
Zoek.exe v5.0.0.1 Updated 01-December-2015
Tool run by Simon on za 05-12-2015 at 12:18:10,53.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Simon\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

5-12-2015 12:19:07 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\bigdeal deleted successfully
C:\PROGRA~2\dumps deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Rockstar Games deleted successfully
C:\Program Files\PowerISO deleted successfully
C:\Users\Simon\AppData\Roaming\HDDHealth deleted successfully
C:\Users\Simon\AppData\Roaming\NexonLauncher deleted successfully
C:\Users\Simon\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Simon\AppData\Local\EmieSiteList deleted successfully
C:\Users\Simon\AppData\Local\EmieUserList deleted successfully
C:\Users\Simon\AppData\Local\node-webkit deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-21300297-881835126-3664115066-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-21300297-881835126-3664115066-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update service deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] 
"kolodre32"=- 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Protected system] 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\bigdeal not found
C:\PROGRA~2\dumps not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Rockstar Games not found
C:\Program Files (x86)\Common Files\DVDVideoSoft deleted
C:\Program Files (x86)\Popcorn Time deleted
C:\Users\Simon\AppData\Roaming\Imminent deleted
C:\Users\Simon\AppData\Roaming\2.txt deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\hddhealth_s.log deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\Simon\AppData\Roaming\Windevice.exe deleted
"C:\ProgramData\448461\kolodre32.exe" not deleted
"C:\ProgramData\ff58aa2c7308f6554a57f503191fe501c87285fc" deleted
"C:\Users\Simon\AppData\Roaming\bjex\protikted32.exe" deleted
"C:\Users\Simon\AppData\Roaming\Tral\strln32.exe" deleted
"C:\Users\Simon\AppData\Roaming\bjex\protikted32.exe" deleted
"C:\PROGRA~3\448461\kolodre32.exe" not deleted
"C:\PROGRA~3\448561\448464\1" not deleted
"C:\Users\Simon\AppData\Roaming\bjex" deleted
"C:\Users\Simon\AppData\Roaming\Tral" deleted
"C:\Users\Simon\AppData\Roaming\bjex" deleted
"C:\PROGRA~3\448461" not deleted
"C:\PROGRA~3\448561" not deleted
"C:\PROGRA~3\448561\448464" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-11-27 14:43:09	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\ativpsrm.bin
====== C:\Users\Simon\AppData\Local\Temp ====
2015-12-04 17:12:02	45FBEE0A27BAFFBDF1AB7A02539C91DF	850432	---h--w-	C:\Users\Simon\AppData\Local\Temp\jorjemia32.exe
2015-12-03 21:36:43	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---h--w-	C:\Users\Simon\AppData\Local\Temp\tahtirkek32\tahtirkek32.exe
2015-12-03 21:19:31	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---h--w-	C:\Users\Simon\AppData\Local\Temp\protikted32\protikted32.exe
2015-12-03 21:07:32	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---h--w-	C:\Users\Simon\AppData\Local\Temp\coctrl32\coctrl32.exe
2015-12-03 14:03:29	7D19B84C00EE089930247281B79DD656	372936	----a-w-	C:\Users\Simon\AppData\Local\Temp\InstHelper.exe
2015-12-02 23:01:09	CEEA42A9A2BEFFA33659CC7555231663	535040	---h--w-	C:\Users\Simon\AppData\Local\Temp\oddewor32\oddewor32.exe
2015-11-30 17:17:34	4FAD04276AB2A54DB27F94F6F8A8C861	504832	----a-w-	C:\Users\Simon\AppData\Local\Temp\sterbolid32.exe
2015-11-30 13:54:52	ECA3AE15FC14FF9736F637143F4C5A96	71168	----a-w-	C:\Users\Simon\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpazwduk.dll
2015-11-29 14:42:19	7B5AD3FB9FEE47606EC45EA5F712D8BB	458752	----a-w-	C:\Users\Simon\AppData\Local\Temp\F1Hzt02YSCHi.exe
2015-11-28 16:55:20	2DFAF11030658660AF5D97875366E27B	495616	----a-w-	C:\Users\Simon\AppData\Local\Temp\TVQ6a5RdbqgT.exe
2015-11-28 15:32:24	2DFAF11030658660AF5D97875366E27B	495616	----a-w-	C:\Users\Simon\AppData\Local\Temp\ytF39O1bHL8e.exe
2015-11-28 15:26:47	E72C4ED7733CA1CBD0BDDBA1400D8179	832512	----a-w-	C:\Users\Simon\AppData\Local\Temp\zMi2FVCAVus1.exe
2015-11-27 15:37:46	A52BBAE24DAA5308EA602CB44E922B82	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\oahzRHXM4JUY.exe
2015-11-27 15:36:28	A52BBAE24DAA5308EA602CB44E922B82	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\dNf1RpBo3Mwo.exe
2015-11-27 15:28:36	A52BBAE24DAA5308EA602CB44E922B82	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\lLKGK3IPqU6T.exe
2015-11-27 15:08:20	A52BBAE24DAA5308EA602CB44E922B82	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\B0SG6GsEwOao.exe
2015-11-27 14:36:13	55A90A9E9BD832D9308D051971F4168E	414152	----a-w-	C:\Users\Simon\AppData\Local\Temp\difxapi.dll
2015-11-27 14:36:13	322AE63A8E640B1CB92C90F4E924195F	65536	----a-w-	C:\Users\Simon\AppData\Local\Temp\ddu.exe
2015-11-27 14:36:10	EBB84A1739868C0B79C01DFD02830807	232960	----a-w-	C:\Users\Simon\AppData\Local\Temp\Cleanup.dll
2015-11-27 14:36:10	C332DB81197E6E5D4A67D3789DBEB02A	1061376	----a-w-	C:\Users\Simon\AppData\Local\Temp\msvcp80.dll
2015-11-27 14:36:10	905156D42F39EF18D003140E848F7D51	1133568	----a-w-	C:\Users\Simon\AppData\Local\Temp\AMDCleanupUtility.exe
2015-11-27 14:36:10	60A6DE55AA50D57A01B7148B0A7EA139	516096	----a-w-	C:\Users\Simon\AppData\Local\Temp\msvcm80.dll
2015-11-27 14:36:10	4D89F6191DB56CFA659388378F3DD688	796672	----a-w-	C:\Users\Simon\AppData\Local\Temp\msvcr80.dll
2015-11-26 22:15:42	C0176E80A1BBB762A4963C9025D9DC3F	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\Jti91Gce1S9Y.exe
2015-11-26 22:15:29	C0176E80A1BBB762A4963C9025D9DC3F	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\2WKjX8zXyv20.exe
2015-11-26 21:53:07	C0176E80A1BBB762A4963C9025D9DC3F	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\AN801VERknST.exe
2015-11-26 17:05:13	EF75C1A5B49ED4BEC6AD1E95278991A3	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\KEZBxicfnvHW.exe
2015-11-26 15:43:12	EF75C1A5B49ED4BEC6AD1E95278991A3	400896	----a-w-	C:\Users\Simon\AppData\Local\Temp\tGn236GPeTZp.exe
2015-11-25 12:04:43	1EB9737844F4E89FE272798E9F49215A	383488	----a-w-	C:\Users\Simon\AppData\Local\Temp\_unps.exe
2015-11-25 03:59:15	87A7D7D87E8C5C658C383737868F7D1E	346112	----a-w-	C:\Users\Simon\AppData\Local\Temp\uG9XER6ZY8op.exe
2015-11-25 03:26:54	CF55DC8FDA1D41968D9A1A31C608272F	385536	----a-w-	C:\Users\Simon\AppData\Local\Temp\7O68FXwecf8W.exe
2015-11-25 02:55:00	366044A0C977A22BBE9053C449CEA1E5	466944	----a-w-	C:\Users\Simon\AppData\Local\Temp\sdyKAofwMg2F.exe
2015-11-25 02:45:12	366044A0C977A22BBE9053C449CEA1E5	466944	----a-w-	C:\Users\Simon\AppData\Local\Temp\1K9mvZT9nR7x.exe
====== Java Cache =====
2015-12-05 11:15:38	4F85459CEC4F78A3987FFFD5B6A816C5	605	----a-w-	C:\Users\Simon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-104c2469
2015-12-05 11:15:39	036DD5EB6B471167376ECDE59D5A4ED2	428	----a-w-	C:\Users\Simon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap
2015-12-05 11:15:39	C9588417B10E1D770E3E5DA1F3510AE5	8425	----a-w-	C:\Users\Simon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-65a23699
2015-12-05 11:15:41	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Simon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-23ff6347
====== C:\Windows\SysWOW64 =====
2015-12-04 13:04:18	AF0EC95144F76EA4B40A7ED1DD34616C	856064	----a-w-	C:\Windows\SysWOW64\rdvidcrl.dll
2015-12-04 13:04:18	A27593907607A692D0DE105DE29BBC33	53248	----a-w-	C:\Windows\SysWOW64\tsgqec.dll
2015-12-04 13:04:18	90E480789256D852FA3EADD39D56FDDA	6131200	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2015-12-03 14:50:18	B8FEA541BD9EE7554294C3A69166A764	753280	----a-w-	C:\Windows\SysWOW64\MBAPO32.dll
2015-12-03 14:36:16	AB5EFB103DB01C1912C9D2F545EA5621	17920	----a-w-	C:\Windows\SysWOW64\wksprtPS.dll
2015-12-03 14:36:16	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\SysWOW64\mstsc.exe
2015-12-03 14:36:16	2EFB1279E7BEA7D12D9F4D6508D27880	50176	----a-w-	C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-12-03 14:34:46	C66D020B1C268FF9AB1672C99E76CA66	174080	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-12-03 14:34:46	B1384CCEFB8F64EC85AECB70AFB91D8D	93696	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-12-03 14:34:46	A0BF4CD0C8F805A816B67C004B12E24D	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-12-03 14:34:46	9AA46606BCC013F5FB7E5B70FAB1ABE0	573440	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-12-03 14:34:46	58B9CFDD032CB92CEC0D3E8454E4C766	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-12-03 14:34:45	F1FCE953EF04251F17BE828185B9DFA0	419928	----a-w-	C:\Windows\SysWOW64\locale.nls
2015-12-03 14:34:45	ACB16C9BE1A175A2E7BFF076DF99B3CF	69120	----a-w-	C:\Windows\SysWOW64\nlsbres.dll
2015-12-03 14:34:45	8E9152F4779CCA402F235EB9AB823854	6656	----a-w-	C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-03 14:34:45	3A593B01E4F92F04211ECFB53816240C	6656	----a-w-	C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-03 14:34:45	35D490A393A0B231F237954E6E65B224	7168	----a-w-	C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-30 17:19:45	4FAD04276AB2A54DB27F94F6F8A8C861	504832	----a-w-	C:\Windows\SysWOW64\clientmonitor.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-12-04 13:04:18	CDA122FCC691D14D3971A83AB035156D	62976	----a-w-	C:\Windows\Sysnative\tsgqec.dll
2015-12-04 13:04:18	C01DC60229F41D33AF2DF4162EDA0F44	7077376	----a-w-	C:\Windows\Sysnative\mstscax.dll
2015-12-04 13:04:18	35A97817FDA4C8F421D8478DCCF045B1	1057792	----a-w-	C:\Windows\Sysnative\rdvidcrl.dll
2015-12-04 13:04:18	2686F572B3CAF633C4A350A3671835F2	429568	----a-w-	C:\Windows\Sysnative\wksprt.exe
2015-12-04 13:04:16	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2015-12-03 14:52:57	0D2106264D437A031DD64A9DA514357F	73800	----a-w-	C:\Windows\Sysnative\RtNicProp64.dll
2015-12-03 14:50:20	FF4AA3BE2D152A520508385D57F07825	204120	----a-w-	C:\Windows\Sysnative\RTEED64H.dll
2015-12-03 14:50:20	EA73E4D25CEC4B74D83A216393686CCC	2526824	----a-w-	C:\Windows\Sysnative\RHDMEx64.dll
2015-12-03 14:50:20	DFF1DE6407DEF25462623E89E03460AD	3746408	----a-w-	C:\Windows\Sysnative\RtkHDM64.dll
2015-12-03 14:50:20	DAF89CEC51F6DD9F7A4975D58991C992	310104	----a-w-	C:\Windows\Sysnative\RH3DAA64.dll
2015-12-03 14:50:20	D9FD361672716E90AF58FF59FD81120A	310104	----a-w-	C:\Windows\Sysnative\RH3DHT64.dll
2015-12-03 14:50:20	C1CD317258FFDE2E02A46EAFB0C5AAB2	136024	----a-w-	C:\Windows\Sysnative\R4EEL64H.dll
2015-12-03 14:50:20	BED68F7597BED067CB88084ED0DB76F0	426328	----a-w-	C:\Windows\Sysnative\R4EED64H.dll
2015-12-03 14:50:20	BA77CB327D06DC0B56150530AAF93738	92264	----a-w-	C:\Windows\Sysnative\RHCoInst64.dll
2015-12-03 14:50:20	B38CDFBC8F83E6B045A3BABF9DEF5AF3	97624	----a-w-	C:\Windows\Sysnative\RTEEL64H.dll
2015-12-03 14:50:20	8424B10F7A41011CBEC0E72AACDAF611	74072	----a-w-	C:\Windows\Sysnative\R4EEG64H.dll
2015-12-03 14:50:20	48A9A5F56069595A595ACAE6A2708B4D	3308376	----a-w-	C:\Windows\Sysnative\R4EEP64H.dll
2015-12-03 14:50:20	42A0D0C13E7A4BAB54F3F7E21076DB6A	78680	----a-w-	C:\Windows\Sysnative\RTEEG64H.dll
2015-12-03 14:50:20	40942B5F5F0244718BE161C4C2CCAF17	118104	----a-w-	C:\Windows\Sysnative\R4EEA64H.dll
2015-12-03 14:50:20	28A8D94872041FA9C3570949FB343704	372056	----a-w-	C:\Windows\Sysnative\RTEEP64H.dll
2015-12-03 14:50:19	F3D4450E34F9718026FDB0CFF3609A4F	2605400	----a-w-	C:\Windows\Sysnative\WavesGUILib.dll
2015-12-03 14:50:19	ECAEC5FBBBEF8612AF0A866AFA5F7EF2	101208	----a-w-	C:\Windows\Sysnative\RTEEL64A.dll
2015-12-03 14:50:19	E16AD3495533DA435F1AB00A00C3BD10	1560168	----a-w-	C:\Windows\Sysnative\RTSnMg64.cpl
2015-12-03 14:50:19	D0D0D82B7366E691275E433CD34F89B2	375128	----a-w-	C:\Windows\Sysnative\RTEEP64A.dll
2015-12-03 14:50:19	CA1D7D09854D305A64B100DC1400BA21	331880	----a-w-	C:\Windows\Sysnative\RtlCPAPI64.dll
2015-12-03 14:50:19	BC34B8831FAE17E5E7BD8318EDDC90BB	3615888	----a-w-	C:\Windows\Sysnative\RtkAPO64.dll
2015-12-03 14:50:19	A88BE9A6C4E646A2B2A1BD3A7F4B58E7	198896	----a-w-	C:\Windows\Sysnative\SRSHP64.dll
2015-12-03 14:50:19	A6286A6C7A1BBFCBA17AA54384A21D1C	204120	----a-w-	C:\Windows\Sysnative\RTEED64A.dll
2015-12-03 14:50:19	A028717B791416182959B325D5B40679	211184	----a-w-	C:\Windows\Sysnative\SRSTSH64.dll
2015-12-03 14:50:19	8814A281406553A2640D6A04702C63BD	14952	----a-w-	C:\Windows\Sysnative\RtkCoLDR64.dll
2015-12-03 14:50:19	6F4CD493196100EEF349D7132CECAFD9	78680	----a-w-	C:\Windows\Sysnative\RTEEG64A.dll
2015-12-03 14:50:19	5A0361A658A9AACD57067EC0920D9CA8	2674320	----a-w-	C:\Windows\Sysnative\RtPgEx64.dll
2015-12-03 14:50:19	4B32FF051BBA15B3EBBD24C4627C281B	869520	----a-w-	C:\Windows\Sysnative\RtkApi64.dll
2015-12-03 14:50:19	2FCADCC14F8E540F6ADE4BF92BD8AEDD	155888	----a-w-	C:\Windows\Sysnative\SRSWOW64.dll
2015-12-03 14:50:19	0CE92F4A3AED23F7E8CF3D4BCA22247C	1262696	----a-w-	C:\Windows\Sysnative\RTCOM64.dll
2015-12-03 14:50:19	0805289E121F3E3C458C970B08314EB2	149608	----a-w-	C:\Windows\Sysnative\RtkCfg64.dll
2015-12-03 14:50:19	018D3D2478754AA411DE6DA6DE5F8F21	518896	----a-w-	C:\Windows\Sysnative\SRSTSX64.dll
2015-12-03 14:50:18	E9D4A333DF15D06C68AC4BFB9B6581CB	310104	----a-w-	C:\Windows\Sysnative\RP3DAA64.dll
2015-12-03 14:50:18	B6FE01558CC03F3866C9AD0ED19261D8	310104	----a-w-	C:\Windows\Sysnative\RP3DHT64.dll
2015-12-03 14:50:18	A543F21F7AD2C1105F8E36872F934B56	1015640	----a-w-	C:\Windows\Sysnative\MaxxAudioAPOShell64.dll
2015-12-03 14:50:18	75616F8DB5C092A8A50AFEC273859DD7	318808	----a-w-	C:\Windows\Sysnative\MaxxAudioAPO20.dll
2015-12-03 14:50:18	66CC7519F0E76F5A1FEFDEA19FFFD18C	105616	----a-w-	C:\Windows\Sysnative\RCoInstII64.dll
2015-12-03 14:50:18	50E41327A6B0312313C5A90A203950CA	65112	----a-w-	C:\Windows\Sysnative\MBppld64.dll
2015-12-03 14:50:18	4CEE426B1FAD0479F95CB23F97EFCDC8	897152	----a-w-	C:\Windows\Sysnative\MBAPO64.dll
2015-12-03 14:50:18	350823AC8941C4F34ABC0FF7C8AE7CCA	2131288	----a-w-	C:\Windows\Sysnative\MaxxAudioEQ.dll
2015-12-03 14:50:18	2E5B4A993514375DC6092DD211262757	83072	----a-w-	C:\Windows\Sysnative\MBWrp64.dll
2015-12-03 14:50:18	107B9F178E0A585A417356F3826D22AC	2533952	----a-w-	C:\Windows\Sysnative\FMAPO64.dll
2015-12-03 14:50:18	09D9D2C960A14D3857B6E5B1AB6F4D0E	60504	----a-w-	C:\Windows\Sysnative\MBPPCn64.dll
2015-12-03 14:50:17	E16FE4D8982ACD755637F4CC9303E00C	202336	----a-w-	C:\Windows\Sysnative\AERTAC64.dll
2015-12-03 14:50:17	B3E9EA31E37EDCC1D54CE20504549ABE	108640	----a-w-	C:\Windows\Sysnative\AERTAR64.dll
2015-12-03 14:36:17	FEC6178962DFF33074D39CA907971405	12800	----a-w-	C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll
2015-12-03 14:36:17	DDED7C5558B3AE09F568945281A9A6D1	44544	----a-w-	C:\Windows\Sysnative\TsUsbGDCoInstaller.dll
2015-12-03 14:36:17	108C257D765AAD2E6EC46557DA0B02BD	13824	----a-w-	C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe
2015-12-03 14:36:16	8E75B1112C374EBDF18FD640DA2F0655	1147392	----a-w-	C:\Windows\Sysnative\mstsc.exe
2015-12-03 14:36:16	7BD2E6E2458A5B95F8341244C7FC7DD4	18944	----a-w-	C:\Windows\Sysnative\wksprtPS.dll
2015-12-03 14:36:16	149A388C17F04AD1F99B477A43BE1A9F	56832	----a-w-	C:\Windows\Sysnative\MsRdpWebAccess.dll
2015-12-03 14:34:46	EB6D501FCFAFF726EA1B50B8276F5F34	709632	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-12-03 14:34:46	A6C4964F3C382592785EACFBA2DA8F6C	3170304	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-12-03 14:34:46	A1D9A6B41647E8F008A25DA7B80708CB	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-12-03 14:34:46	6BB823DF7F117BF4958303B443E8100D	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-12-03 14:34:46	6075791ED85E47A2A2916B1F34582944	2609152	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-12-03 14:34:46	59C2B329F87F46C384F3F139376CD315	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-12-03 14:34:46	4CD20F77149C689703A71561747E7B8D	37888	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-12-03 14:34:46	2E53E71ED8277444E37BAA3932089C45	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-12-03 14:34:46	2B8660213ED7873FCF5C5540023C48F5	98816	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-12-03 14:34:46	233AB915DBB476BFD7218DB553D91DCC	140288	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-12-03 14:34:46	0CF6EFBC9BCC6EDE114F71BCAEE9CCF4	192512	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-12-03 14:34:45	F1FCE953EF04251F17BE828185B9DFA0	419928	----a-w-	C:\Windows\Sysnative\locale.nls
2015-12-03 14:34:45	E78C5E7087763DD4F1C5DAD78D2BA141	7168	----a-w-	C:\Windows\Sysnative\KBDAZEL.DLL
2015-12-03 14:34:45	E3ECD802006128C036FAAD09B6F97F6E	7168	----a-w-	C:\Windows\Sysnative\kbdgeoqw.dll
2015-12-03 14:34:45	AE0F1E593C4AE0A1CE3868C2AA54D8E5	7168	----a-w-	C:\Windows\Sysnative\KBDAZE.DLL
2015-12-03 14:34:45	52B3CAAD627902B8D6E035A25DA4BD09	69120	----a-w-	C:\Windows\Sysnative\nlsbres.dll
2015-12-03 14:34:36	2CE2E6C71FD01B1DF8992EE5768A8CAD	22528	----a-w-	C:\Windows\Sysnative\icaapi.dll
====== C:\Windows\Sysnative\drivers =====
2015-12-03 22:09:17	F49FB3C88E263AE9A246593B0BB29294	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-12-03 22:09:17	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-12-03 22:09:17	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-12-03 14:52:57	439F755B450CF66B139742CA32AACF9F	941272	----a-w-	C:\Windows\Sysnative\drivers\Rt64win7.sys
2015-12-03 14:50:20	C20F64FCD5E2B40310A1774495877ACD	239208	----a-w-	C:\Windows\Sysnative\drivers\RtHDMIVX.sys
2015-12-03 14:50:19	C2F868881D48A568B525255F084EF063	4065296	----a-w-	C:\Windows\Sysnative\drivers\RTKVHD64.sys
2015-12-03 14:50:19	018423F8F2FB945B039A16D05F3B1D50	293889	----a-w-	C:\Windows\Sysnative\drivers\RTAIODAT.DAT
2015-12-03 14:36:17	E9981ECE8D894CEF7038FD1D040EB426	56832	----a-w-	C:\Windows\Sysnative\drivers\TsUsbFlt.sys
2015-12-03 14:34:36	19BEDA57F3E0A06B8D5EB6D619BD5624	39936	----a-w-	C:\Windows\Sysnative\drivers\tssecsrv.sys
2015-11-11 12:44:15	EC0511BB85BAA42A9734011685A6732C	460776	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-11-11 12:44:15	BCC83F22805F560C8A487F2F296A78FE	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-11-11 12:44:15	33D52A96BEEE8AFCE9E07EEC9FE0C9DB	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-11-11 12:44:14	ACB763673BCCE6C7B3B8F858C9FE4F1F	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-11-11 12:44:14	7C81098FBAF2EAF5B54B939F832B0F61	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-11-11 12:44:14	73ADDCC406B86E7DA4416691E8E74BDA	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-11-11 12:44:12	AA77EB517D2F07A947294F260E3ACA83	118272	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2015-11-11 12:44:12	9A4A1EEE802BF2F878EE8EAB407B21B7	497664	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2015-11-11 12:44:11	F7309F42555F8AAB7144A51A1F2585B0	950720	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-12-04 15:39:58	--------	d-----w-	C:\Program Files\trend micro
2015-11-27 14:41:43	--------	d-----w-	C:\Program Files\Common Files\ATI Technologies
2015-11-27 14:41:35	--------	d-----w-	C:\Program Files\AMD
======= C:\PROGRA~2 =====
2015-12-05 11:14:40	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-11-27 14:42:22	--------	d-----w-	C:\PROGRA~2\COMMON~1\ATI Technologies
2015-11-27 14:42:06	--------	d-----w-	C:\PROGRA~2\AMD
======= C: =====
2015-11-29 16:42:53	85D55C61B4D0F2CFA15D0F91C8FB36D9	3712	------w-	C:\bootsqm.dat
====== C:\Users\Simon\AppData\Roaming ======
2015-12-05 11:14:32	--------	d-----w-	C:\Users\Simon\AppData\Roaming\Sun
2015-12-05 11:14:12	--------	d-----w-	C:\Users\Simon\AppData\Locallow\Oracle
2015-12-03 21:16:34	F4788756C550C6D49C12E238BB3BB778	198048	----a-w-	C:\Users\Simon\AppData\Roaming\1.zip
2015-12-03 21:15:40	--------	d-----w-	C:\Users\Simon\AppData\Roaming\240AFCF7-24FE-483B-B25F-4ACEA39F2493
2015-12-03 14:52:22	--------	d-----w-	C:\Users\Simon\AppData\Locallow\Intel
2015-12-01 14:29:42	--------	d-----w-	C:\Users\Simon\AppData\Local\Chromium
2015-11-27 15:09:04	--------	d-----w-	C:\Users\Simon\AppData\Roaming\AMD
2015-11-27 14:43:21	--------	d-----w-	C:\Users\Simon\AppData\Roaming\ATI
2015-11-27 14:43:21	--------	d-----w-	C:\Users\Simon\AppData\Local\ATI
2015-11-26 19:08:13	8D665366C071D476F78046AA9494594D	112104	----a-w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-25 14:06:58	--------	d-----w-	C:\Users\Simon\AppData\Roaming\uplay
2015-11-25 02:45:14	366044A0C977A22BBE9053C449CEA1E5	466944	----a-w-	C:\Users\Simon\AppData\Roaming\Nvidia.exe
2015-11-18 20:31:16	--------	d-----w-	C:\Users\Simon\AppData\Roaming\Kops
2015-11-10 15:19:09	--------	d-----w-	C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
====== C:\Users\Simon ======
2015-12-05 11:14:32	--------	d-----w-	C:\Users\Simon\.oracle_jre_usage
2015-12-05 11:14:00	81EDCA9D9BFDDB931ED448078762A31A	584288	----a-w-	C:\Users\Simon\Downloads\chromeinstall-8u66.exe
2015-12-04 15:38:13	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Simon\Desktop\RSITx64.exe
2015-12-03 14:45:03	1EE80043DD867F96EF32544CD0842154	3849416	----a-w-	C:\Users\Simon\Downloads\motherboard_driver_lan_realtek_8111_w7.exe
2015-12-03 14:44:58	7086AFF5C81D61BE8D4F02019FA79C16	60061952	----a-w-	C:\Users\Simon\Downloads\mb_driver_intel_me_6series.exe
2015-12-03 14:44:56	05233E0CBF5677A6540E8AEB2FCB5DDB	1302384	----a-w-	C:\Users\Simon\Downloads\mb_driver_chipset_intel_6series.exe
2015-12-03 14:44:50	0603746CD6621C41456C617614807AEB	115214047	----a-w-	C:\Users\Simon\Downloads\mb_driver_audio_realtek_azalia_6series.exe
2015-12-03 14:02:59	--------	d-----w-	C:\ProgramData\ESET
2015-11-27 14:43:21	--------	d-----w-	C:\ProgramData\ATI
2015-11-27 14:42:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-11-27 14:30:32	766DEEE442D791E4B94186D4A8C77269	300806184	----a-w-	C:\Users\Simon\Downloads\amd-catalyst-15.7.1-with-dotnet45-win7-64bit.exe
2015-11-25 02:45:14	--------	d-----w-	C:\ProgramData\448561
2015-11-25 02:45:14	--------	d-----w-	C:\ProgramData\448461
2015-11-18 20:30:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-11-16 13:10:41	--------	d-----w-	C:\ProgramData\SkidRow
2015-11-15 16:29:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astragon Entertainment GmbH

====== C: exe-files ==
2015-12-05 11:14:26	FDF059C05249FAEA0221ED65CD59A9C8	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe
2015-12-05 11:14:26	F003BBCB09CACF8A9F4CE0C67A2D6E63	278624	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe
2015-12-05 11:14:26	EFC80BC662BCC20B0B09700636FDC732	30816	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe
2015-12-05 11:14:26	D8EEED21B06866E85DA30485F5059FF6	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe
2015-12-05 11:14:26	CA51FB3FE5012E21D9A14AC071527866	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe
2015-12-05 11:14:26	ADAF1151B29D2D1691FA027B6C55B3D7	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe
2015-12-05 11:14:26	A9E84AD3536425BC68263B723C2442E4	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe
2015-12-05 11:14:26	8977B87AB10AB1DA8769CA0053B401B0	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe
2015-12-05 11:14:26	7BE9BE6E15653824A28F5CED6B273588	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe
2015-12-05 11:14:26	7BDD7F1BC2A20971DEE17B6920D61BBC	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe
2015-12-05 11:14:26	73368169BFD965EC6257E77C23CED879	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe
2015-12-05 11:14:26	525027DF51378DDA25F0F52C20BCB132	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe
2015-12-05 11:14:26	46AB480B01CD30801B3AE89B5AAE75A8	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe
2015-12-05 11:14:26	3B306D41F07396975ECE34A860BD9036	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe
2015-12-05 11:14:26	36A44033C6B970F95E2A1448F4481CEA	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe
2015-12-05 11:14:26	28FB06FC63D5817153B5502A49DF3F00	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe
2015-12-05 11:14:26	17A8DD2484DC26E38DFE3209C8B36980	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe
2015-12-05 11:14:26	0B82777B13B81417E5520DF7B1E8C319	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe
2015-12-05 11:14:26	0A3936FE18FC04350159A1E647201501	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe
2015-12-05 11:14:26	092F4D3C25F3086D4C7FDEC79DD71302	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe
2015-12-05 11:14:26	04D67FF5044A605F1E7D923A1D6F1751	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe
2015-12-05 11:14:00	81EDCA9D9BFDDB931ED448078762A31A	584288	----a-w-	C:\Users\Simon\Downloads\chromeinstall-8u66.exe
2015-12-04 17:12:02	45FBEE0A27BAFFBDF1AB7A02539C91DF	850432	---h--w-	C:\Users\Simon\AppData\Local\Temp\jorjemia32.exe
2015-12-04 15:39:58	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Simon.exe
2015-12-04 15:38:13	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Simon\Desktop\RSITx64.exe
2015-12-04 13:04:18	2686F572B3CAF633C4A350A3671835F2	429568	----a-w-	C:\Windows\System32\wksprt.exe
2015-12-04 13:04:16	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\System32\TSWbPrxy.exe
2015-12-03 22:57:10	EC0FAADC62E1C1DADA953DE433BEFB01	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe
2015-12-03 22:57:10	BA7396EF42213C0F84343C186610B851	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateWebPlugin.exe
2015-12-03 22:57:09	AD8495335C1A605A4E0E32334DF52303	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateBroker.exe
2015-12-03 22:57:09	1D652959033B873B77B8D5A12011FD85	927824	----a-w-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateSetup.exe
2015-12-03 22:57:04	5424FDF3776F5458EAFAABFB87AA9285	130888	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateComRegisterShell64.exe
2015-12-03 22:57:03	88FBBB1C601A6BC42054E57C2897FA45	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdate.exe
2015-12-03 22:57:03	7DC16FAEA44C8D96A1C113305A4059A2	245576	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
2015-12-03 22:57:03	73F542663FD48B49A798A56DAA18C136	307016	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
2015-12-03 22:57:01	1D652959033B873B77B8D5A12011FD85	927824	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.1\GoogleUpdateSetup.exe
2015-12-03 21:56:05	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---ha-w-	C:\$Recycle.Bin\S-1-5-21-21300297-881835126-3664115066-1000\$RKHPAFX\protikted32.exe
2015-12-03 21:55:58	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---ha-w-	C:\$Recycle.Bin\S-1-5-21-21300297-881835126-3664115066-1000\$RHGWH0T\protikted32.exe
2015-12-03 21:36:46	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---ha-w-	C:\$Recycle.Bin\S-1-5-21-21300297-881835126-3664115066-1000\$ROLVC33\protikted32.exe
2015-12-03 21:36:43	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---h--w-	C:\Users\Simon\AppData\Local\Temp\tahtirkek32\tahtirkek32.exe
2015-12-03 21:19:31	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---h--w-	C:\Users\Simon\AppData\Local\Temp\protikted32\protikted32.exe
2015-12-03 21:07:32	09FBB1525C066A4DC77A39B72A6AFCA0	532992	---h--w-	C:\Users\Simon\AppData\Local\Temp\coctrl32\coctrl32.exe
2015-12-03 14:52:57	1DD071EF86CC8E5C020A484F852F2245	187024	----a-w-	C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE
2015-12-03 14:52:14	3DE66F47365AA8CEB18B1EE272F4FEBA	390616	----a-w-	C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2015-12-03 14:50:36	9D180E0F6D690D9EA4FD6A1EC31AB1E3	1687656	------w-	C:\Program Files (x86)\Realtek\Audio\InstallShield\Rtkupd64.exe
2015-12-03 14:50:20	AC39DA886E6E0ED09DA742B8AAEA202C	190496	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtkAudioSrvATI64.exe
2015-12-03 14:50:20	65306A2C289A54A32C986CBC3D52297A	1682536	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtkUpd64.exe
2015-12-03 14:50:20	65306A2C289A54A32C986CBC3D52297A	1682536	------w-	C:\Program Files (x86)\Realtek\Audio\Drivers\RtkUpd64.exe
2015-12-03 14:50:19	9D180E0F6D690D9EA4FD6A1EC31AB1E3	1687656	----a-w-	C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe
2015-12-03 14:50:19	9D180E0F6D690D9EA4FD6A1EC31AB1E3	1687656	------w-	C:\Program Files (x86)\Realtek\Audio\Drivers\RtlUpd64.exe
2015-12-03 14:50:19	9B0329BAB7B9C6702D4DFAEABBD370A6	1833576	----a-w-	C:\Program Files\Realtek\Audio\HDA\SkyTel.exe
2015-12-03 14:50:18	834A309C2FDF52FC09353F348CFE1235	12503184	----a-w-	C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2015-12-03 14:50:18	5890F875035DBF84037CD3502AAA96CD	1212560	----a-w-	C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2015-12-03 14:50:18	0C57BAD785EEAD029ABF6CBCF43E9A39	51776	----a-w-	C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2015-12-03 14:50:17	D1E343BC00136CE03C4D403194D06A80	98208	----a-w-	C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
2015-12-03 14:50:17	49B3D2077199C44C1F3BBB16B4094AE6	121064	----a-w-	C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
2015-12-03 14:50:15	D87A2C80695F22C428BD4A64291D45E3	5632	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2015-12-03 14:49:07	49B3D2077199C44C1F3BBB16B4094AE6	121064	------w-	C:\Program Files (x86)\Realtek\Audio\Drivers\HDADrv\Setup.exe
2015-12-03 14:45:03	1EE80043DD867F96EF32544CD0842154	3849416	----a-w-	C:\Users\Simon\Downloads\motherboard_driver_lan_realtek_8111_w7.exe
2015-12-03 14:44:58	7086AFF5C81D61BE8D4F02019FA79C16	60061952	----a-w-	C:\Users\Simon\Downloads\mb_driver_intel_me_6series.exe
2015-12-03 14:44:56	05233E0CBF5677A6540E8AEB2FCB5DDB	1302384	----a-w-	C:\Users\Simon\Downloads\mb_driver_chipset_intel_6series.exe
2015-12-03 14:44:50	0603746CD6621C41456C617614807AEB	115214047	----a-w-	C:\Users\Simon\Downloads\mb_driver_audio_realtek_azalia_6series.exe
2015-12-03 14:36:17	108C257D765AAD2E6EC46557DA0B02BD	13824	----a-w-	C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2015-12-03 14:36:16	8E75B1112C374EBDF18FD640DA2F0655	1147392	----a-w-	C:\Windows\System32\mstsc.exe
2015-12-03 14:36:16	4676AAA9DDF52A50C829FEDB4EA81E54	1068544	----a-w-	C:\Windows\SysWOW64\mstsc.exe
2015-12-03 14:34:46	58B9CFDD032CB92CEC0D3E8454E4C766	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-12-03 14:34:46	4CD20F77149C689703A71561747E7B8D	37888	----a-w-	C:\Windows\System32\wuapp.exe
2015-12-03 14:34:46	233AB915DBB476BFD7218DB553D91DCC	140288	----a-w-	C:\Windows\System32\wuauclt.exe
2015-12-03 14:03:29	7D19B84C00EE089930247281B79DD656	372936	----a-w-	C:\Users\Simon\AppData\Local\Temp\InstHelper.exe
2015-12-02 23:01:09	CEEA42A9A2BEFFA33659CC7555231663	535040	---h--w-	C:\Users\Simon\AppData\Local\Temp\oddewor32\oddewor32.exe
2015-12-02 22:56:03	CEEA42A9A2BEFFA33659CC7555231663	535040	---ha-w-	C:\bjex\protikted32.exe
2015-12-02 11:57:21	1C7B42662625CB22E1CAA241A1D845CC	6912080	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.73\47.0.2526.73_46.0.2490.86_chrome_updater.exe
2015-11-30 17:19:45	4FAD04276AB2A54DB27F94F6F8A8C861	504832	----a-w-	C:\Windows\SysWOW64\clientmonitor.exe
2015-11-30 17:17:34	4FAD04276AB2A54DB27F94F6F8A8C861	504832	----a-w-	C:\Users\Simon\AppData\Local\Temp\sterbolid32.exe
2015-11-29 23:38:08	D1ADD04BC7F06DA72CA5320DA5C07E95	448000	----a-w-	C:\Windows\Temp\sleim32.exe
2015-11-29 14:42:19	7B5AD3FB9FEE47606EC45EA5F712D8BB	458752	----a-w-	C:\Users\Simon\AppData\Local\Temp\F1Hzt02YSCHi.exe
2015-11-28 16:55:20	2DFAF11030658660AF5D97875366E27B	495616	----a-w-	C:\Users\Simon\AppData\Local\Temp\TVQ6a5RdbqgT.exe
2015-11-28 15:32:29	4FAD04276AB2A54DB27F94F6F8A8C861	504832	----a-w-	C:\ProgramData\448461\kolodre32.exe
2015-11-28 15:32:24	2DFAF11030658660AF5D97875366E27B	495616	----a-w-	C:\Users\Simon\AppData\Local\Temp\ytF39O1bHL8e.exe
2015-11-28 15:26:47	E72C4ED7733CA1CBD0BDDBA1400D8179	832512	----a-w-	C:\Users\Simon\AppData\Local\Temp\zMi2FVCAVus1.exe
=== C: other files ==
2015-12-05 11:14:26	4DB4B1F67E583B41F841F48254BE38E3	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip
2015-12-03 22:09:17	F49FB3C88E263AE9A246593B0BB29294	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-12-03 22:09:17	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-12-03 22:09:17	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-12-03 21:16:34	F4788756C550C6D49C12E238BB3BB778	198048	----a-w-	C:\Users\Simon\AppData\Roaming\1.zip
2015-12-03 14:52:57	439F755B450CF66B139742CA32AACF9F	941272	----a-w-	C:\Windows\System32\drivers\Rt64win7.sys
2015-12-03 14:52:57	439F755B450CF66B139742CA32AACF9F	941272	----a-w-	C:\Program Files (x86)\Realtek\NICDRV_8169\WIN7\rt64win7.sys
2015-12-03 14:50:20	C20F64FCD5E2B40310A1774495877ACD	239208	----a-w-	C:\Windows\System32\drivers\RtHDMIVX.sys
2015-12-03 14:50:19	C2F868881D48A568B525255F084EF063	4065296	----a-w-	C:\Windows\System32\drivers\RTKVHD64.sys
2015-12-03 14:36:17	E9981ECE8D894CEF7038FD1D040EB426	56832	----a-w-	C:\Windows\System32\drivers\TsUsbFlt.sys
2015-12-03 14:34:36	19BEDA57F3E0A06B8D5EB6D619BD5624	39936	----a-w-	C:\Windows\System32\drivers\tssecsrv.sys
2015-11-30 13:55:03	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Simon\AppData\Roaming\Raptr\data\raptrguest8w76em6g\config\certificates\x509\tls_peers\xmpp-server7.raptr.com
2015-11-30 09:00:09	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Simon\AppData\Roaming\Raptr\data\raptrguest8w76em6g\config\certificates\x509\tls_peers\xmpp-server5.raptr.com
2015-11-29 17:37:46	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Simon\AppData\Roaming\Raptr\data\raptrguest8w76em6g\config\certificates\x509\tls_peers\xmpp-server3.raptr.com
2015-11-29 16:44:21	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Simon\AppData\Roaming\Raptr\data\raptrguest8w76em6g\config\certificates\x509\tls_peers\xmpp-server8.raptr.com
2015-11-29 16:13:20	CDF45276041F6B24B930A9A08CE081BE	39445	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0I1VK0G\System.ServiceModel.Web.Extensions[1].zip
2015-11-29 16:13:20	234A644C9D46BEDB966DB2ADDCDBA808	25710	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K0I1VK0G\System.ComponentModel.DataAnnotations[1].zip
2015-11-29 15:48:19	FCD25445C1A3E24E25DCF2E3D1F1367B	92817	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1994NI8V\System.Windows.Controls[1].zip
2015-11-29 15:48:19	ECDC5F4BFF60A1A0341A0A1152185681	13485	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1994NI8V\System.ComponentModel.Composition.Initialization[2].zip
2015-11-29 15:48:19	EC7FBD94FD4DC982996B55244EDB54D8	180329	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNFWOOQ3\Microsoft.CSharp[1].zip
2015-11-29 15:48:19	7E0428585CE011773183B0EB40218AEC	119240	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JNFWOOQ3\System.Xml.Serialization[1].zip
2015-11-29 15:48:19	77857A69AD319C70114D2856CFB14866	23573	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1994NI8V\System.Windows.Controls.Data.Input[1].zip
2015-11-29 15:48:19	5BF38779F83CA64C33AC237555664E54	35271	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1994NI8V\System.ServiceModel.DomainServices.Client.Web[2].zip
2015-11-29 15:48:19	02333CFFBA7D54D2D338452764DDBE42	73130	----a-w-	C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1994NI8V\System.ServiceModel.DomainServices.Client[2].zip
2015-11-29 14:01:55	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Simon\AppData\Roaming\Raptr\data\raptrguest8w76em6g\config\certificates\x509\tls_peers\xmpp-server2.raptr.com
2015-11-28 11:45:31	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Simon\AppData\Roaming\Raptr\data\raptrguest8w76em6g\config\certificates\x509\tls_peers\xmpp-server4.raptr.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-21300297-881835126-3664115066-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Protected system"="C:\Users\Simon\AppData\Roaming\bjex\protikted32.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Protected system"="C:\Users\Simon\AppData\Roaming\bjex\protikted32.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CAHS1Sound]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CAHS1Sound"
"hkey"="HKLM"
"command"="C:\\Windows\\syswow64\\RunDll32.exe C:\\Windows\\Syswow64\\CAHS1.dll,CMICtrlWnd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Microsoft Updater]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Microsoft Updater"
"hkey"="HKCU"
"command"="\"C:\\Users\\Simon\\Downloads\\Silverlight.exe\" 518223"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WPA Service]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WPA Service"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\WPA Service\\wpasv.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\LOLRecorder.lnk"
"backup"="C:\\Windows\\pss\\LOLRecorder.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="E:\\PROGRA~1\\LOLREP~1\\LOLREC~1.EXE -minimize"
"item"="LOLRecorder"


==== Startup Folders ======================

2013-12-02 16:00:07	289	----a-w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD
2013-12-02 16:00:07	289	----a-w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD
2014-08-20 13:38:09	0	----a-w-	C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2015-05-01 11:53:27	0	----a-w-	C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk
2015-12-04 17:12:16	697	----a-w-	C:\Users\Simon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Update.lnk
2015-12-04 15:30:55	1040	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [01-12-2013 16:58]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-21300297-881835126-3664115066-1000Core.job --a------ C:\Users\Simon\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17-06-2015 12:27]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-21300297-881835126-3664115066-1000UA.job --a------ C:\Users\Simon\AppData\Local\Dropbox\Update\DropboxUpdate.exe [17-06-2015 12:27]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 23:41]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 23:41]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-21300297-881835126-3664115066-1000Core" [C:\Users\Simon\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-21300297-881835126-3664115066-1000UA" [C:\Users\Simon\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{1B6C1E52-9F58-4497-9280-CC8230D0A28B}" [C:\Program Files (x86)\The SIMS 4 Deluxe Edition\Game\Bin\The.Sims.4.Launcher.exe]
"C:\Windows\SysNative\tasks\{E59B0B60-5196-4D0C-8089-50B1CC214318}" [C:\Program Files (x86)\The SIMS 4 Deluxe Edition\Game\Bin\The.Sims.4.Launcher.exe]
"C:\Windows\SysNative\tasks\{EEB06FFA-47C9-45E8-A47F-FCFBBF4CFD32}" [C:\Users\Simon\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe]
"C:\Windows\SysNative\tasks\{F9904CB9-1732-42CE-942B-B1A0C06E3B87}" [C:\Users\Simon\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12-10-2015 08:31]

Google Docs - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
SIH - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl
Google Search - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Block site - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh
LoungeDestroyer - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl
Google Docs Offline - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
AdBlock - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Vince - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgpdhkfmndlnlmmhcalabijjpogicdpa
Chrome Web Store Payments - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Simon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.reimageplus.com_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.reimageplus.com_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdncache-a.akamaihd.net_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovigo.com_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovigo.com_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.nl"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Updater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPA Service deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Simon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Simon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1572 folders=238 442082827 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Simon\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Simon\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\448461\kolodre32.exe"  not found
"C:\PROGRA~3\448461\kolodre32.exe"  not found
"C:\PROGRA~3\448561\448464\1"  not found
"C:\PROGRA~3\448461"  not found
"C:\PROGRA~3\448561"  not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on za 05-12-2015 at 12:31:02,05 ======================