
Zoek.exe Version 5.0.0.0 Updated 06-December-2015
Tool run by Dirk on di 08/12/2015 at 16:04:29,19.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Software 2015\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-05-11-094336.log	64671 bytes
C:\zoek-results2015-05-15-092733.log	65081 bytes
C:\zoek-results2015-05-16-091424.log	68529 bytes

==== Empty Folders Check ======================

C:\Users\Dirk 2\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Dirk\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Dirk\AppData\Local\EmieSiteList deleted successfully
C:\Users\Dirk\AppData\Local\EmieUserList deleted successfully
C:\Users\Dirk 2\AppData\Local\EmieSiteList deleted successfully
C:\Users\Dirk 2\AppData\Local\EmieUserList deleted successfully
C:\Users\Dirk 2\AppData\Local\{2EDBDA69-FD33-4027-BDF7-9A5A8FDC1212} deleted successfully
C:\Users\Dirk 2\AppData\Local\{35FA1027-901F-4E8F-845E-737B98332472} deleted successfully
C:\Users\Dirk 2\AppData\Local\{B1E2C430-91DC-444D-9817-24EFFAC32CEB} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\firefox@gingersoftware.2.0.0.74.com deleted successfully

==== Deleting Files \ Folders ======================


==== Registry Search Results for "dssrequest" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\dssrequest]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\dssrequest]

==== Registry Search Results for "sacore" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DAABE21E-DB8C-49b8-9511-9E6547ECBC5F}]
"AppName"="McSACore.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1979E8FF-4A11-4B60-AE19-BB8CBE8B829C}]
@="IMcSACore"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5022E998-676C-442A-897C-9DBD268FE261}]
@="IMcSACoreCheckSum"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\sacore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1979E8FF-4A11-4B60-AE19-BB8CBE8B829C}]
@="IMcSACore"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{5022E998-676C-442A-897C-9DBD268FE261}]
@="IMcSACoreCheckSum"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\PROTOCOLS\Handler\sacore]

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Dirk\AppData\Local\Temp ====
2015-12-08 14:38:56	ECA3AE15FC14FF9736F637143F4C5A96	71168	----a-w-	C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpagnlvb.dll
2015-12-07 14:23:34	282791611C9DBA51A4425DE58CC8DF27	7710720	----a-w-	C:\Users\Dirk\AppData\Local\Temp\12071523-00001bf8-83jerm61kh\WLXSuite.msi
2015-12-03 08:32:50	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Dirk\AppData\Local\Temp\GURFD22.exe
====== Java Cache =====
2015-12-08 10:46:18	4F85459CEC4F78A3987FFFD5B6A816C5	605	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-66effad2
2015-12-08 10:46:18	9C14FC92798C093CE12F19C44E018831	428	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap
2015-12-08 10:46:18	C9588417B10E1D770E3E5DA1F3510AE5	8425	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-681c47ec
2015-12-08 10:46:26	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Dirk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-2b43d9e0
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-12-07 14:24:54	8DE1B4F579F8F8897409856F3BB7A7D2	58056	----a-w-	C:\Windows\Sysnative\drivers\fssfltr.sys
2015-11-13 09:47:38	33D52A96BEEE8AFCE9E07EEC9FE0C9DB	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-11-13 09:47:37	EC0511BB85BAA42A9734011685A6732C	460776	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-11-13 09:47:35	BCC83F22805F560C8A487F2F296A78FE	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-11-13 09:47:33	ACB763673BCCE6C7B3B8F858C9FE4F1F	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-11-13 09:47:33	7C81098FBAF2EAF5B54B939F832B0F61	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-11-13 09:47:33	73ADDCC406B86E7DA4416691E8E74BDA	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-11-13 09:46:38	AA77EB517D2F07A947294F260E3ACA83	118272	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2015-11-13 09:46:38	9A4A1EEE802BF2F878EE8EAB407B21B7	497664	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2015-11-13 09:46:28	F7309F42555F8AAB7144A51A1F2585B0	950720	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
====== C:\Windows\Tasks ======
2015-12-03 09:35:37	--------	d-----w-	C:\Windows\Sysnative\Tasks\Leader Technologies
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-12-07 14:24:32	--------	d-----w-	C:\Program Files\Windows Live
======= C:\PROGRA~2 =====
2015-12-08 10:44:39	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-12-07 14:17:22	--------	d-----w-	C:\PROGRA~2\Microsoft OneDrive
======= C: =====
====== C:\Users\Dirk\AppData\Roaming ======
2015-12-03 09:35:24	--------	d-----w-	C:\Users\Dirk\AppData\Roaming\Leadertech
2015-11-13 09:50:49	--------	d-----w-	C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
====== C:\Users\Dirk ======
2015-12-08 10:38:07	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\Dirk\Downloads\JavaSetup8u66 (1).exe
2015-12-08 10:37:51	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\Dirk\Downloads\JavaSetup8u66.exe
2015-12-07 18:36:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Dirk\Downloads\RSITx64.exe
2015-12-07 14:17:15	--------	d-----r-	C:\Users\Dirk\OneDrive
2015-12-07 14:16:50	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2015-12-07 10:14:39	D1FD677582820AB3A60528EAC18FE31C	1243328	----a-w-	C:\Users\Dirk\Downloads\wlsetup-web.exe
2015-11-28 14:31:02	56D908278E935A9CF12D571FF29C81E2	929872	----a-w-	C:\Users\Dirk\Dropbox\chromecastinstaller.exe
2015-11-28 14:29:51	56D908278E935A9CF12D571FF29C81E2	929872	----a-w-	C:\Users\Dirk\Downloads\chromecastinstaller.exe

====== C: exe-files ==
2015-12-08 10:43:41	FDF059C05249FAEA0221ED65CD59A9C8	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe
2015-12-08 10:43:41	F003BBCB09CACF8A9F4CE0C67A2D6E63	278624	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe
2015-12-08 10:43:41	EFC80BC662BCC20B0B09700636FDC732	30816	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe
2015-12-08 10:43:41	D8EEED21B06866E85DA30485F5059FF6	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe
2015-12-08 10:43:41	CA51FB3FE5012E21D9A14AC071527866	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe
2015-12-08 10:43:41	ADAF1151B29D2D1691FA027B6C55B3D7	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe
2015-12-08 10:43:41	A9E84AD3536425BC68263B723C2442E4	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe
2015-12-08 10:43:41	8977B87AB10AB1DA8769CA0053B401B0	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe
2015-12-08 10:43:41	7BE9BE6E15653824A28F5CED6B273588	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe
2015-12-08 10:43:41	7BDD7F1BC2A20971DEE17B6920D61BBC	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe
2015-12-08 10:43:41	73368169BFD965EC6257E77C23CED879	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe
2015-12-08 10:43:41	525027DF51378DDA25F0F52C20BCB132	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe
2015-12-08 10:43:41	46AB480B01CD30801B3AE89B5AAE75A8	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe
2015-12-08 10:43:41	3B306D41F07396975ECE34A860BD9036	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe
2015-12-08 10:43:41	36A44033C6B970F95E2A1448F4481CEA	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe
2015-12-08 10:43:41	28FB06FC63D5817153B5502A49DF3F00	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe
2015-12-08 10:43:41	17A8DD2484DC26E38DFE3209C8B36980	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe
2015-12-08 10:43:41	0B82777B13B81417E5520DF7B1E8C319	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe
2015-12-08 10:43:41	0A3936FE18FC04350159A1E647201501	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe
2015-12-08 10:43:41	092F4D3C25F3086D4C7FDEC79DD71302	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe
2015-12-08 10:43:41	04D67FF5044A605F1E7D923A1D6F1751	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe
2015-12-08 10:40:34	4DF8AE87AF8B98D84F2D0C0B66550E5B	6000232	----a-w-	C:\ProgramData\Avg\Setup\av\avgmfapx.exe
2015-12-08 10:40:34	3CAF959D7275C91B2DB96BF60AFEB6EF	71592	----a-w-	C:\ProgramData\Avg\Setup\av\avguirux.exe
2015-12-08 10:38:07	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\Dirk\Downloads\JavaSetup8u66 (1).exe
2015-12-08 10:37:51	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\Dirk\Downloads\JavaSetup8u66.exe
2015-12-08 10:17:14	9F76983EE43584A1A10B8B08B3BF1615	43870800	----a-w-	C:\Program Files (x86)\Google\Update\Install\{4147A623-B765-4F20-A901-629C2083AA7C}\47.0.2526.73_chrome_installer.exe
2015-12-08 10:17:13	9F76983EE43584A1A10B8B08B3BF1615	43870800	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.73\47.0.2526.73_chrome_installer.exe
2015-12-07 18:36:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Dirk\Downloads\RSITx64.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\zu6njsxi\yztw04zc.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\zq42dteu\oi47c3y2.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\zm9364x9\pwkk726a.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\zkzrufiy\pvelxwdb.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\z3dascmu\0qgogaac.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\yhsu8ehy\5yqmbud4.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\yhsetb44\0kcq39sy.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\xui98dbv\57rsq8qu.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\xqgxlmb3\65bnjfpa.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\xorwqwhq\tb27gcn6.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\xjuc0f16\rwqh1nd0.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\xeow1um0\i5xq0jmz.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\wej1y718\ctuwnhht.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\wdfxbt97\l7xgnrkz.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\vxsfcoai\4qiyjy3h.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\vt9g9it9\pm6i8d8a.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\viisxegq\0zrtn7im.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\vheqbfa8\xgw4p4la.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\vfmt8bm9\n3nvfs0t.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\vf2vnkm9\uzprz83b.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\vdelz9ja\bhhyinx9.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\v485iwsf\v55r7heg.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\uwmkiazr\ndn0652m.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\uv1gx2to\0fqlql3i.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\u8xgb1jw\f0bfeu77.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\u8low4tz\w2edelnw.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\u0if2son\f0ezsgtm.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\tpmo0cce\qmem5p1i.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\tkpiyvbk\2igwu6ug.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\tekxyx0o\96xoxos5.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\t2yqt7rf\t20wqccm.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\t2f2z0fo\jwg13rac.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\t0i5a09j\55yu2u5n.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\szy3mfc0\51val1ji.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\srhr8tg6\bo4fbzy2.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\so3z993w\loyl80jn.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\sexbgrgo\6opddwoj.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\sbeindv5\5kg8y9ql.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\rrs5mqg4\4fc5qwbk.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\rfdpryf6\1x7y2nt2.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\r6c5onbx\ip7svard.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\qp7alwos\0q4td9yg.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ql0bm77k\0j8qltwt.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\p1j8ttao\r0u5tciu.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\oaun04y1\rz26p2ps.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\oacay26g\je1tbztf.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\noev8cai\vn5av0uf.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ne02sk39\pyywe4ct.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\n86infgq\6cmexxqf.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\n12c5m51\45mtnk41.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\mub42tj8\6mf9wz5r.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\mr8mggft\6saze60h.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\mr03nzv5\nkcyy6w5.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\mflzz7fb\kdegidsa.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\m3ipr0bl\lr5xazqo.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\lsnnzlec\762uc4je.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\losn2d86\fiksm7ta.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\llkoz0ph\1pw280co.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\la8invjb\vsger8hm.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\l7l6049u\326ao1zt.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\l4bqlf6i\vyldkwa6.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ksc6an0j\qunii3g8.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\kfvtrv9v\s5ewqkur.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\k7y9xlzb\qzx4u7is.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\k20bb5wk\a92nk17f.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\jwyb3d4c\82g8pz4w.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\jpbiyyvr\ljfo3jna.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\jlkk5ycj\rw4uy7i7.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\jjdeqgq3\y5dlpxki.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\jdkvt7ak\6vp6h2ys.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\jc5m47u9\fwyro2bg.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ire40wel\jdo9g01z.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\i8zszcwi\7z1zj3jr.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\i6bwe1ww\b8uirbzl.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\i4ro1iv5\4odiipvq.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\hdhlgnfc\p9ytddfn.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\h5c58ubb\8g6j02ho.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gsmm3yvm\nqkdobvm.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gsjq518x\i5f1i8dd.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gsgk8gcq\yljw6oav.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gne8ol0r\z9y9h5ql.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gm7lawk8\q274ok1m.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gerj1d0y\vux17rq8.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gag4orha\ir80ko4x.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\g846wg5l\39k79nrj.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\frmhzb81\xhw83vh5.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\fqyfb5vz\darpqg6d.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\f2tedejc\u48hqvn9.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\f0deci28\94e59b78.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\efjijuzs\oo2onte6.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\dzap0cxb\3d0lm5e1.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\dsdc3oyh\cel7ytgz.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\dnyu9pss\93pw99yb.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\dmbr1u1w\727llqxm.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\cx00fb06\cmmqihli.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\cvz0dp9q\5d1mg91u.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\cnsoa7o0\kldc6ycr.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\cmjxabwd\9866fcbl.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\cm3r6afw\z3gz4rx8.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\cl164a8l\suzol8ui.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\c4dzpuve\db23svk5.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\bpzjzc0f\9iwrhy09.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\bo6g2wpj\v3o6cdb3.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\bhjxqbk0\xmktxojv.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\bhf4dnnt\h7omp49s.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ax8wemr7\k4hxv3iy.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\arhertii\iid89kfe.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\afxwypdo\hrh5xs4a.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\a6favmdb\n96t0wxm.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\a5z0vogv\h15sxf5g.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\a4j4e5cn\hrojfpww.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\9yb150ji\mi71wn5s.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\9pzi8jw4\wczmxo12.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\9hypgpav\0clm9aw9.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\9d2nwwgf\c89c3i75.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\8iw11zte\04q72i9v.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\8afh7v9t\jquhfz5q.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\83l6l6xw\sd2pb8ms.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\7rqcco2x\zjgbtv1p.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\7kmucaqx\4q0a7o08.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\77hwtity\jvbywy4o.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\75fvi2ne\2i47q9ch.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\6unnlkbx\jonarpxq.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\6qjmdqxd\kzhkibjs.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\6nsrjbrb\8uzuz2ma.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\6n9bfkg0\ed29w42q.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\6fooeyjx\b2o4va8s.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\6d67absc\2lqn4185.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\5vktmc3e\vdo3sdmx.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\5ojtuze6\rxxlhhs7.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\5j43ha2m\2l9ghcud.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\5fgmolab\3po2gc57.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\5cfmbx8h\gatb7ilx.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\4z3anmfv\0c70a1ik.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\4pejywna\05lmiekl.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\3vpy1u8i\fygvmph1.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\35zi9z0c\4q2mve5n.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\2sbhoens\9eouprl8.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\2l48811g\zvaqpmjj.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\28u6ov1i\v1761kga.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\1zewenf2\2w4k1sbg.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\10h1jbp9\mn0zc4xf.exe
2015-12-07 14:20:33	B3695953F17EB4EF1C67422007304546	65896	----a-w-	C:\Users\Dirk\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\0mv1n92l\bhoa01x2.exe
2015-12-07 14:17:57	1C7B42662625CB22E1CAA241A1D845CC	6912080	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.73\47.0.2526.73_46.0.2490.86_chrome_updater.exe
2015-12-07 14:17:22	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe
2015-12-07 14:17:22	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\271b67df1d130f903\onedrivesetup.exe
2015-12-07 14:17:10	1553313A94B927B65FCD27635BF49866	257224	----a-w-	C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
2015-12-07 14:17:09	B18FF6F1680E0B2E2F2A63AD2F335AA7	6081224	----a-w-	C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\OneDriveSetup.exe
2015-12-07 14:17:01	9E419F97E88011FB18B26FAEE9E44FD8	78536	----a-w-	C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveConfig.exe
2015-12-07 14:11:36	DDCE338BB173B32024679D61FB4F2BA6	537432	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\2d2497221d130f906\DXSETUP.exe
2015-12-07 14:11:19	F5443547CAAC20AA334A88817579270F	525656	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\2265e1f41d130f902\DXSETUP.exe
2015-12-07 14:11:12	DDCE338BB173B32024679D61FB4F2BA6	537432	----a-w-	C:\Program Files (x86)\Common Files\Windows Live\.cache\1c83b7071d130f901\DXSETUP.exe
2015-12-07 10:14:39	D1FD677582820AB3A60528EAC18FE31C	1243328	----a-w-	C:\Users\Dirk\Downloads\wlsetup-web.exe
2015-12-07 09:51:08	6EE227818F6A756126275905CA8C1B70	104288	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Writer\WindowsLiveWriter.exe
2015-12-07 09:50:49	8B98D7AD261185F2FD11C4C8A788C943	68976	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe
2015-12-07 09:50:49	45707F0E9DE261C54312D5D72357B282	684400	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe
2015-12-07 09:50:48	EC355D725F120FCEA11FF66D7CA9CD31	117616	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe
2015-12-07 09:50:48	61E192507A228E2ED9124111FA6A8904	183152	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXTranscode.exe
2015-12-07 09:50:46	9CB27AE21BF0553BF20F571DD9E2C3A0	131440	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXPhotoGallery.exe
2015-12-07 09:50:46	72B66DD61E1F0B4EACDD94C9EEABD576	19312	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe
2015-12-07 09:50:46	685B7377B537CCEA1D82E426B534F18D	246640	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
2015-12-07 09:50:45	FA6204424CE3AA155375B40FC6075436	46960	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXCodecHost.exe
2015-12-07 09:50:45	30A1BE0940A16DB286F3BF68A88B0D2F	385392	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe
2015-12-07 09:50:44	8669082858669CAE0A86D2DA6068520F	56176	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe
2015-12-07 09:50:43	82E53EC685889AD8CFB3AD812A906489	111472	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Photo Gallery\MovieMaker.exe
2015-12-07 09:50:40	24B1666FD14CC71C7B0679AC61625B90	4280184	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Messenger\msnmsgr.exe
2015-12-07 09:50:39	5DF19A45F9BCB2F3C7C14BCA2E931A39	1449824	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Mesh\WLSync.exe
2015-12-07 09:50:37	985FA44DED5748469D5AFE36A8C122BD	71520	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Mesh\MOE.exe
2015-12-07 09:50:34	77BD0166102F3B9BB9499B2952C3BCFA	92024	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Mail\wlmail.exe
2015-12-07 09:50:32	DC547E938158C5B1F26322340520E674	1205096	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Installer\wlarp.exe
2015-12-07 09:50:32	6DD675661470892FF09D2CE266DF26B2	493416	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Installer\wlsettings.exe
2015-12-07 09:50:32	097AE247474811EECF9FF1809059C141	615784	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Installer\wlstartup.exe
2015-12-07 09:50:31	FEFC87D50AF776472CF06279742DE99B	345960	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Installer\LangSelector.exe
2015-12-07 09:50:31	AF63C789E9157AD1DFC20A93DBF5AA94	697104	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Installer\defmgr.exe
2015-12-07 09:50:31	A28574E9659180AF96C8178FC1D722D8	25456	----a-w-	C:\Users\Dirk\Desktop\Windows Live\Contacts\wlcomm.exe
2015-12-03 08:32:50	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Dirk\AppData\Local\Temp\GURFD22.exe
2015-12-02 09:11:26	BA7396EF42213C0F84343C186610B851	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateWebPlugin.exe
2015-12-02 09:11:25	EC0FAADC62E1C1DADA953DE433BEFB01	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateOnDemand.exe
2015-12-02 09:11:25	AD8495335C1A605A4E0E32334DF52303	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateBroker.exe
2015-12-02 09:11:24	1D652959033B873B77B8D5A12011FD85	927824	----a-w-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateSetup.exe
2015-12-02 09:11:13	5424FDF3776F5458EAFAABFB87AA9285	130888	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdateComRegisterShell64.exe
2015-12-02 09:11:12	7DC16FAEA44C8D96A1C113305A4059A2	245576	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
2015-12-02 09:11:12	73F542663FD48B49A798A56DAA18C136	307016	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
2015-12-02 09:11:10	88FBBB1C601A6BC42054E57C2897FA45	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleUpdate.exe
2015-12-02 09:11:02	1D652959033B873B77B8D5A12011FD85	927824	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.1\GoogleUpdateSetup.exe
=== C: other files ==
2015-12-08 10:43:42	4DB4B1F67E583B41F841F48254BE38E3	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip
2015-12-07 14:24:54	8DE1B4F579F8F8897409856F3BB7A7D2	58056	-c--a-w-	C:\Windows\System32\DRVSTORE\fssfltr_53B1A1E03F7FFD1D0FE056B8522FE410DEDAC734\fssfltr.sys
2015-12-07 14:24:54	8DE1B4F579F8F8897409856F3BB7A7D2	58056	----a-w-	C:\Windows\System32\drivers\fssfltr.sys
2015-12-07 14:16:54	6DA967AC75C23FBFB920A54A40607812	5843	----a-w-	C:\Users\Dirk\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\CollectOneDriveLogs.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"TrayServer"="C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcSoft Connection Service"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\beid]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="beid"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrStsMon00]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BrStsMon00"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter4]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ControlCenter4"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Dropbox Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Dirk\\AppData\\Local\\Dropbox\\Update\\DropboxUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Dirk\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IndexSearch"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Message Center 2]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Nikon Message Center 2"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nikon\\Nikon Message Center 2\\NkMC2.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PaperPort PTD"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PC Suite Tray"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF5 Registry Controller]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDF5 Registry Controller"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDFHook]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDFHook"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PPort12reminder]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PPort12reminder"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\Ereg\\Ereg.exe\" -r \"C:\\ProgramData\\ScanSoft\\PaperPort\\12\\Config\\Ereg\\Ereg.ini\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SymphonyPreLoad]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SymphonyPreLoad"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IBM\\Lotus\\Symphony\\framework\\shared\\eclipse\\plugins\\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\\IBM Lotus Symphony\" -nogui -nosplash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Dirk^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Dirk\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Dirk\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"


==== Startup Folders ======================

2015-11-13 09:51:23	1135	----a-w-	C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-01-31 18:50:58	1300	----a-w-	C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2013-02-28 09:22:25	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/11/2015 11:44]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core.job --a------ [Undetermined Task]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA.job --a------ C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe [18/06/2015 09:22]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA.job --a------ C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe [06/08/2012 18:27]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 17:58]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/08/2015 17:58]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core" [C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA" [C:\Users\Dirk\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Registration Trigger IBM Lotus Symphony Task" [C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe]
"C:\Windows\SysNative\tasks\{0F149FCB-27FD-47FC-922C-1532BED19E87}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{25A9E8EC-8939-4E61-86D6-1774133BC7E8}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{4666BE53-331E-40A3-A3A3-CBFE04293AD6}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{663700EA-3034-1400-0A55-9177391EF801}" [C:\Users\Dirk\AppData\Roaming\raOLYQtH\dvAKIHAm\DViFzICi\oSIIWwOKX.exe]
"C:\Windows\SysNative\tasks\{71B44408-363F-4BCB-8943-1D25D40E036A}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{9E18404F-CACC-4243-BE17-DE6F5D38E8D2}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{AC56546B-526C-4297-A8FC-9670BF7B3764}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{B305BF8E-3081-4888-8652-590E4040904C}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{D633FEBC-526C-41F1-BA76-2427BDF84EF3}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\NCH Software\wavepadShakeIcon" [C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
user_pref("browser.startup.homepage", "http://www.hln.be/");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=mcafee&p=");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [28/02/2013 10:23]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [28/02/2013 10:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
- Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

ProfilePath: C:\Users\Dirk\AppData\Roaming\TomTom\HOME\Profiles\8iyol1o0.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies
F475DAA3CF6D19DA49BE7BAC0A966DB3	- C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director
F114FBA6246530B89DD1E04351E0EAC5	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll -	Shockwave Flash
CAF78E18A9E1380A0A38065B3B1210E0	- C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\Dirk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
1CDD28B47D8198F868349BDFBCD1281B	- C:\Users\Dirk\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll -	VASCO Card Reader Plugin


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

Google Docs - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Skype Click to Call - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Dirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Dirk\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE",
"startup_urls": [ "http://www.google.com/ig/redirectdomain?brand=MDNE&bmod=MDNE" ]


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== C:\zoek_backup content ======================

C:\zoek_backup (files=1552 folders=183 211190111 bytes)

==== EOF on di 08/12/2015 at 16:16:22,48 ======================