Zoek.exe v5.0.0.1 Updated 25-October-2015
Tool run by thoma on di 27/10/2015 at 13:12:00,89.
Microsoft Windows 10 Pro 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\thoma\Downloads\zoek.exe    [Scan all users] [Script inserted] 

==== System Restore Info ======================

27/10/2015 13:13:25 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Merge Modules deleted successfully
C:\Program Files\DisplayLink Graphics deleted successfully
C:\PROGRA~3\Avg deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\.NET v4.5\AppData\LocalLow deleted successfully
C:\Users\.NET v4.5 Classic\AppData\LocalLow deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\MsDtsServer120\AppData\LocalLow deleted successfully
C:\Users\MSSQLFDLauncher\AppData\LocalLow deleted successfully
C:\Users\MSSQLSERVER\AppData\LocalLow deleted successfully
C:\Users\MSSQLServerOLAPService\AppData\LocalLow deleted successfully
C:\Users\thoma\AppData\Local\NetworkTiles deleted successfully
C:\Users\thoma\AppData\Local\PackageStaging deleted successfully
C:\Users\thoma\AppData\Local\PeerDistRepub deleted successfully
C:\Users\thoma\AppData\Local\VirtualStore deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-10-08 07:10:18	C6FAA16C3C81657ABFB731746813D806	10752	----a-w-	C:\Windows\SetupAfterRebootService.exe
2015-10-06 18:24:56	F1CBCB7FA6F3B309639AA2D4EF74469C	4532304	----a-w-	C:\Windows\explorer.exe
2015-10-06 18:24:36	986BC1A9E29A9E35C1D10D874616ACBB	215040	----a-w-	C:\Windows\notepad.exe
====== C:\Users\thoma\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-10-24 12:44:53	F1D108804C2BEBD03A9747BFD7F72261	167480	----a-w-	C:\Windows\SysWOW64\hppccompio.dll
2015-10-24 12:44:52	E8CCAA1E8371107C4A6F49B452771452	491008	----a-w-	C:\Windows\SysWOW64\hpcdmc32.dll
2015-10-24 12:44:52	E24A6E0A2E6058409D56235FF9816019	305664	----a-w-	C:\Windows\SysWOW64\hpcc3103.dll
2015-10-24 11:35:30	221E05919FA5CF8EEA6EE1F0323F0AE2	82	----a-w-	C:\Windows\SysWOW64\winsevr.dat
2015-10-17 00:34:14	48CCDE23CA8D3380D1491EAD0E7A3ECE	3580416	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-10-17 00:34:14	39518661140BE931D676EF657E877048	131072	----a-w-	C:\Windows\SysWOW64\CallHistoryClient.dll
2015-10-17 00:34:13	E4A4BC49568745BDA44F293E3D29A910	466432	----a-w-	C:\Windows\SysWOW64\MessagingDataModel2.dll
2015-10-17 00:34:13	9E590FA5A1BF50F2E7B7005244F8D31D	574464	----a-w-	C:\Windows\SysWOW64\Chakradiag.dll
2015-10-17 00:34:13	9157489ABA83D6FEAAAEC8E3F79714E8	928256	----a-w-	C:\Windows\SysWOW64\Unistore.dll
2015-10-17 00:34:13	441947103FF76ED33BC46E50AFC55D57	5454848	----a-w-	C:\Windows\SysWOW64\Chakra.dll
2015-10-17 00:34:06	81A585A9D537956C00CA173C3C82C292	18806272	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2015-10-17 00:34:06	77BFF88DF139AEB20BE0F5AB7737A981	13027840	----a-w-	C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-10-17 00:34:05	0AD1F816A97BB9ECB807BB86CD44B36B	19325952	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-10-17 00:34:00	F053D53DA5B1E51AFCCF129D8F27585C	11262976	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-10-17 00:33:59	D6BF254925FD35955C99F402F8DF4773	20858360	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-10-17 00:33:58	A1B94C8C5C9DD2780B83C7435EE18BED	1997336	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2015-10-17 00:33:57	CA4303787A36890CE6EE34DC1C993F3E	195584	----a-w-	C:\Windows\SysWOW64\UserDataAccountApis.dll
2015-10-17 00:33:57	471921FC25E6EC0AA5755C78DD9F7C4E	613376	----a-w-	C:\Windows\SysWOW64\TokenBroker.dll
2015-10-17 00:33:56	E2EFED5C9E4BF8EC6F35CF63CA5B589F	1594368	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2015-10-17 00:33:56	D055C7AC2514A999D8C636B39457B98B	172032	----a-w-	C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2015-10-17 00:33:56	B81FC272B92CE1A7542EECF1416D17B9	579584	----a-w-	C:\Windows\SysWOW64\AppointmentApis.dll
2015-10-17 00:33:56	685105400BCA64E0D19534A516F36454	625152	----a-w-	C:\Windows\SysWOW64\ContactApis.dll
2015-10-17 00:33:56	5F7ADEE18B15B9D629F9875C9604A696	557568	----a-w-	C:\Windows\SysWOW64\ChatApis.dll
2015-10-17 00:33:56	0C6AA21007BE1389A4D5C3772D7E262D	525312	----a-w-	C:\Windows\SysWOW64\EmailApis.dll
2015-10-17 00:33:54	860E5BC4CA5AB3FD20051D09270D1A26	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-10-17 00:33:54	73BE590D1D4B42A202FB0CDDB2784E78	650240	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-10-17 00:33:53	966EDAEB4B78FA7547D484B21491156E	766976	----a-w-	C:\Windows\SysWOW64\kerberos.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-10-27 08:39:20	24F0A56A4DFD620744ECF856C33D9D1A	16148	----a-w-	C:\Windows\Sysnative\DESKTOP-3207K6M_thoma_HistoryPrediction.bin
2015-10-24 12:44:53	99A19732B7D1ED241C42B7CB654191C7	176640	----a-w-	C:\Windows\Sysnative\hpcpn103.dll
2015-10-24 12:44:53	3784F03768B522F6B4FE050F65EF6B64	193592	----a-w-	C:\Windows\Sysnative\hppdcompio.dll
2015-10-24 12:44:52	ECDCCF31F2DBA84E0BF7FFAC8D7DC497	310272	----a-w-	C:\Windows\Sysnative\hpbcoins64.dll
2015-10-24 11:35:16	E019017558B28A707119F8545AD1A1C0	30648	----a-w-	C:\Windows\Sysnative\ambakdrv.sys
2015-10-24 11:35:16	7CD08E63219E00BB206077F5BA708677	17848	----a-w-	C:\Windows\Sysnative\amwrtdrv.sys
2015-10-24 11:35:16	46014EDFDC8AF8733E14947448D122C5	151480	----a-w-	C:\Windows\Sysnative\ammntdrv.sys
2015-10-17 00:34:13	BF77FC08A7D4DC37A659561B29FA23EC	163840	----a-w-	C:\Windows\Sysnative\CallHistoryClient.dll
2015-10-17 00:34:13	BEE5FBF5ECAEE9281023092F07F8E552	4792320	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-10-17 00:34:12	F548C34A6FF655F0A716316133B4DD5D	590336	----a-w-	C:\Windows\Sysnative\MessagingDataModel2.dll
2015-10-17 00:34:12	C0BC21B9D557E46E5C331209950AF90D	2178560	----a-w-	C:\Windows\Sysnative\AppXDeploymentServer.dll
2015-10-17 00:34:12	839BD56425530973FF3F6F7C0057CD22	288256	----a-w-	C:\Windows\Sysnative\PimIndexMaintenance.dll
2015-10-17 00:34:12	32212C0FE0556915E763C29DEB6D267E	1423872	----a-w-	C:\Windows\Sysnative\UserDataService.dll
2015-10-17 00:34:12	0D5C9E27E93AAEA3E30A1E59A7AC3DFF	1205248	----a-w-	C:\Windows\Sysnative\Unistore.dll
2015-10-17 00:34:11	ED8EAAD25E68C88EE68869805EDD4F29	1382400	----a-w-	C:\Windows\Sysnative\win32kbase.sys
2015-10-17 00:34:11	872A77BDA3B9967118659E2B195EF23F	7523840	----a-w-	C:\Windows\Sysnative\Chakra.dll
2015-10-17 00:34:11	4A805F2C7EF79017D6F67441439A6B18	771072	----a-w-	C:\Windows\Sysnative\Chakradiag.dll
2015-10-17 00:34:11	02B94E33E800F71C8417AC3A03D340B7	21875712	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2015-10-17 00:34:10	A1243182E21EAC015267DBE2728D4BBE	8020320	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-10-17 00:34:09	CD66CB4E39913D3B0784A2C984BAD234	1795072	----a-w-	C:\Windows\Sysnative\AppXDeploymentExtensions.dll
2015-10-17 00:34:09	879E8BFAEA2393B9E057B909A558174F	3586560	----a-w-	C:\Windows\Sysnative\win32kfull.sys
2015-10-17 00:34:09	5B783C412EA0A2344AA3E83477356C82	24595456	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-10-17 00:34:08	59BD4C7EC035B59B77A7D9CE71F1B9AE	1276416	----a-w-	C:\Windows\Sysnative\wifinetworkmanager.dll
2015-10-17 00:34:07	212E5C2C279835CBFEBF935EB0E7EC5D	16708608	----a-w-	C:\Windows\Sysnative\Windows.UI.Xaml.dll
2015-10-17 00:34:07	17159DF4093B2F33B95AB9F703EA8391	796160	----a-w-	C:\Windows\Sysnative\TokenBroker.dll
2015-10-17 00:34:02	6688FE37E767BA15F022B7E59E5E7EA6	579072	----a-w-	C:\Windows\Sysnative\winlogon.exe
2015-10-17 00:34:01	72DBFBA1F53B9BF41E71EAA8414BBB86	12504064	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-10-17 00:34:01	547D2BC05916E97FC8F48CB22DD1CFA1	22322624	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-10-17 00:33:58	73AF2D8038FCEF4C4EB4B3106B41967A	2573768	----a-w-	C:\Windows\Sysnative\msxml6.dll
2015-10-17 00:33:57	9C71FA3F776218AD2394833B8DE79031	685568	----a-w-	C:\Windows\Sysnative\AppointmentApis.dll
2015-10-17 00:33:57	9045120B390CDA9C0C7DB93745B92554	720896	----a-w-	C:\Windows\Sysnative\EmailApis.dll
2015-10-17 00:33:57	7E8811597D2752736B776F15A1C8FAA6	856576	----a-w-	C:\Windows\Sysnative\ContactApis.dll
2015-10-17 00:33:57	75051FAAA293FA5414105A2BDA6BAC05	223232	----a-w-	C:\Windows\Sysnative\PhoneCallHistoryApis.dll
2015-10-17 00:33:57	3DB512EC071AB5656EECA3611E24C797	752640	----a-w-	C:\Windows\Sysnative\ChatApis.dll
2015-10-17 00:33:57	230C8AEE3C7F4723ABEA09C93DF47AF3	257024	----a-w-	C:\Windows\Sysnative\UserDataAccountApis.dll
2015-10-17 00:33:56	F9042F366B9695FD564E9485112453E2	1871360	----a-w-	C:\Windows\Sysnative\msxml3.dll
2015-10-17 00:33:55	D107C46DBC705FC63761968965AC4463	826880	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-10-17 00:33:55	A92AFC8FB13ADC1CB59719B3E519C843	1294352	----a-w-	C:\Windows\Sysnative\winload.efi
2015-10-17 00:33:55	3A582ABD42FC7C40B944667EDCF5235F	949248	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-10-17 00:33:54	863E39BB1F8779B8A6CEEC4BA93401C2	1018568	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-10-17 00:33:54	11648E08564ECFC6CB435990261F1A34	1123400	----a-w-	C:\Windows\Sysnative\winload.exe
2015-10-17 00:33:53	C5890CAD6482B12ECA19E680B779560F	858408	----a-w-	C:\Windows\Sysnative\winresume.exe
2015-10-17 00:33:53	AB3B184665305AD0149150DD72DB0238	576000	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-10-17 00:33:53	64D7B91B7D667A70782D9C76D6292C3C	980832	----a-w-	C:\Windows\Sysnative\SecConfig.efi
2015-10-17 00:33:53	184EA31BE714F3B33A5E96CBE103561C	78528	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-10-17 00:33:52	5A863500AB522EFA6270019D613F15F9	757760	----a-w-	C:\Windows\Sysnative\fveapi.dll
====== C:\Windows\Sysnative\drivers =====
2015-10-26 15:25:13	9C3AC71A9934B884FAC567A8807E9C4D	31800	----a-w-	C:\Windows\Sysnative\drivers\revoflt.sys
2015-10-26 11:15:51	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-10-26 11:15:39	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-10-26 11:15:39	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-10-26 11:15:39	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-10-24 11:34:50	FCFD172899D0A026E5BD29F4775BFA76	18472	----a-w-	C:\Windows\Sysnative\drivers\eudskacs.sys
2015-10-24 11:34:50	E47A0ECA90AF393983EF30E458606BB5	60968	----a-w-	C:\Windows\Sysnative\drivers\eubakup.sys
2015-10-24 11:34:50	1D866B50C9B1BA3FE90CC81E0DBC0E15	192040	----a-w-	C:\Windows\Sysnative\drivers\EuFdDisk.sys
2015-10-24 11:34:48	17696B5ACDBDFFC7D26C4B56BF132AD5	48168	----a-w-	C:\Windows\Sysnative\drivers\EUBKMON.sys
2015-10-17 00:33:53	0A368247A900656CC0678117DFC3A87C	498016	----a-w-	C:\Windows\Sysnative\drivers\usbhub.sys
2015-10-13 10:11:42	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_WinUSB_01007.Wdf
2015-10-13 08:50:03	5252D7BC56E5E0ED715AEA8FE173A455	206080	----a-w-	C:\Windows\Sysnative\drivers\ssudmdm.sys
2015-10-13 08:47:49	73BDD44A6088916964945886F9025409	108800	----a-w-	C:\Windows\Sysnative\drivers\ssudbus.sys
2015-10-13 08:46:12	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-10-11 15:47:08	C02FD35184CEA3A65DEE7DE278699BBC	84992	----a-w-	C:\Windows\Sysnative\drivers\IntelHaxm.sys
2015-10-10 11:01:23	ABCF9C80EAACE03021BB7F450EB8993F	367200	------w-	C:\Windows\Sysnative\drivers\afcdp.sys
2015-10-08 07:10:58	C91471B47D9E0FAFAD222CF77B45271D	4577024	----a-w-	C:\Windows\Sysnative\drivers\RTKVHD64.sys
2015-10-08 07:10:57	042C8CB94F7D7AB56BED791DBF056642	31085611	----a-w-	C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2015-10-07 20:24:41	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf
2015-10-07 20:02:19	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-10-07 20:01:55	AF9CA3A881483E6999CB2764BDAD3414	33960	----a-w-	C:\Windows\Sysnative\drivers\Smb_driver_Intel.sys
2015-10-06 19:02:47	35DFC12FD7E44B7CB8CCD7E5A2B3975A	50472	----a-w-	C:\Windows\Sysnative\drivers\nvvad64v.sys
2015-10-06 19:02:47	19E4ABAC30F9E0C820435D36A965ECB0	41600	----a-w-	C:\Windows\Sysnative\drivers\nvpciflt.sys
2015-10-06 18:51:29	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-10-06 18:25:28	3F8B046C0839FDB879FE179C07A1A6A4	3797960	----a-w-	C:\Windows\Sysnative\drivers\igdkmd64.sys
2015-10-06 18:25:23	C167028F97C6DEC11A5F845707BB892F	321792	----a-w-	C:\Windows\Sysnative\drivers\RtsBaStor.sys
2015-10-06 18:25:21	E11A3F79475F9D019CD51ADCCC377909	887552	----a-w-	C:\Windows\Sysnative\drivers\rt640x64.sys
2015-10-06 18:25:21	38DA94B6DD8022DA43810E4328608E54	27872	----a-w-	C:\Windows\Sysnative\drivers\AsHIDSwitch64.sys
2015-10-06 18:24:53	89C9C3745F270EF93988DA57BC6AA62B	1983824	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2015-10-06 18:24:52	7EBD20284AC9BF9F0A020B86769BB074	2432336	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
2015-10-06 18:24:50	466EC5659C02ED53DBD47DC1BC2B8086	2116448	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
2015-10-06 18:24:46	927AD29D7F91B9A0C5294932374DA15E	894256	----a-w-	C:\Windows\Sysnative\drivers\Wdf01000.sys
2015-10-06 18:24:44	FDB239DBE2A14B572D21ABCEDC7BB5D0	505696	----a-w-	C:\Windows\Sysnative\drivers\dxgmms2.sys
2015-10-06 18:24:42	C67A03F54A1EA683F4880A481EE5FF6C	373072	----a-w-	C:\Windows\Sysnative\drivers\USBXHCI.SYS
2015-10-06 18:24:42	C08449092043601887A1743350888635	516448	----a-w-	C:\Windows\Sysnative\drivers\USBHUB3.SYS
2015-10-06 18:24:41	5A1C6AFFF6946C5C21A27AE05084C0D1	332624	----a-w-	C:\Windows\Sysnative\drivers\fastfat.sys
2015-10-06 18:24:41	2C72E029C153D25325CA182A669E4ADE	934752	----a-w-	C:\Windows\Sysnative\drivers\refsv1.sys
2015-10-06 18:24:41	2834089EA4E550FF3B96E61FB4AA34ED	325984	----a-w-	C:\Windows\Sysnative\drivers\pci.sys
2015-10-06 18:24:40	DAF957B25A35757E9D814611FAE8FE3B	237392	----a-w-	C:\Windows\Sysnative\drivers\rdyboost.sys
2015-10-06 18:24:40	B6A33DCEBE437F909615E89BA5FB1385	395088	----a-w-	C:\Windows\Sysnative\drivers\dxgmms1.sys
2015-10-06 18:24:40	9B2039C5673EEBF1D4E34ABC0AFB88C7	685568	----a-w-	C:\Windows\Sysnative\drivers\WdiWiFi.sys
2015-10-06 18:24:39	D5EC9413527B286CFEEB0294C53ABB95	102752	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-10-06 18:24:38	70469C8AC4AD367295E70CFDD81B754C	99664	----a-w-	C:\Windows\Sysnative\drivers\pdc.sys
2015-10-06 18:24:38	616F40B897DA651221F86A1741E9609B	1168736	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
2015-10-06 18:24:37	FA5C94FB36625787063D04CF2F24E890	320000	----a-w-	C:\Windows\Sysnative\drivers\portcls.sys
2015-10-06 18:24:37	854AF190F55E6D70EC65A85798F896E2	36352	----a-w-	C:\Windows\Sysnative\drivers\buttonconverter.sys
2015-10-06 18:24:37	78CA1FF6FE37EEFAFF99DD1C956AF60A	200528	----a-w-	C:\Windows\Sysnative\drivers\wof.sys
2015-10-06 18:24:36	F038EAF73AAB72A4A89185A5A7B9FD75	61280	----a-w-	C:\Windows\Sysnative\drivers\dam.sys
2015-10-06 18:24:36	DE3EDAF609D00EA2E54986E6459796A6	46080	----a-w-	C:\Windows\Sysnative\drivers\UcmUcsi.sys
2015-10-06 18:24:36	AE7B7E1E95BFB9340B1956C98CA52C81	80720	----a-w-	C:\Windows\Sysnative\drivers\stornvme.sys
2015-10-06 18:24:35	3B64DA873CEA5BEC42570BFF1054A014	601344	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-10-06 18:24:35	388F2A3C771B8BEE76FD1AAF9614D08E	52264	----a-w-	C:\Windows\Sysnative\drivers\wpcfltr.sys
2015-10-06 18:24:35	14B46248612DF1B1A695040FFFBCFAFC	155136	----a-w-	C:\Windows\Sysnative\drivers\tunnel.sys
2015-10-06 18:24:35	1434CA8A224655AD096D57DB24D3AA85	406864	----a-w-	C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2015-10-06 18:24:35	004C66464D8FE76D5DA78BE6777D61AF	278352	----a-w-	C:\Windows\Sysnative\drivers\sdbus.sys
2015-10-06 18:24:34	B87D3D07FE6F15328C6860D542F0E2BD	565088	----a-w-	C:\Windows\Sysnative\drivers\acpi.sys
2015-10-06 18:24:34	988588C16A53C2581488C15FF18934BF	46432	----a-w-	C:\Windows\Sysnative\drivers\msgpiowin32.sys
2015-10-06 18:24:34	7680537006A420D7488E5057A8149F86	442208	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
2015-10-06 18:24:34	1F72E1A7E1858B7B3FF81522FCEBDE95	67072	----a-w-	C:\Windows\Sysnative\drivers\usbser.sys
2015-10-06 18:24:32	647E2A425AD43637EAA01096A58B7089	65536	----a-w-	C:\Windows\Sysnative\drivers\bthhfenum.sys
2015-10-06 18:23:57	63070E80CEFC2A3D4110EEFE39FEE190	6786	----a-w-	C:\Windows\Sysnative\drivers\rtwavesEFX.dat
2015-10-06 18:23:57	2BCDBF9CED1585AC3EA1028C638F67C4	2626	----a-w-	C:\Windows\Sysnative\drivers\rtwavesMFX.dat
2015-10-06 18:23:56	B77EDBE1AF755838B1186BBCC974A380	319042	----a-w-	C:\Windows\Sysnative\drivers\RTWAVES40.dat
2015-10-06 18:21:46	E7C9F74D8CAAB1FF7964C27C070FB16C	193336	----a-w-	C:\Windows\Sysnative\drivers\TeeDriverW8x64.sys
2015-10-06 18:21:18	E8B19AB2183BD1E9B331ABBC7DBEDCF0	11198080	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
2015-10-06 18:19:06	B9875A03DC4D9496CF84921E47BD9499	4325544	----a-w-	C:\Windows\Sysnative\drivers\athw10x.sys
====== C:\Windows\Tasks ======
2015-10-08 07:11:12	EC2DAFC8707F821CC226463831303B9D	3194	----a-w-	C:\Windows\Sysnative\Tasks\RTKCPL
2015-10-08 07:11:12	4205651739E74B4F1D5256749FB721DE	3202	----a-w-	C:\Windows\Sysnative\Tasks\RtHDVBg
2015-10-06 19:07:52	E357A0D520ED971BA11FBD32421A9FC2	3126	----a-w-	C:\Windows\Sysnative\Tasks\SlimCleaner Plus (Scheduled Scan - thoma)
2015-10-06 19:07:52	0CDD0AAE0CA143A779489E5D74AF28A1	366	----a-w-	C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - thoma).job
2015-10-06 18:57:50	85E9DD722ECF1779C080385179739EB0	442	----a-w-	C:\Windows\Tasks\SlimDrivers Startup.job
2015-10-06 18:57:50	70A1E3BF5ACDCB0B2C165FA6B1C8EF26	2922	----a-w-	C:\Windows\Sysnative\Tasks\SlimDrivers Startup
2015-10-06 18:46:02	22765A130F90F358BBAC9C8AF01EB691	3354	----a-w-	C:\Windows\Sysnative\Tasks\SamsungMagician
2015-10-06 18:34:46	A159AB15665CBE41007AE36AB1F8BE83	3912	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2015-10-06 18:34:46	361070A1C2EE6BA3C001F7575E667F1D	4144	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2015-10-06 18:34:46	26883CFA7B4F1A2F62E073251D4E587C	1086	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-06 18:34:46	1F62EC24C63682AE3AE40C161F41F7BB	1082	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-06 18:23:57	266F1CFB80AD80D459FD3EBBF8204452	3260	----a-w-	C:\Windows\Sysnative\Tasks\RtHDVBg_ListenToDevice
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-10-26 15:35:57	--------	d-----w-	C:\Program Files\Shell&ServicesEngine
2015-10-26 15:25:11	--------	d-----w-	C:\Program Files\VS Revo Group
2015-10-26 12:23:20	--------	d-----w-	C:\Program Files\trend micro
2015-10-13 07:15:02	--------	d-----w-	C:\Program Files\glassfish-4.1
2015-10-13 07:11:09	--------	d-----w-	C:\Program Files\NetBeans 8.0.2
2015-10-11 15:41:56	--------	d-----w-	C:\Program Files\Android
2015-10-11 15:39:15	--------	d-----w-	C:\Program Files\Java
2015-10-10 13:37:27	--------	d-----w-	C:\Program Files\MySQL
2015-10-08 07:06:49	--------	d-----w-	C:\Program Files\nodejs
2015-10-07 20:34:13	--------	d-----w-	C:\Program Files\Microsoft SQL Server Compact Edition
2015-10-07 20:32:39	--------	d-----w-	C:\Program Files\Microsoft DNX
2015-10-07 20:29:53	--------	d-----w-	C:\Program Files\IIS Express
2015-10-07 20:29:12	--------	d-----w-	C:\Program Files\IIS
2015-10-07 20:28:08	--------	d-----w-	C:\Program Files\Microsoft Visual Studio 12.0
2015-10-07 20:04:06	--------	d-----w-	C:\Program Files\Git
2015-10-07 20:02:18	--------	d-----w-	C:\Program Files\Synaptics
2015-10-07 15:33:45	--------	d-----w-	C:\Program Files\Microsoft Office
2015-10-06 19:21:01	--------	d-----w-	C:\Program Files\Microsoft Analysis Services
2015-10-06 19:19:36	--------	d-----w-	C:\Program Files\Microsoft.NET
2015-10-06 19:16:45	--------	d-----w-	C:\Program Files\Microsoft Visual Studio 10.0
2015-10-06 19:16:45	--------	d-----w-	C:\Program Files\Microsoft Help Viewer
2015-10-06 19:16:28	--------	d-----w-	C:\Program Files\Sublime Text 2
2015-10-06 19:06:21	--------	d-----w-	C:\Program Files\Reference Assemblies
2015-10-06 19:06:21	--------	d-----w-	C:\Program Files\MSBuild
2015-10-06 18:57:20	--------	d-----w-	C:\Program Files\Speccy
2015-10-06 18:52:32	--------	d-----w-	C:\Program Files\Microsoft SQL Server
2015-10-06 18:38:18	--------	d-----w-	C:\Program Files\WinRAR
2015-10-06 18:25:51	--------	d-----w-	C:\Program Files\DIFX
2015-10-06 18:25:48	--------	d-----w-	C:\Program Files\Intel
2015-10-06 18:23:50	--------	d-----w-	C:\Program Files\Realtek
2015-10-06 18:21:30	--------	d-----w-	C:\Program Files\NVIDIA Corporation
======= C:\PROGRA~2 =====
2015-10-26 15:54:55	--------	d-----w-	C:\PROGRA~2\QuickLauncherInst
2015-10-25 17:58:49	--------	d-----w-	C:\PROGRA~2\Opera
2015-10-25 17:57:22	--------	d-----w-	C:\PROGRA~2\Bit Che
2015-10-24 11:32:45	--------	d-----w-	C:\PROGRA~2\EaseUS
2015-10-12 14:31:27	--------	d-----w-	C:\PROGRA~2\JAM Software
2015-10-12 14:27:25	--------	d-----w-	C:\PROGRA~2\Cisco Packet Tracer 6.2sv
2015-10-11 15:40:02	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-10-10 11:01:11	--------	d-----w-	C:\PROGRA~2\COMMON~1\Acronis
2015-10-07 20:34:12	--------	d-----w-	C:\PROGRA~2\Microsoft SQL Server Compact Edition
2015-10-07 20:33:52	--------	d-----w-	C:\PROGRA~2\ShellDir
2015-10-07 20:30:26	--------	d-----w-	C:\PROGRA~2\Microsoft Web Tools
2015-10-07 20:29:53	--------	d-----w-	C:\PROGRA~2\IIS Express
2015-10-07 20:29:45	--------	d-----w-	C:\PROGRA~2\AppInsights
2015-10-07 20:29:37	--------	d-----w-	C:\PROGRA~2\Microsoft Office365 Tools
2015-10-07 20:29:17	--------	d-----w-	C:\PROGRA~2\NuGet
2015-10-07 20:29:15	--------	d-----w-	C:\PROGRA~2\Microsoft WCF Data Services
2015-10-07 20:29:12	--------	d-----w-	C:\PROGRA~2\IIS
2015-10-07 20:28:07	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio 12.0
2015-10-07 20:26:53	--------	d-----w-	C:\PROGRA~2\Microsoft Help Viewer
2015-10-07 20:26:52	--------	d-----w-	C:\PROGRA~2\Windows Kits
2015-10-07 20:24:39	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio 14.0
2015-10-07 20:10:42	--------	d-----w-	C:\PROGRA~2\mRemoteNG
2015-10-07 20:00:21	--------	d--h--w-	C:\PROGRA~2\Temp
2015-10-07 19:54:21	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2015-10-07 19:10:30	--------	d-----w-	C:\PROGRA~2\Microsoft ASP.NET
2015-10-07 15:35:18	--------	d-----w-	C:\PROGRA~2\Microsoft Works
2015-10-07 15:35:09	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio
2015-10-07 15:33:41	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio 8
2015-10-06 19:33:57	--------	d-----w-	C:\PROGRA~2\Realtek
2015-10-06 19:33:56	--------	d--h--w-	C:\PROGRA~2\InstallShield Installation Information
2015-10-06 19:20:25	--------	d-----w-	C:\PROGRA~2\Microsoft Office
2015-10-06 19:20:12	--------	d-----w-	C:\PROGRA~2\Microsoft Analysis Services
2015-10-06 19:17:24	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio 10.0
2015-10-06 19:17:05	--------	d-----w-	C:\PROGRA~2\Microsoft SQL Server
2015-10-06 19:16:45	--------	d-----w-	C:\PROGRA~2\Microsoft SDKs
2015-10-06 19:12:35	--------	d-----w-	C:\PROGRA~2\Brackets
2015-10-06 19:06:21	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2015-10-06 19:06:21	--------	d-----w-	C:\PROGRA~2\MSBuild
2015-10-06 18:57:43	--------	d-----w-	C:\PROGRA~2\SlimDrivers
2015-10-06 18:45:41	--------	d-----w-	C:\PROGRA~2\Samsung
2015-10-06 18:34:42	--------	d-----w-	C:\PROGRA~2\Google
2015-10-06 18:25:51	--------	d-----w-	C:\PROGRA~2\Intel
2015-10-06 18:25:45	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel
2015-10-06 18:21:30	--------	d-----w-	C:\PROGRA~2\NVIDIA Corporation
======= C: =====
2015-10-24 11:36:27	F515D6E5C99EF6BF8E9FFF5AA6CC835C	1024	---ha-w-	C:\SYSTAG.BIN
2015-10-11 15:47:10	461A343D24CE8DE166934DD6F71C1FCD	91	----a-w-	C:\HaxLogs.txt
2015-10-10 10:52:15	5EE61AF78EF3CF7DE7812C8EDCE0A9D8	48	----a-w-	C:\RB.rdat
2015-10-10 10:52:15	58EECD332B68BB36DF1E8B1384A5CCFE	48	----a-w-	C:\License_Time.rdat
====== C:\Users\thoma\AppData\Roaming ======
2015-10-26 15:25:15	--------	d-----w-	C:\Users\thoma\AppData\Local\VS Revo Group
2015-10-26 11:14:16	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog
2015-10-26 11:09:56	--------	d-----w-	C:\Users\thoma\AppData\Local\SlimWare Utilities Inc
2015-10-26 08:08:12	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2015-10-26 08:03:10	--------	d-----w-	C:\Users\thoma\AppData\Local\Avg2015
2015-10-26 07:52:36	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg
2015-10-26 07:52:02	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg
2015-10-26 07:50:09	--------	d-----w-	C:\Users\thoma\AppData\Local\AvgSetupLog
2015-10-26 07:50:09	--------	d-----w-	C:\Users\thoma\AppData\Local\Avg
2015-10-25 19:03:39	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\PeerDistRepub
2015-10-25 19:02:34	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Programs
2015-10-25 19:00:45	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2015-10-25 18:32:16	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\AutoUpdate
2015-10-25 18:22:37	--------	d-----w-	C:\Users\thoma\AppData\Local\Opera Software
2015-10-21 08:10:12	--------	d-----w-	C:\Users\thoma\AppData\Local\Mozilla
2015-10-19 07:32:05	D5B70AD5C2E87DD57FFE390C24A75805	600	----a-w-	C:\Users\thoma\AppData\Local\PUTTY.RND
2015-10-19 07:21:05	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\dcpsvc
2015-10-14 18:46:37	--------	d-----w-	C:\Users\thoma\AppData\Local\Popcorn Time
2015-10-13 10:30:15	--------	d-s---r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Temp
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Microsoft
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-13 07:45:38	A66C98F6809D4BCE68A481A86F83B087	89648	----a-w-	C:\Users\thoma\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-13 07:23:18	--------	d-----w-	C:\Users\thoma\AppData\Local\NetBeans
2015-10-12 10:47:10	--------	d-s---r-	C:\Users\MSSQLServerOLAPService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\AppData\Roaming
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\AppData\Local\Temp
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\AppData\Local\Microsoft Help
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\AppData\Local\Microsoft
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\AppData\Local
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-12 10:47:09	--------	d-s---r-	C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\Roaming
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\LocalLow
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\Local\Temp
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\Local\Microsoft Help
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\Local\Microsoft
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\AppData\Local
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-12 10:47:06	--------	d-s---r-	C:\Users\MsDtsServer120\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\AppData\Roaming
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\AppData\Local\Temp
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\AppData\Local\Microsoft Help
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\AppData\Local\Microsoft
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\AppData\Local
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-12 10:46:56	--------	d-s---r-	C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\AppData\Roaming
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\AppData\Local\Temp
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\AppData\Local\Microsoft Help
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\AppData\Local\Microsoft
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\AppData\Local
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-12 10:46:55	--------	d-s---r-	C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\AppData\Roaming
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\AppData\Local\Temp
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\AppData\Local\Microsoft Help
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\AppData\Local\Microsoft
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\AppData\Local
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-12 10:20:18	--------	d-----w-	C:\Users\thoma\AppData\Local\e-academy Inc
2015-10-11 15:53:20	--------	d-----w-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
2015-10-11 15:43:09	--------	d-----w-	C:\Users\thoma\AppData\Local\Android
2015-10-10 14:40:01	--------	d-----w-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-10-10 14:39:46	--------	d-----w-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-08 16:17:18	--------	d-s---r-	C:\Users\NETV4~1.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-08 16:17:18	--------	d-s---r-	C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\AppData\Roaming
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\AppData\Local\Temp
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\AppData\Local\Microsoft Help
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\AppData\Local\Microsoft
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\AppData\Local
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\AppData\Roaming
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\AppData\Local\Temp
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\AppData\Local\Microsoft Help
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\AppData\Local\Microsoft
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\AppData\Local
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-08 16:17:17	--------	d-s---r-	C:\Users\NETV4~1.5CL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-08 16:17:17	--------	d-s---r-	C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\AppData\Roaming
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\AppData\Local\Temp
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\AppData\Local\Microsoft Help
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\AppData\Local\Microsoft
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\AppData\Local
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\AppData\Roaming
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\AppData\Local\Temp
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\AppData\Local\Microsoft Help
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\AppData\Local\Microsoft
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\AppData\Local
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-08 07:54:38	--------	d-----w-	C:\Users\thoma\AppData\Local\mRemoteNG
2015-10-07 20:03:15	--------	d-----w-	C:\Users\thoma\AppData\Local\Programs
2015-10-07 19:11:43	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2015-10-07 19:11:43	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
2015-10-07 19:10:17	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\DataSharing
2015-10-07 19:04:35	--------	d-----w-	C:\Users\thoma\AppData\Local\Diagnostics
2015-10-07 18:39:57	--------	d-----w-	C:\Users\thoma\AppData\Local\Apps
2015-10-07 18:37:38	--------	d-----w-	C:\Users\thoma\AppData\Local\ElevatedDiagnostics
2015-10-07 15:33:27	--------	d-----w-	C:\Users\thoma\AppData\Local\Microsoft Help
2015-10-06 19:38:42	7B6F2F8FAEB8BC3DD614A5A8AEB3359D	294456	----a-w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2015-10-06 19:24:47	--------	d-----w-	C:\Users\thoma\AppData\Local\Mega Limited
2015-10-06 19:24:46	--------	d-----w-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-10-06 19:24:45	--------	d-----w-	C:\Users\thoma\AppData\Local\MEGAsync
2015-10-06 19:04:52	--------	d-----w-	C:\Users\thoma\AppData\Local\NVIDIA Corporation
2015-10-06 19:04:16	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\NVIDIA Corporation
2015-10-06 19:02:37	--------	d-----w-	C:\Users\thoma\AppData\Local\Microsoft_Corporation
2015-10-06 18:38:27	--------	d-----w-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-06 18:34:47	--------	d-s---w-	C:\Windows\serviceprofiles\networkservice\AppData\LocalLow
2015-10-06 18:34:30	--------	d-----w-	C:\Users\thoma\AppData\Local\Google
2015-10-06 18:32:44	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages
2015-10-06 18:29:06	--------	d-----w-	C:\Users\thoma\AppData\Local\MicrosoftEdge
2015-10-06 18:25:15	--------	d-----w-	C:\Users\thoma\AppData\Local\Comms
2015-10-06 18:24:40	--------	d-----w-	C:\Users\thoma\AppData\Local\NVIDIA
2015-10-06 18:23:23	--------	d-----w-	C:\Users\thoma\AppData\Local\Publishers
2015-10-06 18:23:09	--------	d-----w-	C:\Users\thoma\AppData\Local\TileDataLayer
2015-10-06 18:23:09	--------	d-----w-	C:\Users\thoma\AppData\Local\Packages
2015-10-06 18:23:09	--------	d-----r-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-10-06 18:23:09	--------	d-----r-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2015-10-06 18:22:01	--------	d-s---r-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-06 18:22:01	--------	d-----w-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-06 18:22:01	--------	d-----w-	C:\Users\thoma\AppData\Roaming
2015-10-06 18:22:01	--------	d-----w-	C:\Users\thoma\AppData\LocalLow
2015-10-06 18:22:01	--------	d-----w-	C:\Users\thoma\AppData\Local\Temp
2015-10-06 18:22:01	--------	d-----w-	C:\Users\thoma\AppData\Local\Microsoft
2015-10-06 18:22:01	--------	d-----w-	C:\Users\thoma\AppData\Local
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-06 18:21:43	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\NVIDIA
2015-10-06 18:21:42	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2015-10-06 18:17:06	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles
2015-10-06 18:13:38	--------	d-s---w-	C:\Windows\serviceprofiles\Localservice\AppData\LocalLow
====== C:\Users\thoma ======
2015-10-26 15:25:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-10-26 15:25:13	--------	d-----w-	C:\ProgramData\VS Revo Group
2015-10-26 15:24:53	F0D0DD8E42BEBA742C65FF479FE99C8D	11069616	----a-w-	C:\Users\thoma\Downloads\RevoUninProSetup.exe
2015-10-26 12:23:01	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\thoma\Desktop\RSITx64.exe
2015-10-26 11:15:21	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\thoma\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-26 11:07:31	B49E7BE8381F46D30B765FC2BDBC823F	1694208	----a-w-	C:\Users\thoma\Downloads\adwcleaner_5.015.exe
2015-10-26 08:21:42	035A3749AF11DE96EA3D76E2BD616FCF	19667928	----a-w-	C:\Users\thoma\Downloads\Advanced_Uninstaller11.exe
2015-10-26 07:51:55	--------	d--h--w-	C:\ProgramData\Common Files
2015-10-25 17:57:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bit Che
2015-10-25 11:45:59	--------	d-----w-	C:\Users\thoma\.nuget
2015-10-24 12:45:58	--------	d-----w-	C:\ProgramData\Hewlett-Packard
2015-10-24 12:44:57	--------	d-----w-	C:\ProgramData\HP
2015-10-24 11:35:28	--------	d-----w-	C:\ProgramData\AomeiBR
2015-10-19 07:31:34	354D9ABEFA0ED67A08BD056324284D6E	524288	----a-w-	C:\Users\thoma\Desktop\putty.exe
2015-10-13 10:30:15	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\DefaultAppPool\ntuser.ini
2015-10-13 10:30:15	--------	d--h--w-	C:\Users\DefaultAppPool\AppData
2015-10-13 10:30:15	--------	d-----w-	C:\Users\DefaultAppPool\Saved Games
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Videos
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Pictures
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Music
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Links
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Favorites
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Downloads
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Documents
2015-10-13 10:30:15	--------	d-----r-	C:\Users\DefaultAppPool\Desktop
2015-10-13 08:49:45	--------	d-----w-	C:\Users\thoma\.gradle
2015-10-13 07:12:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2015-10-13 07:10:41	--------	d-----w-	C:\Users\thoma\.nbi
2015-10-12 14:31:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-10-12 14:28:20	2B5A6F53D7035BB5904D0CEAC828629C	188	----a-w-	C:\Users\thoma\.packettracer
2015-10-12 14:28:20	--------	d-----w-	C:\Users\thoma\Cisco Packet Tracer 6.2sv
2015-10-12 14:27:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer Student
2015-10-12 10:47:10	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\MSSQLServerOLAPService\ntuser.ini
2015-10-12 10:47:10	--------	d--h--w-	C:\Users\MSSQLServerOLAPService\AppData
2015-10-12 10:47:10	--------	d-----w-	C:\Users\MSSQLServerOLAPService\Saved Games
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Videos
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Pictures
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Music
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Links
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Favorites
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Downloads
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Documents
2015-10-12 10:47:10	--------	d-----r-	C:\Users\MSSQLServerOLAPService\Desktop
2015-10-12 10:47:09	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\ReportServer\ntuser.ini
2015-10-12 10:47:09	--------	d--h--w-	C:\Users\ReportServer\AppData
2015-10-12 10:47:09	--------	d-----w-	C:\Users\ReportServer\Saved Games
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Videos
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Pictures
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Music
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Links
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Favorites
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Downloads
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Documents
2015-10-12 10:47:09	--------	d-----r-	C:\Users\ReportServer\Desktop
2015-10-12 10:47:06	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\MsDtsServer120\ntuser.ini
2015-10-12 10:47:06	--------	d--h--w-	C:\Users\MsDtsServer120\AppData
2015-10-12 10:47:06	--------	d-----w-	C:\Users\MsDtsServer120\Saved Games
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Videos
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Pictures
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Music
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Links
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Favorites
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Downloads
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Documents
2015-10-12 10:47:06	--------	d-----r-	C:\Users\MsDtsServer120\Desktop
2015-10-12 10:46:56	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\MSSQLFDLauncher\ntuser.ini
2015-10-12 10:46:56	--------	d--h--w-	C:\Users\MSSQLFDLauncher\AppData
2015-10-12 10:46:56	--------	d-----w-	C:\Users\MSSQLFDLauncher\Saved Games
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Videos
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Pictures
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Music
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Links
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Favorites
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Downloads
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Documents
2015-10-12 10:46:56	--------	d-----r-	C:\Users\MSSQLFDLauncher\Desktop
2015-10-12 10:46:55	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\MSSQLSERVER\ntuser.ini
2015-10-12 10:46:55	--------	d--h--w-	C:\Users\MSSQLSERVER\AppData
2015-10-12 10:46:55	--------	d-----w-	C:\Users\MSSQLSERVER\Saved Games
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Videos
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Pictures
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Music
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Links
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Favorites
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Downloads
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Documents
2015-10-12 10:46:55	--------	d-----r-	C:\Users\MSSQLSERVER\Desktop
2015-10-11 15:51:53	--------	d-----w-	C:\Users\thoma\.AndroidStudio1.4
2015-10-11 15:47:11	--------	d-----w-	C:\Users\thoma\.android
2015-10-11 15:47:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2015-10-11 15:39:56	--------	d-----w-	C:\Users\thoma\.oracle_jre_usage
2015-10-11 15:39:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-11 15:39:41	--------	d-----w-	C:\ProgramData\Oracle
2015-10-11 15:39:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-10-10 14:01:04	--------	d-----w-	C:\Users\thoma\.plugman
2015-10-10 13:37:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2015-10-09 09:08:25	--------	d-----w-	C:\Users\thoma\.cordova
2015-10-08 23:00:12	3E08771C27B33BF34C3585C07782CEA4	49	----a-w-	C:\Users\thoma\.gitconfig
2015-10-08 16:17:18	6FC234AD3752E1267B34FB12BCD6718B	20	--sha-w-	C:\Users\NETV4~1.5CL\ntuser.ini
2015-10-08 16:17:18	6FC234AD3752E1267B34FB12BCD6718B	20	--sha-w-	C:\Users\NETV4~1.5\ntuser.ini
2015-10-08 16:17:18	6FC234AD3752E1267B34FB12BCD6718B	20	--sha-w-	C:\Users\.NET v4.5\ntuser.ini
2015-10-08 16:17:18	6FC234AD3752E1267B34FB12BCD6718B	20	--sha-w-	C:\Users\.NET v4.5 Classic\ntuser.ini
2015-10-08 16:17:18	--------	d--h--w-	C:\Users\NETV4~1.5\AppData
2015-10-08 16:17:18	--------	d--h--w-	C:\Users\.NET v4.5\AppData
2015-10-08 16:17:18	--------	d-----w-	C:\Users\NETV4~1.5\Saved Games
2015-10-08 16:17:18	--------	d-----w-	C:\Users\.NET v4.5\Saved Games
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Videos
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Pictures
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Music
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Links
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Favorites
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Downloads
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Documents
2015-10-08 16:17:18	--------	d-----r-	C:\Users\NETV4~1.5\Desktop
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Videos
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Pictures
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Music
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Links
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Favorites
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Downloads
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Documents
2015-10-08 16:17:18	--------	d-----r-	C:\Users\.NET v4.5\Desktop
2015-10-08 16:17:17	--------	d--h--w-	C:\Users\NETV4~1.5CL\AppData
2015-10-08 16:17:17	--------	d--h--w-	C:\Users\.NET v4.5 Classic\AppData
2015-10-08 16:17:17	--------	d-----w-	C:\Users\NETV4~1.5CL\Saved Games
2015-10-08 16:17:17	--------	d-----w-	C:\Users\.NET v4.5 Classic\Saved Games
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Videos
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Pictures
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Music
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Links
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Favorites
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Downloads
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Documents
2015-10-08 16:17:17	--------	d-----r-	C:\Users\NETV4~1.5CL\Desktop
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Videos
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Pictures
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Music
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Links
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Favorites
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Downloads
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Documents
2015-10-08 16:17:17	--------	d-----r-	C:\Users\.NET v4.5 Classic\Desktop
2015-10-08 16:17:13	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS
2015-10-08 07:06:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2015-10-07 20:33:54	--------	d-----w-	C:\ProgramData\PreEmptive Solutions
2015-10-07 20:32:39	--------	d-----w-	C:\ProgramData\Microsoft DNX
2015-10-07 20:29:17	--------	d-----w-	C:\ProgramData\NuGet
2015-10-07 20:28:42	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-10-07 20:27:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-10-07 20:21:11	--------	d-----w-	C:\ProgramData\Package Cache
2015-10-07 20:17:00	--------	d-----w-	C:\ProgramData\VsTelemetry
2015-10-07 20:11:13	A8F801B4275D7518CF8FBB8AABC7AF1A	5515	----a-w-	C:\Users\thoma\.bash_history
2015-10-07 20:10:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mRemoteNG
2015-10-07 20:06:55	--------	d-----w-	C:\Users\thoma\.ssh
2015-10-07 20:04:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2015-10-07 20:04:48	--------	d-----w-	C:\ProgramData\Git
2015-10-07 15:35:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-07 15:33:24	--------	d-----w-	C:\ProgramData\Microsoft Help
2015-10-06 19:19:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-10-06 19:18:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014
2015-10-06 19:04:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-06 18:58:29	--------	d-----w-	C:\ProgramData\SlimWare Utilities, Inc
2015-10-06 18:57:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
2015-10-06 18:57:43	--------	d-----w-	C:\Users\Public\Documents\Downloaded Installers
2015-10-06 18:57:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-10-06 18:45:46	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-10-06 18:45:41	--------	d-----w-	C:\ProgramData\Samsung
2015-10-06 18:38:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-06 18:35:03	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-06 18:31:59	--------	d-sh--w-	C:\Users\thoma\IntelGraphicsProfiles
2015-10-06 18:31:37	--------	d-----w-	C:\ProgramData\NVIDIA
2015-10-06 18:25:35	--------	d-----w-	C:\ProgramData\SetupTPDriver
2015-10-06 18:25:03	--------	d-----w-	C:\Users\thoma\OneDrive
2015-10-06 18:24:40	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2015-10-06 18:23:56	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\ProgramData\DP45977C.lfl
2015-10-06 18:23:09	--------	d--h--r-	C:\Users\Public\AccountPictures
2015-10-06 18:23:09	--------	d-----r-	C:\Users\thoma\Searches
2015-10-06 18:23:09	--------	d-----r-	C:\Users\thoma\Contacts
2015-10-06 18:22:01	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\thoma\ntuser.ini
2015-10-06 18:22:01	--------	d--h--w-	C:\Users\thoma\AppData
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Videos
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Saved Games
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Pictures
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Music
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Links
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Favorites
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Downloads
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Documents
2015-10-06 18:22:01	--------	d-----r-	C:\Users\thoma\Desktop
2015-10-06 18:21:34	--------	d-----w-	C:\ProgramData\NVIDIA Corporation

====== C: exe-files ==
2015-10-27 12:14:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[75].exe
2015-10-27 12:04:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[74].exe
2015-10-27 11:54:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[73].exe
2015-10-27 11:44:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[72].exe
2015-10-27 11:34:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[71].exe
2015-10-27 11:24:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[70].exe
2015-10-27 11:14:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[69].exe
2015-10-27 11:06:28	DDA514F1B5CFBB41FA6A578691C56E79	6721736	----a-w-	C:\Users\thoma\AppData\Local\NVIDIA\NvBackend\Packages\000081c7\DAO.20107302.exe
2015-10-27 11:06:28	C35FA8E564BE2B453940FE00F9A112C7	592216	----a-w-	C:\Users\thoma\AppData\Local\NVIDIA\NvBackend\Packages\000081b6\CoProc update.20104193.exe
2015-10-27 11:04:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[68].exe
2015-10-27 10:54:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[67].exe
2015-10-27 10:44:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[66].exe
2015-10-27 10:34:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[65].exe
2015-10-27 10:24:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[64].exe
2015-10-27 10:14:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[63].exe
2015-10-27 10:04:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[62].exe
2015-10-27 09:54:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[61].exe
2015-10-27 09:44:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[60].exe
2015-10-27 09:34:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[59].exe
2015-10-27 09:24:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[58].exe
2015-10-27 09:14:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[57].exe
2015-10-27 09:04:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[56].exe
2015-10-27 08:54:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[55].exe
2015-10-27 08:44:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[54].exe
2015-10-27 08:34:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[53].exe
2015-10-27 08:24:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[52].exe
2015-10-27 08:24:38	A18F5A81F549ECB47C9981EA2A5D9E9D	630200	----a-w-	C:\Users\thoma\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-10-27 08:24:34	8A2CD049F90CE157D6CF0DF531AD8B1B	172984	----a-w-	C:\Users\thoma\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-10-27 08:14:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[51].exe
2015-10-27 08:04:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[50].exe
2015-10-27 07:54:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[49].exe
2015-10-27 07:44:50	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-TPMSR.tmp\Shell.exe
2015-10-27 07:44:50	0D42F8F14CB31A278FAD82769752C34D	720030	----a-w-	C:\Program Files (x86)\QuickLauncherInst\unins000.exe
2015-10-27 07:44:44	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[48].exe
2015-10-27 07:34:48	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-5RB9O.tmp\Shell.exe
2015-10-27 07:34:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[47].exe
2015-10-27 07:24:54	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-2JULF.tmp\Shell.exe
2015-10-27 07:24:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[46].exe
2015-10-27 07:14:51	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-60V0U.tmp\Shell.exe
2015-10-27 07:14:43	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[45].exe
2015-10-26 20:05:27	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-69SQG.tmp\Shell.exe
2015-10-26 20:05:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[44].exe
2015-10-26 19:55:30	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-CFPNQ.tmp\Shell.exe
2015-10-26 19:55:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[43].exe
2015-10-26 19:45:22	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-4B5NM.tmp\Shell.exe
2015-10-26 19:45:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[42].exe
2015-10-26 19:35:27	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-869SR.tmp\Shell.exe
2015-10-26 19:35:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[41].exe
2015-10-26 19:25:24	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-I4O22.tmp\Shell.exe
2015-10-26 19:25:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[40].exe
2015-10-26 19:15:25	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-J325M.tmp\Shell.exe
2015-10-26 19:15:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[39].exe
2015-10-26 19:05:29	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-N9E2Q.tmp\Shell.exe
2015-10-26 19:05:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[38].exe
2015-10-26 18:55:31	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-UC0G6.tmp\Shell.exe
2015-10-26 18:55:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[37].exe
2015-10-26 18:45:22	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-BJSL5.tmp\Shell.exe
2015-10-26 18:45:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[36].exe
2015-10-26 18:35:30	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-3A7NV.tmp\Shell.exe
2015-10-26 18:35:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[35].exe
2015-10-26 18:25:23	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-3031R.tmp\Shell.exe
2015-10-26 18:25:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[34].exe
2015-10-26 18:15:22	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-EN0NP.tmp\Shell.exe
2015-10-26 18:15:16	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[33].exe
2015-10-26 18:05:26	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-EBQJO.tmp\Shell.exe
2015-10-26 18:05:15	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[32].exe
2015-10-26 17:55:22	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-SD49U.tmp\Shell.exe
2015-10-26 17:55:15	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[31].exe
2015-10-26 17:45:24	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-VPJUD.tmp\Shell.exe
2015-10-26 17:45:15	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[30].exe
2015-10-26 17:35:27	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-RU697.tmp\Shell.exe
2015-10-26 17:35:15	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[29].exe
2015-10-26 16:54:56	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-KSVMT.tmp\Shell.exe
2015-10-26 16:54:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[28].exe
2015-10-26 16:44:56	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-PB6JA.tmp\Shell.exe
2015-10-26 16:44:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[27].exe
2015-10-26 16:34:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-C8RB6.tmp\Shell.exe
2015-10-26 16:34:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[26].exe
2015-10-26 16:24:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-5NH4T.tmp\Shell.exe
2015-10-26 16:24:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[25].exe
2015-10-26 16:14:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-59B03.tmp\Shell.exe
2015-10-26 16:14:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[24].exe
2015-10-26 16:04:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-JCGEQ.tmp\Shell.exe
2015-10-26 16:04:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[6].exe
2015-10-26 15:54:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-2D2TT.tmp\Shell.exe
2015-10-26 15:54:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[3].exe
2015-10-26 15:54:12	7F238F0AFE3FBC7BEB8B170CA03C7F97	2262952	----a-w-	C:\Users\thoma\AppData\Local\Temp\AvgClean_2cd25579-8334-42dd-901a-6c98f5133bca\avgsetupwrkx.exe
2015-10-26 15:53:06	B571BDEF3606ADFC2E0C6B88E70249A9	2892128	----a-w-	C:\Users\thoma\AppData\Local\Temp\avg-bf4c705f-79b8-4c31-a396-3577e5e45846.exe
2015-10-26 15:44:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-6NEA6.tmp\Shell.exe
2015-10-26 15:44:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[2].exe
2015-10-26 15:34:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-P0HA6.tmp\Shell.exe
2015-10-26 15:34:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[1].exe
2015-10-26 15:29:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\Windows\Temp\is-A5F7U.tmp\Shell.exe
2015-10-26 15:29:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup.exe
2015-10-26 15:27:32	F5F4AB4B92DA5569DDA15CEDCE2FCDE8	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$I7YCBGZ.exe
2015-10-26 15:27:32	CD9FF1EF36C4AF1FD96575B8E4193973	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$IICPMP8.exe
2015-10-26 15:27:32	C80248A1ED31A9B25A85768036C138BC	90	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$I7D2RGY.exe
2015-10-26 15:27:32	7D05F0AC948734389153EA93D5084EF5	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$IZKA27K.exe
2015-10-26 15:27:32	6734E17D301F213F320C0FC7003BE2D9	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$INL1HVL.exe
2015-10-26 15:25:13	04EFED15350A230218D3884C95C1931F	7151696	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\ruplp.exe
2015-10-26 15:25:12	C1E5BFBDAB6B3439BBF3E8CDADD4A4A9	3689000	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoAppBar.exe
2015-10-26 15:25:12	7F3B3ABA994FBFCC90FF8FED64111CDB	81360	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoCmd.exe
2015-10-26 15:25:11	FC6E5B19202BF78457710BE0D0C09CDF	1278743	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe
2015-10-26 15:25:11	F3E59ABD3B54A71BEE309488FC9EBCB4	16403488	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
2015-10-26 15:24:53	F0D0DD8E42BEBA742C65FF479FE99C8D	11069616	----a-w-	C:\Users\thoma\Downloads\RevoUninProSetup.exe
2015-10-26 15:19:12	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RQQDTB8.tmp\Shell.exe
2015-10-26 15:19:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[23].exe
2015-10-26 15:09:11	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R2I5ST0.tmp\Shell.exe
2015-10-26 15:09:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[22].exe
2015-10-26 14:59:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R4ZLURJ.tmp\Shell.exe
2015-10-26 14:59:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[21].exe
2015-10-26 14:49:11	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RIN59BE.tmp\Shell.exe
2015-10-26 14:49:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[20].exe
2015-10-26 14:39:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RDRH94Q.tmp\Shell.exe
2015-10-26 14:39:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[19].exe
2015-10-26 14:29:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RGKRHYK.tmp\Shell.exe
2015-10-26 14:29:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[18].exe
2015-10-26 13:57:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RJA6TB6.tmp\Shell.exe
2015-10-26 13:57:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[17].exe
2015-10-26 13:50:16	D35405671044A9E937C4B2883175C815	41608	----a-w-	C:\Users\thoma\Documents\MEGA\Documenten\3ICT\webprogramatie\labo\opgave02\oplossing\Opgave2\Opgave2\bin\roslyn\vbc.exe
2015-10-26 13:50:16	9730E8008C27D3E8FACFCA670D00B3C2	63648	----a-w-	C:\Users\thoma\Documents\MEGA\Documenten\3ICT\webprogramatie\labo\opgave02\oplossing\Opgave2\Opgave2\bin\roslyn\VBCSCompiler.exe
2015-10-26 13:50:15	C2C66F75A88CC652FDCAE1BA25124A86	41608	----a-w-	C:\Users\thoma\Documents\MEGA\Documenten\3ICT\webprogramatie\labo\opgave02\oplossing\Opgave2\Opgave2\bin\roslyn\csc.exe
2015-10-26 13:47:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R65MN4S.tmp\Shell.exe
2015-10-26 13:47:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[16].exe
2015-10-26 13:37:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R9R0T4K.tmp\Shell.exe
2015-10-26 13:37:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[15].exe
2015-10-26 13:27:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R5TD4WW.tmp\Shell.exe
2015-10-26 13:27:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[14].exe
2015-10-26 13:17:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RVCB8ZY.tmp\Shell.exe
2015-10-26 13:17:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[13].exe
2015-10-26 13:07:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RJ0H1A9.tmp\Shell.exe
2015-10-26 13:07:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[12].exe
2015-10-26 12:57:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RZNTBIW.tmp\Shell.exe
2015-10-26 12:57:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[11].exe
2015-10-26 12:47:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RIMMVJ5.tmp\Shell.exe
2015-10-26 12:47:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[10].exe
2015-10-26 12:37:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RDIESC7.tmp\Shell.exe
2015-10-26 12:37:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[9].exe
2015-10-26 12:27:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RGDJQVT.tmp\Shell.exe
2015-10-26 12:27:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[8].exe
2015-10-26 12:23:20	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\thoma.exe
2015-10-26 12:23:01	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\thoma\Desktop\RSITx64.exe
2015-10-26 12:17:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R3B6U3B.tmp\Shell.exe
2015-10-26 12:17:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[7].exe
2015-10-26 12:07:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R1DELVH.tmp\Shell.exe
2015-10-26 12:07:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[5].exe
2015-10-26 11:57:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RWR7MPG.tmp\Shell.exe
2015-10-26 11:57:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\Windows\Temp\ShellSetup[4].exe
2015-10-26 11:47:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RG3AWUR.tmp\Shell.exe
2015-10-26 11:47:05	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R7YCBGZ.exe
2015-10-26 11:37:08	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RG0Y8VG.tmp\Shell.exe
2015-10-26 11:37:04	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RICPMP8.exe
2015-10-26 11:27:09	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RM1N69Y.tmp\Shell.exe
2015-10-26 11:27:04	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RZKA27K.exe
2015-10-26 11:20:56	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RWAFHGM.tmp\Shell.exe
2015-10-26 11:20:51	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R7D2RGY.exe
2015-10-26 11:15:21	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\thoma\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-26 11:13:15	F8F9F67F70FEDCEB01C1999BF95EDDBD	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$I9WV6U3.exe
2015-10-26 11:13:15	CFF8D8953346EEFAF77B0E52E8C79524	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$IP19MB4.exe
2015-10-26 11:13:15	50F2B087AFF0AC796D5B498AB4CC0A4F	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$I8G1RHV.exe
2015-10-26 11:13:15	4AF82E2ABFB507C415D04C5C4BB530E5	90	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$IUYHTD8.exe
2015-10-26 11:13:15	3017F149DAB19782918EA3BE2D78B7B5	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$IBK84SC.exe
2015-10-26 11:13:15	0956C8043910EDB09F06EB790A61B8EF	96	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$I2PKW2Q.exe
2015-10-26 11:12:02	B571BDEF3606ADFC2E0C6B88E70249A9	2892128	----a-w-	C:\Users\thoma\AppData\Local\Temp\avg-eba78f71-e45b-411f-8aaf-7d03bf6abf2b.exe
2015-10-26 11:10:55	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RB2B7IU.tmp\Shell.exe
2015-10-26 11:10:50	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RNL1HVL.exe
2015-10-26 11:08:15	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RR488A4.tmp\Shell.exe
2015-10-26 11:08:11	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RP19MB4.exe
2015-10-26 11:07:31	B49E7BE8381F46D30B765FC2BDBC823F	1694208	----a-w-	C:\Users\thoma\Downloads\adwcleaner_5.015.exe
2015-10-26 10:07:12	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R20QVCD.tmp\Shell.exe
2015-10-26 10:07:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R2PKW2Q.exe
2015-10-26 09:57:11	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RCOXVCE.tmp\Shell.exe
2015-10-26 09:57:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RBK84SC.exe
2015-10-26 09:47:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R96X55F.tmp\Shell.exe
2015-10-26 09:47:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R8G1RHV.exe
2015-10-26 09:37:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RMVNP4N.tmp\Shell.exe
2015-10-26 09:37:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R9WV6U3.exe
2015-10-26 09:27:10	ACAFA83249A2B0414AA997236A581558	5241850	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$R07IOCB.tmp\Shell.exe
2015-10-26 09:27:06	59228E1F161F5AE4250046047734B60F	5530991	----a-w-	C:\$Recycle.Bin\S-1-5-21-1456738027-2610673112-3118536316-1001\$RUYHTD8.exe
2015-10-26 09:03:53	B571BDEF3606ADFC2E0C6B88E70249A9	2892128	----a-w-	C:\Users\thoma\AppData\Local\Temp\avg-9d76ef0c-9aa9-4916-9092-5b5d7c591120.exe
2015-10-26 08:37:52	FA11CC5426FA739B9491B282E5530EC3	610808	----a-w-	C:\Users\thoma\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
2015-10-26 08:21:42	035A3749AF11DE96EA3D76E2BD616FCF	19667928	----a-w-	C:\Users\thoma\Downloads\Advanced_Uninstaller11.exe
2015-10-26 08:03:14	B571BDEF3606ADFC2E0C6B88E70249A9	2892128	----a-w-	C:\Users\thoma\AppData\Local\Temp\avg-76fda97f-0a1a-4454-8c0c-eb3fff711f76.exe
2015-10-25 19:13:24	1B16795D3CB7A9FAA3FC41C56EF2966D	149184	----a-w-	C:\Users\thoma\AppData\Local\Temp\514C5937-C525-47D7-A15B-3F836958CFE1\DismHost.exe
2015-10-25 18:32:15	668692F4FF174244E7D4ADD5F002E9BF	23552	----a-w-	C:\Windows\SysWOW64\updtSer\winService.exe
2015-10-25 18:02:33	E17E53F297560C31631C4AC549385AE3	1822048	----a-w-	C:\Users\thoma\AppData\Roaming\uTorrent\updates\3.4.5_41202.exe
2015-10-25 18:02:33	9AD0D1AAF2FDBE902FF6AC6F8C858C5F	336896	----a-w-	C:\Users\thoma\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
2015-10-25 17:58:42	E17E53F297560C31631C4AC549385AE3	1822048	----a-w-	C:\Users\thoma\AppData\Roaming\uTorrent\uTorrent.exe
2015-10-25 17:57:23	730A62BA79D7471831F394F3E9A4FF5B	412161	----a-w-	C:\Program Files (x86)\Bit Che\Bit_Che.exe
2015-10-25 17:57:22	EF3A5A022D46EF95D2C433A39612CA65	19456	----a-w-	C:\Users\thoma\AppData\Roaming\Convivea\Bit_Che\2\languages\compare.exe
2015-10-25 17:57:22	C4E433F60F728C66EBEB11D50538BE9E	819464	----a-w-	C:\Program Files (x86)\Bit Che\unins000.exe
2015-10-25 11:39:43	0E84D08A5C8A3291F9A65422A4E8D44D	939088	----a-w-	C:\Program Files (x86)\Google\Update\Install\{39F0B874-40AA-403D-A4CA-39F18AE89896}\46.0.2490.80_46.0.2490.71_chrome_updater.exe
2015-10-25 11:39:43	0E84D08A5C8A3291F9A65422A4E8D44D	939088	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.80\46.0.2490.80_46.0.2490.71_chrome_updater.exe
=== C: other files ==
2015-10-26 19:22:16	26D3CC35809AD0229081F7BF04E0C25F	128	----a-w-	C:\Users\thoma\AppData\Local\Temp\bracketsPackage_115926-5144-ypoiu2\adobe.brackets.extract\node\v0.5.0\node_modules\copy-paste\platform\fallbacks\paste.vbs
2015-10-26 17:55:41	862AEFE36A36F381DA6485D2425BA8A1	97592	----a-w-	C:\Users\thoma\Downloads\opgave2-master-2b413ff0046730a480744aa537bfc08273c73315 (1).zip
2015-10-26 17:55:13	9C82928BC1A3A8F04197AB229C4838B2	99355	----a-w-	C:\Users\thoma\Downloads\opgave2-master-40b6681ac7978353913f18ec48cfd9eea47b365e.zip
2015-10-26 17:54:28	862AEFE36A36F381DA6485D2425BA8A1	97592	----a-w-	C:\Users\thoma\Downloads\opgave2-master-2b413ff0046730a480744aa537bfc08273c73315.zip
2015-10-26 15:35:58	3BD5AC2E9D96E680F5DBDD183A58C47D	38064	----a-w-	C:\Program Files\Shell&ServicesEngine\WinDivert64.sys
2015-10-26 15:25:14	9C41DE96339224A51AB950A3E74FBDA4	28	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\reg_lp.bat
2015-10-26 15:25:13	9C3AC71A9934B884FAC567A8807E9C4D	31800	----a-w-	C:\Windows\System32\drivers\revoflt.sys
2015-10-26 15:25:13	9C3AC71A9934B884FAC567A8807E9C4D	31800	----a-w-	C:\Program Files\VS Revo Group\Revo Uninstaller Pro\revoflt.sys
2015-10-26 11:39:06	26D3CC35809AD0229081F7BF04E0C25F	128	----a-w-	C:\Users\thoma\AppData\Local\Temp\bracketsPackage_115926-2776-1228lrf\adobe.brackets.extract\node\v0.5.0\node_modules\copy-paste\platform\fallbacks\paste.vbs
2015-10-26 11:20:03	B5B9165E26A5E9006C8640B5C735BC8F	1060218	----a-w-	C:\Users\thoma\Downloads\startcode(6).zip
2015-10-26 11:15:51	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-10-26 11:15:39	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-10-26 11:15:39	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-10-26 11:15:39	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-10-26 11:09:57	98E8C921F7F17F113AAA128EC7310213	16056	----a-w-	C:\Users\thoma\AppData\Local\SlimWare Utilities Inc\SlimDrivers\SWDUMon.sys
2015-10-26 08:47:00	ABEC85E3EDF06742D6C5886BFF8F9F94	61406	----a-w-	C:\Users\thoma\Downloads\DnsShell.zip
2015-10-26 08:36:48	0E36FD8599A58F287C7BF28D313BF570	1544	----a-w-	C:\Users\thoma\Downloads\Create_SiteCollection_WithHostHeader_Windows2008.zip
2015-10-24 11:35:16	E019017558B28A707119F8545AD1A1C0	30648	----a-w-	C:\Windows\System32\ambakdrv.sys
2015-10-24 11:35:16	7CD08E63219E00BB206077F5BA708677	17848	----a-w-	C:\Windows\System32\amwrtdrv.sys
2015-10-24 11:35:16	46014EDFDC8AF8733E14947448D122C5	151480	----a-w-	C:\Windows\System32\ammntdrv.sys
2015-10-24 11:34:50	FCFD172899D0A026E5BD29F4775BFA76	18472	----a-w-	C:\Windows\System32\drivers\eudskacs.sys
2015-10-24 11:34:50	E47A0ECA90AF393983EF30E458606BB5	60968	----a-w-	C:\Windows\System32\drivers\eubakup.sys
2015-10-24 11:34:50	1D866B50C9B1BA3FE90CC81E0DBC0E15	192040	----a-w-	C:\Windows\System32\drivers\EuFdDisk.sys
2015-10-24 11:34:48	17696B5ACDBDFFC7D26C4B56BF132AD5	48168	----a-w-	C:\Windows\System32\drivers\EUBKMON.sys
2015-10-22 16:48:36	F8EDE2B149039652F8631856FD9051DA	1056	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\lib\install-device.bat
2015-10-22 16:48:36	E6A9F06B9622289DC2720329442480D3	1067	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\lib\list-devices.bat
2015-10-22 16:48:36	DB8E89CA35CE94F206748DAACE821CB8	929	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\lib\start-emulator.bat
2015-10-22 16:48:36	DB78AB5276E6EBC552342EDDC8E2949F	1069	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\lib\list-emulator-images.bat
2015-10-22 16:48:36	BAABA6C47A97DF355B9CE47AE3EE8D87	1036	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\run.bat
2015-10-22 16:48:36	9FC615FD682D53FC5BEEA0DD28738F44	1069	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\win_sdk_version.bat
2015-10-22 16:48:36	9A462B22B0EC1949528CA28A36D1EDF9	1056	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\lib\install-emulator.bat
2015-10-22 16:48:36	95985941751C49C34C7B931EE37E18E4	1034	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\build.bat
2015-10-22 16:48:36	88D40848D80FC95E2ECAAEFC7B4B2894	1067	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\win_os_version.bat
2015-10-22 16:48:36	68B2157DB25D5CD3B01870522FAA33C3	929	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\log.bat
2015-10-22 16:48:36	573CABC32C08329B876264578D8A4232	937	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\lib\list-started-emulators.bat
2015-10-22 16:48:36	2270A7D4972A920579D42613A99B2DCD	1054	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\clean.bat
2015-10-22 16:48:36	1180D0231384EAD26A7B650D71C0B339	1077	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\wp8\cordova\version.bat
2015-10-22 16:48:35	F2BC3EFBF7623EA55DDC8A7C2182C429	1032	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\ios\cordova\run.bat
2015-10-22 16:48:35	EC37BB8A358FC4189DF3791BBC02C71C	1034	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\ios\cordova\clean.bat
2015-10-22 16:48:35	A3E066535FA7FCF76D088EC257F3F60E	1018	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\ios\cordova\version.bat
2015-10-22 16:48:35	6A03D6DB99BD9DB5DEA787B21A24D63C	1042	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\ios\cordova\check_reqs.bat
2015-10-22 16:48:33	E6C389783022E8026DABC176433B5201	5878	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\store.zip
2015-10-22 16:48:33	D51845CD18A0425F0888F1D0F96D2F20	415	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\linux_arc.zip
2015-10-22 16:48:33	C38BDFCF2143FAC75C9E0491AE0993B2	4189	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\attributes_test.zip
2015-10-22 16:48:33	BF074EC247FBF5D4C7CB66D3DB6A8C90	1033	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\run.bat
2015-10-22 16:48:33	AD05551C2A7B1A9DEAB42640C408CA13	4194	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\fastest.zip
2015-10-22 16:48:33	AD05551C2A7B1A9DEAB42640C408CA13	4194	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\fast.zip
2015-10-22 16:48:33	91A33CF4A8EB7B5108BE0A4D809DDDAF	1037	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\build.bat
2015-10-22 16:48:33	84570EA57C894FF970904388EBF6C0CA	4170	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\normal.zip
2015-10-22 16:48:33	202063BBB23B1C09B0C1A91820C82D26	4086	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\ultra.zip
2015-10-22 16:48:33	202063BBB23B1C09B0C1A91820C82D26	4086	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\node_modules\adm-zip\test\assets\maximum.zip
2015-10-22 16:48:33	08940340178F772CA3F9F7039D2F4675	1041	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\cordova\version.bat
2015-10-22 16:48:33	0744D396E7840CD0142AC913CA38D66E	135743	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\browser\build\package.zip
2015-10-22 16:48:31	DAB4BA45DFEC672294CA879218A77A0A	1065	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\lib\install-emulator.bat
2015-10-22 16:48:31	C9BEB04C40F6F019A051B417C78D9F89	1031	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\log.bat
2015-10-22 16:48:31	9F1CF0B3B13468F215EE8185B64BDC66	1035	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\clean.bat
2015-10-22 16:48:31	97995C87F2D8F1B52F93E12BA1C0AFA8	1035	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\build.bat
2015-10-22 16:48:31	7CB5F6DB8E30FCFE33133E79D06ECE97	1077	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\lib\list-started-emulators.bat
2015-10-22 16:48:31	77AB262BF474F805BE1F77C92AAC34E8	1061	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\lib\start-emulator.bat
2015-10-22 16:48:31	5CAB442A6BCD6E03475886D5608268BA	1031	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\run.bat
2015-10-22 16:48:31	2B69FA7627643B951A7BEB9EA08343EA	1047	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\check_reqs.bat
2015-10-22 16:48:31	26290A255CFAB0740BACC67C096276B3	1061	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\lib\install-device.bat
2015-10-22 16:48:31	1DC6CAD3C82BEEB7D43CA5C8914879F2	1076	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\lib\list-emulator-images.bat
2015-10-22 16:48:31	08940340178F772CA3F9F7039D2F4675	1041	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\version.bat
2015-10-22 16:48:31	00B8ED386514B867EE353A784353151E	1057	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\cordova\lib\list-devices.bat
2015-10-22 16:48:29	375DDEA382B6C56A7BE2A967A20E0AB5	2404	----a-w-	C:\Users\thoma\Desktop\awayter\platforms\android\gradlew.bat
2015-10-21 08:43:10	F8EDE2B149039652F8631856FD9051DA	1056	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\lib\install-device.bat
2015-10-21 08:43:10	E6A9F06B9622289DC2720329442480D3	1067	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\lib\list-devices.bat
2015-10-21 08:43:10	DB8E89CA35CE94F206748DAACE821CB8	929	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\lib\start-emulator.bat
2015-10-21 08:43:10	DB78AB5276E6EBC552342EDDC8E2949F	1069	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\lib\list-emulator-images.bat
2015-10-21 08:43:10	BAABA6C47A97DF355B9CE47AE3EE8D87	1036	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\run.bat
2015-10-21 08:43:10	9FC615FD682D53FC5BEEA0DD28738F44	1069	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\win_sdk_version.bat
2015-10-21 08:43:10	9A462B22B0EC1949528CA28A36D1EDF9	1056	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\lib\install-emulator.bat
2015-10-21 08:43:10	95985941751C49C34C7B931EE37E18E4	1034	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\build.bat
2015-10-21 08:43:10	88D40848D80FC95E2ECAAEFC7B4B2894	1067	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\win_os_version.bat
2015-10-21 08:43:10	68B2157DB25D5CD3B01870522FAA33C3	929	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\log.bat
2015-10-21 08:43:10	573CABC32C08329B876264578D8A4232	937	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\lib\list-started-emulators.bat
2015-10-21 08:43:10	2270A7D4972A920579D42613A99B2DCD	1054	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\clean.bat
2015-10-21 08:43:10	1180D0231384EAD26A7B650D71C0B339	1077	----a-w-	C:\Users\thoma\Documents\gitfolder\1516PROJ2Awayter\Cordova-app\awayter\platforms\wp8\cordova\version.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1456738027-2610673112-3118536316-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\thoma\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-80-3642287774-1615985598-572449333-1370030010-3123895339\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\thoma\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [06/10/2015 19:34]
C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - thoma).job --a-------- [Undetermined Task]
C:\Windows\tasks\SlimDrivers Startup.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\Windows\SysNative\tasks\RtHDVBg_ListenToDevice" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"]
"C:\Windows\SysNative\tasks\SamsungMagician" ["C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe"]
"C:\Windows\SysNative\tasks\SlimCleaner Plus (Scheduled Scan - thoma)" [C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe]
"C:\Windows\SysNative\tasks\SlimDrivers Startup" [C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Slides - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Postman - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop
Google Docs Offline - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Allow-Control-Allow-Origin - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlfbmbojpeacfghkpbjhddihlkkiljbi
Chrome Web Store Payments - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - thoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia