Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Sven on wo 09/03/2016 at 10:15:01,07.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

9/03/2016 10:15:54 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\predm deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\DAEMON Tools Ult deleted successfully
C:\Users\Sven\AppData\Roaming\DAEMON Tools Ult deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"mbot_be_014010079"=- 
"Wondershare Helper Compact.exe"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\predm not found
C:\Windows\AutoKMS deleted
C:\Users\Sven\.android deleted
C:\PROGRA~2\globalUpdate deleted
C:\Users\Sven\AppData\Roaming\Wondershare deleted
C:\PROGRA~3\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\MWdsManProM deleted
C:\Users\Sven\AppData\Local\Crossbrowse deleted
C:\Users\Sven\AppData\Local\globalUpdate deleted
C:\Users\Sven\AppData\Local\Wondershare deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Windows\tasks\AutoKMS.job" deleted
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\Program Files (x86)\Common Files\Wondershare" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-02-10 17:05:29	9D77CC4A36FEEA644D002CFB9B2D42C0	3231232	----a-w-	C:\Windows\explorer.exe
====== C:\Users\Sven\AppData\Local\Temp ====
2016-02-25 10:37:47	F955A31B6E737AD9C002D756B7110FD8	417240	----a-w-	C:\Users\Sven\AppData\Local\Temp\HSS7968.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-03-08 19:46:38	E5DE5F75FF6739AC9AABBDD4740B22A9	14176	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 19:46:38	DB9FEFF915F895BE960E9D1D47639324	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 19:46:38	D07F2E1FF3CA24A06ADDE429A0130E50	16224	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 19:46:38	B05D416F3162D1686914606E9C794997	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 19:46:38	5E98B6B1D884AE801EEF41C42A080084	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 19:46:38	3DF1D7DA8C1493A5A00C0474323FEF20	922432	----a-w-	C:\Windows\SysWOW64\ucrtbase.dll
2016-03-08 19:46:38	386C6B538AC4F36737819B79E679132D	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 19:46:38	1D96A0D2EF83C6C1176806C02F96384A	17760	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 19:46:38	0E9D1BCE1BB8A5E25B505CE7B52CCE74	17760	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 19:46:37	E37EC711D51AAF9FD8570739ED8A1AC0	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 19:46:37	BCBE1BD34AA5E3E585E8A186ECE49FA0	13664	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 19:46:37	924E2F51DE0177D08AABAB725421D70C	22368	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 19:46:37	85CF361F1388D42FEEDD3E2516D50CE7	66400	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 19:46:37	74126D3BED0E43DE875B66C63C608F42	19808	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 19:46:37	522226C519CDD233360BF0CE80B0CEBA	15712	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 19:46:37	3A2E6016FF209066F3129543660BE0B5	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 19:46:36	E869DDBE1C64BECEA0FF26C2BEE6385C	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2016-03-08 19:46:36	D432C3E330EC381F18F1D8492FD5A990	93696	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2016-03-08 19:46:36	8C7AF1C5ED43F6A19D14DE7D04CF2D28	573440	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2016-03-08 19:46:36	7F4449BE58F9D9853F010ADEF57C627E	174080	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2016-03-08 19:46:36	363C311357833FAB98788CADDA82781C	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2016-03-08 19:46:34	50620D7F4EF26981C76B703C89DFF0FE	67584	----a-w-	C:\Windows\SysWOW64\asycfilt.dll
2016-03-08 19:46:34	4CE464D543C536B2E039524C93413238	572416	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
2016-03-08 19:46:32	FAC2BB786EF0B771633A6CAEEE343CEF	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2016-03-08 19:46:32	E90B8C7F9667650544ADC778CCD43568	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2016-03-08 19:46:32	C54971134F66CFBDE313D7D74A297AAC	2280448	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2016-03-08 19:46:32	5CCF8CCADD86DEF3F503869E209CB771	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-08 19:46:32	52733FEAAF339B76CF7DD82B676A959E	91136	----a-w-	C:\Windows\SysWOW64\inseng.dll
2016-03-08 19:46:31	FB7B95D4A7F5BA563516335CC23FC53C	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2016-03-08 19:46:31	C99B6E09C23BF1FB1F1B1D02F1E3072F	341200	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2016-03-08 19:46:31	C04FE126FE7661A727E2EACA3773BF63	496640	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2016-03-08 19:46:31	98F4BA49FDCC7B72C49264C898D95D29	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-08 19:46:31	94295E6C1D6A458D611491C45DA86325	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2016-03-08 19:46:31	6D78ABE37BC816FBC67A62A7A1A5C582	1311744	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2016-03-08 19:46:31	3DF6C79B9F93A289D02395642645319C	20352512	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-03-08 19:46:31	072926C6A8342EB10FF4DA3BBBE57DB5	687104	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2016-03-08 19:46:30	F513214BA350CF5D0D362A002FE79733	2050560	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2016-03-08 19:46:30	B8106E5CE39EAF8472DB521BB2C62150	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2016-03-08 19:46:30	9ECBE17BAE1171042910A24800E1A59C	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2016-03-08 19:46:30	0D9E4C237A6B6B78BF237FCA65A1103C	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2016-03-08 19:46:30	02B17540AEDFFD935E1FCFF62941FD63	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2016-03-08 19:46:29	F02CF24E59AF96F7F2FFF8C3204F57B8	13012480	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-03-08 19:46:29	D7CCF5333B2F75EF0F5ADC85960872B8	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2016-03-08 19:46:29	9D41CAE6A55681E9F816BDC80451B916	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2016-03-08 19:46:29	77305AE3440CB9A28E76A88AE609C414	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2016-03-08 19:46:29	4A7149C25E250A2B3E320556D3B28D8F	476160	----a-w-	C:\Windows\SysWOW64\ieui.dll
2016-03-08 19:46:28	EFB16D89CDDE7648D14E09D765AE52EB	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2016-03-08 19:46:28	4F8E44453EDB8083F504DDF679B55034	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-08 19:46:28	2EC93A7E9DEE0D310729490FD39EB1ED	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2016-03-08 19:46:27	F6F1806F34BB8C6C220A259F584A80E1	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2016-03-08 19:46:27	EDB9618FF3238EF0FC2734F584B13A33	2121216	----a-w-	C:\Windows\SysWOW64\wininet.dll
2016-03-08 19:46:27	E36BD63A2B9EAC4AE3C5F4F0E0FEA025	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2016-03-08 19:46:27	D1A735C183F2AD39CF6FE60E8593B0B2	4611072	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-03-08 19:46:27	A795080ED1B03288F90FE7A357B08FA6	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-08 19:46:13	B8E6C6411AAE69972DE30D2CC6ECABFD	1314328	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2016-03-08 19:46:13	7DAD20AB1DD90D89F9EF851F5EB60651	3938240	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-08 19:46:13	565DE7C3364D2B17A4115116251D5718	3994560	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-08 19:46:12	F5071D3802BC7A7AA65D58D57F9B7D70	553472	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2016-03-08 19:46:12	81D70F77DBC2A20E8057FB373D0F9AE6	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2016-03-08 19:46:12	295EE61AFA07756F3CBCDF6CA012F905	275456	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2016-03-08 19:46:12	1B2966418D805A871C30998D45570109	642560	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2016-03-08 19:46:11	D6B30A1D95917A934BA1CEC152763EBB	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2016-03-08 19:46:11	B994002C9AC277B400D8616AAEB3D83E	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2016-03-08 19:46:11	B3AE2AB29B51BC44511262259499D18B	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2016-03-08 19:46:11	A51056F0AB2386C1032977E89BCB267A	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2016-03-08 19:46:11	821BE1FA64525FEFD4DF40C37F19193A	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2016-03-08 19:46:11	5D7A25E110E666040C37E16DF634A723	36352	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2016-03-08 19:46:11	5107D0FCD28BC68995D862B718C98CDD	223232	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2016-03-08 19:46:11	21404A9B0692E19E04EE714F5D5C6C48	171520	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2016-03-08 19:46:11	1827E4CAD59C32A1E913AAC375AC094F	251392	----a-w-	C:\Windows\SysWOW64\schannel.dll
2016-03-08 19:46:11	009045301F508A498F11EAD9D0FAA3FD	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2016-03-08 19:46:10	C9E5B2084321B113344015FEE3C89CCF	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2016-03-08 19:46:10	ADFB530BD8835ACE1B272DA8A7308A96	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2016-03-08 19:46:10	9BD14CC0F472E93F453D3D50BBD3BBDA	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2016-03-08 19:46:10	93BCAB853A5B5A0665E7495ADBB03B76	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2016-03-08 19:46:09	F0B10B63F257577F270D7E5265FA576C	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2016-03-08 19:46:09	C9A9A093C04AA3DA11D12E6374D7650A	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2016-03-08 19:46:09	99D3E1FAB38B1D6DA536243631BAB839	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2016-03-08 19:46:09	886F415E4F7A87AF69EBF5020C67EF6F	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2016-03-08 19:46:09	80F95AD6D1B88FD5444015D4EA8FFA6F	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2016-03-08 19:46:09	75991ED3804C48A396D6596BEC029D49	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2016-03-08 19:46:09	42F930264A6F84D74C30955399619240	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2016-03-08 19:46:05	E85BED746BBDDCD29AD63F6085E1CE78	299520	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2016-03-08 19:46:05	BC8EA7CD95A7BA8B468B47BD7D9E55AF	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2016-03-08 19:46:05	B1B26BEDCB21B574B3CADCDC3BE9E969	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2016-03-08 19:46:05	84E9A8646F19EC99673EC863D0815133	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2016-03-08 19:46:05	73B2226CA11907E2AE3427BBF4C09967	296448	----a-w-	C:\Windows\SysWOW64\mfds.dll
2016-03-08 19:46:05	0F3A519AC7E43B77EE4EAE50F347C913	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2016-03-08 19:46:03	6535F092A603C6EEED0D923AB05735E1	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2016-03-08 19:46:03	43C68440DD263F5CAEF8C34C12214A4A	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2016-03-08 19:46:03	0BACC9DB52051142492AA8F09ADAF8B5	11411456	----a-w-	C:\Windows\SysWOW64\wmp.dll
2016-03-08 19:46:03	0B24E6A3563BB541F4DCAF48EC9AE152	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2016-03-08 19:46:03	0B24E6A3563BB541F4DCAF48EC9AE152	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2016-02-25 11:30:11	5F492177F9166E4597EB93B9A60C7F04	142528	----a-w-	C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-25 11:30:11	03D5DA6B7A7078544B071D27BA825DAF	796864	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-03-08 19:46:38	D8F7A8440C5B23A587D981E7B9A4892C	15712	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll
2016-03-08 19:46:38	92375150AD3F19431B49793DC7111962	63840	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll
2016-03-08 19:46:38	6A2C655BC6B7E2EDFC98B632B521697D	17760	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll
2016-03-08 19:46:38	62ED9DA33AFE5624A08D9427527536FE	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll
2016-03-08 19:46:38	4CDCE034568C1177325799A60F987F27	16224	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-08 19:46:38	1EB17F650462EEA820F4CD727D2D3AB1	994760	----a-w-	C:\Windows\Sysnative\ucrtbase.dll
2016-03-08 19:46:38	0753722E5BD0AF130C1B465F2981477C	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll
2016-03-08 19:46:38	020E0DCC82A7C5AFDEE3FBA57C5F30D3	17760	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-08 19:46:37	EBA98AF7BA9FC4696BFD3F03D43CE07B	13664	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-08 19:46:37	E9C7DF2BC9C5157F2195737948DBFA0B	19808	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-08 19:46:37	CB20CCF93E34CC08AB4B58A344E76DD1	14176	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll
2016-03-08 19:46:37	CAB18EAC01B9FCF6A0CA74E95FADB8B7	20832	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll
2016-03-08 19:46:37	C2F694722F8D98990B218ECAB729B0FE	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll
2016-03-08 19:46:37	A98EC7EDB339CD967E5CBD5EEC174CEB	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll
2016-03-08 19:46:37	A4FA9CA07855A7F237D1908E62B5B1C7	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll
2016-03-08 19:46:37	1EA4F3D5312C15A64904A6E9E457612D	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll
2016-03-08 19:46:37	05FD1920E7D9965F33DBBBEE58387B24	3211264	----a-w-	C:\Windows\Sysnative\win32k.sys
2016-03-08 19:46:36	F50C6862DB860F91051625800F61F71E	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2016-03-08 19:46:36	F0D39C0EB4DEED96714499518156BC6C	3169792	----a-w-	C:\Windows\Sysnative\wucltux.dll
2016-03-08 19:46:36	F09D8A5175BDD9533F7F900CAD213C91	37888	----a-w-	C:\Windows\Sysnative\wuapp.exe
2016-03-08 19:46:36	D7DBB0C85B065CAFD6C5C888220A31E1	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2016-03-08 19:46:36	86F11B85102AFA6A1A6101DCE2F09386	2610688	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2016-03-08 19:46:36	7BD7019E51A13D5CFAFAE8A68C416C64	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2016-03-08 19:46:36	70A3693BE74AE57DEA201DAD89A6B703	192512	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2016-03-08 19:46:36	6B6050BC5BE9F4ADF7766BCBD34B5F6C	98816	----a-w-	C:\Windows\Sysnative\wudriver.dll
2016-03-08 19:46:36	3DC8EC659B29A47D0DD05A454F4C9FF8	709120	----a-w-	C:\Windows\Sysnative\wuapi.dll
2016-03-08 19:46:36	37795555D27002BF1A59135B60268690	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2016-03-08 19:46:36	1F0038F5B57D5BDA7C1368EA240B4D57	140288	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2016-03-08 19:46:34	B429BEF73402E8D2B2731ECA08D6195F	862208	----a-w-	C:\Windows\Sysnative\oleaut32.dll
2016-03-08 19:46:34	86A6D548E36B0F77138388E3395A04A8	84992	----a-w-	C:\Windows\Sysnative\asycfilt.dll
2016-03-08 19:46:32	73368D36DEF5EBBB199B3585D375DE2D	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2016-03-08 19:46:32	530EDBCCA18717998332B45F5E71F01B	2887680	----a-w-	C:\Windows\Sysnative\iertutil.dll
2016-03-08 19:46:32	143B716CCA1E11CC326D3ACEA323D2D0	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2016-03-08 19:46:32	06B2FF74CA284C00692D8AC1AC79045E	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2016-03-08 19:46:31	F6B1086C15175B9749A8D856ACA5FE9C	107520	----a-w-	C:\Windows\Sysnative\inseng.dll
2016-03-08 19:46:31	AC21A5E51B9EFBD13E87BF861653E18B	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2016-03-08 19:46:31	9E4DB338EFBF08913171B7C83E8B412F	718336	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2016-03-08 19:46:31	5ED817DF292B92A8090A9D8201549A93	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2016-03-08 19:46:30	FB56458B902E3B7F4D09A493FC8CBFFE	1546752	----a-w-	C:\Windows\Sysnative\urlmon.dll
2016-03-08 19:46:30	B3A8B66922B6B97A09F02C8AA5C32F64	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2016-03-08 19:46:30	548929D367CEC5FFCF9884D41B101B6B	387792	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2016-03-08 19:46:30	128A43A30C77B8E610ECE3E0D37D8793	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2016-03-08 19:46:29	D43EEF5FD3A6F51FA7F253CB98C9B351	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2016-03-08 19:46:29	81A506305EA2DBA0E0EE33332B642143	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2016-03-08 19:46:29	0326E57CEEE24A37F39FB43F0F8E7B29	798720	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2016-03-08 19:46:28	A66C23356E24B52B0C877B5147E5005F	571904	----a-w-	C:\Windows\Sysnative\vbscript.dll
2016-03-08 19:46:28	59F1834740128C82558092CC774D35F9	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2016-03-08 19:46:28	41E59B7B8DAFFC5C9BE91B1158E3894B	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2016-03-08 19:46:28	3E116772A7B17F05C6F26EA613949D98	2123264	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2016-03-08 19:46:27	9E0DE6FE9C1790571AE3915DFB4FAB95	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2016-03-08 19:46:27	820B76DCF5708DD4DB5784C01F9254B4	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2016-03-08 19:46:27	0933A68F09692D19FC1EC6BC6A2C629F	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2016-03-08 19:46:26	93D65A0011C3DC4F7422624068A6A4FC	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2016-03-08 19:46:26	89176EBC1F9E152BF444B114AB802D2A	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2016-03-08 19:46:26	883F1ED2E13465CD71CA97707ABD3694	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2016-03-08 19:46:26	85C65082595511D7153C18D3F422E632	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2016-03-08 19:46:26	612B73825E88F6CF137D29A44495BD82	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2016-03-08 19:46:26	51389B3929CDAE54DE7516ACBC4BE062	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2016-03-08 19:46:26	3DA511916E94D4B75D173E4CD8B7DA51	14613504	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-03-08 19:46:25	D46791D9D1F7D2D5DE0A58F7BD35F75B	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2016-03-08 19:46:25	C15649DEABA6B45562009663673E23D1	2597376	----a-w-	C:\Windows\Sysnative\wininet.dll
2016-03-08 19:46:25	59571CCC6E1820D43E233BC7D0877B7A	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2016-03-08 19:46:25	30E0B077DC484292B999C11D77A065F3	417792	----a-w-	C:\Windows\Sysnative\html.iec
2016-03-08 19:46:25	26DCAEEFB541175137FCE9406E2AF2B0	6052352	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-03-08 19:46:24	8F84D4D9632C0B95D16C1BB5D74C793B	25816576	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-03-08 19:46:14	F4401BE752919B5EE271A9B355F5710A	5572032	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-03-08 19:46:14	9C3035A9AA1986DAA9A7A233724BA71B	1733592	----a-w-	C:\Windows\Sysnative\ntdll.dll
2016-03-08 19:46:13	A78AC1497CCFF3966F50F164C33B18C4	422400	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2016-03-08 19:46:13	89AB9AECC8906A1379701B43D25205D8	730112	----a-w-	C:\Windows\Sysnative\kerberos.dll
2016-03-08 19:46:13	4E3E2F8EA0920FC793634479866C5198	1163264	----a-w-	C:\Windows\Sysnative\kernel32.dll
2016-03-08 19:46:12	F3CF4E9A48E3CE7011A8FF2E188D8208	344064	----a-w-	C:\Windows\Sysnative\schannel.dll
2016-03-08 19:46:12	EFF15466D1D6C61E92CB129B00D5D24E	1461248	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2016-03-08 19:46:12	BAB3E8C0C2CFC7A9DC6A52615BC6064E	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2016-03-08 19:46:12	9A16001E1924D9EAAC3CA359A516EEE7	1214464	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2016-03-08 19:46:12	02886B176A15FFAC7DFED97E59A7B227	880128	----a-w-	C:\Windows\Sysnative\advapi32.dll
2016-03-08 19:46:11	EF6DF5EF674A3588D5BFB22A38426C95	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2016-03-08 19:46:11	E7D004C3EC24A3C2AD6FAF1855F29DC9	43520	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2016-03-08 19:46:11	E4315DDCF53CE9D123268BD2219B2423	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2016-03-08 19:46:11	E1E91CE6D3D6109561683844535E4178	28672	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2016-03-08 19:46:11	DE4812AB2E6926D0FF2423F3B774585A	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2016-03-08 19:46:11	AE92D51D6DF58C9D3C996ECC9262CBC9	210432	----a-w-	C:\Windows\Sysnative\wdigest.dll
2016-03-08 19:46:11	ABE221DB1510A1878399C0692D64A0BF	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2016-03-08 19:46:11	A1CD166DE0901E9199766A2B5A57B90F	312320	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2016-03-08 19:46:11	9C3B66C746C71DCACD54841B7EAF3F3B	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2016-03-08 19:46:11	94C5B49D3E89CE9E02A6D6133A4F4321	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2016-03-08 19:46:11	7FB33A9A2E6B6D5CA9318668B95CA69C	30720	----a-w-	C:\Windows\Sysnative\lsass.exe
2016-03-08 19:46:11	78F5915B2B03E7391B4282E20338D29A	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2016-03-08 19:46:11	7631804095CEB86A925DBE5102A27AFC	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2016-03-08 19:46:11	6AB9573BB3939ACF8D78552E03F85292	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2016-03-08 19:46:11	3A3F7FD8FC36207D4261E1AA5BE2131F	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2016-03-08 19:46:11	3381B6E84547D54E8DB78A0899AA2FE0	135680	----a-w-	C:\Windows\Sysnative\sspicli.dll
2016-03-08 19:46:11	1FA2CA8150B17250935A862913CC26B1	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2016-03-08 19:46:11	1F7C02AC2950F0472B5C5FC368A52300	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2016-03-08 19:46:11	0F72703FE77940E14E3E7522BFCB5A6A	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2016-03-08 19:46:11	0B3256BA5B4D06C46773B0D22A8E4643	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2016-03-08 19:46:10	006E72FB24C9FF96DC30CB83964A5498	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2016-03-08 19:46:09	F9E31A4B00A333EEC05A90EDCE4AC12A	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2016-03-08 19:46:09	DE8B9B1788ACCA1020CEEA8AA13B5A9E	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2016-03-08 19:46:09	A98E4419A0116848D449ECB1C308A5E3	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2016-03-08 19:46:09	100D0A458DFC159E1FF274EA406BBEB2	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2016-03-08 19:46:05	C969B7F33F3C47103D302AC086A54483	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2016-03-08 19:46:05	C8B4E3DBD1D0A6E5819AA8F546945504	41472	----a-w-	C:\Windows\Sysnative\lpk.dll
2016-03-08 19:46:05	C63EFDE6CA3BA3FEFA4943DDF2051D4B	381440	----a-w-	C:\Windows\Sysnative\mfds.dll
2016-03-08 19:46:05	8203AC96912496988983FF7D527D8390	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2016-03-08 19:46:05	39092B766B0C28E9C7C4F1B2D5A89B3A	372736	----a-w-	C:\Windows\Sysnative\atmfd.dll
2016-03-08 19:46:05	1CEF42611A2449A85C74429B81EA0809	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2016-03-08 19:46:04	A19623BDD61E66A12AB53992002B4F3A	30720	----a-w-	C:\Windows\Sysnative\seclogon.dll
2016-03-08 19:46:04	4EA9F4738CE519E3D8C31A41AE2DE822	14634496	----a-w-	C:\Windows\Sysnative\wmp.dll
2016-03-08 19:46:03	E6F065C2A34AE8768E355D23A2BE5A63	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2016-03-08 19:46:03	D341F4F570658CDBB660FC3A1D5F762D	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2016-03-08 19:46:03	D341F4F570658CDBB660FC3A1D5F762D	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2016-03-08 19:46:03	8ABE421AE8A49EA9EAF8E7BC455F138B	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
====== C:\Windows\Sysnative\drivers =====
2016-03-08 19:46:35	47B2D0B31BDC3EBE6090228E2BA3764D	1684416	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
2016-03-08 19:46:34	D029DD09E22EB24318A8FC3D8138BA43	91648	----a-w-	C:\Windows\Sysnative\drivers\USBSTOR.SYS
2016-03-08 19:46:12	CC1B3B52F33CBC1CE60867DA4E23537C	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-03-08 19:46:12	8856E45D23BFF4D977BF06D0543BCD96	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2016-03-08 19:46:12	211A379BAAB812A7B437319BD85B2435	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2016-03-08 19:46:12	07F8F6B0CAEC7ADD30EBD94940A315D7	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2016-03-08 19:46:11	8D383CED28332B5F3894658857472F47	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2016-02-10 17:05:56	D7ADC2B83CA0B0381F75A98351F72CEE	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-03-08 20:50:06	--------	d-----w-	C:\Program Files\trend micro
2016-02-25 11:30:40	--------	d-----w-	C:\Program Files\Google
2016-02-12 16:35:35	--------	d-----w-	C:\Program Files\iPod
======= C:\PROGRA~2 =====
2016-03-08 20:19:37	--------	d-----w-	C:\PROGRA~2\AdwCleaner
2016-02-25 10:37:54	--------	d-----w-	C:\PROGRA~2\Linksys
2016-02-12 16:36:15	--------	d-----w-	C:\PROGRA~2\QuickTime
2016-02-12 16:35:35	--------	d-----w-	C:\PROGRA~2\iTunes
2016-02-10 16:54:31	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Sven\AppData\Roaming ======
2016-03-02 13:17:05	--------	d-----w-	C:\Users\Sven\AppData\Local\Disc_Soft_Ltd
2016-03-02 13:08:39	--------	d-----w-	C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-02-25 12:05:08	--------	d-----w-	C:\Users\Sven\AppData\Roaming\Google
2016-02-12 16:40:45	--------	d-----w-	C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2016-02-08 18:33:29	--------	d-----w-	C:\Users\Sven\AppData\Locallow\BitTorrent
====== C:\Users\Sven ======
2016-03-02 13:10:06	--------	d-----w-	C:\Users\Public\Documents\Daemon Tools Images
2016-02-25 11:30:26	--------	d-----w-	C:\ProgramData\Google
2016-02-25 10:25:20	--------	d-----w-	C:\ProgramData\Linksys
2016-02-20 08:03:24	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-12 16:36:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-02-12 16:35:53	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

====== C: exe-files ==
2016-03-09 08:58:32	4AA1445D73037E0946C7A610E4F0B729	835152	----a-w-	C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe
2016-03-08 20:50:06	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Sven.exe
2016-03-08 20:49:58	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LA4T3SKM\RSITx64.exe
2016-03-08 19:46:36	F09D8A5175BDD9533F7F900CAD213C91	37888	----a-w-	C:\Windows\System32\wuapp.exe
2016-03-08 19:46:36	363C311357833FAB98788CADDA82781C	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2016-03-08 19:46:36	1F0038F5B57D5BDA7C1368EA240B4D57	140288	----a-w-	C:\Windows\System32\wuauclt.exe
2016-03-08 19:46:32	73368D36DEF5EBBB199B3585D375DE2D	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2016-03-08 19:46:31	9E4DB338EFBF08913171B7C83E8B412F	718336	----a-w-	C:\Windows\System32\ie4uinit.exe
2016-03-08 19:46:31	05AA2E1ABB82B29609A7385C553C2FAB	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2016-03-08 19:46:30	F72003973090868B98E8FD394CE8D1FC	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2016-03-08 19:46:30	9A663A210C03A364AF5357F5E68203AB	815312	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2016-03-08 19:46:30	256DE13B343A35E6054584262A10685F	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2016-03-08 19:46:29	81A506305EA2DBA0E0EE33332B642143	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2016-03-08 19:46:28	C6B74427507AC075CD2146F0D2C4D75A	814288	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-03-08 19:46:28	2EC93A7E9DEE0D310729490FD39EB1ED	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2016-03-08 19:46:28	10975403A9DC14C7B8F50E7ED62D6136	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-03-08 19:46:26	883F1ED2E13465CD71CA97707ABD3694	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2016-03-08 19:46:14	F4401BE752919B5EE271A9B355F5710A	5572032	----a-w-	C:\Windows\System32\ntoskrnl.exe
2016-03-08 19:46:13	7DAD20AB1DD90D89F9EF851F5EB60651	3938240	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-08 19:46:13	565DE7C3364D2B17A4115116251D5718	3994560	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-08 19:46:12	BAB3E8C0C2CFC7A9DC6A52615BC6064E	112640	----a-w-	C:\Windows\System32\smss.exe
2016-03-08 19:46:11	94C5B49D3E89CE9E02A6D6133A4F4321	338432	----a-w-	C:\Windows\System32\conhost.exe
2016-03-08 19:46:11	7FB33A9A2E6B6D5CA9318668B95CA69C	30720	----a-w-	C:\Windows\System32\lsass.exe
2016-03-08 19:46:11	1F7C02AC2950F0472B5C5FC368A52300	296960	----a-w-	C:\Windows\System32\rstrui.exe
2016-03-08 19:46:10	ADFB530BD8835ACE1B272DA8A7308A96	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2016-03-08 19:46:10	006E72FB24C9FF96DC30CB83964A5498	64000	----a-w-	C:\Windows\System32\auditpol.exe
2016-03-08 19:46:09	80F95AD6D1B88FD5444015D4EA8FFA6F	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2016-03-08 19:46:09	75991ED3804C48A396D6596BEC029D49	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2016-03-08 19:46:09	42F930264A6F84D74C30955399619240	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2016-03-08 19:46:03	F63525F08BF3ACF5ED034F0015868D33	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2016-03-08 19:46:03	F46B4BB230B948B458FB378C375C6790	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2016-03-08 19:46:03	E81A026FF796CFA68465000AA8D41BE6	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2016-03-08 19:46:03	707642FAB8D46E6671E6245FCFFD8339	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2016-03-08 19:46:03	6A03F9443F8BB8647AE00D45C5FD68B6	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2016-03-08 19:46:03	3F2E22C0AB860331CB04B5F95A7542FA	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2016-03-02 13:08:39	644C74FC96FB068005ABDBD309263018	119808	----a-r-	C:\Users\Sven\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
=== C: other files ==
2016-03-08 19:46:37	05FD1920E7D9965F33DBBBEE58387B24	3211264	----a-w-	C:\Windows\System32\win32k.sys
2016-03-08 19:46:35	47B2D0B31BDC3EBE6090228E2BA3764D	1684416	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2016-03-08 19:46:34	D029DD09E22EB24318A8FC3D8138BA43	91648	----a-w-	C:\Windows\System32\drivers\USBSTOR.SYS
2016-03-08 19:46:12	CC1B3B52F33CBC1CE60867DA4E23537C	154560	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-03-08 19:46:12	8856E45D23BFF4D977BF06D0543BCD96	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2016-03-08 19:46:12	211A379BAAB812A7B437319BD85B2435	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2016-03-08 19:46:12	07F8F6B0CAEC7ADD30EBD94940A315D7	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2016-03-08 19:46:11	8D383CED28332B5F3894658857472F47	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2016-03-07 16:20:20	2B334BCB3EA9EAF58451897EB3B5A1F2	887032	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\script.module.liveresolver-0.1.24.zip
2016-03-07 16:20:20	2793DDC551E3E2E4A640C6840FC76CF7	68842	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\script.dokiinstaller-2016.03.06.01.zip
2016-03-07 16:20:19	6F1B7C59EAB7AFB085C5EA9554F9DA29	871942	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.watch1080-1.0.10.zip
2016-03-07 16:20:19	597CDC4AB6B1332A8307777B9BF9A205	84504	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.xmovies8-1.1.3.zip
2016-03-07 16:20:18	F90AA65F6E323B652BAB466D088537F1	7380027	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.titan-1.4.3.zip
2016-03-07 16:20:13	674CF619DA8D088850EBDD1A312971C7	200324	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.prosport-0.35.zip
2016-03-07 16:20:13	10757098215DDCA347F36B3DCCE094F5	6154425	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.specto-2016.03.05.1.zip
2016-03-07 16:20:11	68BE79A06617A6F4888209B840EEE4E1	742514	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.cartoons8-1.0.11.zip
2016-03-07 16:20:09	22969B6DD149C00AE38F7621E936D92C	2685409	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.SportsDevil-201620162016.03.06.1NL.zip
2016-03-07 16:20:07	EA610F1368368593BFBFBF2518FFE3AF	345202	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.1channel-2.5.68.zip
2016-03-07 12:55:06	DA9D84C1118C632E17648C5C753D35C0	19354	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\script.module.addon.common-2.0.1.zip
2016-03-07 12:55:06	95C95ECFDAAD894EC44F85B8DBBED0B3	625911	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\script.module.israeliveresolver-0.2.7.zip
2016-03-07 12:55:06	2E4E7570FFFB22FAC82B3E5A5C94EB1E	58396	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\script.common.plugin.cache-2.5.7.zip
2016-03-07 12:55:05	ECF809F38981F1F0E3CA2FFD38FDABA7	555853	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.youtube-5.1.20.4.zip
2016-03-07 12:55:02	4347D6DD14BDA7F8BB687ED28AFCCE1D	1523845	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.LwSLive-2.0.9.zip
2016-03-07 12:54:58	C0AE2BCDB6D032F7D60EB9AA799B2DE2	56295	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.veetle-0.3.3.zip
2016-03-07 12:51:36	0664FA5C17EE4F509C8AB4EF611D1DCC	309334	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\plugin.video.F.T.V\helpers\repository.FTV-Guide-Repo-1.0.zip
2016-03-07 12:51:05	7AB4E3EAF4ACC5F658C152BA7CE34091	1297183	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.AwesomeStreams-1.0.12.zip
2016-03-07 12:50:49	4E4101398924B18C12F65571EFAC011A	188535	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\weather.yahoo-3.0.9.zip
2016-03-07 12:50:48	63E785B8EB842CC52072F27BB2E237CA	264849	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\repository.dokinl-1.0.1.zip
2016-03-07 12:50:47	9DD5C23BECCF4CDB160D4569A3E7C2BF	1446213	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.youtube-5.1.19.zip
2016-03-07 12:50:46	ED64C20DA403C809CB1C3FAC1FD83478	909271	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.mdhdmovie14-1.0.3.zip
2016-03-07 12:50:46	EC0C9B11C61B25065B443B62D1BC9408	326033	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.dss-5.1.0.zip
2016-03-07 12:50:46	6DC6B2EE440333FAC7F92C784C1F0D0A	560116	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.md9movies-1.0.8.zip
2016-03-07 12:50:46	47CE714096D7F65ED0A642E5B1A99748	1962210	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.cloudtv-4.4.5.zip
2016-03-07 12:50:45	B45E82FD14BD1F083F7909B39D978722	919168	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\net.rieter.xot-4.1.0.zip
2016-03-07 12:50:45	4186A58AE6CCC78FB209F3AFF6A25303	66108	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.program.dokiinstaller-2016.03.06.01.zip
2016-03-03 12:59:43	50F781807F6E4999C7598E0420568379	549394	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\script.video.F4mProxy-2.4.5.zip
2016-03-03 12:59:42	79602974854191D93E3670284B35ED3A	93921	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.f4mTester-2.2.4.zip
2016-03-03 12:58:53	47C96F60A88F789D77DFE26E2D834E0D	1251980	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.AwesomeStreams-1.0.11.zip
2016-03-02 19:48:59	3EF0F19B564B4ABAE7DF96A9BBC71D97	782073	----a-w-	C:\Users\Sven\AppData\Roaming\Kodi\addons\packages\plugin.video.ccloudtv-1.4.5.zip

==== Orphaned Tasks deleted from Registry ======================

amiupdaterExd deleted
amiupdaterExi deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-510740338-983486175-3674784504-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_6376B5EE50201B8D362125E4D5560106"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"SteelSeries Engine"="C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Raptr"="C:\Program Files (x86)\Raptr\raptrstub.exe --startup"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"UpdReg"="C:\Windows\UpdReg.EXE"
"Sound Blaster Recon3D PCIe Control Panel"="C:\Program Files (x86)\Creative\Sound Blaster Recon3D PCIe\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe /r"
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"AllShareAgent"="C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe"
"StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_6376B5EE50201B8D362125E4D5560106"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"SteelSeries Engine"="C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"iTunesHelper"="D:\Programma's op de schijf geinstalleerd\iTunesHelper.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [30/06/2015 13:51]
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [30/06/2015 13:51]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2015 07:15]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/06/2015 07:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================

Google Slides - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
iCloud Bookmarks - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah
Google Docs Offline - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
AdBlock - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Form Editor - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\klaecimjlbpfompicealiiifcdjnkbpn
Chrome Web Store Payments - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
agfjdflmdlnffhlfmjdpbcoccaeamikk - Sven\AppData\Roaming\Opera Software\Opera Stable\Extensions\agfjdflmdlnffhlfmjdpbcoccaeamikk

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PLXB_nlBE681

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Sven\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=148 folders=111 87688711 bytes)

==== Empty Temp Folders ======================

C:\Users\admin\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Sven\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Sven\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 09/03/2016 at 10:31:00,48 ======================