
Zoek.exe v5.0.0.1 Updated 12-November-2015
Tool run by L‚on on zo 15-11-2015 at 12:11:04,48.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\LON~1\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

15-11-2015 12:13:39 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\NeoSmart Technologies deleted successfully
C:\PROGRA~2\NewTech Infosystems deleted successfully
C:\Program Files\MySQL deleted successfully
C:\Users\LON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Juice deleted successfully
C:\Users\LON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\MP3Gain deleted successfully
C:\Users\LON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\PhotoFiltre 7 deleted successfully
C:\Users\LON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Screamer Radio deleted successfully
C:\Users\LON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Translator3 deleted successfully
C:\PROGRA~3\Auslogics deleted successfully
C:\PROGRA~3\CSIS deleted successfully
C:\PROGRA~3\Isolated Storage deleted successfully
C:\PROGRA~3\MySQL deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\r2 Studios deleted successfully
C:\PROGRA~3\RegRun deleted successfully
C:\PROGRA~3\Sun deleted successfully
C:\PROGRA~3\SUPPORTDIR deleted successfully
C:\Users\LON~1\AppData\Local\8pecxstudios deleted successfully
C:\Users\LON~1\AppData\Local\Adobe deleted successfully
C:\Users\LON~1\AppData\Local\EasySync_Solutions deleted successfully
C:\Users\LON~1\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\LON~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\LON~1\AppData\Local\EmieUserList deleted successfully
C:\Users\LON~1\AppData\Local\NeoSmart_Technologies deleted successfully
C:\Users\LON~1\AppData\Local\Opera Software deleted successfully
C:\Users\LON~1\AppData\Local\Polenter_-_Software_Solut deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{73204B8A-87A8-49C8-A91A-FFCDE788A9ED} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{903C3322-6CEF-4CA5-BD37-4F056155FC08} deleted successfully
HKEY_USERS\S-1-5-21-2445321175-3776176124-2595965115-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B6A4AD4-D6EE-47dd-B308-0E0930A43853} deleted successfully
HKEY_USERS\S-1-5-21-2445321175-3776176124-2595965115-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5135FC3-396E-4AFB-974F-D7A91D15CCCA} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
C:\Program Files (x86)\CleanMem\mini_monitor.exe
C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
C:\Users\Léon\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
C:\Users\Léon\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\AntiLogger\AntiLogger.exe
C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
C:\Users\Léon\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdateSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\LiveUpdateSvc deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\LON~1\AppData\Roaming\Mozilla\Firefox\Profiles\3rfgj8p9.default

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.contentHandlers.auto.application/vnd.mozilla.maybe.feed", "https://add.my.yahoo.com/rss?url=%s");
user_pref("browser.feeds.handlers.webservice", "https://add.my.yahoo.com/rss?url=%s");
---- Lines OneClickDownload removed from prefs.js ----
user_pref("extensions.feca4b87-3be4-43da-a1b1-137c24220968@jetpack.oneClickDownload", true);
---- FireFox user.js and prefs.js backups ---- 

prefs_15-11-2015_1247_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\NeoSmart Technologies not found
C:\PROGRA~2\NewTech Infosystems not found
C:\Program Files (x86)\IObit deleted
C:\ProgramData\IObit deleted
C:\PROGRA~3\Adobe deleted
C:\atomic.exe deleted
C:\Bitdefender.exe deleted
C:\geek.exe deleted
C:\hmpalert3.exe deleted
C:\HousecallLauncher64.exe deleted
C:\Pirate.exe deleted
C:\ScanCircleD_nl.exe deleted
C:\TCPOptimizer.exe deleted
C:\PROGRA~3\Kingsoft deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\LON~1\AppData\Local\CrashRpt deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\LON~1\AppData\Roaming\Mozilla\Firefox\Profiles\3rfgj8p9.default\jetpack deleted
"C:\Users\LON~1\AppData\Roaming\Mozilla\Firefox\Profiles\3rfgj8p9.default\extensions\firefox@ghostery.com.xpi" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3957 MB
CPU Info: Intel(R) Pentium(R) CPU        P6100  @ 2.00GHz
CPU Speed: 1991,9 MHz
Sound Card: Luidsprekers (Realtek High Defi | 
Luidsprekers (TShare Virtual Au | 
Display Adapters: ATI Mobility Radeon HD 5470             | ATI Mobility Radeon HD 5470             | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Broadcom NetLink (TM) Gigabit Ethernet
CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GT30N
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 2 Button Mouse Present
Hard Disks: C:  465,7GB
Hard Disks - Free: C:  329,6GB
Manufacturer *: Phoenix Technologies LTD
BIOS Info: AT/AT COMPATIBLE | 08/25/10 | ACRSYS - 6040000
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer            Aspire 7741
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

AV: 360 Total Security *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
SP: 360 Total Security *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Default Browser: Firefox	42.0
Internet Explorer Version: 11.0.9600.18097 
Flash Player version: 19.0.0.245

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-10-24 16:19:42	2CB453EFF6007393D778144943646608	859456	----a-w-	C:\Windows\yowindow.scr
====== C:\Users\LON~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-11-11 11:21:30	14A7260EAD6FAA708DA57E3C6E27A0E4	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 11:21:29	912EBD61017559C8163FAF3C1F54AD00	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 11:21:29	68BF7EB3D428C57528E2D134B34512F1	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 11:21:28	91220E779EDE9C3511C42ECDAA58192B	504832	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-11-11 11:21:28	5FA5FD8DCE9BC04D87A17D0E335388CF	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2015-11-11 11:21:28	2F898AFA929824861737488746FD5B47	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 11:21:28	25E81C8C9AE6251F472AD3677DE829E0	1311744	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-11-11 11:21:28	1840A7632E1E6EC26762D460F6D1B0E2	342728	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 11:21:28	035F1154B50CE7CAFB60405D83F13A78	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 11:21:28	00F600046B58D98631487A8AADC7C200	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 11:21:27	D49701891D475F61B23BA4DBEF6E71EC	20331520	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-11-11 11:21:26	8C3D651836C2E9AADFAA47C5C25CF4D4	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 11:21:26	7FA7A377F32A3D8F2EE4128CF127EB93	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 11:21:26	4BFA8AD57A5ED4508981732F862738EA	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-11-11 11:21:25	9A555780545211BD2DD89575088C39F4	2279936	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-11-11 11:21:25	8F13B52696EB7B0D24039E5CB24C088F	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 11:21:24	ECB3E36B098F8C9BE9DFD6CF38BDBE69	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-11-11 11:21:24	D74C3DAD496F59FAFB9BAF3C24EAAB2F	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 11:21:24	9101F70E34D3E28E63299A105B7F12C4	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-11-11 11:21:24	4484B41D0A3F07D71BBCB4DB5C426302	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 11:21:23	8C9EB49AA5E016500D3C29A59ED52345	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 11:21:23	7B2F5324F28C71D69BC087E27B0BE7AE	12854272	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-11-11 11:21:23	4E84DCAF706E3447951212CFFE2A7B84	480256	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-11-11 11:21:18	8215390B06602AC1FDA702CD74A7250C	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2015-11-11 11:21:18	5AAEB88DF7F09677E9C8C849D4915132	4527616	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-11-11 11:21:18	4D20D5ACB439DA837E4329F28C35ADA1	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 11:21:18	1179043BBB3D0C8826D8BF8615A34EB6	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 11:21:17	832CA97817B20B74E2D74A8154630311	2011136	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-11-11 11:21:16	BCC36AC2241B092E30E0F47B62D7C4EA	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-11-11 11:21:16	68647B5AB71ABB5130CCA4FA55EFB0BD	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-11-11 11:20:27	05D37C4742B32B37ED953631B7B0A7A9	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-11-11 11:20:26	A860CAA340D18B2CB7B93A9C67FDDB49	3935680	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 11:20:26	64AD529B85D7E856F9A4FFF9C809E693	3991488	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 11:20:25	8DE94E8213ABE0F7C5154507305779A0	223232	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 11:20:25	0DD296312E531C6E0BF1AB7F2C092801	251392	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-11-11 11:20:24	63F52FF6FCA2C492F4FB7EE545319FA8	251000	----a-w-	C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 11:20:24	50D21D408B0FD40019A6EACF94A62ACF	1311768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-11-11 11:20:23	9FDCF3A01849F24625DE831C7749F080	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 11:20:23	73F97CF58D1EF42F49B696951BDE6081	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 11:20:22	CFF504AD277328CE10BE56D76297FDAC	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 11:20:22	C661D1599DA67BD411479A2C53058DE4	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-11-11 11:20:22	BA00A2FCB86D084F3E8F7D88EC85E216	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-11-11 11:20:22	A748DEC93B4E8C9DDE11B79FB6E97088	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-11-11 11:20:22	7B23D23E2F9D51F700BFDD5B5FCAE30A	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-11-11 11:20:22	58ABF51E9107661559B801B07011202D	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-11-11 11:20:22	553F7D05AE3E2EC2EDE06416901F5803	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 11:20:22	1D0826DF3F439FECBA99772D0A939A28	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-11-11 11:20:22	1C9E00CA0D823DC672017D8AB92DBC2A	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 11:20:21	5D369C45F0D2A993CCDC6BD160793822	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 11:20:21	4166C05FA57548E6518D7EE20896C0A5	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-11-11 11:20:21	3B6668958DD782D37731EBF4ADA050CF	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-11-11 11:20:21	000D8B84E09CC73472945560D411BDAC	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-11-11 11:20:18	F357AE37073472DD0288B579B0B3E005	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 11:20:18	8A6DE61B5797F03F4E0BB62F467F4854	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-11-11 11:20:16	CC668F6D0C6F76398AF840C3C0048D93	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-11-11 11:20:16	A2911E5C4BA462F2BD4129418A00449A	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-11-11 11:20:16	7A8070653B42E81F8EFD19054B67C764	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-11-11 11:20:16	1690F4F1807AEC79CF4B6DEF34C366C0	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-11-11 11:19:31	D5AFC3A476925CE740B7079D9BD2D269	295936	----a-w-	C:\Windows\SysWOW64\apphelp.dll
2015-11-11 11:19:31	2996B3E7BBA42BEA62D386D9386EDE97	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 11:19:31	15DDF8D059752C6CBE3DCDCAA1264F45	5120	----a-w-	C:\Windows\SysWOW64\shimeng.dll
2015-11-11 11:12:27	6EAA9E88F7985BFA94F10A53725D3AA3	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
2015-11-06 07:30:52	F1BAAC5C7B35968EFAB7C21C32ECBB28	93696	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-11-06 07:30:52	D714B7F77DB7E1D81CBFCE8DDCDCC5FE	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-11-06 07:30:52	B35154CD5A10368ED3DB277BB38012B3	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-11-06 07:30:52	5670A441F06AE04D2B587D1BD2DC1DC0	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-11-06 07:30:52	1E643C501E621F91776F9F9AC226FADF	174080	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-11-05 15:56:18	E3AFE1D09FB1506417D495D5B9BE157D	723792	----a-w-	C:\Windows\SysWOW64\hmpalert.dll
====== C:\Windows\SysWOW64\drivers =====
2015-10-30 06:30:59	487CAEA3F23CA2E73C76E08E63920636	77904	----a-w-	C:\Windows\SysWOW64\drivers\360AvFlt.sys
====== C:\Windows\Sysnative =====
2015-11-14 18:03:29	157A62C103E9F549D9B976BD5B60DF84	347544	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
2015-11-12 08:02:08	92C729B1A03F8B55A68597A50394FB76	3211264	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-11-11 11:21:29	65075CAC90824B720E9EB0C6663CE157	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-11-11 11:21:29	478DD45708B600245916A2A0F81FE7C9	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-11-11 11:21:28	CD59055A66EF5DFA3D5EFA2D29B14B0B	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-11-11 11:21:28	95F3687EF1486833AC713A23C671B397	720896	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-11-11 11:21:28	6686B946B973BA1C3B226A95D4E63D8E	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-11-11 11:21:28	1067787EC9DAD6D084306C6795BC409A	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-11-11 11:21:26	E4FB4DE391BB2BFBC5C30BBD519C83BE	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2015-11-11 11:21:25	2BE29ECF17FFCE762C1E3E21EFF06174	390344	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-11-11 11:21:25	08D283FD8FEC1B45932783E8640C700F	1547264	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-11-11 11:21:24	E78DD040D2786BFAF5DED3BC12B438EE	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-11-11 11:21:24	CA0F3F16FC677701DFF1087A58B6F5B4	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-11-11 11:21:23	DC1AE8930979FCDC137F44B848556439	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-11-11 11:21:23	806A6CA05B4F1F69C84B871406C2D21D	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-11-11 11:21:22	7E11CF5F472AEDD0D2BE3274FE709CF4	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-11-11 11:21:21	1275AFB2B4E55172F0AE939311F95468	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-11-11 11:21:20	423072B7A458E1B274812796721197BE	2126336	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-11-11 11:21:19	B9DFC06F70545E14A0704698FBD9F926	2886656	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-11-11 11:21:18	5EE8E2E6BFFC9DA9D816A62B904116CD	585728	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-11-11 11:21:17	1837B220558BB96AAB5B95F1BB89BE99	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-11-11 11:21:14	EC72BB355FB8E34B3D4F6140F6795348	616960	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-11-11 11:21:14	1DF0E083D4D067B5798504CC3009F21C	14457856	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-11-11 11:21:14	0C7CFA5A099A591A2B7CB2557F0AF1C1	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-11-11 11:21:12	C4E8F3E26E7FFB4F85FBAC880BB3385C	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-11-11 11:21:12	93CA9F81806793E79635D1B6CE4C10BA	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-11-11 11:21:12	81529B486E446717F7F782D8AB18FC93	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-11-11 11:21:11	FBF2564A3F45F69A5D56D30129635691	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-11-11 11:21:11	F2292865E0C8BCA069BB3F0BBB069265	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-11-11 11:21:11	5698DE88DA9C901E92651394ACBFB34D	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-11-11 11:21:10	7EFA2CD22DB05CBC41FF77E16431EF3B	5990912	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-11-11 11:21:10	033E70DEEE5FED5E9A3E197A2DB1A618	2487808	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-11-11 11:21:09	99E634291C35D8281A772817AA40CD51	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-11-11 11:21:08	E35836459E1FFFA011F4716A5B826966	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-11-11 11:21:08	CDCCDC0CA9E094E9CE4EB0ECD970D77A	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-11-11 11:21:07	67D3A8E2F5DECD6B6F7194BBF58696E6	25818624	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-11-11 11:20:28	6D1CF2634A2EB33D3FCED43D96621FCC	5570496	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-11-11 11:20:27	48078433D1EF32AAA41FCB8109C5F3DC	729600	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-11-11 11:20:27	08A922374554BA576F96FD3FDFE66964	344064	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-11-11 11:20:25	2068233A1C249B9FADF0690AC4C951D9	312320	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-11-11 11:20:24	DF3FD4579118D6F13FE725CDB4F1F93E	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-11-11 11:20:24	BA6F0BC094ABBB9EFA3BB636D032C403	299632	----a-w-	C:\Windows\Sysnative\bcryptprimitives.dll
2015-11-11 11:20:24	386BF677B78B66AABBA92C0FCA0579A6	1164800	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-11-11 11:20:23	FF41063E45C6238CAF48CBE6D0D6FC4B	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-11-11 11:20:23	F5AA5787F8B4E7200D1BF9171BED3AF0	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-11-11 11:20:23	CC4E8485336604846E50D28897AAE67F	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-11-11 11:20:23	998C50530F44CE2900779CE7FF6B205E	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-11-11 11:20:23	9066AE964D95B1ABC999CED271556A7C	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-11-11 11:20:23	6818F2C2E6656E48D38951D753097797	1730496	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-11-11 11:20:23	4494B06139E8EE6D19FC2BFD0955BCD6	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-11-11 11:20:23	3716E2771C713387C8E8E2CAD170B2B6	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-11-11 11:20:23	27339655781D5F4C9995FC5202F1F239	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-11-11 11:20:23	1AE4881BAA7C3DE4D9EC8EA38A3F6BCC	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-11-11 11:20:23	1A05FB05E701A9D65EB42656CF46D173	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-11-11 11:20:23	0EA14EE0C4B1DA2447E36FD3E183C015	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-11-11 11:20:23	079317396D1E4F9EE8E745DF5C2372DD	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-11-11 11:20:22	FA15610B77877F2BB2AC5D32277CE82B	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-11-11 11:20:22	EED57582155969AA51789268FE41E254	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-11-11 11:20:22	95F7494638D489665CB1C172D62FC872	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-11-11 11:20:22	926F7A2F153F004D492C0B8CC105AC2E	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-11-11 11:20:22	9102E19E45AEDE6077023CF2945261F3	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-11-11 11:20:22	60F8ECF4FCE0DDEC8D6E3E2E987867A4	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-11-11 11:20:22	2BC45F4CF55B45BDD650828192F132B8	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-11-11 11:20:22	286A1E8B06EE3E8E06176010C41988B2	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-11-11 11:20:22	20592BDF5A368B43BEF086DC61C6863D	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-11-11 11:20:22	1CE982CF943680F776F46D6F9F53642F	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-11-11 11:20:22	105B82E40B82A5B5A140969099FE3FAF	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-11-11 11:20:18	A10B9876772F1AB83DEC50EE9B0696B7	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-11-11 11:20:16	EB618353B1F34E790952982A226AFFB2	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-11-11 11:20:16	700E5B0452B1B2CE1AD23F1557995FF9	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-11-11 11:20:16	6F4AAA80DBB19CE945389FFEA43C1BA1	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-11-11 11:19:31	E9DE8D0A3A7306AF26B25F52F13A9234	23552	----a-w-	C:\Windows\Sysnative\sdbinst.exe
2015-11-11 11:19:31	BBD257696E3FB0B8B1D3C115072116C6	6656	----a-w-	C:\Windows\Sysnative\shimeng.dll
2015-11-11 11:19:31	262D7C87D0AC20B96EF9877D3CA478A0	72192	----a-w-	C:\Windows\Sysnative\aelupsvc.dll
2015-11-11 11:19:31	07EAEA9D3E09340E64918EED526A5FFE	342016	----a-w-	C:\Windows\Sysnative\apphelp.dll
2015-11-11 11:12:28	806E52CF244371661A7079A8A769B00B	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2015-11-11 11:12:27	663D10339325743941089DF3AE47B2C4	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
2015-11-06 07:30:53	4AA4838D59A51B3B5A6C2BFC2092FDEC	3168768	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-11-06 07:30:53	361845875ED8ED13086E7F37265C45DA	2608128	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-11-06 07:30:52	F62A6979E13872D744BA69F4F78109B8	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-11-06 07:30:52	CDBE532602413E7FB0C395024749C7AA	140288	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-11-06 07:30:52	C64959F2D2EE6EDB96916902962D48B9	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-11-06 07:30:52	B2AA75E472BAB24818915342E44FF2AD	98816	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-11-06 07:30:52	9D3A6E1660B3D6BF63E83A901D1109BB	37888	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-11-06 07:30:52	500B7A762291EC4EE4B445337956BDBC	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-11-06 07:30:52	3E89AD28893A8E9C1F01D2A162C7D457	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-11-06 07:30:52	24E1CD4E823628943540A63187AC282E	192512	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-11-06 07:30:52	246FD89B6B5521AD2CE1C560D666BAD7	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-11-05 15:56:19	D36D2902A71652D3511497F4D7FA4597	789840	----a-w-	C:\Windows\Sysnative\hmpalert.dll
====== C:\Windows\Sysnative\drivers =====
2015-11-11 11:20:25	33D52A96BEEE8AFCE9E07EEC9FE0C9DB	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-11-11 11:20:24	EC0511BB85BAA42A9734011685A6732C	460776	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-11-11 11:20:23	BCC83F22805F560C8A487F2F296A78FE	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-11-11 11:20:21	ACB763673BCCE6C7B3B8F858C9FE4F1F	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-11-11 11:20:21	7C81098FBAF2EAF5B54B939F832B0F61	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-11-11 11:20:21	73ADDCC406B86E7DA4416691E8E74BDA	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-11-11 11:19:26	AA77EB517D2F07A947294F260E3ACA83	118272	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2015-11-11 11:19:26	9A4A1EEE802BF2F878EE8EAB407B21B7	497664	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2015-11-11 11:06:14	F7309F42555F8AAB7144A51A1F2585B0	950720	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
2015-11-05 18:41:55	90F84CEEF25AA2657481326A4715D38D	367696	----a-w-	C:\Windows\Sysnative\drivers\360fsflt.sys
2015-11-05 18:41:51	F18C1EE63D7CBDA764F8ED13FF4A2D25	319568	----a-w-	C:\Windows\Sysnative\drivers\360Box64.sys
2015-11-05 18:41:50	1A21077AEE7EC27A1A4321C45AA923ED	137808	----a-w-	C:\Windows\Sysnative\drivers\360AntiHacker64.sys
2015-11-05 18:41:49	D31541708A595BCA380105D44C2C2AD5	40520	----a-w-	C:\Windows\Sysnative\drivers\360Camera64.sys
2015-11-05 18:41:49	8D853C1889B0A87FED4D66E92AA33CBB	178768	----a-w-	C:\Windows\Sysnative\drivers\BAPIDRV64.SYS
2015-11-05 18:41:42	487CAEA3F23CA2E73C76E08E63920636	77904	----a-w-	C:\Windows\Sysnative\drivers\360AvFlt.sys
2015-11-05 15:56:18	F2D94DA75911A95DBC1F420959A97868	155968	----a-w-	C:\Windows\Sysnative\drivers\hmpalert.sys
2015-11-05 15:56:18	502D9716BAA888D785A01CAF1EAE94E7	75640	----a-w-	C:\Windows\Sysnative\drivers\hmpnet.sys
2015-11-05 08:28:07	799F70FF787F4F68E7EA02FEABAC9FAB	307352	----a-w-	C:\Windows\Sysnative\drivers\tmcomm.sys
====== C:\Windows\Tasks ======
2015-10-19 12:59:30	1E22DEBE87D03BFF58F569978968E0C7	3396	----a-w-	C:\Windows\Sysnative\Tasks\CleanMem Mini Monitor
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-11-14 18:37:19	--------	d-----w-	C:\Program Files\trend micro
2015-11-04 16:50:57	--------	d-----w-	C:\Program Files\HitmanPro
2015-10-28 10:02:16	--------	d-----w-	C:\Program Files\Easeware
2015-10-26 09:53:41	--------	d-----w-	C:\Program Files\SumatraPDF
2015-10-21 10:00:10	--------	d-----w-	C:\Program Files\SUPERAntiSpyware
2015-10-17 12:41:12	--------	d-----w-	C:\Program Files\SRWare Iron (64-Bit)
======= C:\PROGRA~2 =====
2015-11-10 20:20:14	--------	d-----w-	C:\PROGRA~2\KC Softwares
2015-11-05 18:41:25	--------	d-----w-	C:\PROGRA~2\360
2015-11-05 15:56:18	--------	d-----w-	C:\PROGRA~2\HitmanPro.Alert
2015-11-04 21:03:46	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2015-10-26 15:31:26	--------	d-----w-	C:\PROGRA~2\K-Lite Codec Pack
2015-10-26 15:28:51	--------	d-----w-	C:\PROGRA~2\Zoom Player
2015-10-19 12:53:40	--------	d-----w-	C:\PROGRA~2\CleanMem
======= C: =====
2015-10-17 11:31:50	E7204F7ADE21D4BD3AFF0D1AFC0BE44F	1803	----a-w-	C:\sg_backup_2015-10-17-1331.spg
====== C:\Users\LON~1\AppData ======
2015-11-14 12:58:39	2A97BC45E86B4C99426BD30A9F880234	86600	----a-w-	C:\Users\LON~1\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-09 19:46:36	--------	d-----w-	C:\Users\LON~1\AppData\Local\GWX
2015-11-05 18:44:04	--------	d-----w-	C:\Users\LON~1\AppData\Roaming\360safe
2015-11-05 18:42:02	--------	d-----w-	C:\Users\LON~1\AppData\Locallow\360WD
2015-11-04 21:04:24	--------	d-----w-	C:\Users\LON~1\AppData\Roaming\Mozilla
2015-11-04 21:04:24	--------	d-----w-	C:\Users\LON~1\AppData\Local\Mozilla
2015-10-26 09:53:48	--------	d-----w-	C:\Users\LON~1\AppData\Roaming\SumatraPDF
2015-10-22 18:15:41	--------	d-----w-	C:\Users\LON~1\AppData\Roaming\ProductData
====== C:\Users\LON~1 ======
2015-11-14 18:35:54	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\LON~1\Desktop\RSITx64.exe
2015-11-12 20:28:26	--------	d-----w-	C:\Users\Public\Documents\Ashampoo
2015-11-12 20:19:40	--------	d-----w-	C:\ProgramData\Ashampoo
2015-11-09 10:42:14	5E5AF17D82EC74646B33587B54F94D4A	1712128	----a-w-	C:\Users\LON~1\Desktop\adwcleaner_5.019.exe
2015-11-09 09:45:50	--------	d-----r-	C:\Users\LON~1\Searches
2015-11-07 18:30:49	--------	d-----w-	C:\Users\LON~1\Boeken
2015-11-05 18:41:58	--------	d-----w-	C:\ProgramData\360safe
2015-11-05 16:04:22	--------	d-----w-	C:\ProgramData\HitmanPro
2015-11-05 15:56:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2015-11-04 16:51:24	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-11-02 20:51:06	D0D9D92C856DD75FFFC1559CE404C5DD	11337112	----a-w-	C:\Users\LON~1\Desktop\HitmanPro_x64.exe
2015-11-02 20:45:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
2015-10-26 15:31:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-26 15:28:51	--------	d-----w-	C:\ProgramData\Zoom Player
2015-10-21 10:00:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-10-19 12:53:42	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanMem
2015-10-17 12:41:38	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron (64-Bit)

====== C: exe-files ==
2015-11-14 18:37:21	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Léon.exe
2015-11-14 18:35:54	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Léon\Desktop\RSITx64.exe
2015-11-12 20:19:38	3612F85E22BB3D0B76CAFF446A5926E2	140088	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\updateMediator.exe
2015-11-12 20:19:36	D51B32BA3897F630D99713B74B40D6A2	544768	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\DfSdkS64.exe
2015-11-12 20:19:33	C006D915745A310D4A9D36E629EA30D5	2343784	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\UI5Guard.exe
2015-11-12 20:19:32	B82C7988107EFEB6DF0BA54BA627037A	2500968	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\UI5Log.exe
2015-11-12 20:19:32	B254EB757853BC8456AD53A4C0CED176	1202024	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\Helper.exe
2015-11-12 20:19:31	8766790C67B4172638220206CBCBC961	6352232	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\UI5.exe
2015-11-12 20:19:31	49437EE3ED2496004E1FF58C0ABADA46	1278960	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\unins000.exe
2015-11-12 20:16:35	DD5A81449868F0CA5F6FC0FAFE9F39FC	22062544	----a-w-	C:\Users\Léon\OneDrive\Bewaren\Setups\ashampoo_uninstaller_5_21476.exe
2015-11-11 13:12:54	A8C2E9A11AB557ECFE425DA7ED2C56B2	1336235	----a-w-	C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe
2015-11-11 11:21:29	478DD45708B600245916A2A0F81FE7C9	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-11-11 11:21:28	A3561CF483BA05B215E9EBB4F44ED398	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-11-11 11:21:28	95F3687EF1486833AC713A23C671B397	720896	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-11-11 11:21:25	F479698569139A33719F78A480ECD0AA	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-11-11 11:21:25	9D58174143AF782F2A2BCAA20EFA328D	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-11-11 11:21:24	E78DD040D2786BFAF5DED3BC12B438EE	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-11 11:21:24	DC0D491C3B66F9F103258B9A6774A3EE	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-11-11 11:21:20	0E864E3322D35C2199CD9B31CEFEE025	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-11-11 11:21:18	1179043BBB3D0C8826D8BF8615A34EB6	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 11:21:18	080C76C3C0DE36E36589D653A18DE1A8	814280	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-11-11 11:21:12	81529B486E446717F7F782D8AB18FC93	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-11-11 11:20:28	6D1CF2634A2EB33D3FCED43D96621FCC	5570496	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-11-11 11:20:26	A860CAA340D18B2CB7B93A9C67FDDB49	3935680	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 11:20:26	64AD529B85D7E856F9A4FFF9C809E693	3991488	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 11:20:23	9066AE964D95B1ABC999CED271556A7C	112640	----a-w-	C:\Windows\System32\smss.exe
2015-11-11 11:20:23	27339655781D5F4C9995FC5202F1F239	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-11-11 11:20:23	0EA14EE0C4B1DA2447E36FD3E183C015	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-11-11 11:20:22	FA15610B77877F2BB2AC5D32277CE82B	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-11-11 11:20:22	C661D1599DA67BD411479A2C53058DE4	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-11-11 11:20:22	BA00A2FCB86D084F3E8F7D88EC85E216	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-11-11 11:20:22	2BC45F4CF55B45BDD650828192F132B8	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-11-11 11:20:18	8A6DE61B5797F03F4E0BB62F467F4854	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-11-11 11:20:16	1690F4F1807AEC79CF4B6DEF34C366C0	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-11-11 11:19:31	E9DE8D0A3A7306AF26B25F52F13A9234	23552	----a-w-	C:\Windows\System32\sdbinst.exe
2015-11-11 11:19:31	2996B3E7BBA42BEA62D386D9386EDE97	20992	----a-w-	C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 11:12:29	89E445DEB3F62B45BBA266613611CC09	2164224	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2015-11-11 11:12:27	F860FAF622971F8ACDD4CC94278C3E0D	51200	----a-w-	C:\Program Files\Windows Journal\PDIALOG.exe
2015-11-10 20:20:14	6D245F1815F65FBDE5B139609EA8955D	1625600	----a-w-	C:\Program Files (x86)\KC Softwares\DUMo\DUMo.exe
2015-11-10 20:20:14	13ADB29644FAFD6042AD47EEF206A809	819928	----a-w-	C:\Program Files (x86)\KC Softwares\DUMo\unins000.exe
2015-11-09 17:53:35	9323607915C01062555AD62E6439D253	715960	----a-w-	C:\Program Files\Cybertron\Privacy Eraser\unins000.exe
2015-11-09 10:42:14	5E5AF17D82EC74646B33587B54F94D4A	1712128	----a-w-	C:\Users\Léon\Desktop\adwcleaner_5.019.exe
2015-11-09 09:45:35	FCEBB62AA0D6E6ADBA6CA44262C47994	3408024	----a-w-	C:\Users\Léon\AppData\Local\Microsoft\WebSetup\DUForWebSetup\setupplatform.exe
=== C: other files ==
2015-11-12 20:19:33	BC32AF0E8A4A6DCCD72D7734E8EF3191	37216	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys
2015-11-12 20:19:33	29A687C157ECB2BC50DBC1E9861DDAEB	33632	----a-w-	C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS32.sys
2015-11-12 08:02:08	92C729B1A03F8B55A68597A50394FB76	3211264	----a-w-	C:\Windows\System32\win32k.sys
2015-11-11 14:07:44	8AEE19C7B06ABD610E111BA5DFE19D2A	167347458	----a-w-	C:\Users\Léon\Documenten\herstelschijf_zeven_zesvierbit.zip
2015-11-11 11:20:25	33D52A96BEEE8AFCE9E07EEC9FE0C9DB	154560	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-11-11 11:20:24	EC0511BB85BAA42A9734011685A6732C	460776	----a-w-	C:\Windows\System32\drivers\cng.sys
2015-11-11 11:20:23	BCC83F22805F560C8A487F2F296A78FE	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-11-11 11:20:21	ACB763673BCCE6C7B3B8F858C9FE4F1F	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-11-11 11:20:21	7C81098FBAF2EAF5B54B939F832B0F61	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-11-11 11:20:21	73ADDCC406B86E7DA4416691E8E74BDA	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-11-11 11:19:26	AA77EB517D2F07A947294F260E3ACA83	118272	----a-w-	C:\Windows\System32\drivers\tdx.sys
2015-11-11 11:19:26	9A4A1EEE802BF2F878EE8EAB407B21B7	497664	----a-w-	C:\Windows\System32\drivers\afd.sys
2015-11-11 11:06:14	F7309F42555F8AAB7144A51A1F2585B0	950720	----a-w-	C:\Windows\System32\drivers\ndis.sys
2015-11-09 11:40:00	A85D75E8D1D656C6B537CA1C31CE5FA5	133840309	----a-w-	C:\Users\Léon\Documenten\VGA_AMD_8.741.1.5000_W7x86W7x64_A.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2445321175-3776176124-2595965115-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="C:\Users\L‚on\AppData\Local\FLUXSOFTWARE\Flux\flux.exe  /noshow"
"FreeAC"="C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun"
"OneDrive"="C:\Users\L‚on\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AntiLogger"="C:\Program Files (x86)\AntiLogger\AntiLogger.exe /minimized"
"QHSafeTray"="C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe /start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"="C:\Users\L‚on\AppData\Local\FLUXSOFTWARE\Flux\flux.exe  /noshow"
"FreeAC"="C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun"
"OneDrive"="C:\Users\L‚on\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\!SASCORE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CTUPnPSv]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HDDSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HeimdalSecureDNS]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HeimdalService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IAStorDataMgrSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MBAMService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\MozillaMaintenance]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTIBackupSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTISchedulerSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\OODefragAgent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PandaAgent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\UNS]


==== Startup Folders ======================

2015-04-15 05:05:24	991	----a-w-	C:\Users\LON~1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CleanMem Mini Monitor" [C:\Program Files (x86)\CleanMem\mini_monitor.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D7076B43-D5E0-4477-966F-6FD2A8296ED0}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\LON~1\AppData\Roaming\Mozilla\Firefox\Profiles\3rfgj8p9.default
user_pref("browser.startup.homepage", "https://classic.startpage.com/do/mypage.pl?prf=c89710caad323141c4b780bd4975f596");
user_pref("browser.search.defaultenginename", "qrobe.it (HTTPS)");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"WebProtection@360safe.com"="C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox" [14-11-2015 13:57]

==== Firefox Extensions ======================

ProfilePath: C:\Users\LON~1\AppData\Roaming\Mozilla\Firefox\Profiles\3rfgj8p9.default
- Deutsches Wrterbuch - %ProfilePath%\extensions\de-DE@dictionaries.addons.mozilla.org
- British English Dictionary Updated - %ProfilePath%\extensions\en-gb@flyingtophat.co.uk
- Dictionnaires franais - %ProfilePath%\extensions\fr-dicollecte@dictionaries.addons.mozilla.org
- Woordenboek Nederlands - %ProfilePath%\extensions\nl-NL@dictionaries.addons.mozilla.org
- YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
- ZenMate VPN: Gvenlik Gizlilik amp; zgrlk - %ProfilePath%\extensions\firefox@zenmate.com.xpi
- I dont care about cookies - %ProfilePath%\extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi
- Menu Wizard - %ProfilePath%\extensions\s3menu@wizard.xpi
- Trafficlight - %ProfilePath%\extensions\trafficlight@bitdefender.com.xpi
- Right Links - %ProfilePath%\extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi
- Yahoo Mail Hide Ad Panel - %ProfilePath%\extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]

Right Click Opens Link in New Tab - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\afalkcagoidkdjdlfoaicbanbfgoamoo
Video Downloader - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc
MEGA - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod
selector is not a valid CSS selector - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Bitdefender TrafficLight adds a strong and non-intrusive layer of security to your browsing experience - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal
ZenMate Security Privacy Unblock VPN - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme
Avira Browser Safety - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
ClickClean - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod
360 Internet Protection - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh
Google Play - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi
Ghostery - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
Chrome Web Store Payments - LON~1\AppData\Local\Chromium\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\LON~1\AppData\Local\Chromium\User Data\Default\Extensions\afalkcagoidkdjdlfoaicbanbfgoamoo deleted successfully
C:\Users\LON~1\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_afalkcagoidkdjdlfoaicbanbfgoamoo_0.localstorage deleted successfully
C:\Users\LON~1\AppData\Local\Chromium\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc deleted successfully
C:\Users\LON~1\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_aiimdkdngfcipjohbjenkahhlhccpdbc_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Old Start Page"="http://www.google.com"
"Start Page"="https://classic.startpage.com/do/mypage.pl?prf=296eea3f249a5d4816484b68f83bc06f"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="https://classic.startpage.com/do/mypage.pl?prf=296eea3f249a5d4816484b68f83bc06f"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="https://classic.startpage.com/do/mypage.pl?prf=296eea3f249a5d4816484b68f83bc06f"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{167D1AE3-CDC3-4B61-B078-0F59F7F33354}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{167D1AE3-CDC3-4B61-B078-0F59F7F33354}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Old Start Page"="https://classic.startpage.com/do/mypage.pl?prf=296eea3f249a5d4816484b68f83bc06f"
"Start Page"="https://classic.startpage.com/do/mypage.pl?prf=296eea3f249a5d4816484b68f83bc06f"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{167D1AE3-CDC3-4B61-B078-0F59F7F33354}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{167D1AE3-CDC3-4B61-B078-0F59F7F33354} - https://startpage.com/do/search?query={searchTerms}&cat=web&pl=ie&language=nederlands
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{167D1AE3-CDC3-4B61-B078-0F59F7F33354}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\Total Security\safemon\safemon.dll
O4 - HKLM\..\Run: [AntiLogger] "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized
O4 - HKLM\..\Run: [QHSafeTray] "C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe" /start
O4 - HKCU\..\Run: [f.lux] C:\Users\Léon\AppData\Local\FLUXSOFTWARE\Flux\flux.exe  /noshow
O4 - HKCU\..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Léon\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 11\DfsdkS64.exe
O23 - Service: Encrypting File System (EFS) (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: HitmanPro.Alert service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: 360 Total Security (QHActiveDefense) - QIHU 360 SOFTWARE CO. LIMITED - C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\LON~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\LON~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\LON~1\AppData\Local\Mozilla\Firefox\Profiles\3rfgj8p9.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\LON~1\AppData\Local\Chromium\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=387 folders=97 141796690 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\LON~1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\LON~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 15-11-2015 at 13:13:16,75 ======================