
Zoek.exe v5.0.0.1 Updated 18-December-2015
Tool run by Jive1 on vr 18/12/2015 at 15:15:07,93.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: I:\Malware&Security Tests\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-12-18-141029.log	61096 bytes

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\BackupCopyHook {9458E603-FF43-4134-9036-04B4C71791E3} C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"PWRISOVM.EXE"=- 

==== Deleting Files \ Folders ======================

C:\Program Files\PowerISO not found
C:\Users\Jive1\AppData\Roaming\PowerISO not found
C:\ProgramData\InstallMate not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Jive1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-12-15 10:41:44	7BBBB53EAEE7D786D89CA3B29ACF940B	147496	----a-w-	C:\Windows\SysWOW64\BgGamingMonitor.dll
2015-12-15 10:41:41	0CE2F4F467EE14B2D5629E614EC1F915	61720	----a-w-	C:\Windows\SysWOW64\BGLsp.dll
2015-12-10 13:15:28	C5E3E1876D4C972DDA1EEF65D48FC927	102704	----a-w-	C:\Windows\SysWOW64\nvStreaming.exe
2015-12-10 13:13:47	FF6F9E09C3D2B77745F2A83A876FBC7B	12034248	----a-w-	C:\Windows\SysWOW64\nvcuda.dll
2015-12-10 13:13:47	B5FD8F324B06BD542AAD81C022744154	673912	----a-w-	C:\Windows\SysWOW64\NvIFR.dll
2015-12-10 13:13:47	A86B966666C2F8945C58F80474CE38E4	37882488	----a-w-	C:\Windows\SysWOW64\nvcompiler.dll
2015-12-10 13:13:47	838A12A5F2DF767EFA7187D775103DD2	128696	----a-w-	C:\Windows\SysWOW64\nvoglshim32.dll
2015-12-10 13:13:47	7965DECF106C060620A8C1D51F22D828	15122296	----a-w-	C:\Windows\SysWOW64\nvwgf2um.dll
2015-12-10 13:13:47	741B5A2189C9E1DF2FDBAEC7F250E93C	18363696	----a-w-	C:\Windows\SysWOW64\nvoglv32.dll
2015-12-10 13:13:47	6E4D1815212C421A145FB52EBD2BD146	689272	----a-w-	C:\Windows\SysWOW64\NvFBC.dll
2015-12-10 13:13:47	63CDF8B858D06CA142D898AECD0C2FAC	388024	----a-w-	C:\Windows\SysWOW64\nvumdshim.dll
2015-12-10 13:13:47	5E8A8794F2089B674556F2FBB575D0DD	155792	----a-w-	C:\Windows\SysWOW64\nvinit.dll
2015-12-10 13:13:47	4553175234930090AD8B02008EC2A559	2490488	----a-w-	C:\Windows\SysWOW64\nvcuvid.dll
2015-12-10 13:13:47	0B694802D423E517C1AEF09730122E5D	13527248	----a-w-	C:\Windows\SysWOW64\nvopencl.dll
2015-12-09 06:47:32	B0AFC72F5BAE0C06DB30B409B9D05D8A	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
2015-12-09 06:47:02	3553707B119AD5AAF1F31BFF5517A093	627712	----a-w-	C:\Windows\SysWOW64\usp10.dll
2015-12-09 06:46:36	C66D020B1C268FF9AB1672C99E76CA66	174080	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 06:46:36	B1384CCEFB8F64EC85AECB70AFB91D8D	93696	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-12-09 06:46:36	A0BF4CD0C8F805A816B67C004B12E24D	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-12-09 06:46:36	9AA46606BCC013F5FB7E5B70FAB1ABE0	573440	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-12-09 06:46:36	58B9CFDD032CB92CEC0D3E8454E4C766	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-12-09 06:46:11	F1FCE953EF04251F17BE828185B9DFA0	419928	----a-w-	C:\Windows\SysWOW64\locale.nls
2015-12-09 06:46:09	ACB16C9BE1A175A2E7BFF076DF99B3CF	69120	----a-w-	C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 06:46:09	8E9152F4779CCA402F235EB9AB823854	6656	----a-w-	C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 06:46:09	3A593B01E4F92F04211ECFB53816240C	6656	----a-w-	C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 06:46:09	35D490A393A0B231F237954E6E65B224	7168	----a-w-	C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 06:45:41	FDB73E2FFDEE1F28D1AF3B80E3F0FE99	1251328	----a-w-	C:\Windows\SysWOW64\DWrite.dll
2015-12-09 06:45:40	0A78439765E31510D75C9E2284F3A722	833024	----a-w-	C:\Windows\SysWOW64\user32.dll
2015-12-09 06:44:44	EB11947B250AD259755939A2DE349FBB	14848	----a-w-	C:\Windows\SysWOW64\wshrm.dll
2015-12-09 06:44:17	F60154A0DD1DCCF2EE75BE45A676BA51	1242624	----a-w-	C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 06:44:17	169BDD4EF6E99E43720534E07798400C	487936	----a-w-	C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 06:44:02	8102E4A17D58BA6B18A31095C4418082	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-12-09 06:44:02	804FEA5A5A4B491B83AFF8EE7EFE887F	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 06:44:02	5F4DBBB0551DAE2A6EEC5EA915695250	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 06:44:01	D1F6886A7E08134135E9C197FA387702	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 06:44:01	B206E8BD4938B6C6B1C84DD13C12C4DF	20366848	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-12-09 06:44:01	6ED639FAAE29626ED1A98139A3C9C289	687104	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 06:44:01	67D44EDA849BA632EC4DCEF839950F56	341192	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 06:44:01	5FA89E1534B675CCA8CEE6B50D0B7B49	2280448	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-12-09 06:44:01	29DDD6FB1147192B13D2C3647F581219	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2015-12-09 06:44:01	219494B7F95F86071EC9D4FC0DC4962F	1311744	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-12-09 06:44:01	13DED010D9DFA204DB2C2F650B3901B8	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 06:44:01	0955BBBB50FCC3C2B2EB485FBBFBF4D3	496640	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-12-09 06:44:01	081BE765C4025EC2AB8011A6BFE222B5	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 06:44:00	DD99C9D2CA3F9B3D63B965B4EDDAE612	2050560	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 06:44:00	8BB61456A1EA19011E85C9340BC4157B	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-12-09 06:44:00	713919E7E3BD6196D2498C2B8166AEAD	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-12-09 06:44:00	3477EAB965E9DEDCD46F95C55F78489F	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 06:43:59	F1ED865CA8D6223739233576D7C76C1A	476160	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-12-09 06:43:59	6A37F0BDA83C7755C71A2DE5BF00381B	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 06:43:59	517847AC160C91F04951340F9A051084	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 06:43:59	284442A1BAFD17731398AD22AB6C9099	12856832	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-12-09 06:43:59	1256113318DD02C9C60FF0969025CA15	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 06:43:59	0A6D92C3BB313883F286C65820E2DD30	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 06:43:58	B832BA2AA73CC4FC58446F4237070D96	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-12-09 06:43:58	B60461B5CED2BFAE1A870C61C66966C4	2011136	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-12-09 06:43:58	AC62F3866FDA5BFC4966055B1316DE94	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 06:43:58	668D2CA489F605E4C7A743A62632C383	4514816	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-12-09 06:43:58	6082F9978A1456863397F99E5C8E7901	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 06:43:58	4ED815FE30E048A52A5FC420DD6E49D0	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2015-12-09 06:43:58	050F5A8F90CF18AA6F9FA75AF1851569	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-12-09 06:43:06	E7CA874DA58A607E11ACAB33718AE9FA	179712	----a-w-	C:\Windows\SysWOW64\els.dll
2015-12-05 14:15:09	EC751A9D4C9BCA0488A0875C7802F5E5	440352	----a-w-	C:\Windows\SysWOW64\MSHFLXGD.OCX
2015-12-05 14:15:09	DC925B6D77BA9ECB532E2F6750BE943B	224016	----a-w-	C:\Windows\SysWOW64\tabctl32.ocx
2015-12-05 14:15:09	A30DF5C7F223BEA3E2010FEB97438C63	78848	----a-w-	C:\Windows\SysWOW64\MSBIND.DLL
2015-12-05 14:15:09	389EA0038EF40FB0742F117F512F0B90	131856	----a-w-	C:\Windows\SysWOW64\MSADODC.OCX
2015-12-05 14:15:09	045A16822822426C305EA7280270A3D6	212240	----a-w-	C:\Windows\SysWOW64\richtx32.ocx
2015-12-05 08:10:54	BE6D1EF65B6EE4BC20A754BA2E82FE11	416280	----a-w-	C:\Windows\SysWOW64\lvcodec2.dll
2015-12-05 08:10:54	684D00458B9BA1BD1791941B93BD764D	490008	----a-w-	C:\Windows\SysWOW64\LVUI2.dll
2015-12-05 08:10:54	18F9A0CE4177871DE1ABCEA412B95B77	465432	----a-w-	C:\Windows\SysWOW64\LVUI2RC.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-12-15 10:41:44	6800B6CF71E9E2633402799E9685C557	169120	----a-w-	C:\Windows\Sysnative\BgGamingMonitor.dll
2015-12-15 10:41:41	D4A8859FCD60794AB547E1F57812123E	76568	----a-w-	C:\Windows\Sysnative\BGLsp.dll
2015-12-10 13:13:47	D177E2ABFDAB90D24E9293495F5BDEAE	467912	----a-w-	C:\Windows\Sysnative\nvumdshimx.dll
2015-12-10 13:13:47	BB0BC9C6BE8D6130AD94FFBE02206DDA	42913912	----a-w-	C:\Windows\Sysnative\nvcompiler.dll
2015-12-10 13:13:47	9720F187554A0BD4850019B727DD7D50	1564792	----a-w-	C:\Windows\Sysnative\nvdispgenco6435906.dll
2015-12-10 13:13:47	727DF12442B84B6A4386A35EFB0BAC95	14835872	----a-w-	C:\Windows\Sysnative\nvcuda.dll
2015-12-10 13:13:47	70C7EBC79F0E035E8E4C333E9418EB3F	16553568	----a-w-	C:\Windows\Sysnative\nvopencl.dll
2015-12-10 13:13:47	6BB14378728F0C2BD80042E6C6502BD9	877360	----a-w-	C:\Windows\Sysnative\NvFBC64.dll
2015-12-10 13:13:47	58DCDD77DC449E44E9571FB868BEA5BB	861816	----a-w-	C:\Windows\Sysnative\NvIFR64.dll
2015-12-10 13:13:47	55838823AF8DB0E0714F5FEEFC04B3A8	177600	----a-w-	C:\Windows\Sysnative\nvinitx.dll
2015-12-10 13:13:47	40C6C9E63CEF549D78227098D18DC53D	22310008	----a-w-	C:\Windows\Sysnative\nvoglv64.dll
2015-12-10 13:13:47	334BE6167EC12894F14985A28F8C74FD	39240	----a-w-	C:\Windows\Sysnative\nvhdap64.dll
2015-12-10 13:13:47	14ABD08A4A1B60F65B1A4DC2DF48181C	151184	----a-w-	C:\Windows\Sysnative\nvoglshim64.dll
2015-12-10 13:13:47	0EC5280CC794CF9EEE0E30360FE3FB88	1905272	----a-w-	C:\Windows\Sysnative\nvdispco6435906.dll
2015-12-10 13:13:47	0E77D4211993AACFDC27B44530A10FBE	15717672	----a-w-	C:\Windows\Sysnative\nvd3dumx.dll
2015-12-10 13:13:47	098286DD7F23A0D16CECF393BA1D6676	2870392	----a-w-	C:\Windows\Sysnative\nvcuvid.dll
2015-12-10 13:09:33	675D7FB45C3B576E7F2ABAD8EB098BD8	112712	----a-w-	C:\Windows\Sysnative\NvRtmpStreamer64.dll
2015-12-09 06:47:32	6EDEA5EDF5AA979CB2A99617A8478AD3	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
2015-12-09 06:47:02	077CC8BF1076D49E85687AACB30956A1	802304	----a-w-	C:\Windows\Sysnative\usp10.dll
2015-12-09 06:46:36	EB6D501FCFAFF726EA1B50B8276F5F34	709632	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-12-09 06:46:36	A6C4964F3C382592785EACFBA2DA8F6C	3170304	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-12-09 06:46:36	A1D9A6B41647E8F008A25DA7B80708CB	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-12-09 06:46:36	6BB823DF7F117BF4958303B443E8100D	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-12-09 06:46:36	6075791ED85E47A2A2916B1F34582944	2609152	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-12-09 06:46:36	59C2B329F87F46C384F3F139376CD315	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-12-09 06:46:36	4CD20F77149C689703A71561747E7B8D	37888	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-12-09 06:46:36	2E53E71ED8277444E37BAA3932089C45	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-12-09 06:46:36	2B8660213ED7873FCF5C5540023C48F5	98816	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-12-09 06:46:36	233AB915DBB476BFD7218DB553D91DCC	140288	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-12-09 06:46:36	0CF6EFBC9BCC6EDE114F71BCAEE9CCF4	192512	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-12-09 06:46:11	F1FCE953EF04251F17BE828185B9DFA0	419928	----a-w-	C:\Windows\Sysnative\locale.nls
2015-12-09 06:46:09	E78C5E7087763DD4F1C5DAD78D2BA141	7168	----a-w-	C:\Windows\Sysnative\KBDAZEL.DLL
2015-12-09 06:46:09	E3ECD802006128C036FAAD09B6F97F6E	7168	----a-w-	C:\Windows\Sysnative\kbdgeoqw.dll
2015-12-09 06:46:09	AE0F1E593C4AE0A1CE3868C2AA54D8E5	7168	----a-w-	C:\Windows\Sysnative\KBDAZE.DLL
2015-12-09 06:46:09	52B3CAAD627902B8D6E035A25DA4BD09	69120	----a-w-	C:\Windows\Sysnative\nlsbres.dll
2015-12-09 06:45:41	BCB16AE33AA58E0042F3EF34CFB6396A	1180160	----a-w-	C:\Windows\Sysnative\FntCache.dll
2015-12-09 06:45:41	4287A4345CFFDD4D7710B2FCFF6C21BC	3211264	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-12-09 06:45:41	1AE1D0D71C3C61A0ECA941140E1E2FF8	1648128	----a-w-	C:\Windows\Sysnative\DWrite.dll
2015-12-09 06:45:40	06BF84D26A05D400F6B3FB3D3DE0B03A	1008640	----a-w-	C:\Windows\Sysnative\user32.dll
2015-12-09 06:44:44	2DA9EB73046595D79ADE306BC22B02C4	17408	----a-w-	C:\Windows\Sysnative\wshrm.dll
2015-12-09 06:44:17	E385472FF300F2BFD323B667EBAE93C7	1735680	----a-w-	C:\Windows\Sysnative\comsvcs.dll
2015-12-09 06:44:17	75DFE3CE6A8BFC995CC1D615B74DF8B0	525312	----a-w-	C:\Windows\Sysnative\catsrvut.dll
2015-12-09 06:44:02	581486C09915529B172B844F620800EB	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-12-09 06:44:02	5040CEF0DC919A81AF2C10CC67F3F36C	2887168	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-12-09 06:44:02	1E32A0EF31E39783589F3FF33C71EB26	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-12-09 06:44:01	ECF5CF7E1712A137FD95DCC89ECE2FE5	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-12-09 06:44:01	D63583C3645A5D29D643298273EC2125	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-12-09 06:44:01	33E703517D83F367B0B0B3EF2C807C77	718336	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-12-09 06:44:00	DDA2687E5FC070E066623330BF5A9375	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2015-12-09 06:44:00	DA9927502C6CC6C6D4A5E57E00CAB796	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-12-09 06:44:00	D0EB186DFF60A296B144A0FC2490AC31	1546752	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-12-09 06:44:00	CFB4DC8B180EE1FA0F38ED98A82BFFDC	387792	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-12-09 06:44:00	8403AAA093BD7B790111326197D5C30B	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-12-09 06:43:59	FBBC836885522FD1E00A23DC65F78A28	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-12-09 06:43:59	503155AF5513116632202504D71FA29D	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-12-09 06:43:59	23D900117F368A884C4C36A57E201F97	798208	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-12-09 06:43:59	1537D3FFDC70A1EF8792235A99DC4C4B	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-12-09 06:43:58	B49AF2AB8CDF52290A7529BE3D8B1429	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-12-09 06:43:58	6D86F7F6C9FE6059B610DB1D6EF77659	2123264	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-12-09 06:43:58	64F4B886C95379DEA6EF3DDF3CE2D853	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-12-09 06:43:58	32C4438BACFF7AAC86AE54FAE74AA483	571392	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-12-09 06:43:57	A2F0AB5736B60AC22D63113489D37FF1	14456832	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-12-09 06:43:57	9D8862210504591545E33FE562BE7078	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-12-09 06:43:57	963F01E33EFADF54DDCCDDF31DFC2D37	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-12-09 06:43:57	2A0AB8E59C47DC589C2DF3CEB1AA22EF	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-12-09 06:43:56	FE196D24FDCE4402EB1762264FA3DE0B	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-12-09 06:43:56	E2C385B0D816AD37616BD4C4204D0633	2487808	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-12-09 06:43:56	D3CC1DBE8FE63F3A2FAD5658146DF39B	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-12-09 06:43:56	4264B4BD10C5A21CF4A15998CB71551F	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-12-09 06:43:56	3F0827114CE89176253684B588D4B02E	5923840	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-12-09 06:43:56	377C0436711DE3AFB9527FB88F831F44	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-12-09 06:43:56	02A92A8C880FDC242441FBE0620CF14B	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-12-09 06:43:55	B7F26EC33F55842C66A1C3FA34EB8D27	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-12-09 06:43:55	AF71D38B9F23907AB54BC8D9F573CEB3	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-12-09 06:43:55	A8B4563632BAF46BB005A0127727E82D	25837568	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-12-09 06:43:55	0A477F2CCC151E3AED4143B4FDDF74A5	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-12-09 06:43:06	218D2848CDDE80DD9AF72D5DD78F225C	241664	----a-w-	C:\Windows\Sysnative\els.dll
2015-12-05 08:10:54	B89D2CE8FF15E6F562B4886E49F044BE	685080	----a-w-	C:\Windows\Sysnative\LVUI64.dll
2015-12-05 08:10:54	A14D2262D99E8CFE727D9106151D9D5B	257560	----a-w-	C:\Windows\Sysnative\lvco1110.dll
2015-12-05 08:10:54	81C1A294A0D81A1A8AE93BDFE7042802	475672	----a-w-	C:\Windows\Sysnative\lvcod64.dll
2015-12-05 08:10:54	6EC4872C3B75B4232B3F0BEB06D310F6	486936	----a-w-	C:\Windows\Sysnative\LVUIRC64.dll
2015-12-05 08:10:54	6A0F93CDBC34321BB0ADED2D427F04DA	58163	----a-w-	C:\Windows\Sysnative\lvcoin64.ini
2015-12-05 08:10:54	0A69602562BDC17CD88C6CD75986004F	19344	----a-w-	C:\Windows\Sysnative\Repository.reg
====== C:\Windows\Sysnative\drivers =====
2015-12-18 07:10:29	005C51653E3A94B31E4E2DB8447644FA	127760	----a-w-	C:\Windows\Sysnative\drivers\scdemu.sys
2015-12-10 13:13:47	D812362E8AF615B521AD4DF19A93BD5A	205456	----a-w-	C:\Windows\Sysnative\drivers\nvhda64v.sys
2015-12-10 13:13:47	B2E1A2E7911DF19A2A41156F16982ECC	11131184	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
2015-12-09 06:44:44	5BD6B1EC997FF3DD779D62E05D2079A8	146944	----a-w-	C:\Windows\Sysnative\drivers\rmcast.sys
2015-12-05 08:39:23	B15BED96EE92E7C194E862A26533896D	113480	----a-w-	C:\Windows\Sysnative\drivers\MxEFLF64.sys
2015-12-05 08:39:23	9FBEC63B761BC100A973878094393ED6	143688	----a-w-	C:\Windows\Sysnative\drivers\MxEFUF64.sys
2015-12-05 08:38:55	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-05 08:18:27	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
2015-12-05 08:17:00	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-05 08:10:54	C7B1081E1F263CC3362687E3FC5BF8EE	50072	----a-w-	C:\Windows\Sysnative\drivers\LVUSBS64.sys
2015-12-05 08:10:54	9988556E730CD9662F2CADBE604807A0	1213592	----a-w-	C:\Windows\Sysnative\drivers\LV302V64.SYS
====== C:\Windows\Tasks ======
2015-12-15 15:47:27	--------	d-----w-	C:\Windows\Sysnative\Tasks\Lenovo
2015-12-15 12:48:15	750FF1E8EB68736758452D2CA61A2998	3256	----a-w-	C:\Windows\Sysnative\Tasks\Opera N Sunday
2015-12-15 12:48:14	DE19F3E23CA067973B3007914C6CC048	3256	----a-w-	C:\Windows\Sysnative\Tasks\Opera N Saturday
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-12-08 13:44:41	--------	d-----w-	C:\Program Files\WinImage
2015-12-05 08:38:53	--------	d-----w-	C:\Program Files\Synaptics
2015-12-05 08:11:49	--------	d-----w-	C:\Program Files\Realtek
======= C:\PROGRA~2 =====
2015-12-15 15:47:26	--------	d-----w-	C:\PROGRA~2\Lenovo
2015-12-15 12:47:40	--------	d-----w-	C:\PROGRA~2\Opera
2015-12-05 08:20:41	--------	d-----w-	C:\PROGRA~2\AmUStor
2015-12-05 08:18:27	--------	d-----w-	C:\PROGRA~2\Intel
2015-11-22 06:41:32	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Jive1\AppData\Roaming ======
2015-12-18 14:07:56	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-12-18 14:07:55	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-12-18 14:07:55	--------	d-----w-	C:\Users\Jive1\AppData\Local\Temp
2015-12-18 14:07:55	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-12-18 14:07:55	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-12-18 07:43:11	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\SECRV
2015-12-17 15:44:11	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSCargo
2015-12-16 12:30:19	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Agn OSP Pyr�n�es
2015-12-15 12:48:03	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Opera Software
2015-12-15 12:48:03	--------	d-----w-	C:\Users\Jive1\AppData\Local\Opera Software
2015-12-15 10:12:26	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\DAEMON Tools Pro
2015-12-15 10:02:12	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\WinISO Computing
2015-12-14 14:46:13	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-14 12:49:24	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FranceVFR Sc�ne de St-Martin - St-Barth�lemy
2015-12-13 13:44:49	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons
2015-12-13 09:51:25	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight M�diterran�e Autogen Pack v1.0
2015-12-10 13:09:18	--------	d-----w-	C:\Users\Jive1\AppData\Local\NVIDIA Corporation
2015-12-10 08:17:23	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlightAlpes Nord AutogenPack
2015-12-09 13:26:41	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\teamspeak2
2015-12-08 16:49:54	1BBDA0E4F8AFB975E63313FF4425B005	1456	----a-w-	C:\Users\Jive1\AppData\Local\Adobe Opslaan voor web 12.0 Prefs
2015-12-08 12:39:59	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\L'�le d'Yeu - LFEY
2015-12-07 16:52:59	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\France VFR
2015-12-07 15:24:16	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plovdiv
2015-12-05 06:42:54	--------	d-----w-	C:\Users\Jive1\AppData\Local\Programs
2015-12-01 08:47:35	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACG - 81st TFW RAF Bentwaters & Woodbridge
2015-11-28 17:06:38	--------	d-----w-	C:\Users\Jive1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FeelThere
====== C:\Users\Jive1 ======
2015-12-18 07:10:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2015-12-18 07:09:48	CCBDCA493F1134ADDDBB90D3676E9871	3360288	----a-w-	C:\Users\Jive1\Downloads\PowerISO6-x64 (1).exe
2015-12-18 07:09:37	CCBDCA493F1134ADDDBB90D3676E9871	3360288	----a-w-	C:\Users\Jive1\Downloads\PowerISO6-x64.exe
2015-12-17 15:44:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSCargo
2015-12-16 17:00:24	--------	d-----w-	C:\Users\Public\Documents\PFPX Data
2015-12-16 12:30:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agn OSP Pyr�n�es
2015-12-15 10:11:50	--------	d-----w-	C:\ProgramData\DAEMON Tools Pro
2015-12-15 08:46:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2015-12-14 14:49:52	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSAddon
2015-12-14 14:46:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-14 12:49:24	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FranceVFR Sc�ne de St-Martin - St-Barth�lemy
2015-12-08 13:44:41	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinImage
2015-12-08 12:39:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\L'�le d'Yeu - LFEY
2015-12-07 16:52:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\France VFR
2015-12-07 15:24:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plovdiv
2015-12-05 14:15:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Owl's Tools
2015-12-05 08:20:41	--------	d-----w-	C:\ProgramData\AmUStor
2015-12-05 08:12:01	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\ProgramData\DP45977C.lfl
2015-12-05 07:01:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Driver Updater
2015-12-05 06:43:04	--------	d---a-w-	C:\ProgramData\TEMP
2015-12-01 08:47:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACG - 81st TFW RAF Bentwaters & Woodbridge
2015-11-28 17:06:38	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FeelThere
2015-11-28 13:26:37	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UKMIL

====== C: exe-files ==
2015-12-18 14:00:28	2335AB0C0E19C0EF416D07DF66FEE649	461368	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~3_Package Cache\{f65db027-aff3-4070-886a-0d87064aabb1}\vcredist_x86.exe
2015-12-18 14:00:27	5227EBE41B471CBBBBCFCADCA987613A	455744	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~3_Package Cache\{9634d50a-0c4d-4f52-8a9f-894a2baae370}\vcredist_x64.exe
2015-12-18 14:00:25	FE5A932ABC850CE82FB4D7D9E8BA8FE5	455592	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~3_Package Cache\{307a22b8-8353-4c5e-b67b-2404c5734558}\vcredist_x86.exe
2015-12-18 14:00:24	E16E6D68CE1949C9721656390F47CE07	461400	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~3_Package Cache\{050d4fc8-5d48-4b8f-8972-47c82c46020f}\vcredist_x64.exe
2015-12-18 14:00:24	C9E49B72B0E19E2757BFADC5C3EF8ECE	15968	--s-a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~3_InstallMate\{AED7D503-8364-49FF-9CCF-1E8632E43E45}\Setup.exe
2015-12-18 14:00:24	BD93C22AD1D5037C9394DA015EEE12A5	12896	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~3_InstallMate\{AED7D503-8364-49FF-9CCF-1E8632E43E45}\x64\regsvr32.exe
2015-12-18 14:00:24	955EFCC52CD4415020BE0DB1C8F038DC	12384	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~3_InstallMate\{AED7D503-8364-49FF-9CCF-1E8632E43E45}\x86\regsvr32.exe
2015-12-18 14:00:23	3412EE78FB3D0EFF03431D432540F059	16332360	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\usbvid_058f&pid_6366.exe
2015-12-18 14:00:18	9CCA61F905C5B219B54C983A4D93C03E	5887072	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\pciven_8086&dev_1c16.exe
2015-12-18 14:00:18	1090B9FF2897FF504E2D392D8A18F349	3052035	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\pciven_8086&dev_1c20.exe
2015-12-18 14:00:09	9CFEB031831003C174CCA3FFE8DBDE7E	300325552	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\pciven_10de&dev_0de1.exe
2015-12-18 14:00:00	2E360AD060C168A17DAE8D4A508AF654	191612544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\hdaudiofunc_01&ven_10de&dev_0014&subsys_10de0101.exe
2015-12-18 13:59:55	EF0ABBE52E5923714F3A312E42155261	1180040	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~2_Advanced Driver Updater\unins000.exe
2015-12-18 13:59:55	857C0D6E342BB4603155891217E42F0F	529328	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~2_Advanced Driver Updater\updater\amd64Helper\DriverUpdateHelper64.exe
2015-12-18 13:59:55	5C554EAD4BF5161BF7AFEBF948368DC7	156080	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~2_Advanced Driver Updater\updater\extract\7z.exe
2015-12-18 13:59:54	E0809343F155AED681D5782ECD806FE1	9300872	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~2_Advanced Driver Updater\adu.exe
2015-12-18 13:59:54	C9E49B72B0E19E2757BFADC5C3EF8ECE	15968	--s-a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_ProgramData_InstallMate\{AED7D503-8364-49FF-9CCF-1E8632E43E45}\Setup.exe
2015-12-18 13:59:54	BD93C22AD1D5037C9394DA015EEE12A5	12896	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_ProgramData_InstallMate\{AED7D503-8364-49FF-9CCF-1E8632E43E45}\x64\regsvr32.exe
2015-12-18 13:59:54	955EFCC52CD4415020BE0DB1C8F038DC	12384	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_ProgramData_InstallMate\{AED7D503-8364-49FF-9CCF-1E8632E43E45}\x86\regsvr32.exe
2015-12-18 13:59:54	7DF14E1F0AF81FCF464361D053AD4960	1483808	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_PROGRA~2_Advanced Driver Updater\aduuninstall.exe
2015-12-18 13:59:52	F74FB87B4E8241FA1B99DC3569AC543F	125945	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Program Files_PowerISO\uninstall.exe
2015-12-18 13:59:52	B69ED65E4A0C09EA7B52E745010156C7	408888	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Program Files_PowerISO\PWRISOVM.EXE
2015-12-18 13:59:52	1E2F3F4B7FECED437CA06446A671FA37	11576	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Program Files_PowerISO\setup64.exe
2015-12-18 13:59:51	D79E3F37A8BCD94E43A5F28DF24C8470	3412280	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Program Files_PowerISO\PowerISO.exe
2015-12-18 13:59:51	1ED95BFCBBD891AC169F9B70D8C3A515	12088	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Program Files_PowerISO\piso.exe
2015-12-18 13:16:10	FA23FDB5E698703494B2660B9F4D9BD3	7076984	----a-w-	C:\Users\Jive1\AppData\Local\NVIDIA\NvBackend\Packages\0000841c\DAO.20271937.exe
2015-12-18 09:36:12	C28B734422F7E8DA552A5E119FBF8F26	630200	----a-w-	C:\Users\Jive1\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-12-18 09:36:10	53CE224989EE4D0B63E35177F21E1275	172984	----a-w-	C:\Users\Jive1\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-12-18 07:09:48	CCBDCA493F1134ADDDBB90D3676E9871	3360288	----a-w-	C:\Users\Jive1\Downloads\PowerISO6-x64 (1).exe
2015-12-18 07:09:37	CCBDCA493F1134ADDDBB90D3676E9871	3360288	----a-w-	C:\Users\Jive1\Downloads\PowerISO6-x64.exe
2015-12-17 06:24:36	EB1A070EB6308C1D97E722D2BBA4DBE2	20032120	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamUserAgent.exe
2015-12-17 06:24:36	7E235FA5346A9AF6B192DD0970A2128F	414000	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe
2015-12-17 06:24:36	620D08AA83BABEABC33ACE67F458C6B4	196216	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\WLMerger.exe
2015-12-17 06:24:36	1A6B0C408C1E22AFF132A77E7713B1A5	21940344	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamUserAgent.exe
2015-12-17 06:24:35	FB9407F47E184208E4880FA1DC28B9D4	1872504	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Network.Service\NVNetworkService.exe
2015-12-17 06:24:35	ED257507950BCF71C4BD08897B97274B	5772408	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2015-12-17 06:24:35	DEA3F34BDAC3F4D3C48E19B8C981D602	1872504	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVNetworkService.exe
2015-12-17 06:24:35	BBB0BF00718443EA07F18BF5CFC581FA	637560	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2015-12-17 06:24:35	AF2B3D7E5566EA7897D8B89EFBF62F2B	595576	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\7z.exe
2015-12-17 06:24:35	A8FD46F7EA7410847C3EBE84C4B18BB1	6477432	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamService.exe
2015-12-17 06:24:35	9ED4B4B79C08C43A33FBA1C6AA7ABBDD	320080	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvsphelper64.exe
2015-12-17 06:24:35	97DC871A801DF42AD1008F0BBFD1ED8E	1156216	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService64.exe
2015-12-17 06:24:35	9363D3926DD2FA74B1DB67D02CB706C0	7596664	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps64.exe
2015-12-17 06:24:35	89AB223866CF66D69C2B85EA4450A6A8	6585976	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvspcaps.exe
2015-12-17 06:24:35	6AD6D9D2A5828BD469CA6D68C643EED8	1058424	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\LaunchGFExperience.exe
2015-12-17 06:24:35	6686999CA63BD31F23A147AD1F757A6C	126584	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedVisualizer.exe
2015-12-17 06:24:35	59F14B3C78849982699CE34068708308	2771576	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\Update.Core\NvBackend.exe
2015-12-17 06:24:35	59DBA5E6C97E1ADBACAC899A53DC9B01	519800	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\DXSETUP.exe
2015-12-17 06:24:35	57C2C60CBC1B7B64BE2A0A38897374F1	286184	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShadowPlay\nvsphelper.exe
2015-12-17 06:24:35	50619FA8FDC1E861F0F70A47B1580F4E	922744	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GfExperienceService\GfExperienceService32.exe
2015-12-17 06:24:35	496409C6DEFB2E26D6C8A5108F81099A	5119096	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamService.exe
2015-12-17 06:24:35	4011B7403AA5E75C7D2B5BE281E95FF4	6443128	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamNetworkService.exe
2015-12-17 06:24:35	398AAAAF8DF0BAB26186E492DF52B185	4737656	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\GFExperience.exe
2015-12-17 06:24:35	2F6ABCFB6B992A4DF5EFD9E6B7BAFF2B	8185464	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamNetworkService.exe
2015-12-17 06:24:35	2462D5C621038B2BAC2CFEF9FC453DCF	87160	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\LEDVisualizer\NvLedServiceHost.exe
2015-12-17 06:24:35	02BB9BB84772302FD40116351603A5AC	7217784	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2015-12-17 06:24:19	15745C9A71F8F3EED5F1FA4E67BF2EB6	42860952	----a-w-	C:\ProgramData\NVIDIA Corporation\NetService\d05029f8-a6f5-41fa-8074-1f9848cc6ad1\GeForce_Experience_Update_v2.8.1.21.exe
2015-12-16 17:00:18	5E52830EBD04818B9D7FAF5714A122C7	812248	----a-w-	C:\Program Files (x86)\InstallShield Installation Information\{1A5D2729-4A3B-4CD5-85C8-4896FD44B78D}\setup.exe
2015-12-16 13:14:50	6C6863B16E4D23411D93CC8174BFAC09	599680	----a-w-	C:\Users\Jive1\AppData\Local\NVIDIA\NvBackend\Packages\000083fd\CoProc update.20264145.exe
2015-12-15 10:41:45	422C08DABC192166FA38D3F2A6EA77B6	373528	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgDuplicateSize.exe
2015-12-15 10:41:45	25306765A775CF1AC62BA25338EBAA66	105240	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgDelayStartup.exe
2015-12-15 10:41:44	6A7E44B536A5B7E2EC0277904BE4CF5C	175384	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgBootMonitor.exe
2015-12-15 10:41:44	3C774254E840A3A830E367EAD1775AA9	115480	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgDelayStartup.exe
2015-12-15 10:41:44	35B0F63570132FC169E149FD95E5EC42	388376	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgDirSize.exe
2015-12-15 10:41:42	B08E58BEB4D07F4B18216EA9F68113A3	221976	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
2015-12-15 10:41:42	AE6448917B167154914C3C0655A7F6CD	404248	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BackupShellTransfer.exe
2015-12-15 10:41:41	9855B50C24E4533433A08398A9D99B34	310040	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
2015-12-15 10:41:41	3ECD665AF8286D4751B1EB8576146870	236312	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\BsMailProxy\BgCertUtil32.exe
2015-12-15 10:41:41	13DE726EB824E27A93C1954A6BA7E508	352024	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BackupRun.exe
2015-12-15 10:41:41	07810FD72231BEB509741AFD74FABBE3	671000	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
2015-12-15 10:41:40	E02AAFE746DB8A24D6FB210A95FB2DE8	495896	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgScan.exe
2015-12-15 10:41:40	C6152801C445B4F47E36F60C60EB5673	134424	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\UpdatePatcher.exe
2015-12-15 10:41:40	90E57B794359D724606DB462F2DE876A	372504	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgLogViewer.exe
2015-12-15 10:41:40	619D67FF5103DB3934F185D022F893EC	2856216	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe
2015-12-15 10:41:40	5665C8C0371AFBDDF8B093ABC1D4908E	249624	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgSecErase.exe
2015-12-15 10:41:40	0F6A6C847E7C6208DB3CFA09581D96DE	1165080	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\ManualUpdate.exe
2015-12-15 10:41:39	B13CB26D42A858D1AA4187149C4EC73E	159000	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgProbe.exe
2015-12-15 10:41:39	1D68FC00B6089D13BA6A00F5265E0BC0	1334552	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
2015-12-15 10:41:38	5713AC371A21AADD0F19D838997DF64A	78616	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgRegister.exe
2015-12-15 10:41:38	55521919CF814B85B81466B6FA8378CA	173848	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgProbe.exe
2015-12-15 10:41:38	3C4419DDBA69392B83EA459E03540CDD	160024	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgNag.exe
2015-12-15 10:41:38	0E738512B76AEBBA629B2421DFBD70F1	72472	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgLauncher.exe
2015-12-15 10:38:04	09B538F04ED6F7600792F1231D6CE326	398616	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
2015-12-15 06:35:53	DA3D492D9E6DD55D97A7339543080153	4522176	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\graph.exe
2015-12-15 06:35:53	7A847EFE1E7F8D21C141FE8A9B02A325	10759848	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\mspub.exe
2015-12-15 06:35:53	4A4D54DA22FF297E6505BE0F2DC4533F	528584	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe
2015-12-15 06:35:52	CC684E12F90DD0302C1B69A6191B921F	50392	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\setlang.exe
2015-12-15 06:35:52	BA8565D4C1CB6AE02073B4A43FC7B08F	39592	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe
2015-12-15 06:35:52	BA2FAD5257B5845A63C411C9D6534CF3	7944408	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe
2015-12-15 06:35:52	5A4F9F969459DC238451DF8B5405C6C7	5805784	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe
2015-12-15 06:35:52	23B55B14E347EC29A33C78EF6BD54C25	84208	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
2015-12-15 06:35:51	D36B5D02E5BD3A8C59DF6BD46C49C177	153768	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\cnfnot32.exe
2015-12-15 06:35:51	9B949B8AE650248E9714E9EBFFFE6F75	229056	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\clview.exe
2015-12-15 06:35:51	6BC912C6276C0BF0419FDEF171DE9A27	990376	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe
2015-12-15 06:35:51	058E8C8B0E10CE7B3C81A50EB9BE2D9F	700064	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msqry32.exe
2015-12-15 06:35:50	1539116B4330EB3C8F947473BEB7671D	873648	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2015-12-15 06:35:44	BF612A79BD6346A080B54FD59FE18E71	1149656	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
2015-12-15 06:35:41	C84C08AEF214CF251274DED7D5B975CC	569592	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
2015-12-15 06:35:41	C500A4808D8BC458A044CD06E3BCC1E4	517360	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe
2015-12-15 06:35:41	780912DF91F1CB7D90BF9D350A138FB6	498880	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE
2015-12-15 06:35:41	77D11FC456B8F93F69D0E81A668CAD6D	21940384	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2015-12-15 06:35:41	4509A8FCF7658914399CB80BAD875834	449216	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
2015-12-15 06:35:14	41A3B4D39DE9F095ED828AD060009891	18994344	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
2015-12-15 06:35:13	1197B99BB82F5A245FC391F8EC02B695	15519912	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE
2015-12-15 06:35:09	252D24110315ECCEC19924D4D55FF343	1923232	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
2015-12-15 06:35:08	43875D29D79C2BD71F48F583EDF7664C	25725088	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
2015-12-14 14:45:42	C6F5A0A3430F661E94D61883B95F7B6A	61528	----a-w-	C:\Program Files\WinRAR\Ace32Loader.exe
2015-12-14 14:45:41	F9BAAC5F7AEF86EE1E331BD9CF004969	524376	----a-w-	C:\Program Files\WinRAR\Rar.exe
2015-12-14 14:45:41	F73C4ED2721338155E15FACE2A16CEC6	330840	----a-w-	C:\Program Files\WinRAR\UnRAR.exe
2015-12-14 14:45:41	D67E744681F891F895FD2CE24635EFF8	1480792	----a-w-	C:\Program Files\WinRAR\WinRAR.exe
2015-12-14 14:45:41	AAFC2DADE00EB05FD7DFE1060529140E	165976	----a-w-	C:\Program Files\WinRAR\Uninstall.exe
=== C: other files ==
2015-12-18 14:00:20	F56DE6446B9BFC543A2A2257A8222434	91884583	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\pciven_8086&dev_1c3a.zip
2015-12-18 14:00:19	2B4F9F81A679349FB451BC9FA6435DE0	59058256	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\pciven_8086&dev_1c22&cc_0c05.zip
2015-12-18 14:00:05	4E7F3D9AB5A1E43E23962C797ADBDDB2	242878297	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\hdaudiofunc_01&ven_10ec&dev_0892.zip
2015-12-18 13:59:59	9D31FB45144AF58B49EC30B34FA6EB3F	6087758	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Backup\AdvancedDriverUpdaterBackup-zaterdag,05-dec-2015_H09-M10-S46.zip
2015-12-18 13:59:59	774A3C805FAE50A237B10CC0818A2D74	78933183	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Download\acpiint3f0d.zip
2015-12-18 13:59:59	0F4EE55C5587E5FB80FA105D4C11062A	1897975	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Backup\AdvancedDriverUpdaterBackup-zaterdag,05-dec-2015_H09-M37-S22.zip
2015-12-18 13:59:56	3D98059C4924F3956435E29F181B7BED	233579029	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1217702915-2185182410-1776734843-1000\$RFFPVV7\C_Users_Jive1_AppData_Roaming_Systweak\ADU\Advanced Driver Updater\Backup\AdvancedDriverUpdaterBackup-zaterdag,05-dec-2015_H08-M57-S08.zip
2015-12-18 07:10:29	005C51653E3A94B31E4E2DB8447644FA	127760	----a-w-	C:\Windows\System32\drivers\scdemu.sys
2015-12-17 06:24:40	FC2F395707BA5850F2F363BF635D7C72	14456	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService32.sys
2015-12-17 06:24:40	C2A9985C97DF5946AEAE7C001625410C	44840	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad32v.sys
2015-12-17 06:24:40	9F0938D041D6203DA3B95AA3EBE4C34E	19576	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2015-12-17 06:24:40	9D9CAD70EA640AB8D3EB77BFAE6CABE2	28344	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter64.sys
2015-12-17 06:24:40	880AE3F620539FFA0F9CA839C36CA1BB	15480	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2SystemService64.sys
2015-12-17 06:24:40	7ABD081BB7A1A8CF7E3B1E64183AB812	24760	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\ShieldWirelessController\NVSWCFilter32.sys
2015-12-17 06:24:40	35DFC12FD7E44B7CB8CCD7E5A2B3975A	50472	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\NvVAD\nvvad64v.sys
2015-12-17 06:24:40	21FB5E025FF98EFB5449522459525E44	18552	----a-w-	C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
2015-12-16 13:51:44	5BEAF7B1E2CDDA94EBBDE9F44F104032	64332580	----a-w-	C:\Users\Jive1\Downloads\Vfr-Airfields Vol 2.zip
2015-12-16 10:43:27	A0748E6D9D456AA64A040E4865D62926	360778811	----a-w-	C:\Users\Jive1\Downloads\FS2004 FSPLANET Spain VFR Balearic Islands.zip
2015-12-15 12:54:16	F6B685306C89EE40A4B687A1F0758DCA	218650	----a-w-	C:\Users\Jive1\AppData\Roaming\Opera Software\Opera Stable\themes_backup\default_theme.zip
2015-12-13 12:15:05	FDE51F2C8CCCED0CDD75B2FC18CB9F74	550370168	----a-w-	C:\Users\Jive1\Downloads\sardinia_photorealistic_pack_fs2004.zip
2015-12-12 07:00:59	B7B3E35404184FBD62FBA5711A4D8985	52946	----a-w-	C:\temp\af2otbh.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot"
"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Folders ======================

2015-11-09 10:24:50	1005	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printkey2000.lnk

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Jive1-PC1-Jive1" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Opera N Saturday" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\Opera N Sunday" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-10-29 13:29:47	--------	d-sh--we	C:\PROGRA~3\Bureaublad
2015-10-29 13:29:47	--------	d-sh--we	C:\PROGRA~3\Documenten
2015-10-29 13:29:47	--------	d-sh--we	C:\PROGRA~3\Favorieten
2015-10-29 13:29:47	--------	d-sh--we	C:\PROGRA~3\Menu Start
2015-10-29 13:29:47	--------	d-sh--we	C:\PROGRA~3\Sjablonen
2015-10-29 13:53:44	--------	d-----w-	C:\PROGRA~3\BullGuard
2015-10-29 14:40:05	--------	d-----w-	C:\PROGRA~3\Oracle
2015-10-29 14:50:18	--------	d-----w-	C:\PROGRA~3\NVIDIA
2015-10-29 15:17:46	--------	d-----w-	C:\PROGRA~3\NVIDIA Corporation
2015-10-29 16:36:05	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2015-10-30 14:04:11	--------	d-----w-	C:\PROGRA~3\TracerX
2015-10-30 14:53:22	--------	d-----w-	C:\PROGRA~3\Adobe
2015-10-30 15:12:57	--------	d-----w-	C:\PROGRA~3\regid.1986-12.com.adobe
2015-11-02 07:45:00	--------	d-----w-	C:\PROGRA~3\WinZip
2015-11-12 07:25:48	--------	d-----w-	C:\PROGRA~3\regid.1991-06.com.microsoft
2015-12-05 06:43:04	--------	d---a-w-	C:\PROGRA~3\TEMP
2015-12-05 08:20:41	--------	d-----w-	C:\PROGRA~3\AmUStor
2015-12-15 10:11:50	--------	d-----w-	C:\PROGRA~3\DAEMON Tools Pro

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}"="C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}" [30/10/2015 16:02]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jive1\AppData\Roaming\Thunderbird\Profiles\vn0s15kb.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Jive1\AppData\Roaming\Mozilla\Firefox\Profiles\jqdvbdgp.default
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
0873C7B403EF57C94C06EBE013229427	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll -	Shockwave Flash


==== Chromium Look ======================

Google Slides - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jive1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jive1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jive1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jive1\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jive1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 18/12/2015 at 15:34:47,66 ======================