
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Vanherle on ma 17/08/2015 at 11:24:59,26.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vanherle\Desktop\zoek.exe2.exe [Scan all users]  [Checkboxes used]

==== Running Processes ======================

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Avira\Antivirus\sched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
C:\Windows\Pixart\Pac7302\Monitor.exe
C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Vanherle\Desktop\zoek.exe2.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe

==== System Restore Info ======================

17/08/2015 11:31:23 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\Vanherle\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Vanherle\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Vanherle\AppData\Local\EmieSiteList deleted successfully
C:\Users\Vanherle\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Vanherle\AppData\Roaming\VDownloader deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Vanherle\AppData\Roaming\Mozilla\Firefox\Profiles\40a2bs16.default\extensions\abs@avira.com deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-08-12 15:11:59	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\notepad.exe
====== C:\Users\Vanherle\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-08-12 17:11:28	4FA66A573E9A45D05AD5A25B1E76A35D	103120	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 15:13:52	AF0EC95144F76EA4B40A7ED1DD34616C	856064	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 15:13:52	A27593907607A692D0DE105DE29BBC33	53248	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 15:13:52	90E480789256D852FA3EADD39D56FDDA	6131200	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-08-12 15:13:48	DC18FFFF3175376ABD38E6D48309F7F9	3934656	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 15:13:48	A38E10B4143A19F32D64517B6A1FCB98	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-08-12 15:13:48	6C95D6264810F816E92780E7DB81F7B1	3989952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 15:13:48	5792E7C663FAA39335D4F787B9499490	1311768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-08-12 15:13:46	FE748FEAA8A5A7677DA1C2C6CE405ADE	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-08-12 15:13:46	FC85BC746818EE9B5181EA0B1C882778	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-08-12 15:13:46	E70054ADA6AAB84659AB20D137747ACF	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-08-12 15:13:46	DD8BCBBC1C383F38F284E25CE39C136C	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-08-12 15:13:46	A2C5FAE51BC43B29525AAA5BF0B31259	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-08-12 15:13:46	9E94CD7C6CBDC2C9B6A87AD9D5E4EF80	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-08-12 15:13:46	8A82C9C4A205266DC22BB1C8F2E1AB2D	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-08-12 15:13:46	75706C0F199BC7658A98BEE452964587	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 15:13:46	650B603F5C040727788F19AD0B8D09BC	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 15:13:46	51C161D5638465251857B2207BD535CB	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-08-12 15:13:46	4C2D57F3DDBC07D3CC59160CDC400AC0	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 15:13:46	3982911B4C4F42B156D7347C1543CF9F	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-08-12 15:13:46	37CE74C8094AD7D1D3B79A8D2849803E	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 15:13:46	2506A1507B7CBFE069BC0289349786ED	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 15:13:46	15400F593C9023CDC1D144C30BBDA47A	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 15:13:46	0A4CE9AAA18F9DE7414C1E7BE572F5FA	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 15:13:46	086A1544FACAA91CD6F95FC4CDE16913	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-08-12 15:13:44	C899E7E3A4F42B802DA1E97F9908BD26	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 15:13:44	832494A551C2B2CCB616B2BE13A696A1	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-08-12 15:13:44	1EA1328207A915C9EB10AA1D102C0B52	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-08-12 15:13:44	03A179385219FD37CDFB3E603F912CA7	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-08-12 15:13:43	D5F9C627C221A3B4B6944EDBE90D642C	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-08-12 15:13:43	008BDC16E15B3B6EFB6E8B6684022F36	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-08-12 15:13:15	FCDCEB29CD1129C6C86AD9700A7E5BD1	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 15:13:15	C989240A97D4E0B4354679CCF7E66389	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-08-12 15:13:15	BDC048308B74B2146495BBB8D4CD4974	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 15:13:15	A37FEDFC0BC9E96AD3DFFF41D5805F04	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-08-12 15:13:15	8B6B89D3FEDB34CA38055B82A790545F	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 15:13:15	67DA0EE95026FB2D3577F664F2187F98	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 15:13:14	C98AF04E9FC94DBF57B29A9891597664	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 15:13:14	C929BFB3FD2460B570553AE7344640BC	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 15:13:14	BD3E3A13423C40E8CF4BE531EE68BAF0	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-08-12 15:13:14	BAAAC903BF7F9CA5F1129C972AEDE6BD	19870208	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-08-12 15:13:14	32664FC06B115923C449DC22D47CD8A6	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 15:13:13	E3762A30F1EC29C30AC85CC2B8CAA3F3	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 15:13:13	D7FDD5E8B88ADE9107772B4C879FDF94	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 15:13:13	D1D3DB57C68A2A62E03DD973F53CEA18	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 15:13:13	793F71F873D106A611DB79741327038C	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 15:13:13	728188684708FEF4F18E2CAB46C54DBB	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 15:13:13	3E168B5E5FEE3D09C2D4E97861B5F4B3	479232	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-08-12 15:13:13	3C74EA1EC43A694060F09B7D754446C6	12856832	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-08-12 15:13:13	358D91656E54B03B8FFE3CF4D535A6C8	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-08-12 15:13:13	1CB9D50EE52BED7DEBF394CEA8A971A5	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 15:13:13	0E9529DC8BA5AD3C06B99F115D0D804D	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-08-12 15:13:12	FB1B7D2B2D500E067B96C56EE0B4DDAD	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-08-12 15:13:12	ECF459774AE6A273F0F59D7C072DB3C4	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 15:13:12	53DE75BD2C7A3EA29770147EAC8A8D5A	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 15:13:12	4D036506C8359185FC52EB49DB891743	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-08-12 15:13:12	445DB8651F05684F8259D4054A15BC50	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-08-12 15:13:12	0AC8CD2138FD10C4A0E2FF08F892359C	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-08-12 15:12:06	6B003E11CDBDA3B45A3D16E5A9D3F73B	82432	----a-w-	C:\Windows\SysWOW64\davclnt.dll
2015-08-12 15:12:06	55C70654420DBF429604FD567E6F3CD3	206848	----a-w-	C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 15:12:05	EA1BE72A8CD5CEA7B6E6649D1FD78BA1	1241088	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2015-08-12 15:12:05	B6F9E4CDA3069B03F654B650A5379E60	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 15:12:05	127EE7F36CEA127ECCA55BECBC230398	2048	----a-w-	C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 15:12:05	121E2E789BE080EB86DA71F95B611DF2	1390592	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2015-08-12 15:12:04	CE21524C53E9671A7108B28FB9B4E474	1251328	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-08-12 15:12:04	680D463893C9846CC6A1DA6012DD0FE5	299520	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-08-12 15:12:03	9E2F12744DD9810961031C56FBB691F4	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-08-12 15:12:03	965CFC7687F0D188F215DC142FC8F6A1	1987584	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 15:12:03	7983F3481E89B96074FAE9AFCC24079C	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-08-12 15:12:03	520AEC6C64AF2CFD74B469DB98611D4A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-08-12 15:12:03	400C20D6967A83EA69D6953EBB8D3FA3	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-08-12 15:11:58	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\SysWOW64\notepad.exe
2015-08-12 15:11:57	4478348E3942AD9EED9AB263AFE7CD83	12875776	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-08-12 15:07:32	FBECE2B32A3658AEB609DC5A1021100F	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-08-12 15:07:32	E96D0EEAAE0446F664EE15703BB32A34	93184	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-08-12 15:07:32	A02515B58D318F427FBA64437FB0EDDF	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-08-12 15:07:32	742AC3EF3C7C30F0EBF628D6D03BB399	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-08-12 15:07:32	4447FD20A6B48D05E8392B6E18A194A8	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 11:13:32	AB6A3699E478DEF677D48B126B223C54	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-08-12 17:11:28	52ED64BF80D360B0EA2B6E5F1504CDFF	124624	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 15:13:56	EC9178A8037D3EF938F38B6793EAF990	774656	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-08-12 15:13:56	DD91D9EAAA415B26EB30EC9CF768BF03	743424	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-08-12 15:13:56	A3D0A038A6C03E368E80CDDEFC473140	1148416	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-08-12 15:13:56	4FEB4397B066DEEDDDED0D1CEDA1C887	69120	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-08-12 15:13:56	400E0B72AEB663360E1A3AB33DDD6A87	1116672	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-08-12 15:13:56	36DA2E5BD218764CB48B8A13CF0B091F	437760	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-08-12 15:13:53	EEAFBC5A31C68438AF67531C52410A3D	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-08-12 15:13:53	E99A30142A108B11381C47B0A30283B0	17344	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-08-12 15:13:53	C01DC60229F41D33AF2DF4162EDA0F44	7077376	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-08-12 15:13:52	CDA122FCC691D14D3971A83AB035156D	62976	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2015-08-12 15:13:52	35A97817FDA4C8F421D8478DCCF045B1	1057792	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
2015-08-12 15:13:52	2686F572B3CAF633C4A350A3671835F2	429568	----a-w-	C:\Windows\Sysnative\wksprt.exe
2015-08-12 15:13:49	B9A07A9807A4BAC067498CC8D77F3D4D	5568960	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-08-12 15:13:49	72585BDAF2EC5237EBD71D540657D6A2	1163264	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-08-12 15:13:49	3F63C62D9183235792A46C0B66EAAD04	1730496	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-08-12 15:13:48	AF249D7461E228EBBD1C7E98D99B3B12	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-08-12 15:13:48	2E730941CC5BF6200A4F56D1E9C24AAD	1743360	----a-w-	C:\Windows\Sysnative\sysmain.dll
2015-08-12 15:13:47	DAF50D708FF79AC4AE0A1C256A9BEE33	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-08-12 15:13:47	B892459EC8441FFB9E045CCE73862868	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-08-12 15:13:47	99D1FAA337A4EF3C33E256C79DC708F8	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-08-12 15:13:46	EBB9C6638109A3486EBA51D28837495C	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-08-12 15:13:46	E80CA72FA43BF258E72C408CEF9839BE	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-08-12 15:13:46	E6D24098FDB4A9C29007696B79389DB9	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-08-12 15:13:46	E615E2FF68D64B52CEFDCD24332D61F5	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-08-12 15:13:46	D6431591DEED9D47E9266890FB2BFBBC	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-08-12 15:13:46	BD6BDB13F5D8FA13166CF8B3CBD6976A	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-08-12 15:13:46	A0502BF52867F00FD9C67D1C355F6C91	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-08-12 15:13:46	98AFEF63F857FA67FA1BDD3969F40366	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-08-12 15:13:46	98432481E11B9EDB54A2B069E465D1CB	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-08-12 15:13:46	7ADF0CB99051D1E0DB7F65DA1D8099F1	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-08-12 15:13:46	77E88D36E88FDC825DCCBF269F81ED3E	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-08-12 15:13:46	7245C8C33397B90E376B9BB54E2A96C8	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-08-12 15:13:46	6DC249682EA708DA1C4B5CBD9C016F21	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-08-12 15:13:46	6518A42BE5B157EF3DC3ED4F8BE4CA46	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-08-12 15:13:46	61024C6DE4EEBC6BCC92422F0AE3CE94	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-08-12 15:13:46	55C48343919A72B0C8F5C42E4C798FCA	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-08-12 15:13:46	53632BBEFB00BDA1DCFC9E155E0C6B53	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-08-12 15:13:46	46041293D887F4D89979874015F26B30	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-08-12 15:13:46	35766EDA62E3FA02B897182219EEDF8A	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-08-12 15:13:46	354D59027DE2BFB3A63E8E7DBAF081D8	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-08-12 15:13:46	219DF0B319E46EA2601D90101C4C330A	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-08-12 15:13:46	1BE3823E3206785F2BA8F26B2FAD3FBE	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-08-12 15:13:46	0D48E93C6BE3143C0198CB252B992D16	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-08-12 15:13:46	0797A4FDBA2766B88FB563BBB7646FCE	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-08-12 15:13:44	BC48CD24D35FA0E18D66A97E502BFAE2	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-08-12 15:13:44	25AADF664F576D1C264F8AC27B4838DF	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-08-12 15:13:43	FFAD95FF2FE4B14F91E437E03D1F68BA	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-08-12 15:13:43	46CB68A774B67187B722FA1156672A23	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-08-12 15:13:25	168EA9CD9BD6056BB6F60B57D5304BBE	52736	----a-w-	C:\Windows\Sysnative\basesrv.dll
2015-08-12 15:13:15	D0A52A4F631172E2AC35A84CCDF28FA4	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-08-12 15:13:15	ACE8BB2BECFEC66A738EE3DDDFF0CA07	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-08-12 15:13:15	92E60B0F2E864336737091554370E658	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-08-12 15:13:15	890E3A6A6DB6D15EB242460D2353D39C	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-08-12 15:13:15	4E37600CED71FFCE7EEBB129A90B3431	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-08-12 15:13:15	2319CA59AF0AA295EC254528DD558E37	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-08-12 15:13:13	B8322A1FCD5686F2D97B6BCA1862C9B8	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-08-12 15:13:13	9CAC3401B481383936A9D66EF1B80307	389840	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-08-12 15:13:13	857D9F533F7F9838B68C2CEF8AB68412	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-08-12 15:13:13	427D40AF9BCAE05125F3513E770706E1	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-08-12 15:13:13	3E4568FFE110FE81CA1A75BF1149153B	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-08-12 15:13:13	158C1D034080B9DC0A9A2CD9E8DB0199	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-08-12 15:13:12	F9C6645800D1EDE9033858C60903F00C	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-08-12 15:13:12	C580215DE134617942FF1740A1235CE4	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-08-12 15:13:12	6E3D6B8844FF524D7B27EE7FFB3EF6F5	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-08-12 15:13:12	62FC1CC7DFC11B5F6A25763375F765BF	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-08-12 15:13:12	43AF91A40E44205272335E33B7BBA4C3	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-08-12 15:13:12	39E11AA344781CD5773BE9E2472C84E4	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-08-12 15:13:11	E892688BB1C8B0B485C27436F2B963CF	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-08-12 15:13:11	AD31A019C2195C75B26DF3337EE8F9FE	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-08-12 15:13:11	995797E4DE4215715CA2040BB81F4594	14451200	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-08-12 15:13:11	56E1A08F9CDF246CCAB75EA32B87B2DA	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-08-12 15:13:10	ECA4CCA74F61C6288734B786089765B0	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-08-12 15:13:10	C6960223A6BAB3CF83DB09565D191844	5923328	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-08-12 15:13:10	C555B5C8142844DED9E3BD94E6313000	2427904	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-08-12 15:13:10	9C7B3D3A9A945AED5CC97C6535C9D857	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-08-12 15:13:10	77A4FEE4031F90DBB5C16F6A8FC855BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-08-12 15:13:10	2D9A67695E80C889FAD5C92651D5E641	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-08-12 15:13:10	080E99BE131C2433FD7E6813F77F08FD	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-08-12 15:13:09	E6CF1778145272A83E58C4AB66358AF3	25192448	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-08-12 15:12:06	4E89FC53493704BF835F0300DC201C34	260096	----a-w-	C:\Windows\Sysnative\WebClnt.dll
2015-08-12 15:12:06	16FD9A0F6EDEF091A72D7D3B77574008	102912	----a-w-	C:\Windows\Sysnative\davclnt.dll
2015-08-12 15:12:05	99119778A8E44F077E46B0870B8DD6A8	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2015-08-12 15:12:05	40EA064E91C6A63FDBC83259FC5BD4F8	2004992	----a-w-	C:\Windows\Sysnative\msxml6.dll
2015-08-12 15:12:05	32A74A5BC52EF569BC65252AF6F28578	1887232	----a-w-	C:\Windows\Sysnative\msxml3.dll
2015-08-12 15:12:05	22DC6C17443DECC9EBE258220906DCAC	2048	----a-w-	C:\Windows\Sysnative\msxml6r.dll
2015-08-12 15:12:04	F97A0CFC495C92FF2F6A03933157D115	3208192	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-08-12 15:12:04	F8C0AF84AB602D395FFC89BC7CF3CE18	372736	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-08-12 15:12:04	DB94C47BD7F2AD9C58DEC46026D5FD08	1648128	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-08-12 15:12:04	D5A775990A7C202A037378FDBCDB6141	1180160	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-08-12 15:12:03	B45F7BC413F905ECA9DE679E3FF09472	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-08-12 15:12:03	52DE81006E192EAA09B3BDE763D80BC8	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-08-12 15:12:03	15113A4CD09E0F06894495FCE8BF2BF8	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-08-12 15:12:03	0365E7AED8A38CB5FFF1DFB4458C0593	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-08-12 15:11:59	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\Sysnative\notepad.exe
2015-08-12 15:11:57	733BC760342A816D3B5A8CE2C7EF1D92	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-08-12 15:07:33	499034D7F1F6AF49F9EE12F8822793CB	2606080	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-08-12 15:07:32	DE1B5089D48291BD81F6A5CCFB832E53	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-08-12 15:07:32	D1E38F98DDA581BF70B6A89882E6E6F6	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-08-12 15:07:32	C980982C7F8ECB462C52CBEC759CBBDC	3154944	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-08-12 15:07:32	C0DA341908CC3A0209A63FBD4B521C2A	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-08-12 15:07:32	B0FBE5C8E18EB3BD677846DAB54037D5	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-08-12 15:07:32	A6848EF3860E81A835AA4982ADBA1884	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-08-12 15:07:32	7CFCC5210E226AA85F2A21098FA01F29	37376	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-08-12 15:07:32	6FDC1FAD277AEF0A89B0D28F5675679C	139776	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-08-12 15:07:32	1956D89C3E24A8388840489371B3A428	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-08-12 15:07:32	0F72B73EBE4F6F86EE569598D377165E	192000	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-08-12 15:07:30	53405CDA694982E5C6A0E9454AC1D407	493504	----a-w-	C:\Windows\Sysnative\mcupdate_GenuineIntel.dll
2015-08-12 11:13:34	B2ADFD1217625A68A484E9838C608F51	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-08-12 11:13:32	95C5B29740852D171CA03BAE61B670FE	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-08-12 11:04:03	D4FB2E00F49711C9DD3E2C2646D7C767	2565120	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
====== C:\Windows\Sysnative\drivers =====
2015-08-12 15:13:48	67050452C0118BAF2883928E6FCCFE47	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-08-12 15:13:46	B2081803D510DCE174992BA880EDCA70	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-08-12 15:13:46	97687971F9CB30E2633DE0F1296B9F61	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-08-12 15:13:46	67A1743377EBB5D9A370A8C2086CFDCC	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-08-12 15:13:46	552FA62B0EFECD22D8D52499324BCA4F	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-08-12 15:13:46	522A1595D5701800DD41B2D472F5AAED	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-08-15 08:38:49	--------	d-----w-	C:\PROGRA~2\uTorrent
2015-07-18 21:47:35	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Vanherle\AppData\Roaming ======
2015-08-15 08:37:57	--------	d-----w-	C:\Users\Vanherle\AppData\Roaming\uTorrent
2015-08-12 10:41:56	--------	d-----w-	C:\Users\Vanherle\AppData\Local\MalwareProtectionLive
====== C:\Users\Vanherle ======
2015-08-15 08:37:46	44A7D7BA01F438714EAFB84684D2A99A	328568	----a-w-	C:\Users\Vanherle\Downloads\utorrent_2.0.4_build_22967.exe
2015-08-13 13:31:26	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Vanherle\Desktop\RSITx64.exe

====== C: exe-files ==
2015-08-17 09:13:21	F9C86AF8039BA54FF5C8AAE395D98C0C	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$ISMMACN.exe
2015-08-17 09:13:21	F79B76FB172B043394A4809148B31CB1	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$I6TLBQG.exe
2015-08-17 09:13:21	D3432A80AD9DCE6445ECA92816BD78BE	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IS8L8PY.exe
2015-08-17 09:13:21	C59B20E183132D2E5EEB8DB5EEAF5AA1	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IGZNWJL.exe
2015-08-17 09:13:21	8427364F2ED18DDAABB0909EF2EAE5BE	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$I8K5S04.exe
2015-08-17 09:13:21	8394A5773313425F79AC76AA52502FA7	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IW5350M.exe
2015-08-17 09:13:21	6EFA717640B97ADF7325D0887576B070	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$I158MB7.exe
2015-08-17 09:13:21	41F18A74DA7A236494B9A14F7F163884	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IEAZS9V.exe
2015-08-17 09:13:21	3AEEFAB7925795C07FA99F1555071FBF	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IOFNB5V.exe
2015-08-17 09:13:21	3A1D7B1337CC1A6E38DE0B7C4B8A09EC	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IJ2HK8B.EXE
2015-08-17 09:13:21	2994FC2A08A8F9AE3A7D271A6F36D14C	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IDP7GJI.exe
2015-08-17 09:13:21	128AFF16A37528C2FEAFDC654C911465	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IN84ZJP.exe
2015-08-17 08:41:07	F1FBA6185A6A2BC6456970914875078E	256512	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RJ2HK8B.EXE
2015-08-17 08:41:07	CC7AA7B42CF418FC3D926913490048F8	24064	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$ROFNB5V.exe
2015-08-17 08:41:07	9D4171F6D34DFA309020871677F40390	217088	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$REAZS9V.exe
2015-08-17 08:41:07	885E9EB42889CA547F4E3515DCDE5D3D	476672	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RN84ZJP.exe
2015-08-17 08:41:07	6337E8365510C2AD792357CC3FA136B2	69632	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RGZNWJL.exe
2015-08-17 08:41:07	59375510BDE2FF0DBA7A8197AD9F12BB	57344	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$R8K5S04.exe
2015-08-17 08:41:07	47811D50390A86A17102D7496E6EABB9	388608	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RDP7GJI.exe
2015-08-17 08:41:07	464DC70107018C97CB7CC720C5DD3093	154232	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$R158MB7.exe
2015-08-17 08:41:07	3CBB025B926B87902AECBD6570BAC89D	30720	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RSMMACN.exe
2015-08-17 08:41:07	2B657A67AEBB84AEA5632C53E61E23BF	98816	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$R6TLBQG.exe
2015-08-17 08:41:07	17947503B7EAA0AF4914B4B6EFBC1A01	20480	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RW5350M.exe
2015-08-17 08:41:07	01D95A1F8CF13D07CC564AABB36BCC0B	161792	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RS8L8PY.exe
2015-08-15 08:38:49	44A7D7BA01F438714EAFB84684D2A99A	328568	----a-w-	C:\Program Files (x86)\uTorrent\uTorrent.exe
2015-08-15 08:37:46	44A7D7BA01F438714EAFB84684D2A99A	328568	----a-w-	C:\Users\Vanherle\Downloads\utorrent_2.0.4_build_22967.exe
2015-08-13 13:31:26	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Vanherle\Desktop\RSITx64.exe
2015-08-13 13:15:30	C7B8503492B6F4B318DA68F0CC45628E	2821200	----a-w-	C:\Program Files (x86)\Google\Update\Install\{BFC0AC8B-34BC-47D4-AC62-0FAD0EAF3C4F}\44.0.2403.155_44.0.2403.130_chrome_updater.exe
2015-08-13 13:15:30	C7B8503492B6F4B318DA68F0CC45628E	2821200	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.155\44.0.2403.155_44.0.2403.130_chrome_updater.exe
2015-08-12 15:13:53	E99A30142A108B11381C47B0A30283B0	17344	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2015-08-12 15:13:52	2686F572B3CAF633C4A350A3671835F2	429568	----a-w-	C:\Windows\System32\wksprt.exe
2015-08-12 15:13:49	B9A07A9807A4BAC067498CC8D77F3D4D	5568960	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-08-12 15:13:48	DC18FFFF3175376ABD38E6D48309F7F9	3934656	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 15:13:48	6C95D6264810F816E92780E7DB81F7B1	3989952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 15:13:47	99D1FAA337A4EF3C33E256C79DC708F8	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-08-12 15:13:46	EBB9C6638109A3486EBA51D28837495C	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-08-12 15:13:46	A2C5FAE51BC43B29525AAA5BF0B31259	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-08-12 15:13:46	55C48343919A72B0C8F5C42E4C798FCA	112640	----a-w-	C:\Windows\System32\smss.exe
2015-08-12 15:13:46	354D59027DE2BFB3A63E8E7DBAF081D8	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-08-12 15:13:46	0D48E93C6BE3143C0198CB252B992D16	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-08-12 15:13:46	086A1544FACAA91CD6F95FC4CDE16913	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-08-12 15:13:44	832494A551C2B2CCB616B2BE13A696A1	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-08-12 15:13:44	03A179385219FD37CDFB3E603F912CA7	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-08-12 15:13:15	F666B5E4A99DAE8E243189C89E9AFA74	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-08-12 15:13:15	ACE8BB2BECFEC66A738EE3DDDFF0CA07	720384	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-08-12 15:13:15	92E60B0F2E864336737091554370E658	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-08-12 15:13:15	2B1D4B6004AE4BE9EB19CAD4AB924944	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-08-12 15:13:13	E595881896AA929A7FA8936DFCF8D3FE	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-08-12 15:13:13	D7FDD5E8B88ADE9107772B4C879FDF94	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 15:13:13	C2A6A7E10E872F62F261637B67AFB248	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-08-12 15:13:13	427D40AF9BCAE05125F3513E770706E1	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-08-12 15:11:59	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\System32\notepad.exe
2015-08-12 15:11:59	B32189BDFF6E577A92BAA61AD49264E6	193536	----a-w-	C:\Windows\notepad.exe
2015-08-12 15:11:58	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\SysWOW64\notepad.exe
2015-08-12 15:07:32	7CFCC5210E226AA85F2A21098FA01F29	37376	----a-w-	C:\Windows\System32\wuapp.exe
2015-08-12 15:07:32	742AC3EF3C7C30F0EBF628D6D03BB399	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-08-12 15:07:32	6FDC1FAD277AEF0A89B0D28F5675679C	139776	----a-w-	C:\Windows\System32\wuauclt.exe
2015-08-12 11:13:32	AA12B1DD4C32F01995A07774D9A44C47	814288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-08-12 11:13:32	95C5B29740852D171CA03BAE61B670FE	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-08-12 11:13:32	66CD0B90DA1E7219759821F9846A29CB	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
=== C: other files ==
2015-08-17 09:13:21	9520779C3BD8FC012877ED9B0707B311	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$IHBCGHJ.bat
2015-08-17 08:41:07	92F275EBA351B73405FE45CA17DFFA05	753651	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-219209752-1814971668-716802256-1000\$RHBCGHJ.bat
2015-08-12 15:13:48	67050452C0118BAF2883928E6FCCFE47	94656	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-08-12 15:13:46	B2081803D510DCE174992BA880EDCA70	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-08-12 15:13:46	97687971F9CB30E2633DE0F1296B9F61	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-08-12 15:13:46	67A1743377EBB5D9A370A8C2086CFDCC	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-08-12 15:13:46	552FA62B0EFECD22D8D52499324BCA4F	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-08-12 15:13:46	522A1595D5701800DD41B2D472F5AAED	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-08-12 15:12:04	F97A0CFC495C92FF2F6A03933157D115	3208192	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-219209752-1814971668-716802256-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"avgnt"="C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min"
"Avira Systray"="C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"MedionReminder"="C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe"
"PAC7302_Monitor"="C:\Windows\PixArt\PAC7302\Monitor.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MedionReminder"="C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe /DeleteRunKey"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaSuite.exe"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VDownloader]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VDownloader"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\VDownloader\\VDownloader4.exe\" /silent"


==== Startup Folders ======================

2012-12-26 13:04:27	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/08/2015 18:32]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/10/2014 08:47]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23/10/2014 08:47]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Avira Browser Safety Updater Task" ["C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe"]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [26/12/2012 15:05]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [26/12/2012 15:05]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 44.0.2403.155

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]

Google Docs - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avira Browser Safety - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Bookmark Manager - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Google Mail Checker - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff
Google Wallet - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vanherle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Belfius Smart Card Reader Chrome Extension - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agicnfmechmlphpjmeefookfjhifbmhi
Google Docs - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avira Browser Safety - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
Chrome Web Store Payments - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Vanherle\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.com/" ]

C:\Users\Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
tps://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13075075565670185","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.135\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"wn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13075075570662921","lastpingday":"13084182001111284","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"account_id":"jetske27012009@gmail.com","last_username":"jetske27.01.2009@gmail.com"}},"homepage":"http://www.google.be/","homepage_is_newtabpage":true,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"3534B2BF05C377202F7B5A23A6CB32C9F71A78F3EB341CADE180EF530812C1FF"},"default_search_provider":{"keyword":"E21F1A688C2E6B8BE8A7393EF2E8647CCB729D070C472B360FC30CD569924295","name":"0DCDBCF08A58472A93F875973A2D6CE8D1047018905768E8C939A9C58B421F3C","search_url":"208CE00055548BD70963F5332FF9DCE33A2CEDD17234DA125EED0BCC72F7789E"},"default_search_provider_data":{"template_url_data":"AD0E5712D388DB9A679191ECB9A5D1407C2680CBDB12AD8C9C5BB0DC48E4D293"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"50F9C82144FBC9C163BCE55E43FF0C07E99A8C7885C808098B301509B2417C88","agicnfmechmlphpjmeefookfjhifbmhi":"045CE5F497F2CAF15864C27F7D66FCBA7CD0EF396BFC86C847F7FD62E60289FA","ahfgeienlihckogmohjhadlkjgocpleb":"2D91AA7F5B27D0D0DA2CD4867C22DC307BF72BE6F141136BC74867294CBAD359","aohghmighlieiainnegkcijnfilokake":"06C5B7A7BDB48082C35B1AAAF8693762769B862B9260C9513A50BA6CA6A205BE","apdfllckaahabafndbhieahigkjlhalf":"BA9700FA1F2850BA7A26AEDACEB3801772E0F3642FB3174B41EAC855C4719145","bepbmhgboaologfdajaanbcjmnhjmhfn":"2062E571301C14B4040B36809CFB3ECF08325963A2342E72850DA02B00DA77A0","blpcfgokakmgnkcojhhkbfbldkacnbeo":"E0526B069789D107447C797917A00D3299A6FB4F31655BBF436AE4B4150EDC68","coobgpohoikkiipiblmjeljniedjpjpf":"B5921B9B2F01303B708B787BD05D1EE8B4047F34F9466931BE9CCB14A8150224","eemcgdkfndhakfknompkggombfjjjeno":"946FD748994E3547D83F016CFC269615E6F235E4DFD26CAF432E78D29E2A87E8","ennkphjdgehloodpbhlhldgbnhmacadg":"5AED03964EF6784026785669CBAE9B13AC985D786E8E09505F6D7D62821219F3","felcaaldnbdncclmgdcncolpebgiejap":"A810DE001ACD07B46494B98C44FABE53887D0F62FBC95B896576308E11A7E31E","flliilndjeohchalpbbcdekjklbdgfkk":"60E05DD32927F110A1448294F8D93B16232DD054E57E0C1261CC33546670A5BC","gfdkimpbcpahaombhbimeihdjnejgicl":"9D1819E775114DD0D493701E76E38A0A27947863DAF8AE6937CB5326320AA40C","kmendfapggjehodndflmmgagdbamhnfd":"4B097833965D89502DB39FCF90FEF65ADFFFFBE66B06AECA10A32F03B5441585","mfehgcgbbipciphmccgaenjidiccnmng":"E3450D70172A602C682EE90E1835ECEB38FF500E24EB435B3A0FB5F46CB5274B","mfffpogegjflfpflabcdkioaeobkgjik":"99D63EA849464F67F2C2254476FBC0E7D0764576005CE3EB5406DFDE85633456","mgndgikekgjfcpckkfioiadnlibdjbkf":"CBD0BF6E884E9E7820EE86A3DB9C44D9D8764080D579DC84898B4E2DC6D4A700","mhjfbmdgcfjbbpaeojofohoefgiehjai":"AAD2597697E2ACB4E7B38AE41549A28B7960286108E2DB61C0BA8254D21CA4FE","neajdppkdcdipfabeoofebfddakdcjhd":"FB1829B7D9E140E72E6A829F7D7EC5DAF9088752F2E93598E281468DD0780684","nkeimhogjdpnpccoofpliimaahmaaome":"19FB4D100D555A8E14666189C12AB27FDF301BC117AC035B13BEC4DEE6D8BC2F","nmmhkkegccagdldgiimedpiccmgmieda":"CDD9C89F825B2B98638E6F597B5DA0DB9C2294DE76E755AC271E33E0733629F4","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"BBFDC61D05041AD8DB9013E5C21643BEA53E2FAA40B511566AF9C07257BDE810","pjkljhegncpnkpknbcohdijeoejaedia":"BAFF577A8B9F83C123782B778175E24FF4C224CB5ACF9C9C798A67130121DC4E"}},"google":{"services":{"account_id":"C2DC1584C0ED6888FD20AECF5BCA81CCDD0B7D4999B2D512D0CA81566A4448CB","last_username":"937F485A5D371CD5B213313AE19DD3EC7F0E42E36C10B30E910099BE220A4525","username":"593CD91262EA06109984FE322B27CE9BE7E4647F77828982BC2D4529838185E9"}},"homepage":"6430682D462A1A026E8D1510727B692CEB91F505919F45644745480884B4C98B","homepage_is_newtabpage":"0CDEC9176A53BEBBAE4F15AA4D606A727CD227F42BEA63AE4FACB0F468E653D4","pinned_tabs":"78073A89D76CC20DE2E23A31C6D2102D78C1277E31E5FD3A496107E8ACFE1DB3","prefs":{"preference_reset_time":"CF78F14971A8853F83E98F4FB2C9B2B06983C29EB592EAEAFA1EA5BBD009EC01"},"profile":{"reset_prompt_memento":"97453FFF0D189AC12DF6CA79D9F7715000921CA30714480FC4CC26CD9C6803A3"},"safebrowsing":{"incidents_sent":"ED604A87BDDBCF6094DF40508C51844DFBEA1369B3936B8EA80F70EBFD74A4C1"},"search_provider_overrides":"824DD3D6E12A217B340682C9CDDDF1DB7608334A99DFD0AC0E365A961E39DB02","session":{"restore_on_startup":"E756D2D2D4F5B8E192CB8E3AB42FC31C19BAEAE12837F025E1A46E70FE413936","startup_urls":"50FCA3EE2D8BE3F9D76E5FB75123DF5CD75F368D37BAAA086CAA6C8942D24DF5"},"software_reporter":{"prompt_reason":"849217A636C42FF9802CEAE3A1F0FE99B48F5BAACB54753D900CF5F251022ED5","prompt_seed":"3D886B2C27FAC5BFE4748316B0E1C9D9317D1BE1CFBD1D1CBA3ED439C3643B13","prompt_version":"BA4FFB61D6DCA18A147C7E8E5F8C267BBD151A47FEAA6FC527579FEF687AE7A2"},"sync":{"remaining_rollback_tries":"4F755EF1941F5C5F48A826FC603C7EDDDED339C027BB5E9CF68F5853123AC1EB"}},"super_mac":"6936938D62F3FDBD93FFBEE632295BD230AE578BA054919BF728CA2B76DFEC9F"},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{4C8CBB16-A7D3-4ADE-9475-E54ED8FC9FCA}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{21CA3304-8E8A-4684-9501-CD8EB2011C79} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{3AEB25E6-D905-4F7B-9E87-089FBF90D51C} (www.google.com)[3] Google Url="https://www.google.com/search?q={searchTerms}"
{4C8CBB16-A7D3-4ADE-9475-E54ED8FC9FCA} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{542946E2-3275-47CD-AE77-4959EF14BF7F} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{6CCACA36-56E3-4E1E-9C03-5E2C8597284E} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{AF8DBE56-21E9-4F59-9F10-55F6202957E5} (www.google.com)[4] Google Url="https://www.google.com/search?q={searchTerms}"
{DA214047-4B08-4F71-9796-5C1090AEF4D3} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393"
{FAF43931-810F-488D-888E-4ADF54360B06} (www.google.com)[2] Google Url="https://www.google.com/search?q={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vanherle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vanherle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Vanherle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Vanherle\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=161 folders=49 26675488 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Vanherle\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vanherle\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 17/08/2015 at 11:46:26,70 ======================