156CC02D3B7DA5	931408	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.27.5\GoogleUpdateSetup.exe
2015-06-16 11:32:09	C4CF03B998D4D758B89CD07F22D7A7F9	645168	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\MSS\3.11.128.2\McUICnt.exe
2015-06-16 11:25:12	6BBCA7D72403BB8584719AB9C53C1A2C	826880	----a-w-	C:\Users\Ihsane\AppData\Local\Temp\McInstrumentationTemp\McItInfo.exe
2015-06-16 11:24:45	70D09276FE2AAA808813399245A2F493	1542696	----a-w-	C:\Windows\Temp\contentDATs.exe
2015-06-16 11:24:19	D6196FD82A5F018FB98E592EA0D67C63	7721712	----a-w-	C:\Users\Ihsane\Downloads\Setup_serial_6UpsS4C8MA_hG0Z7fI8TTQ2_key.exe
2015-06-16 11:09:30	906ADB814AEE4CF2DCDB7A430CB3D7A6	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2279217210-3855026583-970737385-1003\$IKJF4XP.exe
2015-06-16 11:04:43	1F8851651A672AB56DB98D8AC5C8DC9B	16439313	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2279217210-3855026583-970737385-1003\$RKJF4XP.exe
2015-06-16 10:44:02	54E9005DBD0E83F64EAA52C1E71392F8	1487127	----a-w-	C:\Program Files (x86)\Audacity\unins000.exe
2015-06-16 10:44:02	0F811A4F6DBE9E47AA82C90582F4C258	8119808	----a-w-	C:\Program Files (x86)\Audacity\audacity.exe
2015-06-16 10:39:15	79943BE44F8288EDC375E3599331F8FF	22892794	----a-w-	C:\Users\Ihsane\Downloads\audacity-win-2-0-6.exe
2015-06-15 20:47:02	9E2A2028228645DD57EF45A02CAC0CCE	5569984	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-06-15 20:47:02	641A14E6AC492ED45BC68815E2E2F566	3989440	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-15 20:46:59	6703266C1E56157B5965F9AC868A20AC	404992	----a-w-	C:\Windows\System32\tracerpt.exe
2015-06-15 20:46:59	48C30C54194142910FB6B86D308220ED	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-06-15 20:46:59	3C1BE79C3CE6EB378108B11D94CA1072	364544	----a-w-	C:\Windows\SysWOW64\tracerpt.exe
2015-06-15 20:46:58	583FFF12D2F0D6E1A8746462C433895F	3934144	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-15 20:46:58	16154A6682B1552DEAB953BFA4B8E955	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-06-15 20:46:57	3B5DA649BF7B7D07510C06DE0AEEB4EB	82944	----a-w-	C:\Windows\SysWOW64\logman.exe
2015-06-15 20:46:57	210E7D1EA34369194BE09493784E27BE	104448	----a-w-	C:\Windows\System32\logman.exe
2015-06-15 20:46:56	9BBEA639884C0338DD78654277BD188A	112640	----a-w-	C:\Windows\System32\smss.exe
2015-06-15 20:46:56	6C06D2B1CF88AB83F1CFB24928F63107	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-06-15 20:46:56	17A6A9AAD04CCC6EE53290585BFC43AF	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-06-15 20:46:55	F85FA29340A536C8E0A16151B9B03923	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-06-15 20:46:55	E20BF3FA89DE67B00ED713B5254C0BF0	47104	----a-w-	C:\Windows\System32\typeperf.exe
2015-06-15 20:46:55	858F04B3C39239972959E9EE97CACAE4	43008	----a-w-	C:\Windows\System32\relog.exe
2015-06-15 20:46:55	629AD3FDA168D82D459164044A29F9BB	40448	----a-w-	C:\Windows\SysWOW64\typeperf.exe
2015-06-15 20:46:55	3E6731BF36A7D6C62D09671B427B6B67	37888	----a-w-	C:\Windows\SysWOW64\relog.exe
2015-06-15 20:46:55	03BA5D20751137F3A705B389C52DB8D6	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-06-15 20:46:54	FB224B0A63B8F58E91FE8A314AD295AD	17408	----a-w-	C:\Windows\SysWOW64\diskperf.exe
2015-06-15 20:46:54	1B93381366141875D8EE7EC1085236B9	19456	----a-w-	C:\Windows\System32\diskperf.exe
2015-06-15 20:46:49	EEA17E843EE2EE50D623BEACF50BD815	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-06-15 20:46:49	EC6E5AE2ECFE7A335B370865A1158EF8	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-06-12 17:02:33	E39D7E7FCC5D4B77B8CBA52FEF8753DE	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2015-06-12 17:02:33	8D3316795ACCC0EC0DD6A844E046DA68	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2015-06-12 17:02:33	6F139F39295000E6301C0D08F7493CC6	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2015-06-12 17:02:33	5F7B628B5F10531E8DE3E711ED73AAD7	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2015-06-12 17:02:33	44854DDB738BF2C507FC2162245361D6	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2015-06-12 17:02:33	3505E5A7664FD84AC8AE51FE3B545AE1	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2015-06-12 17:02:02	73509D13542A90E260F45D1D6D4100A8	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-06-12 17:02:01	70D24021ED327CE7FFA9DEE327BB4C6B	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-06-12 17:02:01	2B3CF8F7903266E2AA5C9D9850FAA8F6	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-06-12 17:01:58	8D4E75DEAA0FFBEFB5F366A4770D9644	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-06-12 17:01:58	29874C10D7D0088CD8743EC8F5DABBE4	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-06-12 17:01:57	E21AE910DF0C5CB7D46D8FA17A4567DE	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-06-12 17:01:57	9F45DA24EBAE4180F70D03503580E8CA	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-06-12 17:01:56	57DFACB53ED16190EF732E2430B39741	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-06-12 17:01:55	52956B4DD1899CB09BB50FB939F6E99D	490496	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-06-12 17:01:54	FF9877ABCA06D539264275321C97BB07	814288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-06-12 17:01:53	0EDA3219FA027A486AA11269355AB279	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
=== C: other files ==
2015-06-16 19:50:11	29F981739E50305128022CBE10B3659C	197704	----a-w-	C:\Windows\System32\drivers\HipShieldK.sys
2015-06-16 19:49:46	6ADFC3C6E3CDBF3235A1468D3B1DA5AA	76064	----a-w-	C:\Windows\System32\drivers\McPvDrv.sys
2015-06-15 20:47:00	272C27711C8AA6E7815EE33F8ACA9C66	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-06-15 20:46:57	BF69D973523D539A35807946C6DA7E16	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-06-12 17:02:17	1EE2DBA5AD2E5EB618C7FB187C2CFDF4	3206144	----a-w-	C:\Windows\System32\win32k.sys
2015-06-12 17:02:10	36E0DDD19038C92B7C7709BFA03F813F	69888	----a-w-	C:\Windows\System32\drivers\stream.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2279217210-3855026583-970737385-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Ihsane\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"Syncios device service"="C:\Program Files (x86)\Syncios\SynciosDeviceService.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"mcpltui_exe"="C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe /platui /runkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\Ihsane\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet"

==== Startup Folders ======================

2014-05-04 20:13:43	2101	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-06-2015 19:00]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-12-2014 02:14]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-12-2014 02:14]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-12-20 18:17:36	--------	d-----w-	C:\PROGRA~3\Malwarebytes
2014-12-23 19:28:38	--------	d-----w-	C:\PROGRA~3\Riot Games
2014-12-30 19:23:49	--------	d-----w-	C:\PROGRA~3\Acoustica
2015-05-15 14:27:15	--------	d-----w-	C:\PROGRA~3\AVAST Software
2015-06-16 11:12:05	--------	d-----w-	C:\PROGRA~3\Spybot - Search & Destroy
2015-06-16 11:19:27	--------	d-----w-	C:\PROGRA~3\McAfee

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [16-06-2015 21:51]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [16-06-2015 21:51]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[24-03-2015 12:28]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01-05-2015 11:17]

selector is not a valid CSS selector - Ihsane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Salesforce - Ihsane\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
Hola Better Internet - Ihsane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Google Wallet - Ihsane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Drive - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avast SafePrice - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Rachid\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake
selector is not a valid CSS selector - Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Avast SafePrice - Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\Ihsane\AppData\Local\Google\Chrome\User Data\Default\Preferences
":{"services":{"last_username":"295322790D7B73FEBCBEF896AF7F3C9033A6617F0C993B92E392554C7FB47887","username":"5E12D8D99B967D029A5D718661DC2E38596063F95E18ACC2B07C667B0FDBEA53"}},"homepage":"8A3105712CA4A5B1798BBEFBF451C3594B29B048821EF4143F1D8CE458F29E68","homepage_is_newtabpage":"6B17DB2C03FBACDEAE44728613C9974281B038E8A2FFC5EC1CE291C55C3B68EA","pinned_tabs":"136FF0CDF65C6581CC94CB0496A1445265B2262406CB4C900829316AAE4B9854","prefs":{"preference_reset_time":"E28D301CCD8DA3FB991134A606DD0935BCE279F31643F42F7140BDC6836AB24A"},"profile":{"reset_prompt_memento":"BFFC69699D0750B1433BF3BDF515E200BE5882AA971730F8ECD0348562AA5137"},"safebrowsing":{"incidents_sent":"0AD04D6CEF9161BC2594A8138AEDA1ABEE5F16B65215828083125A8DD8B6939C"},"search_provider_overrides":"ECD89EB6B7AA4D807CA56453E5403CB3BCE0079DB7E2158B7FEAE88DDC32B9C7","session":{"restore_on_startup":"CDCDBC755B795F77DA3AABC1561071F0F0077F9164767FBD00004E9B7F483672","startup_urls":"2C9674D720FCACACD5578ECB76EBDEB3E015809E75C143B1A3F6F3FACA2FD266"},"software_reporter":{"prompt_reason":"325285DED331A81ACDFDF33A30EB96AFBAD89BD26DE5C31B3F99F899FFA53F31","prompt_seed":"28AD8F1F0EB89B4C64EF6B8B87930557F81ADA802D290E19B17C4196B0D67993","prompt_version":"9C6FBAC5E903C1A2D9230A65B84A5AEB23752C0C43DDB5397ED0956E03943619"},"sync":{"remaining_rollback_tries":"D27217222C60D38A674799EAC4EC33313F1183874184A4FE51A1D0CA3C62AA5B"}},"super_mac":"67F2853B97A3C5D670AE23731EDFF1077EC869B236AA576A1DBEA5775617E23C"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/","http://www.google.com/","http://www.trovi.com/?gd=&ctid=CT3330789&octid=EB_ORIGINAL_CTID&ISID=M63A31351-1DF7-4841-8EF6-B57DEDC0BF53&SearchSource=55&CUI=&UM=6&UP=SP0FE1C85B-AC3A-4B36-B2B8-0761B597D541&SSPV="]},"sync":{"remaining_rollback_tries":0}}

C:\Users\Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Preferences
"homepage": "http://www.google.nl/",
"startup_urls": [ "http://google.nl/", "https://www.google.nl/" ]


==== shortcuts on Users Desktops ======================

C:\Users\Ihsane\Desktop\�Torrent.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Apps.lnk - C:\Users\Public\Libraries\Apps.library-ms 
C:\Users\Public\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe 
C:\Users\Public\Desktop\CamApp.lnk - C:\Program Files (x86)\AVEO UVC Like Driver\CamApp.exe 
C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Public\Desktop\HP ePrinterCenter.lnk - C:\Program Files (x86)\HP\Digital Imaging\AppStudio\hpzsip.url 
C:\Users\Public\Desktop\HP Solution Center.lnk - C:\Program Files (x86)\Hp\Digital Imaging\bin\Hpqdirec.exe 
C:\Users\Public\Desktop\ImgBurn.lnk - C:\Program Files (x86)\ImgBurn\ImgBurn.exe 
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\Users\Public\Desktop\League of Legends.lnk - C:\Riot Games\League of Legends\lol.launcher.exe 
C:\Users\Public\Desktop\McAfee Total Protection.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe 
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe 
C:\Users\Public\Desktop\Start BlueStacks.lnk - C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe 
C:\Users\Public\Desktop\Syncios.lnk - C:\Program Files (x86)\Syncios\Syncios.exe 
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom\Broadcom Advanced Control Suite 4.lnk - C:\Program Files (x86)\Broadcom\BACS\BACS.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee File Lock.lnk - C:\Program Files (x86)\McAfee\MAT\McPvTray.exe /showvaults
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee Total Protection.lnk - C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe /desktopicon /platui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\�Torrent.lnk -  
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
C:\Users\Ihsane\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE /recycle
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe 
C:\Users\Rachid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ihsane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ihsane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Rachid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rachid\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Thuis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Thuis\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ihsane\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Rachid\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Thuis\AppData\Local\Google\Chrome\User Data\Profile 4\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ihsane\AppData\Local\Temp will be emptied at reboot
C:\Users\Rachid\AppData\Local\Temp emptied successfully
C:\Users\Thuis\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ihsane\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on di 16-06-2015 at 22:11:20,33 ======================