
Zoek.exe v5.0.0.1 Updated 20-October-2015
Tool run by Gebruiker on wo 21-10-2015 at 10:28:04,85.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

21-10-2015 10:29:49 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\InstallShield Installation Information deleted successfully
C:\PROGRA~2\Lenovo deleted successfully
C:\PROGRA~3\adb deleted successfully
C:\PROGRA~3\Rising deleted successfully
C:\PROGRA~3\TXQMPC deleted successfully
C:\Users\Gebruiker\AppData\Local\Lenovo deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc} deleted successfully
HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc} deleted successfully
HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B5D5DBD-C857-4377-A755-06E50B4AC2B0} deleted successfully
HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E6A8DA1-1731-465B-B036-B9E16EF26CAC} deleted successfully
HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6A8DA1-2731-465B-B036-B9E16EF26CAC} deleted successfully
HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639B74F1-0594-432C-97C8-68C8C17A1E1D} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TSDefenseBt deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"RSDTRAY"=- 
"RavTRAY"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\InstallShield Installation Information not found
C:\PROGRA~2\Lenovo not found
C:\Program Files (x86)\Sonic Train not found
C:\Program Files (x86)\Rising not found
C:\Users\Gebruiker\AppData\Roaming\wenguanjia not found
C:\ProgramData\Rising not found
C:\ProgramData\TXQMPC not found
C:\ProgramData\adb not found
"C:\WINDOWS\zoek-delete.exe" not found
C:\PROGRA~2\Tencent deleted
C:\PROGRA~2\baidu deleted
C:\Users\Public\QiYi deleted
C:\PROGRA~3\Tencent deleted
C:\PROGRA~3\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5} deleted
C:\Users\Gebruiker\AppData\LocalLow\Unity deleted
C:\windows\SysNative\drivers\TFsFltX64.sys deleted
C:\WINDOWS\Fonts\iqiyi_logo.ttf deleted
C:\WINDOWS\tasks\AdobeoaUpdate Ver 2015911.job deleted
C:\windows\SysNative\tasks\AdobeoaUpdate Ver 2015911 deleted
"C:\DelFix.txt" deleted
"C:\rising.ini" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-10-13 14:49:13	6E47C7D9983ED9CB7047894745224E3D	2636032	----a-w-	C:\WINDOWS\RtCamU64.exe
2015-10-08 06:24:07	F0ECBDA4D2FD129FF15C299AF8462FC8	43112	----a-w-	C:\WINDOWS\avastSS.scr
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-10-14 17:09:45	0AD1F816A97BB9ECB807BB86CD44B36B	19325952	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 17:09:40	F053D53DA5B1E51AFCCF129D8F27585C	11262976	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 17:09:39	D6BF254925FD35955C99F402F8DF4773	20858360	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 17:09:35	77BFF88DF139AEB20BE0F5AB7737A981	13027840	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 17:09:34	81A585A9D537956C00CA173C3C82C292	18806272	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-14 17:09:33	441947103FF76ED33BC46E50AFC55D57	5454848	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 17:09:32	48CCDE23CA8D3380D1491EAD0E7A3ECE	3580416	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 17:09:31	A1B94C8C5C9DD2780B83C7435EE18BED	1997336	----a-w-	C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 17:09:30	E2EFED5C9E4BF8EC6F35CF63CA5B589F	1594368	----a-w-	C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 17:09:30	9157489ABA83D6FEAAAEC8E3F79714E8	928256	----a-w-	C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 17:09:29	471921FC25E6EC0AA5755C78DD9F7C4E	613376	----a-w-	C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 17:09:28	685105400BCA64E0D19534A516F36454	625152	----a-w-	C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 17:09:27	B81FC272B92CE1A7542EECF1416D17B9	579584	----a-w-	C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 17:09:27	73BE590D1D4B42A202FB0CDDB2784E78	650240	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 17:09:26	860E5BC4CA5AB3FD20051D09270D1A26	504320	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 17:09:26	5F7ADEE18B15B9D629F9875C9604A696	557568	----a-w-	C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 17:09:25	966EDAEB4B78FA7547D484B21491156E	766976	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 17:09:24	0C6AA21007BE1389A4D5C3772D7E262D	525312	----a-w-	C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 17:09:23	E4A4BC49568745BDA44F293E3D29A910	466432	----a-w-	C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-14 17:09:23	CA4303787A36890CE6EE34DC1C993F3E	195584	----a-w-	C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 17:09:22	D055C7AC2514A999D8C636B39457B98B	172032	----a-w-	C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 17:09:22	9E590FA5A1BF50F2E7B7005244F8D31D	574464	----a-w-	C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 17:09:22	39518661140BE931D676EF657E877048	131072	----a-w-	C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 14:49:20	B8E39680B06B7F15D1D667CF4CE54BD4	1980672	----a-w-	C:\WINDOWS\SysWOW64\RsDecode.dll
2015-10-13 14:49:20	6A613D5D1FB628672D8A3D0D0244B9A7	507648	----a-w-	C:\WINDOWS\SysWOW64\RtCamX.dll
2015-10-13 14:47:13	F5CE935502825834F366913C6ACB0116	300032	----a-w-	C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-13 14:47:11	0BE23C8D03DA8D6018017F3765678996	35328	----a-w-	C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-13 14:47:10	54681E6B221DD40D0C77D246DD30E603	140056	----a-w-	C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-13 14:47:10	2BC18CA0472F28AE6AF2BFCFF7D44CD7	1156608	----a-w-	C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-13 14:47:09	B869DFB9433190C6243D87471CEDF7C1	140056	----a-w-	C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-13 14:47:05	2F9CE3DB78A42E188608080F9D047684	35058120	----a-w-	C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-13 14:47:03	9C3B9F8458CB4EB020DE19EA083D6200	4102656	----a-w-	C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-13 14:47:02	8F88114F134BAB162780527469DE5D06	1301896	----a-w-	C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-13 14:47:02	0A8AAE5775A85D656E7FC15CC7715A22	3951104	----a-w-	C:\WINDOWS\SysWOW64\igdmcl32.dll
2015-10-13 14:46:59	8D514F32FC75B4ACF124C565CAC42338	207872	----a-w-	C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-13 14:46:55	65AF11A98EFCDDA221E8CBC36F59D76F	160680	----a-w-	C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-13 14:46:54	ADCF77957A562782981A8929D1C73933	370688	----a-w-	C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-13 14:46:54	7C7414F71FA8D445FED272E9A5DC56F2	153600	----a-w-	C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-13 14:46:53	D7C30A217DC657BF5499509A36607340	4988296	----a-w-	C:\WINDOWS\SysWOW64\igd12umd32.dll
2015-10-13 14:46:52	431EEFD5A4533DB27798AE071FC4F77C	30999920	----a-w-	C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-10-13 14:46:45	57A6DC3A0BACE4F99973804D5C2B1C5A	269360	----a-w-	C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-10-13 14:46:44	800EF363DB9CE36BB9CD9F6D606D7663	10553368	----a-w-	C:\WINDOWS\SysWOW64\igc32.dll
2015-10-13 14:46:37	F750B1ED511D1DC4A580CB7EFD485721	8508416	----a-w-	C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-10-13 14:46:30	351BC74FA2CA6A515D25243B9DF403F9	19844096	----a-w-	C:\WINDOWS\SysWOW64\common_clang32.dll
2015-10-13 14:46:27	7BE414E42CA000286E94444E73F1D09D	282216	----a-w-	C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-10-21 08:18:07	CFADD855CFBDDA587CA5699071DB453B	16148	----a-w-	C:\WINDOWS\Sysnative\LENOVO_Gebruiker_HistoryPrediction.bin
2015-10-14 17:09:49	212E5C2C279835CBFEBF935EB0E7EC5D	16708608	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2015-10-14 17:09:48	CD66CB4E39913D3B0784A2C984BAD234	1795072	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2015-10-14 17:09:48	C0BC21B9D557E46E5C331209950AF90D	2178560	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2015-10-14 17:09:47	5B783C412EA0A2344AA3E83477356C82	24595456	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2015-10-14 17:09:46	F548C34A6FF655F0A716316133B4DD5D	590336	----a-w-	C:\WINDOWS\Sysnative\MessagingDataModel2.dll
2015-10-14 17:09:46	02B94E33E800F71C8417AC3A03D340B7	21875712	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2015-10-14 17:09:42	547D2BC05916E97FC8F48CB22DD1CFA1	22322624	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2015-10-14 17:09:41	72DBFBA1F53B9BF41E71EAA8414BBB86	12504064	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2015-10-14 17:09:38	A1243182E21EAC015267DBE2728D4BBE	8020320	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2015-10-14 17:09:37	872A77BDA3B9967118659E2B195EF23F	7523840	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2015-10-14 17:09:36	BEE5FBF5ECAEE9281023092F07F8E552	4792320	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2015-10-14 17:09:32	73AF2D8038FCEF4C4EB4B3106B41967A	2573768	----a-w-	C:\WINDOWS\Sysnative\msxml6.dll
2015-10-14 17:09:31	879E8BFAEA2393B9E057B909A558174F	3586560	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2015-10-14 17:09:31	32212C0FE0556915E763C29DEB6D267E	1423872	----a-w-	C:\WINDOWS\Sysnative\UserDataService.dll
2015-10-14 17:09:31	0D5C9E27E93AAEA3E30A1E59A7AC3DFF	1205248	----a-w-	C:\WINDOWS\Sysnative\Unistore.dll
2015-10-14 17:09:30	F9042F366B9695FD564E9485112453E2	1871360	----a-w-	C:\WINDOWS\Sysnative\msxml3.dll
2015-10-14 17:09:30	59BD4C7EC035B59B77A7D9CE71F1B9AE	1276416	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2015-10-14 17:09:30	17159DF4093B2F33B95AB9F703EA8391	796160	----a-w-	C:\WINDOWS\Sysnative\TokenBroker.dll
2015-10-14 17:09:29	D107C46DBC705FC63761968965AC4463	826880	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2015-10-14 17:09:29	A92AFC8FB13ADC1CB59719B3E519C843	1294352	----a-w-	C:\WINDOWS\Sysnative\winload.efi
2015-10-14 17:09:29	7E8811597D2752736B776F15A1C8FAA6	856576	----a-w-	C:\WINDOWS\Sysnative\ContactApis.dll
2015-10-14 17:09:28	3A582ABD42FC7C40B944667EDCF5235F	949248	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2015-10-14 17:09:28	11648E08564ECFC6CB435990261F1A34	1123400	----a-w-	C:\WINDOWS\Sysnative\winload.exe
2015-10-14 17:09:27	ED8EAAD25E68C88EE68869805EDD4F29	1382400	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2015-10-14 17:09:26	863E39BB1F8779B8A6CEEC4BA93401C2	1018568	----a-w-	C:\WINDOWS\Sysnative\winresume.efi
2015-10-14 17:09:26	3DB512EC071AB5656EECA3611E24C797	752640	----a-w-	C:\WINDOWS\Sysnative\ChatApis.dll
2015-10-14 17:09:25	C5890CAD6482B12ECA19E680B779560F	858408	----a-w-	C:\WINDOWS\Sysnative\winresume.exe
2015-10-14 17:09:25	AB3B184665305AD0149150DD72DB0238	576000	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2015-10-14 17:09:25	64D7B91B7D667A70782D9C76D6292C3C	980832	----a-w-	C:\WINDOWS\Sysnative\SecConfig.efi
2015-10-14 17:09:24	6688FE37E767BA15F022B7E59E5E7EA6	579072	----a-w-	C:\WINDOWS\Sysnative\winlogon.exe
2015-10-14 17:09:24	184EA31BE714F3B33A5E96CBE103561C	78528	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2015-10-14 17:09:23	9C71FA3F776218AD2394833B8DE79031	685568	----a-w-	C:\WINDOWS\Sysnative\AppointmentApis.dll
2015-10-14 17:09:23	9045120B390CDA9C0C7DB93745B92554	720896	----a-w-	C:\WINDOWS\Sysnative\EmailApis.dll
2015-10-14 17:09:23	839BD56425530973FF3F6F7C0057CD22	288256	----a-w-	C:\WINDOWS\Sysnative\PimIndexMaintenance.dll
2015-10-14 17:09:22	BF77FC08A7D4DC37A659561B29FA23EC	163840	----a-w-	C:\WINDOWS\Sysnative\CallHistoryClient.dll
2015-10-14 17:09:22	75051FAAA293FA5414105A2BDA6BAC05	223232	----a-w-	C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll
2015-10-14 17:09:22	5A863500AB522EFA6270019D613F15F9	757760	----a-w-	C:\WINDOWS\Sysnative\fveapi.dll
2015-10-14 17:09:22	4A805F2C7EF79017D6F67441439A6B18	771072	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2015-10-14 17:09:22	230C8AEE3C7F4723ABEA09C93DF47AF3	257024	----a-w-	C:\WINDOWS\Sysnative\UserDataAccountApis.dll
2015-10-13 14:47:44	F856C546694A4F624C199A4594C12DA6	4674	----a-w-	C:\WINDOWS\Sysnative\iglhxs64.vp
2015-10-13 14:47:38	C9EFA09480ACF6645768D3B85CB3A7F8	256000	----a-w-	C:\WINDOWS\Sysnative\igfxCPL.cpl
2015-10-13 14:47:15	BDCC575282F1A9E393DE4A8F3B2E5B03	313856	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiUtils64.dll
2015-10-13 14:47:14	488C8491A59CF0DBB0AB14D6922C3F5D	331776	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiMCComp64.dll
2015-10-13 14:47:14	3D2DCD9498CEDC6D095C9AA2E47CC174	143872	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiLogServer64.dll
2015-10-13 14:47:13	B5EF361560118F923162D39DE540C722	397824	----a-w-	C:\WINDOWS\Sysnative\IntelOpenCL64.dll
2015-10-13 14:47:13	9DBFF7CB786DA864215624C85CDB12CB	206848	----a-w-	C:\WINDOWS\Sysnative\igfxCoIn_v4279.dll
2015-10-13 14:47:12	86EA2E46755BC89B9565B70A22D98065	94208	----a-w-	C:\WINDOWS\Sysnative\igfxSDKLibv2_0.dll
2015-10-13 14:47:12	52257D34A8B92A28F86BC7F86919109F	83456	----a-w-	C:\WINDOWS\Sysnative\igfxSDKLib.dll
2015-10-13 14:47:11	FF91EA654A4E95484ACDCADB0537F5CD	10240	----a-w-	C:\WINDOWS\Sysnative\igfxEMLib.dll
2015-10-13 14:47:11	E600BDA408C57ACC4E49C38B7E989F87	5120	----a-w-	C:\WINDOWS\Sysnative\igfxLHMLib.dll
2015-10-13 14:47:11	D4A8F73BF3E3420B5800041455E19ACC	73728	----a-w-	C:\WINDOWS\Sysnative\igfxDHLibv2_0.dll
2015-10-13 14:47:11	ADA3A5EEB25230CC36348C68A84765DE	36616	----a-w-	C:\WINDOWS\Sysnative\igfxexps.dll
2015-10-13 14:47:11	8DA314E26D376699EF1942DA9F3CD555	11776	----a-w-	C:\WINDOWS\Sysnative\igfxDILibv2_0.dll
2015-10-13 14:47:11	8533F0BA1E625A2CE172AEE33848CDD7	11776	----a-w-	C:\WINDOWS\Sysnative\igfxDILib.dll
2015-10-13 14:47:11	81AF3914D415DB2702524657B569A0C7	386048	----a-w-	C:\WINDOWS\Sysnative\igfxOSP.dll
2015-10-13 14:47:11	67344DFA5E72A1EC47290AE944C31042	5120	----a-w-	C:\WINDOWS\Sysnative\igfxLHMLibv2_0.dll
2015-10-13 14:47:11	375C8721F0993B44163F35F53A948037	243200	----a-w-	C:\WINDOWS\Sysnative\igfxDTCM.dll
2015-10-13 14:47:11	2681F428099F3D0ADB764C2F1D4A17F0	10240	----a-w-	C:\WINDOWS\Sysnative\igfxEMLibv2_0.dll
2015-10-13 14:47:11	206129380E4A171ABDDBAA921478989F	64512	----a-w-	C:\WINDOWS\Sysnative\igfxDHLib.dll
2015-10-13 14:47:10	AE79E3441C3720B8B1E4D3F32A27102E	86016	----a-w-	C:\WINDOWS\Sysnative\igfxCUIServicePS.dll
2015-10-13 14:47:10	8359DDA8B77AD9A1AC43575BB4A6C73E	163264	----a-w-	C:\WINDOWS\Sysnative\igfxcmrt64.dll
2015-10-13 14:47:10	25A8791A9D5E1D4A68541B76639E56CA	1565696	----a-w-	C:\WINDOWS\Sysnative\igfxcmjit64.dll
2015-10-13 14:47:09	26970EA092ED34198A690542B5216346	162240	----a-w-	C:\WINDOWS\Sysnative\igfx11cmrt64.dll
2015-10-13 14:47:07	E16AA6DF92069B7A4973A6436F3FBAF3	35975320	----a-w-	C:\WINDOWS\Sysnative\igdumdim64.dll
2015-10-13 14:47:03	0605CFA8B808FB08684CEC1787A37A54	4664832	----a-w-	C:\WINDOWS\Sysnative\igdrcl64.dll
2015-10-13 14:47:02	E9C9E8E6A960890B00671B44BC4C3A23	5666304	----a-w-	C:\WINDOWS\Sysnative\igdmcl64.dll
2015-10-13 14:47:02	14992B38FEBA617170B66A325482F716	1630496	----a-w-	C:\WINDOWS\Sysnative\igdmd64.dll
2015-10-13 14:47:01	9828B89605106EA2DA54C2FD8A48B4D1	249344	----a-w-	C:\WINDOWS\Sysnative\igdfcl64.dll
2015-10-13 14:46:55	772F26E9FE5AB7B17EC4E8FE290937F0	201368	----a-w-	C:\WINDOWS\Sysnative\igdde64.dll
2015-10-13 14:46:54	CD82F15BD058B7A695A0FC76351780E0	421888	----a-w-	C:\WINDOWS\Sysnative\igdbcl64.dll
2015-10-13 14:46:54	2D54B4D22A747B5D3A62404CA9D4D888	172032	----a-w-	C:\WINDOWS\Sysnative\igdail64.dll
2015-10-13 14:46:53	86CE2BF18AC3DF8280159BEF7F9BD882	29700048	----a-w-	C:\WINDOWS\Sysnative\igd11dxva64.dll
2015-10-13 14:46:53	3ECB0FF1A754C89A6CC09273F6F0A716	5008360	----a-w-	C:\WINDOWS\Sysnative\igd12umd64.dll
2015-10-13 14:46:45	B0D2DB8BFA7B4E2A36E183D71B6C2469	283768	----a-w-	C:\WINDOWS\Sysnative\igd10idpp64.dll
2015-10-13 14:46:45	201148B2476431CAC399CDA3D8B57AAA	12923944	----a-w-	C:\WINDOWS\Sysnative\igc64.dll
2015-10-13 14:46:38	A5482DECEC7A6C9193C7E79CD042ADCF	11413504	----a-w-	C:\WINDOWS\Sysnative\ig75icd64.dll
2015-10-13 14:46:33	4A0DC485AB955089D7A169F0FA2C8594	5245440	----a-w-	C:\WINDOWS\Sysnative\GfxResources.dll
2015-10-13 14:46:31	33D7D6382E6EF61C1106C445A73E6B2E	29084160	----a-w-	C:\WINDOWS\Sysnative\common_clang64.dll
2015-10-13 14:46:27	3EC955382E0736B10959CF73F461B186	595560	----a-w-	C:\WINDOWS\Sysnative\IntelCpHDCPSvc.exe
2015-10-13 14:46:27	18F89E767A55ED8661514BE44F0BE0AA	517736	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiUMS64.exe
2015-10-13 14:46:26	C4EEA3CF1239AC11E0570F180AE027CE	929896	----a-w-	C:\WINDOWS\Sysnative\Gfxv4_0.exe
2015-10-13 14:46:26	ACE3DF10D4AB7F22960BDC7AC290F032	218216	----a-w-	C:\WINDOWS\Sysnative\igfxext.exe
2015-10-13 14:46:26	5325314F7A3EE50A389ABDD7A5E25C60	1007720	----a-w-	C:\WINDOWS\Sysnative\igfxSDK.exe
2015-10-13 14:46:25	70E397DF49BB6D3DFD612B0784A6A5DF	448104	----a-w-	C:\WINDOWS\Sysnative\GfxUIEx.exe
2015-10-13 14:46:25	5A088BB2581E2AC9AE339AB505936BDF	213096	----a-w-	C:\WINDOWS\Sysnative\DPTopologyAppv2_0.exe
2015-10-13 14:46:25	08D820CE9EF051E2BC70D266EE4F3B52	926312	----a-w-	C:\WINDOWS\Sysnative\Gfxv2_0.exe
2015-10-13 14:46:24	381B2311B97931AE92AC84027CDCA375	213608	----a-w-	C:\WINDOWS\Sysnative\DPTopologyApp.exe
2015-10-13 14:46:24	2F33D7EB63A7846C76D013B30A46A5A4	156264	----a-w-	C:\WINDOWS\Sysnative\difx64.exe
2015-10-13 14:46:23	3EA320C564AAF73998CFBE7942547B05	7957573	----a-w-	C:\WINDOWS\Sysnative\igdclbif.bin
2015-10-13 14:46:22	46765366BAB1FD8B9406EB98FFF3276C	816487	----a-w-	C:\WINDOWS\Sysnative\DisplayAudiox64.cab
2015-10-13 14:45:17	53F0963B6300656F412FA3357087CB16	82544	----a-w-	C:\WINDOWS\Sysnative\RtNicProp64.dll
2015-10-13 14:44:42	4DA5DA193E0E4F86F6F8FD43EF25329A	1721576	----a-w-	C:\WINDOWS\Sysnative\wdfcoinstaller01009.dll
2015-10-08 06:24:10	36F4012709319D4D2F8858DAF2C3117E	378880	----a-w-	C:\WINDOWS\Sysnative\aswBoot.exe
====== C:\WINDOWS\Sysnative\drivers =====
2015-10-14 17:09:25	0A368247A900656CC0678117DFC3A87C	498016	----a-w-	C:\WINDOWS\Sysnative\drivers\usbhub.sys
2015-10-13 14:46:18	DB915A62AD807FFC400D429C2847149E	16896	----a-w-	C:\WINDOWS\Sysnative\drivers\cykbfltr.sys
2015-10-13 14:45:37	5F6CA62BE8ECC4D0E1F5D4D4A02B456B	1462720	----a-w-	C:\WINDOWS\Sysnative\drivers\iaStorA.sys
2015-10-13 14:44:46	296C443FCC228EA643ED310465772820	184608	----a-w-	C:\WINDOWS\Sysnative\drivers\TeeDriverW8x64.sys
2015-10-13 14:44:45	C1010ADD3DDAE1196ED21057AF7B2AAE	26136	----a-w-	C:\WINDOWS\Sysnative\drivers\ICCWDT.sys
2015-10-13 14:44:45	3E9543C0FD4C343B54793B268B314837	51712	----a-w-	C:\WINDOWS\Sysnative\drivers\flashud.sys
2015-10-03 20:00:59	76F7D7217FBDAB77798A2A244ACD641F	206080	----a-w-	C:\WINDOWS\Sysnative\drivers\ssudserd.sys
2015-10-03 20:00:57	5252D7BC56E5E0ED715AEA8FE173A455	206080	----a-w-	C:\WINDOWS\Sysnative\drivers\ssudmdm.sys
2015-10-03 20:00:40	73BDD44A6088916964945886F9025409	108800	----a-w-	C:\WINDOWS\Sysnative\drivers\ssudbus.sys
2015-10-03 19:56:26	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-10-01 08:09:45	89C9C3745F270EF93988DA57BC6AA62B	1983824	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2015-10-01 08:09:44	7EBD20284AC9BF9F0A020B86769BB074	2432336	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2015-10-01 08:09:33	927AD29D7F91B9A0C5294932374DA15E	894256	----a-w-	C:\WINDOWS\Sysnative\drivers\Wdf01000.sys
2015-10-01 08:09:25	FCC211B0F46D831506D0D76539203899	929280	----a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2015-10-01 08:09:24	FDB239DBE2A14B572D21ABCEDC7BB5D0	505696	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2015-10-01 08:09:24	C08449092043601887A1743350888635	516448	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2015-10-01 08:09:24	5A1C6AFFF6946C5C21A27AE05084C0D1	332624	----a-w-	C:\WINDOWS\Sysnative\drivers\fastfat.sys
2015-10-01 08:09:21	B6A33DCEBE437F909615E89BA5FB1385	395088	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2015-10-01 08:09:17	70469C8AC4AD367295E70CFDD81B754C	99664	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2015-10-01 08:09:16	854AF190F55E6D70EC65A85798F896E2	36352	----a-w-	C:\WINDOWS\Sysnative\drivers\buttonconverter.sys
2015-10-01 08:09:15	FA5C94FB36625787063D04CF2F24E890	320000	----a-w-	C:\WINDOWS\Sysnative\drivers\portcls.sys
2015-10-01 08:09:12	616F40B897DA651221F86A1741E9609B	1168736	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2015-10-01 08:09:09	1434CA8A224655AD096D57DB24D3AA85	406864	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2015-10-01 08:09:09	004C66464D8FE76D5DA78BE6777D61AF	278352	----a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2015-09-27 09:13:30	496C3C6BC3D930D0960C9E75AA30F4A7	30264	----a-w-	C:\WINDOWS\Sysnative\drivers\dtlitescsibus.sys
====== C:\WINDOWS\Tasks ======
2015-10-16 08:49:45	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Hewlett-Packard
2015-10-12 13:23:59	6091AC99D7AFB0D8A8E4277489B1B671	3926	----a-w-	C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player Updater
2015-10-12 13:23:59	08544F41780048182D5768DFCD685DFF	940	----a-w-	C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-27 09:14:26	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Lenovo
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-10-16 09:07:12	--------	d-----w-	C:\Program Files\HP
2015-10-13 14:46:21	--------	d-----w-	C:\Program Files\Cypress
2015-10-13 14:41:44	--------	d-----w-	C:\Program Files\Classic Shell
2015-10-09 07:50:31	--------	d-----w-	C:\Program Files\Windows Live
2015-09-27 09:17:39	--------	d-----w-	C:\Program Files\Microsoft Office
2015-09-27 08:58:53	--------	d-----w-	C:\Program Files\Office 2007
======= C:\PROGRA~2 =====
2015-10-16 09:07:27	--------	d-----w-	C:\PROGRA~2\HP Photo Creations
2015-10-16 09:07:13	--------	d-----w-	C:\PROGRA~2\HP
2015-10-16 08:44:52	--------	d-----w-	C:\PROGRA~2\Hewlett-Packard
2015-10-13 15:21:01	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-09-29 18:31:17	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-09-29 18:31:17	--------	d-----r-	C:\PROGRA~2\Skype
2015-09-29 07:58:39	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2015-09-27 09:19:38	--------	d-----w-	C:\PROGRA~2\Microsoft Works
2015-09-27 09:19:26	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio
2015-09-27 09:17:35	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio 8
2015-09-27 09:17:05	--------	d-----w-	C:\PROGRA~2\Microsoft Office
2015-09-27 09:14:00	--------	d-----w-	C:\PROGRA~2\Disc Soft
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2015-10-21 08:29:36	--------	d-----w-	C:\Users\Default\AppData\Local\Google
2015-10-21 08:29:36	--------	d-----w-	C:\Users\Default User\AppData\Local\Google
2015-10-16 13:47:22	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Hewlett-Packard
2015-10-16 09:04:42	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\HP
2015-10-02 06:41:31	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Dropbox
2015-10-01 09:07:14	CB1F0DFAD5105B777C34C13D2C19FDED	97600	----a-w-	C:\Users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-29 18:31:27	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Skype
2015-09-27 16:37:35	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2015-09-27 16:37:35	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
2015-09-27 09:17:08	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Microsoft Help
2015-09-27 09:15:13	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Disc_Soft_Ltd
====== C:\Users\Gebruiker ======
2015-10-20 12:05:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-20 07:23:24	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\.oracle_jre_usage
2015-10-20 07:23:02	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\.oracle_jre_usage
2015-10-16 09:07:27	--------	d-----w-	C:\ProgramData\Visan
2015-10-16 09:07:27	--------	d-----w-	C:\ProgramData\HP Photo Creations
2015-10-16 09:07:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-10-16 09:07:09	6260E233822118772F7805C594BA4D22	57	----a-w-	C:\ProgramData\Ament.ini
2015-10-16 09:05:12	3E557CBBFA23BA1968A3C5D41CA2ED51	58632240	----a-w-	C:\Users\Gebruiker\Downloads\DJ2510_1313-1.exe
2015-10-16 08:51:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-10-16 08:51:17	--------	d-----w-	C:\ProgramData\Hewlett-Packard
2015-10-13 15:20:50	--------	d-----w-	C:\Users\Gebruiker\.oracle_jre_usage
2015-10-13 15:19:34	B5C2427B072A1DF2789131C4B054ABB2	307200	----a-w-	C:\Users\Gebruiker\Downloads\Ninite Air Java 8 NET 46 Shockwave Installer.exe
2015-10-13 14:42:11	--------	d-----w-	C:\ProgramData\ClassicShell
2015-10-13 14:41:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-10-09 07:48:46	D1FD677582820AB3A60528EAC18FE31C	1243328	----a-w-	C:\Users\Gebruiker\Downloads\wlsetup-web.exe
2015-10-02 06:41:30	--------	d-----r-	C:\WINDOWS\sysWoW64\config\systemprofile\Documents
2015-10-02 06:41:29	--------	d-----r-	C:\WINDOWS\sysWoW64\config\systemprofile\Desktop
2015-10-01 09:23:50	--------	d-----r-	C:\Users\Gebruiker\Google Drive
2015-10-01 09:23:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-09-29 18:32:32	--------	d-----w-	C:\Users\Gebruiker\Tracing
2015-09-29 18:31:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-29 18:31:11	--------	d-----w-	C:\ProgramData\Skype
2015-09-27 09:20:31	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-27 09:17:05	--------	d-----w-	C:\ProgramData\Microsoft Help
2015-09-27 09:12:49	--------	d-----w-	C:\ProgramData\DAEMON Tools Lite
2015-09-24 13:34:43	--------	d-----w-	C:\ProgramData\HP
2015-09-22 09:00:43	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3

====== C: exe-files ==
2015-10-21 08:29:38	B599D6F99B20D853E0AB9657144F6E64	22568208	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\tmpmns43b\googledrivesync.exe
2015-10-20 12:05:08	AA8330A5DC1DF0DA248B87F26E87D311	50766768	----a-w-	C:\Program Files (x86)\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.10.8\DropboxClient_3.10.8.exe
2015-10-18 15:37:59	81A0F0F4573C039DC11D9C2B3A984EC0	953700	----a-w-	C:\Program Files (x86)\fotofabriekSoftware\unins000.exe
2015-10-18 15:35:46	2A3DBB25B90C7ADB4AD6FD68F4A68258	13646760	----a-w-	C:\ProgramData\fotofabriekSoftware\Products\branding\publisher_setup.exe
2015-10-17 09:38:00	33A6AE1EAB7A80FD88ED115D7CCD8FF0	594448	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
2015-10-16 13:58:04	635DBF6CD989626ABEE812AF15948A8A	1369416	----a-w-	C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\SwReporter\4.32.1\software_reporter_tool.exe
2015-10-16 09:06:13	FB0D5236CB97604C26E4ED0EE3561461	2873232	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\amd64\hpinkinsAC11.exe
2015-10-16 09:06:13	E4848F7374052BB6569E81063E18B125	2216336	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\i386\hpinkinsAC11.exe
2015-10-16 09:06:13	E48077AAE55A33AE3F8C59D293A88E6B	890272	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\Toolbar\smartprintsetup.exe
2015-10-16 09:06:13	E0479060BA7E47EFFC64ED268F9BD133	198248	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\utils\hpUrlLauncher.exe
2015-10-16 09:06:13	D331DB339CAEC78032A77F0EBA0FA3FA	11502184	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\HP-DQEX5.exe
2015-10-16 09:06:13	C0416F0F9B88C4B66F16DBD671E8A6B9	325224	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\utils\HPInstallLogCollector.exe
2015-10-16 09:06:13	BE215EB72965C7A198479085195C877D	5671192	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\Toolbar\BingBarSetup.exe
2015-10-16 09:06:13	AE2A23229873B9CDC2E9E319BD692B20	1773672	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\Optional\RLBootstrap.exe
2015-10-16 09:06:13	6B54210CD4DBE10A875975C93614479E	1719912	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\Setup.exe
2015-10-16 09:06:13	53497742F27FF02B66D3BA9BE2DC3857	255592	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\utils\x86\RemovePreinstalledDrivers.exe
2015-10-16 09:06:13	246D415FC04CD581B00D77A213735535	307304	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\utils\x64\RemovePreinstalledDrivers.exe
2015-10-16 09:05:12	3E557CBBFA23BA1968A3C5D41CA2ED51	58632240	----a-w-	C:\Users\Gebruiker\Downloads\DJ2510_1313-1.exe
2015-10-16 08:50:39	F117E9CE69478EBEB61AC6423EE563CA	14959048	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\HPSALight\msiinstaller.exe
2015-10-16 08:50:39	EF0040B18F1FAD53691D5DE48DC245C1	401208	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\HPSALight\Setup.exe
2015-10-16 08:50:39	A9DD0C40282F057CAD6FC00D7B08128C	127800	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\HPSALight\UninstallHPSA.exe
2015-10-16 08:44:54	640BE98F751CAD9AF14A91FF2BF326E4	141624	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\HPDObject.exe
2015-10-16 08:44:54	63E7C5D22E2D079FBC4470F1EFE3859F	565048	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\ActiveCheck\HPAsset.exe
2015-10-14 17:29:56	2378C5CC4237C2B561460C69580E8035	9064016	----a-w-	C:\Program Files (x86)\Google\Update\Install\{D74E7340-B4F7-4A0F-A6F7-539DED9BD097}\46.0.2490.71_45.0.2454.101_chrome_updater.exe
2015-10-14 17:29:56	2378C5CC4237C2B561460C69580E8035	9064016	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.71\46.0.2490.71_45.0.2454.101_chrome_updater.exe
2015-10-14 17:09:43	B09B69A734FF707B1A7BC4E4AEF52B74	6264688	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2015-10-14 17:09:41	55C29E89E33C6B7B5F0A22D46130C10C	624480	----a-w-	C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe
2015-10-14 17:09:38	A1243182E21EAC015267DBE2728D4BBE	8020320	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-10-14 17:09:28	11648E08564ECFC6CB435990261F1A34	1123400	----a-w-	C:\Windows\System32\winload.exe
2015-10-14 17:09:28	11648E08564ECFC6CB435990261F1A34	1123400	----a-w-	C:\Windows\System32\Boot\winload.exe
2015-10-14 17:09:25	C5890CAD6482B12ECA19E680B779560F	858408	----a-w-	C:\Windows\System32\winresume.exe
2015-10-14 17:09:25	C5890CAD6482B12ECA19E680B779560F	858408	----a-w-	C:\Windows\System32\Boot\winresume.exe
2015-10-14 17:09:24	6688FE37E767BA15F022B7E59E5E7EA6	579072	----a-w-	C:\Windows\System32\winlogon.exe
2015-10-14 17:09:23	AC9DBC3DCA6F57839B8056D6B6835CB3	780640	----a-w-	C:\Windows\Boot\PCAT\memtest.exe
=== C: other files ==
2015-10-21 08:30:07	DE0983FE4B830699312D35A990B3AE1B	1945	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\_MEI90162\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx
2015-10-21 08:30:07	82F5C942549405F61A8808D0EA0FA9E2	25575	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\_MEI90162\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
2015-10-16 09:06:10	E5A66920DCD993EA66340D6D494CAF46	7288591	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\7zS6A32\licensing\OpenSource\OpenSource.zip
2015-10-14 17:09:31	879E8BFAEA2393B9E057B909A558174F	3586560	----a-w-	C:\Windows\System32\win32kfull.sys
2015-10-14 17:09:27	ED8EAAD25E68C88EE68869805EDD4F29	1382400	----a-w-	C:\Windows\System32\win32kbase.sys
2015-10-14 17:09:25	0A368247A900656CC0678117DFC3A87C	498016	----a-w-	C:\Windows\System32\drivers\usbhub.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

[HKEY_USERS\S-1-5-21-627102295-317707047-3391245856-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
" QQPCTray"="C:\Program Files (x86)\Tencent\QQPCMgr\10.11.16588.235\QQPCTRAY.EXE /regrun /qqrepair"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtsFT"="RTFTrack.exe"
"ForteConfig"="C:\Program Files\Conexant\ForteConfig\fmapp.exe"
"cAudioFilterAgent"="C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SAII\SACpl.exe /t"
"cpuminer"="C:\WINDOWS\system32\cpm.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-10-2015 12:17]
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [19-08-2015 19:35]
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-08-2015 19:14]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-08-2015 19:14]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CreateExplorerShellUnelevatedTask" [C:\WINDOWS\explorer.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
"C:\WINDOWS\SysNative\tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}" [C:\PROGRAM FILES (X86)\RISING\RAV\rsdelaylauncher.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{4A11316C-D3F4-47EA-8A4D-4D59137DCCCC}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-06-23 02:47:52	--------	d-----w-	C:\PROGRA~3\Oracle
2015-07-10 11:04:22	--------	d-----w-	C:\PROGRA~3\regid.1991-06.com.microsoft
2015-07-10 11:04:22	--------	d-----w-	C:\PROGRA~3\USOPrivate
2015-07-10 11:04:22	--------	d-s---w-	C:\PROGRA~3\Microsoft
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Application Data
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Desktop
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Documents
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Start Menu
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Templates
2015-07-10 12:22:45	--------	d-----w-	C:\PROGRA~3\USOShared
2015-07-31 14:21:10	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2015-07-31 14:47:48	--------	d-----w-	C:\PROGRA~3\Conexant
2015-08-19 17:35:06	--------	d-----w-	C:\PROGRA~3\Dropbox
2015-08-27 05:39:57	--------	d-----w-	C:\PROGRA~3\IsolatedStorage
2015-08-30 12:40:23	--------	d-----w-	C:\PROGRA~3\fotofabriekSoftware
2015-08-30 12:40:28	--------	d-----w-	C:\PROGRA~3\CodedColor Common
2015-09-11 10:04:43	--------	d-----w-	C:\PROGRA~3\AVAST Software
2015-09-24 13:34:43	--------	d-----w-	C:\PROGRA~3\HP
2015-09-27 09:12:49	--------	d-----w-	C:\PROGRA~3\DAEMON Tools Lite
2015-09-27 09:17:05	--------	d-----w-	C:\PROGRA~3\Microsoft Help
2015-09-29 18:31:11	--------	d-----w-	C:\PROGRA~3\Skype
2015-10-13 14:42:11	--------	d-----w-	C:\PROGRA~3\ClassicShell
2015-10-16 08:51:17	--------	d-----w-	C:\PROGRA~3\Hewlett-Packard
2015-10-16 09:07:27	--------	d-----w-	C:\PROGRA~3\HP Photo Creations
2015-10-16 09:07:27	--------	d-----w-	C:\PROGRA~3\Visan

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [08-10-2015 08:24]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.71

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[11-09-2015 12:07]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[11-09-2015 12:07]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Google Slides - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Avast SafePrice - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Google Sheets - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Avast Online Security - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Drive App Launcher - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hao123.com/?tn=99963976_hao_pg"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hao123.com/?tn=99963976_hao_pg"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{4F1D35C4-774F-4C2D-BDDF-6095B6661139}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{4F1D35C4-774F-4C2D-BDDF-6095B6661139} Google  Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=78 folders=19 44389748 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 21-10-2015 at 11:19:13,37 ======================