
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Hans on zo 19-07-2015 at 18:53:38,59.
Microsoft Windows 8.1 Enterprise 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Hans\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

19-7-2015 18:54:52 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\GOG.com deleted successfully
C:\PROGRA~2\ICQM deleted successfully
C:\PROGRA~2\Wise deleted successfully
C:\PROGRA~2\Woordenboeken deleted successfully
C:\Program Files\Windows Media Player deleted successfully
C:\Users\Hans\AppData\Roaming\Altap deleted successfully
C:\Users\Hans\AppData\Roaming\BDREBUILDER deleted successfully
C:\Users\Hans\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Hans\AppData\Local\EmieSiteList deleted successfully
C:\Users\Hans\AppData\Local\EmieUserList deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TuneUp.UtilitiesSvc deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] 
"Adobe Speed Launcher"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\IObit\LiveUpdate deleted
C:\sh4ldr deleted
C:\Program Files (x86)\Enigma Software Group deleted
C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP deleted
C:\ProgramData\f77f65d00002d95 deleted
C:\ProgramData\15721494462272547258 deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\avgloga.dll" deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll" deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll" deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TUiOSCleanera.dll" deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll" deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_nl.lng" deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_us.lng" not deleted
"C:\Users\Hans\AppData\Roaming\IObit\StartMenu 8\TestBtn.log" not deleted
"C:\Program Files (x86)\AVG\AVG PC TuneUp" not deleted
"C:\Users\Hans\AppData\Roaming\IObit" not deleted
"C:\Users\Hans\AppData\Roaming\IObit\StartMenu 8" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-07-15 18:40:50	4BADBB38E1AF93FC1D9DC939F890E47D	81	----a-w-	C:\Windows\spwdrp.INI
2015-07-13 22:28:02	C704F872FE94C05FBD20E304363FBF5C	264	----a-w-	C:\Windows\_delis32.ini
====== C:\Users\Hans\AppData\Local\Temp ====
2015-07-18 07:12:14	1C4A6B8803F64FF300A52CDA0F826237	5742592	----a-w-	C:\Users\Hans\AppData\Local\Temp\SkypeToolbars.msi
2015-07-18 07:11:48	5FB996AACACC0C7C2243BAC084836939	36286464	----a-w-	C:\Users\Hans\AppData\Local\Temp\Skype.msi
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-07-18 06:16:26	032D9982B72E4F9A9B62A43B4CEDB072	1969664	----a-w-	C:\Windows\SysWOW64\wpdshext.dll
2015-07-18 05:34:21	780F3D4149BB3F98F1B5C97C74CCA527	332120	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-07-18 05:34:21	51A403F76D38BBA81E52AACB4CF858A1	802816	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-07-18 05:34:21	20E1183B113478AD3223DE56EF27B017	324096	----a-w-	C:\Windows\SysWOW64\certcli.dll
2015-07-18 05:34:21	16170A51A9C84F364E5CBF0F6C7A25A8	747520	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-07-18 05:34:14	FFFFA05A3C67F715D91978351F84D254	2460160	----a-w-	C:\Windows\SysWOW64\authui.dll
2015-07-18 05:34:14	C68E1EC5B40FA3BAEF5088F15A687BA3	3607552	----a-w-	C:\Windows\SysWOW64\msi.dll
2015-07-18 05:34:14	052FBC5525FA2975FC08EBD130BC0209	59904	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2015-07-18 05:34:08	EB7494B829EB4252538AFFA534BBEC73	301056	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-07-18 05:34:08	B2B0FAC1B6684C1B066095DA63FDD821	35840	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-07-18 05:34:07	A7AF3885B327D574682693E4E71CDD68	1097216	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2015-07-18 05:34:07	7F99D7C779056615EA4F110AB11D0BE5	1212248	----a-w-	C:\Windows\SysWOW64\ole32.dll
2015-07-18 05:34:07	0FDCB0931B57280D59942556A6706372	21504	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
2015-07-18 05:23:05	FBAB9BC4D37919C1FF3ABC8EF7B6519A	73216	----a-w-	C:\Windows\SysWOW64\tdc.ocx
2015-07-18 05:23:05	E2B8238F0A0D1ADBA3AE4A6D6F0EC756	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-07-18 05:23:05	D8BF6D6A53F01F994FD1E418214A6A3F	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-07-18 05:23:05	BC8215B25C42E741A80BC4B264427070	880128	----a-w-	C:\Windows\SysWOW64\inetcomm.dll
2015-07-18 05:23:05	A4CDF35747C0023EAA346A602398B21A	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-07-18 05:23:05	7D28B19A2238BBC853A10134C1D6F8EB	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-07-18 05:23:05	77A44634B72E71572EDBBA68CF3396EF	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-07-18 05:23:05	6163462E9F2F2252C1923F00B0156324	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-18 05:23:05	56F69242999ADD150DDBE8F20B27873D	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-07-18 05:23:05	3BFAB08093416CB6B9215183BA7D4197	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-07-18 05:23:05	23EFF186B887412CC057F49091D6AFCC	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-07-18 05:23:05	100C1CE9CD6B071C257CF01BC8862FC2	1048576	----a-w-	C:\Windows\SysWOW64\actxprxy.dll
2015-07-18 05:23:04	E521E979CD0E965A98B62DD97179455B	327168	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-07-18 05:23:04	C9C47A696BFB186CE23E7AD9421520F6	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-07-18 05:23:04	6D7282F5A10E4A99F990FC19C6DF8010	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2015-07-18 05:23:04	52C0648A543920034213337C2BC3E7F7	128000	----a-w-	C:\Windows\SysWOW64\iepeers.dll
2015-07-18 05:23:04	1E89000637EC1481143FAED744BB3BA1	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-07-18 05:23:03	116F506573B59B85CD0DC18527E9951A	19877376	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-07-18 05:22:53	AFAEB9E4269846C64DC9721B1BFA5CEC	12855296	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-07-18 05:22:52	8EDF7B6D3A563DAA06DD87053C734168	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-07-18 05:22:52	05CA106A1B68770BDABB9AA7AEAE516A	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-07-18 05:22:47	BE2E7F60FE2D64346530A31E60F41505	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-07-15 18:40:51	9827540AD8A26F15F0CB56B6121BE143	791680	----a-w-	C:\Windows\SysWOW64\StellarProfile.dll
2015-07-15 18:40:50	C857721980B36F7018327FA795648CFF	6131200	----a-w-	C:\Windows\SysWOW64\PhoenixDll.dll
2015-07-14 14:09:07	A08EB3468870923D4D01DB45A2B4A405	36664	----a-w-	C:\Windows\SysWOW64\uxtuneup.dll
2015-07-14 14:04:08	3CDDEDDEFE4F6A9994474B97733B603B	25912	----a-w-	C:\Windows\SysWOW64\authuitu.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-07-18 06:16:26	4658D596725A71521971054D3AF1DCD0	2819584	----a-w-	C:\Windows\Sysnative\SettingsHandlers.dll
2015-07-18 06:16:26	0BB6089A1AEE468209FE22E29E6B87BD	2067968	----a-w-	C:\Windows\Sysnative\wpdshext.dll
2015-07-18 05:39:18	F368216A5F98B92AD02E7F61229B1B5B	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-07-18 05:39:18	C20BFFEA714E9F71FC7BCDCFB2502396	433152	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-07-18 05:39:18	7C20B163DE8138A311537C65B9E58EC0	26288	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-07-18 05:39:18	195770B066EBA124F9363A8A3E5E51C6	726528	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-07-18 05:39:17	F91793E2D348FB3D1C8EAD70ECBB3F49	764928	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-07-18 05:39:17	E87D4371B24BC9E5BAE95AEA60FFD959	193536	----a-w-	C:\Windows\Sysnative\aepic.dll
2015-07-18 05:39:17	B96E8ECF192F2549A30F6A6E5548191D	67584	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-07-18 05:39:17	6D8BE0E262EE5D45DE47B772F9D6C3F3	1145856	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-07-18 05:39:17	4310B66A618A71B48BA092C4A514B8A5	1084928	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-07-18 05:34:21	DD3D37B54CFB348BA23D174CF1EF1F47	4177920	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-07-18 05:34:21	B01F3377CB949F72366D0B014FF060B9	442712	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-07-18 05:34:21	63040C9A508532F90F6D0BF57E556B82	989184	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-07-18 05:34:21	415862B5FF298A751D775AC49730D04C	1441792	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-07-18 05:34:21	2F802C0E8B7714268C788D0625E6FBE2	1311960	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-07-18 05:34:21	14AADFF241A96629D64DD7F015976E82	445440	----a-w-	C:\Windows\Sysnative\certcli.dll
2015-07-18 05:34:14	C6264DEDF8FE95FAB9AFC47C3F95A6A8	37888	----a-w-	C:\Windows\Sysnative\werdiagcontroller.dll
2015-07-18 05:34:14	A7E6931FBB62F18C5DAE52E9AC379C05	3320320	----a-w-	C:\Windows\Sysnative\msi.dll
2015-07-18 05:34:14	431FE56F5A2F5937994CB2DA330B47DB	230400	----a-w-	C:\Windows\Sysnative\AudioEndpointBuilder.dll
2015-07-18 05:34:14	4043D5D64F57F86DE757ACD07FB500DB	2774528	----a-w-	C:\Windows\Sysnative\authui.dll
2015-07-18 05:34:14	2403EA62E45389F353E507A4EDA94F5D	65024	----a-w-	C:\Windows\Sysnative\msiexec.exe
2015-07-18 05:34:14	0F03CC00645D7F841879A048787D6AC7	911360	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-07-18 05:34:08	3914465775345215CCD1C5D073DC5897	44032	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-07-18 05:34:08	2C98F0971126E7530A6FA1EF572F2129	358912	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-07-18 05:34:08	04659158548DB53FFFC51ADC5CBE3858	1380600	----a-w-	C:\Windows\Sysnative\gdi32.dll
2015-07-18 05:34:07	952D277678FC177CA8549B92A01C4C2C	24576	----a-w-	C:\Windows\Sysnative\sdbinst.exe
2015-07-18 05:34:07	6306792367F832DE7738D11049335CF6	564224	----a-w-	C:\Windows\Sysnative\apphelp.dll
2015-07-18 05:34:07	171705D0C4E4442241C6098D4FF1C059	1661576	----a-w-	C:\Windows\Sysnative\ole32.dll
2015-07-18 05:23:06	98C6A46E9E2822BF83196C2EAE43DBD4	2427392	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-07-18 05:23:06	1259148E2B17FA7717E4550F58568BC8	2880000	----a-w-	C:\Windows\Sysnative\actxprxy.dll
2015-07-18 05:23:05	CF84C52C84418075D1663C376DB04C18	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-07-18 05:23:05	C0CB840274D41027E51A81F9DE2CC4C1	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-07-18 05:23:05	A21CB1630BD6D07CB9B83195F6269E63	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-07-18 05:23:05	9EB977926D63823082883F35C9774C94	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-07-18 05:23:05	9C989DC61ABFB3479607DABF16BBF300	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-07-18 05:23:05	9889590CA1A0F95F310A9616FA87B6FD	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-07-18 05:23:05	66D75C8BDA2467A21793F2FCED29B723	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-07-18 05:23:05	0E1D68E6691BBC62AF4CDF7F7A12C598	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-07-18 05:23:04	ECFE64A113A2DFEF26442EA91AC7E9BF	87552	----a-w-	C:\Windows\Sysnative\tdc.ocx
2015-07-18 05:23:04	C1DC2E63FBBC734BB9B11FF7FDAF30D6	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-07-18 05:23:04	A82A658C7120E513A44EC477D7AE7A52	145408	----a-w-	C:\Windows\Sysnative\iepeers.dll
2015-07-18 05:23:04	90E6E79D624D86CC4F4AF7C57EB91396	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-07-18 05:23:04	6B56CD995655081863FFB663EA519DBA	1032704	----a-w-	C:\Windows\Sysnative\inetcomm.dll
2015-07-18 05:23:04	404A75D7815A7202753453FF9391D2D8	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-07-18 05:23:03	D74E2BE157B8A2A9CF29BEBB052B8A42	25193984	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-07-18 05:22:54	6A70888EEC05B45C8990E8977C480019	14453248	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-07-18 05:22:52	78E4D3781E5632BA88E5153510BEB625	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-07-18 05:22:52	41D59904967A4033FB4497DCED7320AD	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-07-18 05:22:48	EEACF91E8C44AEA612030418DDAA7EC9	5923840	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-07-14 14:09:07	9F4C11A9A4280F49575D0612E4C18E78	44856	----a-w-	C:\Windows\Sysnative\uxtuneup.dll
2015-07-14 14:04:08	722615843CE0F4E1EB48CA2167773694	30520	----a-w-	C:\Windows\Sysnative\authuitu.dll
2015-07-14 14:04:08	69735D2D67321E1AA4124186716FB105	41784	----a-w-	C:\Windows\Sysnative\TURegOpt.exe
====== C:\Windows\Sysnative\drivers =====
2015-07-18 05:34:21	BCBD64220AD85C26823453FF1DC3EFBD	284672	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-07-18 05:34:21	6FBDF2B1B025A8E6E069234362FFFFB7	401408	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-07-18 05:34:21	57C2473D501331211D6885FD59F3E44B	202240	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-07-18 05:34:21	46711F40D0F9E63F786ED23F9BD5215E	178008	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-07-18 05:34:08	7D123389FCD97D84881BA9C07012BA0C	67584	----a-w-	C:\Windows\Sysnative\drivers\storvsp.sys
2015-06-23 02:05:56	E4062A74C37DEE3DE8ADA7F41F09F8BD	297672	----a-w-	C:\Windows\Sysnative\drivers\amdacpksd.sys
2015-06-23 02:03:38	D4B40F4D908482212EBBB225AF935283	21612032	----a-w-	C:\Windows\Sysnative\drivers\atikmdag.sys
2015-06-23 01:10:50	D3714915E9DFE9ED65AC8AFA7BC2AC19	663552	----a-w-	C:\Windows\Sysnative\drivers\atikmpag.sys
2015-06-23 01:07:44	C0BE012A3E36A59CADEFE0E61E8D8AFF	43520	----a-w-	C:\Windows\Sysnative\drivers\ati2erec.dll
====== C:\Windows\Tasks ======
2015-07-14 13:04:00	E94E7E608A06029E3C3D31DB4F6EF3BC	3238	----a-w-	C:\Windows\Sysnative\Tasks\Superclean
2015-07-14 13:03:59	66AD29A5FB71AD10009DC334B00B6548	3248	----a-w-	C:\Windows\Sysnative\Tasks\IntelliText
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-07-18 17:53:57	--------	d-----w-	C:\Program Files\trend micro
2015-07-14 08:33:34	--------	d-----w-	C:\Program Files\Movie Collector
2015-07-13 13:16:51	--------	d-----w-	C:\Program Files\Raxco
2015-07-13 13:16:51	--------	d-----w-	C:\Program Files\Common Files\Raxco
2015-07-12 23:39:51	--------	d-----w-	C:\Program Files\Altap Salamander
2015-07-12 22:41:38	--------	d-----w-	C:\Program Files\7-Zip
======= C:\PROGRA~2 =====
2015-07-18 14:01:02	--------	d--h--w-	C:\PROGRA~2\Uninstall Information
2015-07-18 12:07:15	--------	d-----w-	C:\PROGRA~2\COMMON~1\Wise Installation Wizard
2015-07-18 05:34:36	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-07-18 05:34:36	--------	d-----r-	C:\PROGRA~2\Skype
2015-07-16 20:23:59	--------	d-----w-	C:\PROGRA~2\IncrediBackup
2015-07-16 19:54:20	--------	d-----w-	C:\PROGRA~2\IncrediMail
2015-07-15 18:40:47	--------	d-----w-	C:\PROGRA~2\Stellar Phoenix Windows Data Recovery
2015-07-14 14:03:59	--------	d-----w-	C:\PROGRA~2\AVG
2015-07-13 12:32:50	--------	d-----w-	C:\PROGRA~2\SolSuite
2015-07-12 18:21:42	--------	d-----w-	C:\PROGRA~2\Eusing Free Registry Cleaner
======= C: =====
2015-07-18 10:40:03	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
====== C:\Users\Hans\AppData\Roaming ======
2015-07-19 14:34:17	--------	d-----w-	C:\Users\Hans\AppData\Roaming\FlashFXP
2015-07-18 15:58:43	--------	d-----w-	C:\Users\Hans\AppData\Locallow\Sun
2015-07-18 12:07:53	--------	d-----w-	C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-07-18 05:34:41	--------	d-----w-	C:\Users\Hans\AppData\Local\Skype
2015-07-18 05:34:40	--------	d-----w-	C:\Users\Hans\AppData\Roaming\Skype
2015-07-17 02:08:38	--------	d-----w-	C:\Users\Hans\AppData\Roaming\dvdcss
2015-07-16 18:37:39	--------	d-----w-	C:\Users\Hans\AppData\Local\IM
2015-07-14 13:09:01	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Hans\AppData\Local\Temp.dat
2015-07-13 12:32:57	--------	d-----w-	C:\Users\Hans\AppData\Roaming\SolSuite
2015-07-13 01:03:17	--------	d-----w-	C:\Users\Hans\AppData\Local\CrashDumps
2015-07-12 18:21:42	--------	d-----w-	C:\Users\Hans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner
2015-07-10 21:51:29	--------	d-----w-	C:\Users\Hans\AppData\Roaming\Apple Computer
====== C:\Users\Hans ======
2015-07-18 10:39:49	--------	d-----w-	C:\Users\Hans\Start Menu
2015-07-18 07:21:03	--------	d-----w-	C:\Users\Hans\Tracing
2015-07-18 05:34:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-18 05:34:34	--------	d-----w-	C:\ProgramData\Skype
2015-07-18 00:12:22	6D344ABDA40AABAF331A4EAB28710EF4	596	--sha-r-	C:\Users\Hans\ntuser.pol
2015-07-16 20:23:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediBackup
2015-07-16 20:23:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2015-07-16 20:23:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-16 18:37:34	--------	d-----w-	C:\ProgramData\IncrediMail
2015-07-16 18:37:34	--------	d-----w-	C:\ProgramData\IM
2015-07-15 18:40:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Professional
2015-07-14 20:40:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Houdini 3 CA
2015-07-13 13:16:51	--------	d-----w-	C:\ProgramData\Raxco
2015-07-13 12:32:58	--------	d-----w-	C:\ProgramData\TreeCardGames
2015-07-13 12:32:53	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
2015-07-12 22:41:40	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-12 20:31:53	--------	d-----w-	C:\ProgramData\ATI
2015-07-12 20:26:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-12 18:21:42	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner

====== C: exe-files ==
2015-07-19 15:53:36	63456D896E71B112210EE0536F2DD0C3	7571968	----a-w-	C:\Users\Hans\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Temp\1794-0\Map.exe
2015-07-18 18:02:52	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Downloads\RSITx64.exe
2015-07-18 17:53:57	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Hans.exe
2015-07-18 17:17:06	9454359CB756C69BD5B141C3324EA192	7766016	----a-w-	C:\Users\Hans\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Map\ee6e3bf619d8e3f73ab77e6b830b2615\Map.ni.exe
2015-07-18 15:04:16	7FE04C9586B61719A1D2C8459B345C39	563296	----a-w-	C:\Downloads\JavaSetup8u51.exe
2015-07-18 12:07:53	36B98B8197E1BE8E7382D29C1A3628AA	110080	----a-r-	C:\Users\Hans\AppData\Roaming\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconF7A21AF7.exe
2015-07-18 12:07:53	36B98B8197E1BE8E7382D29C1A3628AA	110080	----a-r-	C:\Users\Hans\AppData\Roaming\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconD7F16134.exe
2015-07-18 12:07:53	36B98B8197E1BE8E7382D29C1A3628AA	110080	----a-r-	C:\Users\Hans\AppData\Roaming\Microsoft\Installer\{AF549236-6258-4AC6-A043-5B5B89C6EB61}\IconCF33A0CE.exe
2015-07-18 07:08:08	D6E11B7AC7AD4BE6A81086E0B5F3F5E9	1198368	----a-w-	C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe
2015-07-18 05:39:18	7C20B163DE8138A311537C65B9E58EC0	26288	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2015-07-18 05:39:18	17D815AD21D4325CD589E57A9582E311	70840	----a-w-	C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-07-18 05:34:14	2403EA62E45389F353E507A4EDA94F5D	65024	----a-w-	C:\Windows\System32\msiexec.exe
2015-07-18 05:34:14	052FBC5525FA2975FC08EBD130BC0209	59904	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2015-07-18 05:34:07	952D277678FC177CA8549B92A01C4C2C	24576	----a-w-	C:\Windows\System32\sdbinst.exe
2015-07-18 05:34:07	0FDCB0931B57280D59942556A6706372	21504	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
2015-07-18 05:22:52	3698C298719803F6502612D651A852B2	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-07-18 05:22:52	26492D0AE6279B60A3801EDBE3CB794C	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-07-18 02:06:38	27554C51C7C85E226BCBD1836B3B7D33	143751691	----a-w-	C:\Downloads\SetupCA15_dwnld\SetupCA15_dwnld.exe
2015-07-16 20:23:44	4110883098797CFB2AE1117C00DD34E3	2161152	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\incredimail.plus.v6.xx.xxxx.win7-patch.exe
2015-07-16 20:22:41	FC3782F90C014C2D3C920A727D323776	367016	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
2015-07-16 20:22:41	E8CD84F956E18D93FA9E2CFEC93099BF	68008	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImLpp.exe
2015-07-16 20:22:41	E5B5577C88B1A97A2E20449C0B150A97	129368	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImBpp.exe
2015-07-16 20:22:41	D9D7FA5367EAAEF892EE70FFB4B3E719	43832	----a-r-	C:\Program Files (x86)\IncrediMail\Bin\ImSc.exe
2015-07-16 20:22:41	74B81A458DF4098CE6FA8FF15EBD42B3	121256	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImSetup.exe
2015-07-16 20:22:41	62F06CE16A02EBAB81871ADD6066666B	309672	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImLc.exe
2015-07-16 20:22:41	4EB8B58CAFEE61DCF0619B359D8B9C5A	113064	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe
2015-07-16 20:22:41	3EEA73EA32478100A260CF5ACF952878	260520	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImNotfy.exe
2015-07-16 20:22:41	312707A513F86ED20642F43F8EF4DD14	264616	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
2015-07-16 20:22:41	2F779AC4318FD4990C828F60D16F2B17	104872	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\ImPackr.exe
2015-07-16 20:22:41	0C93718599A68D1E5A0E76A706874833	26960	----a-w-	C:\Program Files (x86)\IncrediMail\Bin\AE\aeldr.exe
2015-07-15 22:39:49	5E89CD44F9234E5D0F2645BA56C3BC25	1840640	----a-w-	C:\Program Files\ChessBase\Engines\komodo-9-64bit.exe
2015-07-15 18:40:47	CE5D2EF03F1F0AA69CA09F685799434C	740054	----a-w-	C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery\unins000.exe
2015-07-15 18:40:47	84ED6E50E1340F63CE9A01738FA9DCEA	7202480	----a-w-	C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery\spwdrp.exe
2015-07-15 17:49:25	3E19C3EFAD063D03F5FAE6461F57B55D	920576	----a-w-	C:\Chess Assistant 14\stockfish-6-sse42.exe
2015-07-15 17:46:54	3B3A4F1589A17F2A69D0C3CAEFE85537	3744825	----a-w-	C:\Chess Assistant 14\Houdini-4-CA-Setup.exe
2015-07-15 17:46:50	381E4ED75545FCDD31B4C93E6CCEFD8D	462848	----a-w-	C:\Chess Assistant 14\Ruffian\ruffian.exe
2015-07-15 17:46:49	6B0E29C1FE1B55EA51F2AD9C6421A44D	13896192	----a-w-	C:\Chess Assistant 14\InternetClub\ChessPlanet.exe
2015-07-15 17:46:47	8BFFEB3DAB8EC38231D4855BEB7956AA	794624	----a-w-	C:\Chess Assistant 14\wcrafty19.exe
2015-07-15 17:46:46	913E3BF6030471084574BE246E85661D	3588096	----a-w-	C:\Chess Assistant 14\Rybka v2.3.2a.w32.exe
2015-07-15 17:46:45	8B43D343B9E8DFEECEB58467B7B71186	17012736	----a-w-	C:\Chess Assistant 14\ca14.exe
2015-07-15 17:46:44	906BD57EAF7C500E254C8BBAC4143C44	1194185	----a-w-	C:\Chess Assistant 14\unins000.exe
2015-07-14 18:55:12	DE111C3970D08CFF20A46CF1C46DB2F1	11737088	----a-w-	C:\Program Files\Movie Collector\MovieCollector.exe
2015-07-14 14:04:08	69735D2D67321E1AA4124186716FB105	41784	----a-w-	C:\Windows\System32\TURegOpt.exe
2015-07-14 11:05:26	489875862E740ED6D2A9D6B87255E13E	1198871	----a-w-	C:\Program Files (x86)\MultiPar\unins000.exe
2015-07-14 08:33:37	931B9C6BF50FC3AB4826F5AE7295EBD8	118696	----a-w-	C:\Users\Hans\AppData\Local\Collectorz.com\Movie Collector\MCE\gacutil.exe
2015-07-14 08:33:34	1464E78CC9C890B971211EA001AAE3DD	734512	----a-w-	C:\Program Files\Movie Collector\unins000.exe
2015-07-13 12:32:53	C5B4BDE715A77DFEF1C36BD4EC27E0E9	2575208	----a-w-	C:\Program Files (x86)\SolSuite\Update\SolSuite_Update.exe
2015-07-13 12:32:52	7C624DBEC6DC6C94368CC84E5E7375E7	12895712	----a-w-	C:\Program Files (x86)\SolSuite\SolSuite.exe
2015-07-13 12:32:50	5A51CE91FA32DE5FF7D24272F8AFFFB7	704291	----a-w-	C:\Program Files (x86)\SolSuite\unins000.exe
2015-07-13 00:52:06	042BF8A12161C8C683BD8EDDC84E1045	4739616	----a-w-	C:\Users\Hans\AppData\Roaming\ICQM\ICQ\dll\mailrusputnik.exe
2015-07-12 23:39:23	D6B0133C5F3C6D3AD81063B3BF2B975A	12264	----a-w-	C:\Program Files\Altap Salamander\utils\salspawn.exe
2015-07-12 23:39:23	A4E8DB5AADDCBC9C37B2DA5DFD160136	150504	----a-w-	C:\Program Files\Altap Salamander\plugins\zip\zip2sfx\zip2sfx.exe
2015-07-12 23:39:23	943C25D50D0861BF973C1838EAA0F4B8	59880	----a-w-	C:\Program Files\Altap Salamander\utils\salmon.exe
2015-07-12 23:39:23	7FAD1C36F903584CE6FB27F43E965741	17384	----a-w-	C:\Program Files\Altap Salamander\plugins\filecomp\fcremote.exe
2015-07-12 23:39:23	4BAA35A39C34A5FD88ECEDD98A08C30B	14312	----a-w-	C:\Program Files\Altap Salamander\utils\uninstpl.exe
2015-07-12 23:39:23	2E4DD7416DDB3093D011EB8E402A6CDE	2504168	----a-w-	C:\Program Files\Altap Salamander\salamand.exe
2015-07-12 23:39:23	2C805C1BF1EB1EF41A09F361E323977E	19432	----a-w-	C:\Program Files\Altap Salamander\utils\salopen.exe
2015-07-12 22:41:39	D8FDD24BA6F295F96F03CA25669D02AF	444416	----a-w-	C:\Program Files\7-Zip\7z.exe
2015-07-12 22:41:39	D7A59B782D9EE14CE92E15619E537361	14848	----a-w-	C:\Program Files\7-Zip\Uninstall.exe
2015-07-12 22:41:39	A1412F60D966D316B3B7A8C503CA1C6B	827904	----a-w-	C:\Program Files\7-Zip\7zFM.exe
2015-07-12 22:41:39	88BEE3C09D4FE193AE9B2DB683C8430F	552448	----a-w-	C:\Program Files\7-Zip\7zG.exe
2015-07-12 18:21:42	FAB7FA46BF4438EC72F76EAFAD03BADA	1499648	----a-w-	C:\Program Files (x86)\Eusing Free Registry Cleaner\Regcleaner.exe
2015-07-12 18:21:42	973567B98CDFC147DF4E60471D9DF072	153088	----a-w-	C:\Program Files (x86)\Eusing Free Registry Cleaner\UNWISE.EXE
=== C: other files ==
2015-07-18 10:40:03	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
2015-07-18 05:34:21	DD3D37B54CFB348BA23D174CF1EF1F47	4177920	----a-w-	C:\Windows\System32\win32k.sys
2015-07-18 05:34:21	BCBD64220AD85C26823453FF1DC3EFBD	284672	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-07-18 05:34:21	6FBDF2B1B025A8E6E069234362FFFFB7	401408	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-07-18 05:34:21	57C2473D501331211D6885FD59F3E44B	202240	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-07-18 05:34:21	46711F40D0F9E63F786ED23F9BD5215E	178008	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-07-18 05:34:08	7D123389FCD97D84881BA9C07012BA0C	67584	----a-w-	C:\Windows\System32\drivers\storvsp.sys
2015-07-14 08:33:37	30DF6B4A3E94BA8B057D76F249846BA8	423	----a-w-	C:\Program Files\Movie Collector\MCE\Uninstall.bat
2015-07-12 23:39:23	F64C3084C3DB038475BF1D5D1F98C19D	432	----a-w-	C:\Program Files\Altap Salamander\plugins\automation\scripts\Launch Elevated Command Prompt.vbs
2015-07-12 23:39:23	8D1385BC47B29010812AC3631CF58F87	1656	----a-w-	C:\Program Files\Altap Salamander\plugins\automation\scripts\Make List (VBScript).vbs

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-17723306-1273488591-2101582234-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -autorun"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"icq"="C:\Users\Hans\AppData\Roaming\ICQM\icq.exe -CU"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"BrStsInd00"="C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe /AUTORUN"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
"StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe -autorun"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"icq"="C:\Users\Hans\AppData\Roaming\ICQM\icq.exe -CU"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WinMail.exe]
"command"="\"%ProgramFiles%\\Windows Mail\\WinMail.exe\" OCInstallUserConfigOE"
"item"="WinMail.exe"
"hkey"="HKLM"
"key"="SOFTWARE\\Microsoft\\Active Setup\\Installed Components\\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AcrSch2Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ADExchange]


==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AIDA64 AutoStart" [C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe]
"C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]
"C:\Windows\SysNative\tasks\IntelliText" [c:\programdata\{81bcef36-8c35-e320-81bc-cef368c3bcda}\pricelessinstaller.exe]
"C:\Windows\SysNative\tasks\Superclean" [c:\programdata\{e2401258-d00c-ff31-e240-01258d004963}\hqghumeaylnlf.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [30-04-2015 11:43]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[03-12-2014 08:31]

Google Docs - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Hans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Hans\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://nl.search.yahoo.com/?type=523482&fr=yo-yhp-ch",


==== C:\zoek_backup content ======================

C:\zoek_backup (files=1990 folders=51 267591757 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\AVG\AVG PC TuneUp\tuneup_us.lng"  not found
"C:\Users\Hans\AppData\Roaming\IObit\StartMenu 8\TestBtn.log"  not found
"C:\Program Files (x86)\AVG\AVG PC TuneUp"  not found
"C:\Users\Hans\AppData\Roaming\IObit"  not found

==== EOF on zo 19-07-2015 at 18:58:06,18 ======================