Zoek.exe v5.0.0.0 Updated 15-09-2015
Tool run by Hensyr on wo 16/09/2015 at  8:44:42,15.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Hendrik\Bureaublad\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

16/09/2015 8:46:27 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\Hensyr\AppData\Roaming\MPC-HC deleted successfully
C:\Users\Hensyr\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Hensyr\AppData\Local\EmieSiteList deleted successfully
C:\Users\Hensyr\AppData\Local\EmieUserList deleted successfully
C:\Users\Hensyr\AppData\Local\Logitech-LS deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Hensyr\AppData\Roaming\0S1F2Y1C1R1P0F1F1C1N1P deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Hensyr\AppData\Local\Temp ====
2015-09-15 07:20:33	72A03C1B7FF02387198627B2473DA587	1502208	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\GPUpd55F7C6C00.exe
2015-09-13 07:20:33	DB6D94FA2123A1D34F066B43DDB47E79	155648	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\GPUpd55F523C00.exe
2015-09-12 21:39:25	B4FD0AFD4709F75090E64B66E60D2B37	98760	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\LMkRstPt.exe
2015-09-12 21:37:25	098A0777FA12811D909478BF752D87F9	1180224	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_40064_7a_lu_logitech_64.exe
2015-09-12 21:37:22	40395C175553CB14D2050888EFCCDF00	4961800	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_30064_3b_redistr64_logitech_64.exe
2015-09-12 21:37:21	733C1DF9CD37EDE5D1CAFA3F91782A24	2790760	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_20064_6_unifying_logitech_64.exe
2015-09-12 21:36:53	FED12C8D6F250CB79978302A6D1F0EAF	73008288	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_10064_5_setpoint_logitech_64.exe
2015-09-12 13:13:22	E0DC8C6BBC787B972A9A468648DBFD85	1008128	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\libiconv2.dll
2015-09-12 13:13:22	D34DE397C882E8E71FB0966D28F07CB1	71992	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\CreateRestorePoint.exe
2015-09-12 13:13:22	D202BAA425176287017FFE1FB5D1B77C	103424	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\libintl3.dll
2015-09-12 13:13:22	57CAC848FA14AE38F14F9441F8933282	140288	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\pcre3.dll
2015-09-12 13:13:22	547C43567AB8C08EB30F6C6BACB479A3	79360	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\regex2.dll
2015-09-12 13:13:22	2F9C7FDA92C346CB5AA32091536AE0CB	43520	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\nfo\nircmdc.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-09-08 20:57:21	F5811FD860256CD6A1F19A168EBE0C80	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
2015-09-08 20:57:17	449A5A6D6B6F1ECB27ADA3002382D3BC	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
2015-09-08 20:57:12	A691D4B4B4167F56A717C421F9CF58C7	1372160	----a-w-	C:\Windows\SysWOW64\dwmcore.dll
2015-09-08 20:57:12	52213D271F6804AAA44F57AEFD2B778A	67584	----a-w-	C:\Windows\SysWOW64\dwmapi.dll
2015-09-08 20:57:10	BFCB5A69B6D9EAB9D7B9B2B3BB9300B4	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-09-08 20:57:10	4C68C514F25379AC4B24739D6F93473A	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-08 20:57:10	3D24E0397BED00AFBB3DFA3A8AB98FD3	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-09-08 20:57:10	0056D5DECBC2CE89721DB380D0FD57BE	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-08 20:57:09	DA47CED2032198A6E4739BB77C70EBA9	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-08 20:57:09	98733E7AA07BEDF523778FF3240CDB17	504832	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-09-08 20:57:09	7C25F33E59D387DE06B11B8EC38CF26D	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-09-08 20:57:09	3CF7BD2B4A046633CEE16F5A2522ADF4	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-09-08 20:57:09	267305B4B170E15FFE905E2C5A1D3137	344168	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 20:57:09	216C0B2B406534ADACF8CCEFD8E86837	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 20:57:09	1730F4B69593EB38072DAF273B5565AB	19856896	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-09-08 20:57:08	FEEB3D195FEB6A2B05D5AADCB1900AF1	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-09-08 20:57:08	E5AC8290F6468070E9F664AA5CD34899	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 20:57:08	810525827BFE17A1E99C78C39A8D52BB	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 20:57:07	FDDB70F74F079760743BC3E6E2F1C69F	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-09-08 20:57:07	ED40CEA3833C5B0227B1B01B86D47393	479232	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-09-08 20:57:07	D47DB47A2C61664DAB00550EBB342AFA	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-09-08 20:57:07	682D51EC4E605249E5330BDD36569C67	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-09-08 20:57:07	5D5ACD27170DDD0E685820AF2650B7CE	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-09-08 20:57:07	5931961817E242BC8CB76E1F7EB2FA3F	665600	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-09-08 20:57:07	42175CD4FD54C02CA8419F4079D9C8B2	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-09-08 20:57:06	66B2A244152C78E4C298807BC544AA26	12857344	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-09-08 20:57:06	04FBC984859E0A0D15DDFBFD97198D07	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-09-08 20:57:04	CE982D0CBE88BEA12A74BA9FF70DDC88	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-09-08 20:57:04	C137627A10341356036A84A717660669	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-08 20:57:04	B860385F95CDE86286A12FB3FAABAF7F	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-09-08 20:57:04	A8C80A92549AFDD6891C8159D4C0A107	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-09-08 20:57:04	4881F098B26356905039C1D9DC233690	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-09-08 20:56:40	B83B25734C88C16026DFA483C5FE2107	3934656	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-08 20:56:39	8006BA4CA962EEE6DACE3DE36AA0D21D	1311768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-09-08 20:56:39	7798C39730CA28B18F8CC45EDBB479DC	3989952	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-08 20:56:38	F58753FAEE561563530D110D1DA78DF4	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-09-08 20:56:38	EEEE7A2838CA49C320DF8223E1B347AC	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-09-08 20:56:38	D16F40BF0B23926923A28ABF513A00B1	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-09-08 20:56:38	82CBE024109D89FFE27DB8601792758A	641536	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2015-09-08 20:56:38	1E679BB6671C67B2097A5E53D884D4D0	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-09-08 20:56:38	0E1490FB24DF3386AF80F66107A8515C	635392	----a-w-	C:\Windows\SysWOW64\tdh.dll
2015-09-08 20:56:37	E770E00C9545F16076E2A9F2F2905C3C	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-09-08 20:56:37	E0C16BFACA71201C18B8063299D21ABD	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-09-08 20:56:37	C352009A3BE68D131EA4CDBBE55C253C	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-09-08 20:56:37	BDDF8431790A4818B39889346337EA9F	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-09-08 20:56:37	933992B9C0E6FA3574A669D189B144AD	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-09-08 20:56:37	772D885BBEA6CD0A20BC6C24E63DB9E6	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-09-08 20:56:37	634C2FE10334B1EEA16EAABDE73144D7	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-09-08 20:56:37	479AA7AB66720972BB05F6DE71169452	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-09-08 20:56:37	43FFE2ED0632B955A3050355074BE7CF	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-09-08 20:56:37	3F4331E86DDFDEBDEAB55B24B4DFDC46	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-09-08 20:56:37	36347E68456774A4C1587EC1289CD1A1	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-09-08 20:56:37	34026F26713F620CF9C4E62AE1F5738F	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-09-08 20:56:37	2B071656FF8452CE9FFD379F50F873B6	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-09-08 20:56:37	2AC019AF62835EA83ACB16390A7E62F2	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-09-08 20:56:36	D0D0AB5CA02B07A9C1D566E76C49A95C	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-09-08 20:56:36	9B6E2DAADE259537BA7B14C2C3759F77	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-09-08 20:56:36	8E0D294A30DE08CCB5FFB6A464BC96C5	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-09-08 20:56:36	5D42935FE1D6038C3C91789705F02F1E	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-09-08 20:56:36	4C19F6E5686D7484C2D74525C201F926	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-09-08 20:56:36	310E1CAC29BBF0736617E7A34C5A4BF5	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-09-08 20:56:29	672CCD96BAB00F869D4F46A148FCCBAE	1805824	----a-w-	C:\Windows\SysWOW64\authui.dll
2015-09-08 20:56:25	F615574BF6B81533F3382856BE359237	2048	----a-w-	C:\Windows\SysWOW64\msxml6r.dll
2015-09-08 20:56:25	BF49B5D47D80D8711E3D54C8E0A59130	1241088	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2015-09-08 20:56:25	4DF7AD468DA9828D4B704805EEE2C7B1	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2015-09-08 20:56:25	2032B7698A8DCA5E157FD4ED153E9A76	1391104	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2015-09-08 20:56:17	E08E3E101A15FF4966AA3B2E86CF9806	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2015-09-08 20:56:06	DD126C4EA72C9D55A7BAE2C9326C4704	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-09-08 20:56:06	68054F129D15CE0A50E1E3841222A166	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-09-08 20:56:06	4629ED2D48E8DBB78A87CA219DAE6513	299520	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-09-08 20:56:05	415FB89174E6D8BFC885A00A01C3446B	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-09-08 20:56:05	2748108963E56A7A0CF05F19501DF832	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-09-08 20:56:03	EA010D8C6C63EA28BA9EB360403E5F85	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 20:56:03	DC45670BF6EB8D7472EEB1D544B51C6B	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-09-08 20:56:03	80DA9F3867192A12059906D742E22091	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-09-08 20:56:03	18703D7AD19222F508B83BFFC015D37D	93184	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-09-08 20:56:03	0FC51CD52CB71243C4E5E291ED717C97	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-09-08 20:57:21	E2B939D646418AC4F85C42F0E7790EC9	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
2015-09-08 20:57:21	28CAE76925107A4D5FBB63EC0A7DCA51	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2015-09-08 20:57:19	40686B59C127F0C93B4234E4A1E3472A	1110016	----a-w-	C:\Windows\Sysnative\schedsvc.dll
2015-09-08 20:57:17	532D9A504A429D4EECC12ABAEA3BB65F	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
2015-09-08 20:57:12	B8542140074D2B51FDC55E6907996CC4	82944	----a-w-	C:\Windows\Sysnative\dwmapi.dll
2015-09-08 20:57:12	502237267638281B1365D1F20082AECF	1632256	----a-w-	C:\Windows\Sysnative\dwmcore.dll
2015-09-08 20:57:10	DF38359BA1798DD42CD15F7207FDAFA6	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-09-08 20:57:10	91AD7A275B3BA53B036C0D246E89EF3A	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-09-08 20:57:09	6D10EB9ED12B215B4523337F6291AF08	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-09-08 20:57:09	21B7BEC14F9D35ABF5F802B61E637EEE	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-09-08 20:57:09	0C3341D5B70E5796BF622BC457DD3619	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-09-08 20:57:08	5C29BE6B121490177978741FB1487F87	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-09-08 20:57:08	5BF637520D37C06EBA8FF3AFAF11D961	393304	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-09-08 20:57:08	394A06EBC37283F59AA1F3E793DBFB8B	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-09-08 20:57:07	F7842D6C680AFED5656989BD0189C78C	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-09-08 20:57:07	D8FE466B3EB5E290EF6B698367BC8FF6	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-09-08 20:57:07	BC83213ABAB473B99BF78848573514E0	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-09-08 20:57:07	357785E8D45614BEE7A340E58E149B34	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-09-08 20:57:06	ABEBE737EC3EDDAC560258ED86712961	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-09-08 20:57:05	B04F6C38F0D78E0DF23FE69813DB5464	2886144	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-09-08 20:57:05	39AD1102270EB183B03AA5A0362201D1	2126336	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-09-08 20:57:05	2A161E2B7A37C7A18B6CF02B05804B1D	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-09-08 20:57:04	A7D51FC9BF718F10AAD7E381C78D4CF4	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-09-08 20:57:04	A5ED86412F4A623FA2468C023CE6344E	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-09-08 20:57:04	90D77CFA7C7BA84EC1E8B06CF5F94C34	585216	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-09-08 20:57:03	ED10CF4AFE2BF66667A08A79EF5329E0	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-09-08 20:57:03	9AE595C539A180F8B267EB0697B38B2E	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-09-08 20:57:03	00059AAFAF28B362197B90D3FD5062BB	14451712	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-09-08 20:57:02	E850CB3A37F8A9117BE2FF263B7D0FD1	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-09-08 20:57:02	C977CF244EE08E22F0F122591EE6420D	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-09-08 20:57:02	4AFF1DA04FC31C4E3E73ADA805BA57ED	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-09-08 20:57:02	2A9F3C1F3D93EA4938B821FE241CB227	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-09-08 20:57:01	D7390AAB21AABF0B2E7D8B0793686512	5923328	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-09-08 20:57:01	CA9B509F45E6C53A03C7D5D8359AEBDF	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-09-08 20:57:01	A55305B1CACD38EAC176CC532B2053AC	2427392	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-09-08 20:57:00	C2279FA9510104431A5936F4D64CC591	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-09-08 20:57:00	2555DEF683BDF9B4947591827D6DE69A	25190400	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-09-08 20:57:00	17125243606DCACEE3AA12964B649ECF	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-09-08 20:56:42	ED824E1EAE1C16C5B1902213FE093CED	41984	----a-w-	C:\Windows\Sysnative\UtcResources.dll
2015-09-08 20:56:42	EC3F433D00365F1A9BC3411BCA7C7140	1390592	----a-w-	C:\Windows\Sysnative\diagtrack.dll
2015-09-08 20:56:42	4DDF9E4ECE29127A6FE95535D809ADDE	1730496	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-09-08 20:56:42	0F97C5BD7D2FCBA9F2E6A69CBAEC389E	5568960	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-09-08 20:56:41	9C261AB78DE420AA52FC08D69FD5745D	1163264	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-09-08 20:56:40	3B5D6CAC765E86BE07AA7959A35D553C	879104	----a-w-	C:\Windows\Sysnative\tdh.dll
2015-09-08 20:56:38	D8B8F5CC7C1CEF41AB8966053DFFF9C8	424448	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-09-08 20:56:38	C76537387488A98C6E8A70A5FF11C467	879104	----a-w-	C:\Windows\Sysnative\advapi32.dll
2015-09-08 20:56:38	C677AF63CF92603175332927B0346EE9	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-09-08 20:56:38	A87E3AB7D2BAFB91B0EC64197A3B5373	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-09-08 20:56:38	8BAF399B21A1A72E11C7A2A7BCCDDB81	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-09-08 20:56:38	8927015C999D55D9B4AC66000EE5343D	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-09-08 20:56:38	84F5617F3EDAE4AB573C87BDE53B3132	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-09-08 20:56:38	7F34310CE16A2B5746399411CD8A5360	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-09-08 20:56:38	7D09CF46F69DC1581668D7D709F7374C	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-09-08 20:56:38	6CBA747B9CFBC875C59D9BC3ECA6E77E	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-09-08 20:56:38	50EEE09D03B94A13DFEFEFC1D774FC31	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-09-08 20:56:38	493392E8355908346D6B41B34BAC4679	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-09-08 20:56:38	4305BB5CA8D225C5A161F8472469A40F	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-09-08 20:56:38	3375DC60062A5AA8245B035C4515B05E	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-09-08 20:56:38	2508F4DE1F4E6F9EEEE390EA1CA4B309	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-09-08 20:56:37	FDD980360C9D72DA77F4C59376AE95C9	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-09-08 20:56:37	F7E793AD6169C0CE79E8A3B29E37C750	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-09-08 20:56:37	E56F2CCCB1AE74A740B8F89818C0380F	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-09-08 20:56:37	D4860FC70A0F6A677431ADA631337980	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-09-08 20:56:37	D2302AF1408814BB6707BC1C100F3ACE	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-09-08 20:56:37	9F88B26479CE17A4E12184EF822AB679	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-09-08 20:56:37	8B72424954DC83CD63275DD0337AF20D	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-09-08 20:56:37	73C38271F5694681506A17861112CC80	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-09-08 20:56:37	62B3F534E66734AD90E02CDFC2BD611A	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-09-08 20:56:37	3FE2ED1A5431BFD640478B2C78EA5E4D	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-09-08 20:56:37	37343B1CB862001DB49127FD9E5D7539	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-09-08 20:56:37	11A9529B8D9393F6375716ABB7D02725	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-09-08 20:56:37	0FF5EA8EBF5EA9CE77A0D18C24AA97FB	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-09-08 20:56:36	F079E06E7DBDAE06B59CEEACF764A937	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-09-08 20:56:36	9EECE7648CD3887FC47B1861736ECD66	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-09-08 20:56:36	4DE7B857726C3A9856C3D9A643748DC3	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-09-08 20:56:36	337D2165A65FAAB19FA00D6F43A54609	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-09-08 20:56:29	CF04BDEC90C2AFF1120D1D49647177E7	1941504	----a-w-	C:\Windows\Sysnative\authui.dll
2015-09-08 20:56:29	3EA5DA3F459F6ED19E10166965F6892F	70656	----a-w-	C:\Windows\Sysnative\appinfo.dll
2015-09-08 20:56:29	2E0A046F24D89C807B10FE3D202F1238	115136	----a-w-	C:\Windows\Sysnative\consent.exe
2015-09-08 20:56:25	FDE5C7F271A8424B019EEFDAFD8CBD75	2004480	----a-w-	C:\Windows\Sysnative\msxml6.dll
2015-09-08 20:56:25	F06A3A6A49F6E059D6727A215A8FAA70	1887232	----a-w-	C:\Windows\Sysnative\msxml3.dll
2015-09-08 20:56:25	A25E5E8A16E0BA2A74390EA63319BE1D	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2015-09-08 20:56:25	3940461513FE8C7D94D76CCDBC783B93	2048	----a-w-	C:\Windows\Sysnative\msxml6r.dll
2015-09-08 20:56:19	65825DC78742A89C59C1184D9D36091B	147456	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2015-09-08 20:56:19	2BFD9C958A2E08D6486FB2A688D2F2F4	616360	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-09-08 20:56:18	21267F39EAB62396E79C80089E912DA9	692672	----a-w-	C:\Windows\Sysnative\winload.efi
2015-09-08 20:56:17	1CE43325025DECB0035A55720814A7A3	59392	----a-w-	C:\Windows\Sysnative\appidapi.dll
2015-09-08 20:56:17	173C90AF5B243B4DD86F95CA154CB58A	32768	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2015-09-08 20:56:16	7EA98A87FBFCAD2E0650EA1F1AB51D88	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2015-09-08 20:56:16	056C9A75342F6545A4B864B9C703E380	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2015-09-08 20:56:06	AA9DF61A0B6A39EF36C3393DDE325F58	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-09-08 20:56:06	92828C27E59DCC79AD70681DC70C3A41	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-09-08 20:56:06	891D1D6C4B8D4E929F247F97C6214C9A	3209216	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-09-08 20:56:06	774236E3A89C838E774241CD2B66791B	372736	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-09-08 20:56:06	5E258B6D3D1A6F038A757FB70BA78037	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-09-08 20:56:06	0E8D254B70E880F032036BFD45266754	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-09-08 20:56:03	F8CE5FBDA334941FB1034D1DAF6F9301	3165696	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-09-08 20:56:03	F78B95558E150F8DBA1DBE873C8FADCA	192000	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-09-08 20:56:03	E466B59224B351EB0F51D30477F0FE59	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-09-08 20:56:03	CE08490157D7C871A4F1E9D8057EC2A1	139776	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-09-08 20:56:03	A6ACBEF520B03C4CF251C869B9912EDE	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-09-08 20:56:03	6F53D7D35C390B8A1C8761A8BF307690	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-09-08 20:56:03	39D604E190DFE2E483B637D6796ABAFF	2606080	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-09-08 20:56:03	292F9D085D79C09973C55007FBBDFB4B	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-09-08 20:56:03	1559BBD74DA38146373727FE368A65C6	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-09-08 20:56:03	0C22CADE768D444A4CC0DA273486EDFA	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-09-08 20:56:03	04ABD36541EB9B8070CDAFF933EAB4E5	37376	----a-w-	C:\Windows\Sysnative\wuapp.exe
====== C:\Windows\Sysnative\drivers =====
2015-09-12 21:39:18	64AEB5790901EA8854884981F104CAA6	18960	----a-w-	C:\Windows\Sysnative\drivers\LNonPnP.sys
2015-09-08 20:56:38	A405647429DE231CD954D93F792CFBA2	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-09-08 20:56:37	E4DC0909B5EACB5BF50F6252095BCFF2	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-09-08 20:56:37	7D65B5E9573A26C204AA547457DBF544	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-09-08 20:56:37	62CEA59FF56B66154E08BD51D87392C2	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-09-08 20:56:37	43E1F4B0EFDC244D2A83995CCD7846F7	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-09-08 20:56:16	A0711D119BA4B48A1470C768D301013E	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-08-27 15:48:07	F7C5C7A86A42011045B999FF2A720159	12896432	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
2015-08-24 14:11:42	35DFC12FD7E44B7CB8CCD7E5A2B3975A	50472	----a-w-	C:\Windows\Sysnative\drivers\nvvad64v.sys
====== C:\Windows\Tasks ======
2015-09-15 07:20:48	51280C051326F52799FAB2E9B69615F1	3272	----a-w-	C:\Windows\Sysnative\Tasks\IT Viewer Viewer
2015-09-12 07:18:32	DA10B756AB75AF4A47D13046D4A0E527	3316	----a-w-	C:\Windows\Sysnative\Tasks\Full Installer
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-09-15 18:08:24	--------	d-----w-	C:\Program Files\trend micro
2015-09-12 21:38:16	--------	d-----w-	C:\Program Files\Logitech
2015-09-12 21:37:28	--------	d-----w-	C:\Program Files\Common Files\Logishrd
2015-09-02 16:36:01	--------	d-----w-	C:\Program Files\FileZilla FTP Client
2015-08-18 06:24:37	--------	d-----w-	C:\Program Files\7-Zip
======= C:\PROGRA~2 =====
2015-09-15 14:55:32	--------	d-----w-	C:\PROGRA~2\TomTom International B.V
2015-09-15 14:55:13	--------	d-----w-	C:\PROGRA~2\MyDrive Connect
2015-09-13 09:12:19	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-09-13 09:12:19	--------	d-----r-	C:\PROGRA~2\Skype
2015-09-12 07:18:45	--------	d-----w-	C:\PROGRA~2\7-Zip
2015-08-31 17:19:37	--------	d-----w-	C:\PROGRA~2\PIXresizer
======= C: =====
====== C:\Users\Hensyr\AppData\Roaming ======
2015-09-15 14:55:35	--------	d-----w-	C:\Users\Hensyr\AppData\Local\TomTom
2015-09-12 21:21:45	--------	d-----w-	C:\Users\Hensyr\AppData\Roaming\Logitech
2015-09-12 21:21:44	--------	d-----w-	C:\Users\Hensyr\AppData\Roaming\Logishrd
2015-09-12 07:18:31	--------	d-----w-	C:\Users\Hensyr\AppData\Roaming\Full Installer
2015-09-02 16:36:10	--------	d-----w-	C:\Users\Hensyr\AppData\Roaming\FileZilla
2015-09-02 16:36:03	--------	d-----w-	C:\Users\Hensyr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-09-02 16:35:26	--------	d-----w-	C:\Users\Hensyr\AppData\Local\IsolatedStorage
====== C:\Users\Hensyr ======
2015-09-15 14:55:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-09-13 09:12:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-12 21:39:34	--------	d-----w-	C:\Users\Public\Documents\Logishrd
2015-09-12 21:38:27	--------	d-----w-	C:\ProgramData\Logishrd
2015-09-12 13:13:24	319EB0E105821609DAE2A53BD883E74B	1800104	----a-w-	C:\Users\Hensyr\Desktop\JRT.exe
2015-09-02 21:27:22	BEF201339C265727D23073201F7A04A9	583	----a-w-	C:\Users\Hensyr\stylesheet.css
2015-09-02 21:24:35	3B64F1A4D14A51D4F3C635ECECFA2312	14977	----a-w-	C:\Users\Hensyr\content.css
2015-09-02 21:23:45	D4222D6F52BE3998463EF1871E117132	918	----a-w-	C:\Users\Hensyr\style.cfg
2015-08-31 17:19:37	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXresizer
2015-08-18 06:24:38	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

====== C: exe-files ==
2015-09-15 18:08:24	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Hensyr.exe
2015-09-15 15:55:07	B001C134351EDE45C019FB9DF0BF278E	525024	----a-w-	C:\Users\Hensyr\AppData\Local\NVIDIA\NvBackend\Packages\00007dff\CoProc update.19963694.exe
2015-09-15 14:54:46	354660836CB349D2DE2FE22F8F741FA9	23514192	----a-w-	C:\Users\Hensyr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WYHIC7\InstallMyDriveConnect.exe
2015-09-15 07:20:33	72A03C1B7FF02387198627B2473DA587	1502208	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\GPUpd55F7C6C00.exe
2015-09-13 07:20:33	DB6D94FA2123A1D34F066B43DDB47E79	155648	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\GPUpd55F523C00.exe
2015-09-12 21:39:26	272C72C81F34966393FD17B178C866B0	111653	----a-w-	C:\Program Files\Common Files\Logishrd\Unifying\UnifyingUnInstaller.exe
2015-09-12 21:39:25	B4FD0AFD4709F75090E64B66E60D2B37	98760	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\LMkRstPt.exe
2015-09-12 21:39:24	408164335DAD5A517859E0C6EA57008C	116383	----a-w-	C:\Program Files\Common Files\Logishrd\KHAL3\UnInstaller.exe
2015-09-12 21:38:42	CC407E99851FB60F4B91E31BC0BF8D1F	51584	----a-w-	C:\Program Files\Common Files\Logishrd\CDDRV3\UnInstaller.exe
2015-09-12 21:38:16	D6A83CD5AA1766992838705C210B5793	50717	----a-w-	C:\Program Files\Logitech\SetPointP\UnInstaller.exe
2015-09-12 21:38:16	BD13B9606DB010CC358BF6CF952371F7	52527	----a-w-	C:\Program Files\Common Files\Logishrd\sp6\UnInstaller.exe
2015-09-12 21:37:29	46E4C130532DD44F81CC545970B1BA7D	1710360	----a-w-	C:\Program Files\Common Files\Logishrd\sp6_Uninstall\MSetup.exe
2015-09-12 21:37:29	467C3855DB3135F24A747244567D5A92	301336	----a-w-	C:\Program Files\Common Files\Logishrd\sp6_Uninstall\Setup.exe
2015-09-12 21:37:28	D1D8C9AE058B83F5997DED205D973824	347256	----a-w-	C:\Program Files\Common Files\Logishrd\sp6_Uninstall\tools\AddBrowsers.exe
2015-09-12 21:37:28	B892CE57F9E8CA2E43734F0ACE8DFB31	609616	----a-w-	C:\Program Files\Common Files\Logishrd\sp6_Uninstall\tools\SetClean.exe
2015-09-12 21:37:28	9350B9C7E06BA3CD1442956D86D4132F	48677	----a-w-	C:\Program Files\Common Files\Logishrd\sp6_Uninstall\MUnInstaller.exe
2015-09-12 21:37:28	1E6EF4A4E1D138FF158D803FA53E7E3D	432248	----a-w-	C:\Program Files\Common Files\Logishrd\sp6_Uninstall\tools\64\AddBrowsers.exe
2015-09-12 21:37:25	098A0777FA12811D909478BF752D87F9	1180224	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_40064_7a_lu_logitech_64.exe
2015-09-12 21:37:22	40395C175553CB14D2050888EFCCDF00	4961800	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_30064_3b_redistr64_logitech_64.exe
2015-09-12 21:37:21	733C1DF9CD37EDE5D1CAFA3F91782A24	2790760	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_20064_6_unifying_logitech_64.exe
2015-09-12 21:36:53	FED12C8D6F250CB79978302A6D1F0EAF	73008288	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\lu\sp_10064_5_setpoint_logitech_64.exe
2015-09-12 15:52:54	10AA8F4AC923419FBB418E826594F569	6242248	----a-w-	C:\Users\Hensyr\AppData\Local\NVIDIA\NvBackend\Packages\00007ded\DAO.19956763.exe
2015-09-12 13:15:32	20C31856CC5CCB8453166C4E1A72F576	630200	----a-w-	C:\Users\Hensyr\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-09-12 13:15:28	6472BF603AF255DF6EA49AC86C3B536F	172984	----a-w-	C:\Users\Hensyr\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-09-12 13:13:24	319EB0E105821609DAE2A53BD883E74B	1800104	----a-w-	C:\Users\Hensyr\Desktop\JRT.exe
2015-09-12 13:13:22	D34DE397C882E8E71FB0966D28F07CB1	71992	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\CreateRestorePoint.exe
2015-09-12 13:13:22	2F9C7FDA92C346CB5AA32091536AE0CB	43520	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\nfo\nircmdc.exe
2015-09-12 07:18:45	5F4989AB994B7100C82B284D6D23F5A6	58769	----a-w-	C:\Program Files (x86)\7-Zip\Uninstall.exe
2015-09-12 07:18:31	F079AAF3D1325E81CC8A5B8D73E8FD24	400896	----a-w-	C:\Users\Hensyr\AppData\Roaming\Full Installer\Full Installer.exe
2015-09-11 10:16:10	E3EC81D634A09EAD6155E9F6F5ABFA18	7846992	----a-w-	C:\Users\Hensyr\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2015-09-11 10:16:10	E3EC81D634A09EAD6155E9F6F5ABFA18	7846992	----a-w-	C:\Users\Hensyr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\OneDriveSetup.exe
2015-09-11 10:15:57	F4601CDFF7E3F1100BBB00B2FF76DB56	147632	----a-w-	C:\Users\Hensyr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncConfig.exe
=== C: other files ==
2015-09-12 21:39:18	64AEB5790901EA8854884981F104CAA6	18960	----a-w-	C:\Windows\System32\drivers\LNonPnP.sys
2015-09-12 13:13:27	568A88D4AEC0FEA6E36C8605F9CCAB37	134	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\edge.bat
2015-09-12 13:13:22	FCF7D153DB3CEDE7FA5B82993D64C50E	12114	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\runvalues.bat
2015-09-12 13:13:22	FCEB5D2ECAB2DCD63628CC2B95248A0A	31220	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\iexplore.bat
2015-09-12 13:13:22	F9D4087F23370DFE20E966616DC634C7	151154	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\misc.bat
2015-09-12 13:13:22	F836546B0C268B8930447AD51C19B683	1568	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\delfolders.bat
2015-09-12 13:13:22	F4E8344FE03EA67F332C636B6DF1981E	16305	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\mws.bat
2015-09-12 13:13:22	E0A0B0442A4ED95A003A1C0F0AE63E2B	4910	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\chrome_pref.bat
2015-09-12 13:13:22	CA495C330AF9FB8D8608A536D6377909	7910	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\chrome.bat
2015-09-12 13:13:22	C74DACC98CBDA29BA34D82665E6C43FF	2245	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\medfos.bat
2015-09-12 13:13:22	BEABBAD80C3B136FF66C14636734CF19	17950	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\get.bat
2015-09-12 13:13:22	B23B16209341AEAE62A7D32117A36F55	1192	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\TDL4.bat
2015-09-12 13:13:22	A8F5541C419593F3ECAC0E0A3FB0F2BA	1162	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\surfvox.bat
2015-09-12 13:13:22	93A6196509429319C854A941F14F1E7C	252	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\ev_clear.bat
2015-09-12 13:13:22	9246BABAAAE2978EABF6F0D784B0683D	34543	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\prelim.bat
2015-09-12 13:13:22	81F82F01664FD84D77EF8521A2C39463	23026	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\ask.bat
2015-09-12 13:13:22	7C2536139B5D838D88D3E0082F9A77FC	167302	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\firefox.bat
2015-09-12 13:13:22	5AA2EDB2A4E406EDBCF2281726A7557B	9123	----a-w-	C:\Users\Hensyr\AppData\Local\Temp\jrt\searchlnk.bat
2015-09-11 10:15:56	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\Hensyr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\CollectOneDriveLogs.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1223704088-254192944-2079473161-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"OneDrive"="C:\Users\Hensyr\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"D-Link D-Link Wireless N Dual Band DWA-160 "="C:\Program Files (x86)\D-Link\DWA-160\AirNCFG.exe"
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s"
"Codec Settings UAC Manager"="C:\Windows\system32\Codecs\CodecUACManager.exe"
"vmware-tray.exe"="C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"OneDrive"="C:\Users\Hensyr\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"CamserviceOG"="C:\Program Files (x86)\Hercules\Hercules Optical Glass\XtrCtrlEx.exe /startup"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"

==== Startup Folders ======================

2015-07-27 16:05:39	1878	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/08/2015 01:03]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Full Installer" [C:\Users\Hensyr\AppData\Roaming\Full Installer\Full Installer.exe]
"C:\Windows\SysNative\tasks\IT Viewer Viewer" [C:\Program Files (x86)\IT Viewer\astask.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F8302BD4-8905-4AAE-8A61-689B6ED64CF0}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Hensyr\AppData\Roaming\Mozilla\Firefox\Profiles\grzycuip.default
user_pref("browser.startup.homepage", "https://www.google.be/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [12/09/2015 23:38]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Hensyr\AppData\Roaming\Mozilla\Firefox\Profiles\grzycuip.default
- Undetermined - %ProfilePath%\extensions\info@youtube-mp3.org.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Hensyr\AppData\Roaming\Mozilla\Firefox\Profiles\grzycuip.default
CAF78E18A9E1380A0A38065B3B1210E0	- C:\Users\Hensyr\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin
1CDD28B47D8198F868349BDFBCD1281B	- C:\Users\Hensyr\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll -	VASCO Card Reader Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[25/03/2015 16:42]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25/03/2015 16:42]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://zorinos.com/start/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://zorinos.com/start/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Hensyr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Hensyr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WYHIC7 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Hensyr\AppData\Local\Mozilla\Firefox\Profiles\grzycuip.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=141 folders=49 43343066 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Hensyr\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Hensyr\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Hensyr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WYHIC7" deleted

==== EOF on wo 16/09/2015 at  9:22:32,04 ======================