
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by caroline2359 on zo 10/04/2016 at 19:38:10,96.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\caroline2359\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

10/04/2016 19:42:13 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Contendo Games deleted successfully
C:\PROGRA~2\SiteLookup deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\Users\caroline2359\AppData\Local\ActiveSync deleted successfully
C:\Users\caroline2359\AppData\Local\NetworkTiles deleted successfully
C:\Users\caroline2359\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{51420F88-4D4A-4042-9509-8D4E1307910E} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{51420F88-4D4A-4042-9509-8D4E1307910E} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36753EB7-336F-4012-BAD0-326C44F9DD25} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ec84a4a-775b-4bc5-a7cc-feb4ee5771f8} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519dddb8-234b-4801-96b5-31b39c0cd563} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A098EDC-82AC-483C-91E8-73D4B1E2C9CB} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6c6b1b4c-e777-4104-9192-816d114ff2d1} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F79C222-2971-4DAB-B2EA-7953F61C4D83} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72CCE4BA-F6C7-40D6-B21B-6163DB33FE7A} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77cea597-d345-4642-b5b9-464cbcfd548d} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1c04a45-3e4e-463e-88a2-01050038df08} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d2561bf7-ab09-4602-bb33-a261cd996fda} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5d52dac-f55d-433e-8609-5fa5ffeaaf62} deleted successfully
HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ff593bc5-6b4e-4ea5-a047-e3a64c80a384} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51420F88-4D4A-4042-9509-8D4E1307910E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{51420F88-4D4A-4042-9509-8D4E1307910E} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{51420F88-4D4A-4042-9509-8D4E1307910E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51420F88-4D4A-4042-9509-8D4E1307910E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51420F88-4D4A-4042-9509-8D4E1307910E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ec84a4a-775b-4bc5-a7cc-feb4ee5771f8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519dddb8-234b-4801-96b5-31b39c0cd563} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6c6b1b4c-e777-4104-9192-816d114ff2d1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{77cea597-d345-4642-b5b9-464cbcfd548d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1c04a45-3e4e-463e-88a2-01050038df08} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d2561bf7-ab09-4602-bb33-a261cd996fda} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5d52dac-f55d-433e-8609-5fa5ffeaaf62} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ff593bc5-6b4e-4ea5-a047-e3a64c80a384} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MySafeProxyMonitor deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Registry Helper Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Registry Helper Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\CAROLI~1\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810

---- Lines Cyti Web removed from prefs.js ----
user_pref("extensions.Cyti Web.asul", "1420650463183");
user_pref("extensions.Cyti Web.aul", "1420734363716");
user_pref("extensions.Cyti Web.irl", true);
user_pref("extensions.Cyti Web.is", "ob100ppBE");
user_pref("extensions.Cyti Web.ug", "834E9941-BC4E-434D-9050-CD22DAE9445A");
---- FireFox user.js and prefs.js backups ---- 

user_20161004_2029_.backup
prefs_20161004_2029_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51420F88-4D4A-4042-9509-8D4E1307910E}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51420F88-4D4A-4042-9509-8D4E1307910E}] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"EpicScale"=- 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"Registry Helper"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Contendo Games not found
C:\PROGRA~2\SiteLookup not found
C:\PROGRA~2\VS Revo Group not found
C:\Program Files (x86)\videos MediaPlay-Air not found
C:\Program Files (x86)\Ge-Force not found
C:\Program Files (x86)\Sense not found
C:\Program Files (x86)\globalUpdate not found
C:\Program Files (x86)\PC Speed Up not found
- C:\Program Files (x86)\Uniblue\SpeedUpMyPC not found
C:\Program Files (x86)\System Speedup not found
C:\Program Files (x86)\HQ-Video-Pro-2.1cV02.01 not found
"C:\Program Files (x86)\HQ-Video-Pro-2.1cV02.01" not found
C:\Users\caroline2359\AppData\Roaming\QuickScan deleted
C:\Users\caroline2359\AppData\Roaming\stremio deleted
C:\Program Files (x86)\XTRM Group deleted
C:\Program Files (x86)\Registry Helper deleted
C:\Users\caroline2359\AppData\Local\SoftonicAssistant deleted
C:\Program Files (x86)\Popcorn Time deleted
C:\PROGRA~3\b89aa889d0f267c deleted
C:\Users\Public\Pokki deleted
C:\install.exe deleted
C:\rbtemp deleted
C:\PROGRA~3\Systweak deleted
C:\PROGRA~3\Registry Helper deleted
C:\PROGRA~3\PoroShopper deleted
C:\PROGRA~3\DealsFactor deleted
C:\PROGRA~3\EpicScale deleted
C:\PROGRA~3\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\caroline2359\AppData\Local\node-webkit deleted
C:\Users\caroline2359\AppData\Local\SearchProtect deleted
C:\Users\caroline2359\AppData\Local\Unity deleted
C:\Users\caroline2359\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted
C:\Users\caroline2359\AppData\Local\newplayer deleted
C:\Users\caroline2359\AppData\Local\globalUpdate deleted
C:\Users\caroline2359\AppData\Local\com deleted
C:\Users\caroline2359\AppData\Local\Pokki deleted
C:\Users\caroline2359\AppData\Local\CrashRpt deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\XTRM Group Ltd deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\caroline2359\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\Users\caroline2359\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk deleted
C:\Users\caroline2359\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted
C:\Users\caroline2359\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted
C:\Users\caroline2359\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord deleted
C:\Users\caroline2359\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader deleted
C:\WINDOWS\SysNative\roboot64.exe deleted
C:\windows\SysNative\Tasks\PC SpeedUp Service Deactivator deleted
C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job deleted
C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job deleted
C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job deleted
C:\windows\SysNative\Tasks\SpeedUpMyPC Maintenance deleted
C:\windows\SysNative\Tasks\SpeedUpMyPC Startup deleted
C:\WINDOWS\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-11.job deleted
C:\WINDOWS\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-3.job deleted
C:\WINDOWS\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-6.job deleted
C:\WINDOWS\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-7.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-1.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-11.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-2.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-3.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-4.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-5.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-5_user.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-6.job deleted
C:\WINDOWS\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-7.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-1.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-11.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-2.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-4.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-5.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-5_user.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-6.job deleted
C:\WINDOWS\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-7.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-1.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-11.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-2.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-4.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-5.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-5_user.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-6.job deleted
C:\WINDOWS\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-7.job deleted
C:\windows\SysNative\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-11 deleted
C:\windows\SysNative\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-3 deleted
C:\windows\SysNative\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-6 deleted
C:\windows\SysNative\Tasks\0b066748-857c-40e9-9e05-d179a13cc463-7 deleted
C:\windows\SysNative\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-1 deleted
C:\windows\SysNative\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-11 deleted
C:\windows\SysNative\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-2 deleted
C:\windows\SysNative\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-3 deleted
C:\windows\SysNative\Tasks\61cf27f2-8141-456e-bf69-b948d02e3d12-4 deleted
C:\windows\SysNative\Tasks\73ad527d-27b3-4070-aba8-e67346a6eb9c-11 deleted
C:\windows\SysNative\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-1 deleted
C:\windows\SysNative\Tasks\d0b75089-0f1f-49e6-8b4d-0d94d7c53779-7 deleted
C:\Users\caroline2359\AppData\LocalLow\Unity deleted
C:\WINDOWS\tasks\1f6dc705-6f9f-4ed5-9618-5056e88b8e9d.job deleted
C:\windows\SysNative\tasks\1f6dc705-6f9f-4ed5-9618-5056e88b8e9d deleted
C:\windows\SysNative\tasks\System Speedup deleted
C:\windows\SysNative\tasks\System Speedup_DEFAULT deleted
C:\windows\SysNative\tasks\System Speedup_UPDATES deleted
C:\WINDOWS\tasks\System Speedup_DEFAULT.job deleted
C:\WINDOWS\tasks\System Speedup_UPDATES.job deleted
C:\windows\SysNative\Tasks\LaunchSignup deleted
C:\windows\SysNative\tasks\YTDownloader deleted
C:\windows\SysNative\tasks\YTDownloaderUpd deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore1d026896fe93091.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore1d02689df1c600f.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA1d0268972bf1759.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA1d02689e1b46787.job deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore1d026896fe93091 deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore1d02689df1c600f deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA1d0268972bf1759 deleted
C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA1d02689e1b46787 deleted
C:\windows\SysNative\tasks\ASP deleted
C:\windows\SysNative\tasks\Optimizer Pro Schedule deleted
C:\windows\SysNative\tasks\Right Backup_startup deleted
C:\windows\SysNative\tasks\temp_0b066748-857c-40e9-9e05-d179a13cc463-6 deleted
C:\WINDOWS\tasks\temp_0b066748-857c-40e9-9e05-d179a13cc463-6.job deleted
C:\WINDOWS\Syswow64\OCL1122.tmp deleted
C:\WINDOWS\Syswow64\OCL123.tmp deleted
C:\WINDOWS\Syswow64\OCL1599.tmp deleted
C:\WINDOWS\Syswow64\OCL15EF.tmp deleted
C:\WINDOWS\Syswow64\OCL177F.tmp deleted
C:\WINDOWS\Syswow64\OCL19.tmp deleted
C:\WINDOWS\Syswow64\OCL1AD2.tmp deleted
C:\WINDOWS\Syswow64\OCL1B1.tmp deleted
C:\WINDOWS\Syswow64\OCL1C79.tmp deleted
C:\WINDOWS\Syswow64\OCL1D27.tmp deleted
C:\WINDOWS\Syswow64\OCL1ECE.tmp deleted
C:\WINDOWS\Syswow64\OCL1F4A.tmp deleted
C:\WINDOWS\Syswow64\OCL215E.tmp deleted
C:\WINDOWS\Syswow64\OCL2451.tmp deleted
C:\WINDOWS\Syswow64\OCL2604.tmp deleted
C:\WINDOWS\Syswow64\OCL27CA.tmp deleted
C:\WINDOWS\Syswow64\OCL2EEA.tmp deleted
C:\WINDOWS\Syswow64\OCL3071.tmp deleted
C:\WINDOWS\Syswow64\OCL318.tmp deleted
C:\WINDOWS\Syswow64\OCL365.tmp deleted
C:\WINDOWS\Syswow64\OCL3EAE.tmp deleted
C:\WINDOWS\Syswow64\OCL4045.tmp deleted
C:\WINDOWS\Syswow64\OCL40E0.tmp deleted
C:\WINDOWS\Syswow64\OCL42C6.tmp deleted
C:\WINDOWS\Syswow64\OCL4336.tmp deleted
C:\WINDOWS\Syswow64\OCL45A3.tmp deleted
C:\WINDOWS\Syswow64\OCL45A8.tmp deleted
C:\WINDOWS\Syswow64\OCL473A.tmp deleted
C:\WINDOWS\Syswow64\OCL48A6.tmp deleted
C:\WINDOWS\Syswow64\OCL4B41.tmp deleted
C:\WINDOWS\Syswow64\OCL4CD8.tmp deleted
C:\WINDOWS\Syswow64\OCL4D3F.tmp deleted
C:\WINDOWS\Syswow64\OCL4E9C.tmp deleted
C:\WINDOWS\Syswow64\OCL4F25.tmp deleted
C:\WINDOWS\Syswow64\OCL5091.tmp deleted
C:\WINDOWS\Syswow64\OCL5096.tmp deleted
C:\WINDOWS\Syswow64\OCL52BE.tmp deleted
C:\WINDOWS\Syswow64\OCL5465.tmp deleted
C:\WINDOWS\Syswow64\OCL56E0.tmp deleted
C:\WINDOWS\Syswow64\OCL590C.tmp deleted
C:\WINDOWS\Syswow64\OCL5B01.tmp deleted
C:\WINDOWS\Syswow64\OCL6282.tmp deleted
C:\WINDOWS\Syswow64\OCL635.tmp deleted
C:\WINDOWS\Syswow64\OCL6447.tmp deleted
C:\WINDOWS\Syswow64\OCL6467.tmp deleted
C:\WINDOWS\Syswow64\OCL657F.tmp deleted
C:\WINDOWS\Syswow64\OCL665B.tmp deleted
C:\WINDOWS\Syswow64\OCL6774.tmp deleted
C:\WINDOWS\Syswow64\OCL6C09.tmp deleted
C:\WINDOWS\Syswow64\OCL6DAF.tmp deleted
C:\WINDOWS\Syswow64\OCL762D.tmp deleted
C:\WINDOWS\Syswow64\OCL77C4.tmp deleted
C:\WINDOWS\Syswow64\OCL782D.tmp deleted
C:\WINDOWS\Syswow64\OCL7A9F.tmp deleted
C:\WINDOWS\Syswow64\OCL7FDD.tmp deleted
C:\WINDOWS\Syswow64\OCL8175.tmp deleted
C:\WINDOWS\Syswow64\OCL850D.tmp deleted
C:\WINDOWS\Syswow64\OCL8741.tmp deleted
C:\WINDOWS\Syswow64\OCL8915.tmp deleted
C:\WINDOWS\Syswow64\OCL8AFA.tmp deleted
C:\WINDOWS\Syswow64\OCL8C69.tmp deleted
C:\WINDOWS\Syswow64\OCL8E10.tmp deleted
C:\WINDOWS\Syswow64\OCL93FD.tmp deleted
C:\WINDOWS\Syswow64\OCL9421.tmp deleted
C:\WINDOWS\Syswow64\OCL9634.tmp deleted
C:\WINDOWS\Syswow64\OCL9635.tmp deleted
C:\WINDOWS\Syswow64\OCL97DB.tmp deleted
C:\WINDOWS\Syswow64\OCL9922.tmp deleted
C:\WINDOWS\Syswow64\OCL9980.tmp deleted
C:\WINDOWS\Syswow64\OCL9AC9.tmp deleted
C:\WINDOWS\Syswow64\OCL9B17.tmp deleted
C:\WINDOWS\Syswow64\OCL9CF6.tmp deleted
C:\WINDOWS\Syswow64\OCL9EAC.tmp deleted
C:\WINDOWS\Syswow64\OCLA0C3.tmp deleted
C:\WINDOWS\Syswow64\OCLA150.tmp deleted
C:\WINDOWS\Syswow64\OCLA3C2.tmp deleted
C:\WINDOWS\Syswow64\OCLA72C.tmp deleted
C:\WINDOWS\Syswow64\OCLA8C3.tmp deleted
C:\WINDOWS\Syswow64\OCLAF3A.tmp deleted
C:\WINDOWS\Syswow64\OCLB0D2.tmp deleted
C:\WINDOWS\Syswow64\OCLB152.tmp deleted
C:\WINDOWS\Syswow64\OCLB281.tmp deleted
C:\WINDOWS\Syswow64\OCLB2F9.tmp deleted
C:\WINDOWS\Syswow64\OCLB406.tmp deleted
C:\WINDOWS\Syswow64\OCLB467.tmp deleted
C:\WINDOWS\Syswow64\OCLB6C6.tmp deleted
C:\WINDOWS\Syswow64\OCLC3FB.tmp deleted
C:\WINDOWS\Syswow64\OCLC451.tmp deleted
C:\WINDOWS\Syswow64\OCLC5A2.tmp deleted
C:\WINDOWS\Syswow64\OCLC5E9.tmp deleted
C:\WINDOWS\Syswow64\OCLD2FF.tmp deleted
C:\WINDOWS\Syswow64\OCLD4A6.tmp deleted
C:\WINDOWS\Syswow64\OCLDB30.tmp deleted
C:\WINDOWS\Syswow64\OCLDBB0.tmp deleted
C:\WINDOWS\Syswow64\OCLDD06.tmp deleted
C:\WINDOWS\Syswow64\OCLDE97.tmp deleted
C:\WINDOWS\Syswow64\OCLDEDE.tmp deleted
C:\WINDOWS\Syswow64\OCLE01F.tmp deleted
C:\WINDOWS\Syswow64\OCLE112.tmp deleted
C:\WINDOWS\Syswow64\OCLE6C5.tmp deleted
C:\WINDOWS\Syswow64\OCLE89B.tmp deleted
C:\WINDOWS\Syswow64\OCLEDF.tmp deleted
C:\WINDOWS\Syswow64\OCLF188.tmp deleted
C:\WINDOWS\Syswow64\OCLF19B.tmp deleted
C:\WINDOWS\Syswow64\OCLF20A.tmp deleted
C:\WINDOWS\Syswow64\OCLF278.tmp deleted
C:\WINDOWS\Syswow64\OCLF393.tmp deleted
C:\WINDOWS\Syswow64\OCLF3DE.tmp deleted
C:\WINDOWS\Syswow64\OCLF41F.tmp deleted
C:\WINDOWS\Syswow64\OCLF722.tmp deleted
C:\WINDOWS\Syswow64\OCLF74A.tmp deleted
C:\WINDOWS\Syswow64\OCLFE01.tmp deleted
C:\WINDOWS\Syswow64\SET1118.tmp deleted
C:\WINDOWS\Syswow64\SET1B69.tmp deleted
C:\WINDOWS\Syswow64\SET2F36.tmp deleted
C:\WINDOWS\Syswow64\SET404F.tmp deleted
C:\WINDOWS\Syswow64\SET467B.tmp deleted
C:\WINDOWS\Syswow64\SET46BC.tmp deleted
C:\WINDOWS\Syswow64\SET46CD.tmp deleted
C:\WINDOWS\Syswow64\SET472D.tmp deleted
C:\WINDOWS\Syswow64\SET473D.tmp deleted
C:\WINDOWS\Syswow64\SET478D.tmp deleted
C:\WINDOWS\Syswow64\SETDA4.tmp deleted
C:\WINDOWS\Syswow64\SETE5A0.tmp deleted
C:\WINDOWS\Syswow64\SETE786.tmp deleted
C:\WINDOWS\Syswow64\SETE98.tmp deleted
C:\WINDOWS\Syswow64\SETEA88.tmp deleted
C:\WINDOWS\Syswow64\SETF442.tmp deleted
C:\WINDOWS\Syswow64\SETF740.tmp deleted
C:\WINDOWS\Syswow64\SETFF77.tmp deleted
C:\WINDOWS\Syswow64\RegistryHelperLM.ocx deleted
C:\WINDOWS\SysWow64\AI_RecycleBin deleted
C:\Users\CAROLI~1\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com deleted
C:\Users\CAROLI~1\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\extensions\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com deleted
"C:\WINDOWS\Installer\3ac3ea.msi" deleted
"C:\Windows\Installer\98cfbf8.msi" deleted
"C:\Program Files (x86)\TorrentsTime Media Player\bin\libiconv.dll" deleted
"C:\Program Files (x86)\TorrentsTime Media Player\bin\torrent.dll" deleted
"C:\Program Files (x86)\TorrentsTime Media Player\bin\TTService.exe" deleted
"C:\Program Files (x86)\TorrentsTime Media Player" not deleted
"C:\Program Files (x86)\TorrentsTime Media Player\bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\CAROLI~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-04-07 10:56:32	E5E98894277C85C600CE391B71F0C084	125720	----a-w-	C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-04-07 10:56:32	710EE686DFE995825D39B6466A6AA356	42264	----a-w-	C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-04-04 04:16:26	F2984A666D78A9471C455598709C01FA	102616	----a-w-	C:\WINDOWS\SysWOW64\amdave32.dll
2016-04-04 04:16:18	99A0D72715174977842D5D819942355A	128384	----a-w-	C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-04-04 04:16:14	5B1EF758B258638AFDF8E6FE120F7637	71704	----a-w-	C:\WINDOWS\SysWOW64\atimpc32.dll
2016-04-04 04:16:06	12460CFE6574FE81BF36C8B35009C257	71704	----a-w-	C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-04-04 04:16:02	2D19CBC9B3DD788C210DAA5A79D84F21	133528	----a-w-	C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-04-04 04:15:56	3CFC35124E867FAE754CA7936B6D99B7	102616	----a-w-	C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-04-04 04:15:50	8D9A1699E67D580495A39E7741BD4230	1245416	----a-w-	C:\WINDOWS\SysWOW64\aticfx32.dll
2016-04-04 04:15:40	945C501C42B15F372990F7908DB34182	9583808	----a-w-	C:\WINDOWS\SysWOW64\atidxx32.dll
2016-04-04 04:15:32	05A73ED9CA8E58F2EE31D4D1C9DFF36F	8585696	----a-w-	C:\WINDOWS\SysWOW64\atiumdva.dll
2016-04-04 04:15:24	1094ECD602B668A4B7776EE0D8A6AD24	7392480	----a-w-	C:\WINDOWS\SysWOW64\atiumdag.dll
2016-04-04 03:30:40	098D7872741321BA5F488E37EA39808F	580096	----a-w-	C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-04-04 03:28:42	D6C1A1A220587BD19B6238C969329E6F	113664	----a-w-	C:\WINDOWS\SysWOW64\mantle32.dll
2016-04-04 03:23:56	C6F72432A20F5992C6563003F2552597	40126976	----a-w-	C:\WINDOWS\SysWOW64\amdocl.dll
2016-04-04 03:21:16	D6D728D315BDCBF3D1C7542170FE6FDE	59392	----a-w-	C:\WINDOWS\SysWOW64\OpenCL.dll
2016-04-04 03:15:32	BE13C5E25B4852E684BEEA688A031A26	21730304	----a-w-	C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-04-04 03:02:48	6CD7C7E8A175FC13EF1990E7D73F436B	5398016	----a-w-	C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-04-04 03:00:34	64A7B135626EEF8F38AAED0F911460BE	5420032	----a-w-	C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-04-04 02:48:24	7FD215913E63025A47D0929BFFEB32E0	123392	----a-w-	C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-04-04 02:41:54	867CC6CA123686749FCA72D4E8C27492	698016	----a-w-	C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-04-04 02:41:14	D37BC8F6EDFCBBBE33F65B06F2E8BCB7	89600	----a-w-	C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-04-04 02:25:00	2BC0DBC87E5406177F638A2463457EF1	25069056	----a-w-	C:\WINDOWS\SysWOW64\atioglxx.dll
2016-04-04 02:22:44	8282866AB3CFDB85545ABA048D105858	6667776	----a-w-	C:\WINDOWS\SysWOW64\amdxc32.dll
2016-04-04 02:14:08	6DB3FC6A04E877AAA939E76D237942C2	52224	----a-w-	C:\WINDOWS\SysWOW64\aticalrt.dll
2016-04-04 02:13:58	544E52678EF5DA981A57518C9B191DB9	49152	----a-w-	C:\WINDOWS\SysWOW64\aticalcl.dll
2016-04-04 02:10:42	6D789BB88228DCF490EB2F36608965DF	14302208	----a-w-	C:\WINDOWS\SysWOW64\aticaldd.dll
2016-04-04 01:57:24	C0EDD2638F9AE2D1E39CB802CB0AB6AE	186368	----a-w-	C:\WINDOWS\SysWOW64\GameManager32.dll
2016-04-04 01:57:18	60ACFEEA9C53B8B7EA6C03487A418758	145408	----a-w-	C:\WINDOWS\SysWOW64\atieah32.exe
2016-04-04 01:57:10	29CB8B0C77E63F49F1B18D29696C98F7	189952	----a-w-	C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-04-04 01:55:28	96DA5284B7FD98FC72F03FB2BDFD083A	39424	----a-w-	C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-04-04 01:49:20	7C163EDE63854539828F5B2C1BC529FD	157144	----a-w-	C:\WINDOWS\SysWOW64\ativvsva.dat
2016-04-04 01:49:20	219D7091DD1D93728392337FE9C7ADD6	204952	----a-w-	C:\WINDOWS\SysWOW64\ativvsvl.dat
2016-04-04 01:42:32	8840DDE6D03CDA997FAB09B396157833	3471376	----a-w-	C:\WINDOWS\SysWOW64\atiumdva.cap
2016-04-04 01:34:38	84D5566EB04E7FFC315D60A2D297B202	80896	----a-w-	C:\WINDOWS\SysWOW64\atisamu32.dll
2016-04-04 01:32:50	2A5EBB632825557F0EDB8AE81CE38747	944640	----a-w-	C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-04-04 01:32:50	2A5EBB632825557F0EDB8AE81CE38747	944640	----a-w-	C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-04-04 01:32:32	F20DA88CF5940E3FE1BFBDCBCDD5F2FD	70144	----a-w-	C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-04-04 01:32:10	9FA98B0639007A3BFA1ACDFAE667FF63	142336	----a-w-	C:\WINDOWS\SysWOW64\atigktxx.dll
2016-04-04 01:28:42	A93C11CAD3002D341E46D8C6308E83EC	174592	----a-w-	C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-03-31 11:54:20	48435D12B45AB1F954CB579D1EA15D52	329360	----a-w-	C:\WINDOWS\SysWOW64\SRCOM.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-04-07 10:56:32	B14FF3A750CDBA33378C4A549B585DFD	45848	----a-w-	C:\WINDOWS\Sysnative\vulkaninfo.exe
2016-04-07 10:56:32	52808CC03CE3AB53187EFAE813CA0FEE	126232	----a-w-	C:\WINDOWS\Sysnative\vulkan-1.dll
2016-04-04 04:16:28	5606638C05E0B7C78E80D68C97E89F06	110880	----a-w-	C:\WINDOWS\Sysnative\amdave64.dll
2016-04-04 04:16:24	C93DFDE361AE4CA5C6DCCBD8EBE18FDD	458472	----a-w-	C:\WINDOWS\Sysnative\amdmiracast.dll
2016-04-04 04:16:20	5EFE68B8DBC1995E4D14D2F9BBACD00D	141792	----a-w-	C:\WINDOWS\Sysnative\amdhcp64.dll
2016-04-04 04:16:16	12A28AD59A549344438A8E17783A4DFC	78432	----a-w-	C:\WINDOWS\Sysnative\atimpc64.dll
2016-04-04 04:16:06	25224A03A498AD38CFDA21493064BBC2	78432	----a-w-	C:\WINDOWS\Sysnative\amdpcom64.dll
2016-04-04 04:16:02	F193016F7B61057DD82AFF00530FEAEF	152568	----a-w-	C:\WINDOWS\Sysnative\atiuxp64.dll
2016-04-04 04:15:58	5C81BBB7850ACCAA83F104C07E2EFD6B	120656	----a-w-	C:\WINDOWS\Sysnative\atiu9p64.dll
2016-04-04 04:15:54	305046C7C2563B5A24DB2DDB3DF4A3A5	1517360	----a-w-	C:\WINDOWS\Sysnative\aticfx64.dll
2016-04-04 04:15:44	C3EB3DFF61B7082679D757C5C1405367	11625784	----a-w-	C:\WINDOWS\Sysnative\atidxx64.dll
2016-04-04 04:15:16	6EDD0BC39C18A4B027BDDE066D5F664F	9526616	----a-w-	C:\WINDOWS\Sysnative\atiumd6a.dll
2016-04-04 04:15:12	6D723205D949D2264B0DFC9735F56C9A	8843208	----a-w-	C:\WINDOWS\Sysnative\atiumd64.dll
2016-04-04 03:32:22	3BF4622BC2E7F0B919EC2F2114BADE6F	701440	----a-w-	C:\WINDOWS\Sysnative\amdlvr64.dll
2016-04-04 03:29:04	96BC31DA8064A9665409B96349998A6F	127488	----a-w-	C:\WINDOWS\Sysnative\mantle64.dll
2016-04-04 03:28:14	255EA737C619EE9AC14EFFDD2D3C14F1	6884864	----a-w-	C:\WINDOWS\Sysnative\amdmantle64.dll
2016-04-04 03:27:14	A784E92778666733BBFACB2616B74D38	235008	----a-w-	C:\WINDOWS\Sysnative\clinfo.exe
2016-04-04 03:26:58	AC8668E81D6CCFBCA07760F89A8D624C	48211968	----a-w-	C:\WINDOWS\Sysnative\amdocl64.dll
2016-04-04 03:21:18	327346AC4565A415218D905B30EE64A7	65024	----a-w-	C:\WINDOWS\Sysnative\OpenCL.dll
2016-04-04 03:21:02	15C7ED20C7B3E33087052A05324DC3F3	103424	----a-w-	C:\WINDOWS\Sysnative\DelayAPO.dll
2016-04-04 03:15:54	2BB07D8BA004F3B2C757ABC18800E99D	26887168	----a-w-	C:\WINDOWS\Sysnative\amdocl12cl64.dll
2016-04-04 03:11:16	CB5A3788942473BFCC7675F67512181F	6956032	----a-w-	C:\WINDOWS\Sysnative\amdvlk64.dll
2016-04-04 02:48:26	DCD007AEC8254249AF6605E63B7B317A	134656	----a-w-	C:\WINDOWS\Sysnative\amdhdl64.dll
2016-04-04 02:47:06	B76CE1F9FB7DBF8934DD2A6B6505DAE2	30377984	----a-w-	C:\WINDOWS\Sysnative\atio6axx.dll
2016-04-04 02:41:54	867CC6CA123686749FCA72D4E8C27492	698016	----a-w-	C:\WINDOWS\Sysnative\atiapfxx.blb
2016-04-04 02:41:24	FC9E3E50154BE766439D4264F4DDE7F0	97280	----a-w-	C:\WINDOWS\Sysnative\mantleaxl64.dll
2016-04-04 02:37:06	D1997D0A80F817BF095CBC1685FB8A86	8473088	----a-w-	C:\WINDOWS\Sysnative\amdxc64.dll
2016-04-04 02:25:10	A9E17376D58C5550E4454267B48097BD	865280	----a-w-	C:\WINDOWS\Sysnative\SETEEDF.tmp
2016-04-04 02:25:10	A9E17376D58C5550E4454267B48097BD	865280	----a-w-	C:\WINDOWS\Sysnative\SET13F6.tmp
2016-04-04 02:25:10	A9E17376D58C5550E4454267B48097BD	865280	----a-w-	C:\WINDOWS\Sysnative\coinst_16.15.dll
2016-04-04 02:14:16	4B6300508AF6FE51186A756C71F08DBE	367104	----a-w-	C:\WINDOWS\Sysnative\atiapfxx.exe
2016-04-04 02:14:10	0D620480254BA0C702D9E54DA0FF6F42	62464	----a-w-	C:\WINDOWS\Sysnative\aticalrt64.dll
2016-04-04 02:14:00	B03C502339AFB20201EF139DE9CD23A5	55808	----a-w-	C:\WINDOWS\Sysnative\aticalcl64.dll
2016-04-04 02:13:44	D6188174FAB90F452752706D0CE73034	15711744	----a-w-	C:\WINDOWS\Sysnative\aticaldd64.dll
2016-04-04 01:57:42	C1D39C567C362A35ED745432ECE8C2E9	442368	----a-w-	C:\WINDOWS\Sysnative\atidemgy.dll
2016-04-04 01:57:36	4198EBCB5196C87A5D27242C0F6D24E3	224256	----a-w-	C:\WINDOWS\Sysnative\dgtrayicon.exe
2016-04-04 01:57:28	6D215003954F62BF7E84533D40AF2078	209920	----a-w-	C:\WINDOWS\Sysnative\GameManager64.dll
2016-04-04 01:57:20	89EF9DB9EA8D6BD8A105D225DEB01FA7	162304	----a-w-	C:\WINDOWS\Sysnative\atieah64.exe
2016-04-04 01:57:14	258E859E978EF9FEB77B2AE81C6BD900	204800	----a-w-	C:\WINDOWS\Sysnative\amdgfxinfo64.dll
2016-04-04 01:57:06	9EEF0EF6C2E96C544119948F580ACE96	78336	----a-w-	C:\WINDOWS\Sysnative\atimuixx.dll
2016-04-04 01:57:02	6D08ADF6CC8E078D6DA1DB28B613AF4C	564736	----a-w-	C:\WINDOWS\Sysnative\atieclxx.exe
2016-04-04 01:56:14	5F4D8699A9CA2F48E7BE0245BF906EA3	251392	----a-w-	C:\WINDOWS\Sysnative\atiesrxx.exe
2016-04-04 01:55:30	B477BFE3337DE43D843404B1C53218DA	50688	----a-w-	C:\WINDOWS\Sysnative\amdmmcl6.dll
2016-04-04 01:55:06	B882C2C7D8CB1F43752B3185B803F2B5	190976	----a-w-	C:\WINDOWS\Sysnative\atitmm64.dll
2016-04-04 01:52:18	8CF0B4F837F6DBEC0AEAD7EF0B6AD1AD	3437632	----a-w-	C:\WINDOWS\Sysnative\atiumd6a.cap
2016-04-04 01:49:20	7C163EDE63854539828F5B2C1BC529FD	157144	----a-w-	C:\WINDOWS\Sysnative\ativvsva.dat
2016-04-04 01:49:20	219D7091DD1D93728392337FE9C7ADD6	204952	----a-w-	C:\WINDOWS\Sysnative\ativvsvl.dat
2016-04-04 01:34:42	0E7D7A87309146FFB2018BA4EDE4C519	89088	----a-w-	C:\WINDOWS\Sysnative\atisamu64.dll
2016-04-04 01:33:02	AA5FD29D2179C9C49F869E5566D52918	1276416	----a-w-	C:\WINDOWS\Sysnative\atiadlxx.dll
2016-04-04 01:32:34	2DE8E3327008F8D3A558DCEE4B654B78	75776	----a-w-	C:\WINDOWS\Sysnative\atig6pxx.dll
2016-04-04 01:32:32	F20DA88CF5940E3FE1BFBDCBCDD5F2FD	70144	----a-w-	C:\WINDOWS\Sysnative\atiglpxx.dll
2016-04-04 01:32:28	C1ACCA9B4E7D78245BB391B75B84B122	157696	----a-w-	C:\WINDOWS\Sysnative\atig6txx.dll
2016-04-04 01:28:48	9C73039E928B202609E2F44C64CD1C58	195072	----a-w-	C:\WINDOWS\Sysnative\hsa-thunk64.dll
2016-03-31 11:54:20	D47D28D2AD44318805CF5EF15665D570	1413776	----a-w-	C:\WINDOWS\Sysnative\SRRPTR64.dll
2016-03-31 11:54:20	48435D12B45AB1F954CB579D1EA15D52	329360	----a-w-	C:\WINDOWS\Sysnative\SRCOM.dll
2016-03-31 11:54:20	2FCADCC14F8E540F6ADE4BF92BD8AEDD	155888	----a-w-	C:\WINDOWS\Sysnative\SRSWOW64.dll
2016-03-31 11:54:20	18F4327F7A659F4B1017C0E4C03EB50B	369296	----a-w-	C:\WINDOWS\Sysnative\SRCOM64.dll
2016-03-31 11:54:20	018D3D2478754AA411DE6DA6DE5F8F21	518896	----a-w-	C:\WINDOWS\Sysnative\SRSTSX64.dll
2016-03-31 11:54:19	EC05C33DF2CF20D839FE3650505ED6ED	734376	----a-w-	C:\WINDOWS\Sysnative\sltech64.dll
2016-03-31 11:54:19	A5F6491F71A0DAF25140CA915600AB37	454288	----a-w-	C:\WINDOWS\Sysnative\SRAPO64.dll
2016-03-31 11:54:19	2E4C258CB2FF3D249FD0ABBCABC664A1	250536	----a-w-	C:\WINDOWS\Sysnative\slprp64.dll
2016-03-31 11:54:18	6F8B108E8B57AC88F90D6EA13B2A1755	1104040	----a-w-	C:\WINDOWS\Sysnative\slcnt64.dll
2016-03-31 11:54:17	DBB99601D716F92CDD97CE4E60865319	943784	----a-w-	C:\WINDOWS\Sysnative\sl3apo64.dll
2016-03-31 11:54:16	8331FC724559DB1002249CE4792EB991	2702552	----a-w-	C:\WINDOWS\Sysnative\RTSnMg64.cpl
2016-03-31 11:54:15	B723902784FD6BBE1A7FB5E387D68530	2918104	----a-w-	C:\WINDOWS\Sysnative\RtPgEx64.dll
2016-03-31 11:54:14	CA1D7D09854D305A64B100DC1400BA21	331880	----a-w-	C:\WINDOWS\Sysnative\RtlCPAPI64.dll
2016-03-31 11:54:12	ECAEC5FBBBEF8612AF0A866AFA5F7EF2	101208	----a-w-	C:\WINDOWS\Sysnative\RTEEL64A.dll
2016-03-31 11:54:12	D0D0D82B7366E691275E433CD34F89B2	375128	----a-w-	C:\WINDOWS\Sysnative\RTEEP64A.dll
2016-03-31 11:54:12	A6286A6C7A1BBFCBA17AA54384A21D1C	204120	----a-w-	C:\WINDOWS\Sysnative\RTEED64A.dll
2016-03-31 11:54:12	6F4CD493196100EEF349D7132CECAFD9	78680	----a-w-	C:\WINDOWS\Sysnative\RTEEG64A.dll
2016-03-31 11:54:12	4A1CA878196886743FE0E84F02C2C1DA	631000	----a-w-	C:\WINDOWS\Sysnative\RtDataProc64.dll
2016-03-31 11:54:11	FED4483218FD4314CF8CD8621D71A3DA	1310936	----a-w-	C:\WINDOWS\Sysnative\RTCOM64.dll
2016-03-31 11:54:11	E9D4A333DF15D06C68AC4BFB9B6581CB	310104	----a-w-	C:\WINDOWS\Sysnative\RP3DAA64.dll
2016-03-31 11:54:11	B6FE01558CC03F3866C9AD0ED19261D8	310104	----a-w-	C:\WINDOWS\Sysnative\RP3DHT64.dll
2016-03-31 11:54:10	CD3F906FFA6CC16B27DADB0B913C83A7	72113152	----a-w-	C:\WINDOWS\Sysnative\RCoRes64.dat
2016-03-31 11:54:09	6041C575F5DB2E76667233F41232789F	1748696	----a-w-	C:\WINDOWS\Sysnative\RCoInstII64.dll
2016-03-31 11:53:56	66E6010C31A70C8C5C2853AF597D853E	1576976	----a-w-	C:\WINDOWS\Sysnative\CX64APO.dll
2016-03-31 11:53:55	6E14F444A2506049EEC25CB5EDFE0905	113576	----a-w-	C:\WINDOWS\Sysnative\CONEQMSAPOGUILibrary.dll
2016-03-31 11:53:54	B9B73E9AF77BC79C46E499A1D3B09D67	560328	----a-w-	C:\WINDOWS\Sysnative\AERTAC64.dll
2016-03-31 11:53:54	B3E9EA31E37EDCC1D54CE20504549ABE	108640	----a-w-	C:\WINDOWS\Sysnative\AERTAR64.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-04-04 04:12:54	0228613C591D379C8C10BBBB58D2629E	296648	----a-w-	C:\WINDOWS\Sysnative\drivers\amdacpksd.sys
2016-04-04 04:10:50	2CA1CF462C16B0F72765911BFFC5A3B9	23240	----a-w-	C:\WINDOWS\Sysnative\drivers\amdkmafd.sys
2016-04-04 01:29:30	52E906F3A17257F6E964C29D17BC5196	43520	----a-w-	C:\WINDOWS\Sysnative\drivers\ati2erec.dll
2016-03-31 11:54:11	C6660E7990116A7D7AB03FA646312EA4	2897741	----a-w-	C:\WINDOWS\Sysnative\drivers\RTAIODAT.DAT
====== C:\WINDOWS\Tasks ======
2016-04-08 15:10:59	FE6F276BDD5DBE72DB3E9B6961418E62	4082	----a-w-	C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier
2016-04-08 15:10:59	C0BD739A1ACD06BDA5224B28C1F1C0C5	1002	----a-w-	C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-03-15 05:27:40	C07D6ABD42354D7C472D9362334B4D51	3504	----a-w-	C:\WINDOWS\Sysnative\Tasks\Apple Diagnostics
2016-03-14 15:42:01	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Apple
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-04-10 15:22:56	--------	d-----w-	C:\Program Files\trend micro
2016-04-09 14:51:11	--------	d-----w-	C:\Program Files\Speccy
======= C:\PROGRA~2 =====
2016-04-08 10:55:59	--------	d-----w-	C:\PROGRA~2\TorrentsTime Media Player
2016-04-07 10:54:29	--------	d-----w-	C:\PROGRA~2\VulkanRT
2016-04-07 10:54:14	--------	d---a-w-	C:\PROGRA~2\AMD
2016-03-14 15:41:59	--------	d---a-w-	C:\PROGRA~2\Apple Software Update
======= C: =====
====== C:\Users\caroline2359\AppData\Roaming ======
2016-03-15 05:28:56	--------	d-----w-	C:\Users\caroline2359\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-03-15 05:28:49	--------	d-----w-	C:\Users\caroline2359\AppData\Local\Apple Inc
2016-03-15 05:28:09	--------	d-----w-	C:\Users\caroline2359\AppData\Local\DE15EC37-F9EF-4ED0-9121-87D0D97A3940.aplzod
====== C:\Users\caroline2359 ======
2016-04-10 15:29:47	FE65F17EACB8C525B9224AC653E66640	734784	----a-w-	C:\Users\caroline2359\Downloads\JavaSetup8u77.exe
2016-04-10 15:21:12	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\caroline2359\Downloads\RSITx64.exe
2016-04-09 14:51:16	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-04-09 14:49:14	FF70EB133BE86B9F9EB18E274DAA6B6C	5111240	----a-w-	C:\Users\caroline2359\Downloads\spsetup129.exe
2016-04-08 10:56:02	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TorrentsTime Media Player
2016-04-08 10:34:42	3374DD4ED281D04487897529CD7B1BAC	27761	----a-w-	C:\ProgramData\1460111675.bdinstall.bin
2016-04-08 10:20:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-04-07 10:54:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-04-07 10:41:42	519CD21CAA71F61B56DF361669AE39F6	334415392	----a-w-	C:\Users\caroline2359\Downloads\non-whql-64bit-radeon-software-crimson-16.4.1-win10-win8.1-win7-apr4.exe
2016-04-05 15:28:13	B870EFAE2683DB79E6486953473BE619	25985	----a-w-	C:\ProgramData\1459870053.bdinstall.bin
2016-03-31 11:55:36	--------	d-----w-	C:\ProgramData\SRS Labs
2016-03-28 07:26:49	7A3A9E9562135DE10A1CC6AA69A069BB	25914	----a-w-	C:\ProgramData\1459149972.bdinstall.bin
2016-03-15 05:28:50	--------	d-----r-	C:\Users\caroline2359\iCloudDrive
2016-03-14 15:45:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

====== C: exe-files ==
2016-04-10 15:22:57	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\caroline2359.exe
2016-04-05 15:45:19	1ABF08D2619C752BC461BBC4496D7E3E	7185000	----a-w-	C:\AMD\Packages\Apps\Radeon-Crimson-16.3.2-ccc-slim.exe
2016-04-05 15:45:18	62EB0CE29B6D73DAB2615C3ACA733BAE	376264	----a-w-	C:\AMD\Packages\Apps\Radeon-Crimson-16.3.2-a4-64bit.exe
2016-04-05 15:45:17	FD255CFBDD353FF9C13EF349DF539BFC	121912	----a-w-	C:\AMD\Packages\Drivers\Radeon-Crimson-16.3.2-smbusamd-win10-64bit.exe
2016-04-05 15:45:16	FEBBF76844C927D1A5657D6350CDD6A8	139384	----a-w-	C:\AMD\Packages\Drivers\Radeon-Crimson-16.3.2-amdas4-win10-64bit.exe
2016-04-05 15:45:07	59A4B83DC469321DD129AD350E968E77	3091088	----a-w-	C:\AMD\Packages\Drivers\Radeon-Crimson-16.3.2-amdpsp-win10-64bit.exe
2016-04-05 15:45:06	E220030554B05DB82E59255F6F457BE2	240560	----a-w-	C:\AMD\Packages\Drivers\Radeon-Crimson-16.3.2-atihdwt6-win10-64bit.exe
2016-04-05 15:37:30	EF204A8BAF2E8452B1A9D863263E0B5F	193154088	----a-w-	C:\AMD\Packages\Drivers\Radeon-Crimson-16.3.2-c0301028-win10-64bit.exe
2016-04-05 15:37:29	9A321B782DBB3141BC0B4E6BD6FD0572	124168	----a-w-	C:\AMD\Packages\Drivers\Radeon-Crimson-16.3.2-amdkmafd-win10-64bit.exe
2016-04-05 15:36:43	5CB20698371DB40CC378583476660BA3	12949504	----a-w-	C:\AMD\Packages\Apps\Radeon-Crimson-16.3.2-MinimalSetup.exe
2016-04-04 04:12:10	AC0C065C71E95F5252A52C24E10A6201	368840	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Bin64\Setup.exe
2016-04-04 04:12:10	3AB37308A8EBCA2D95D8EAEEF6A09531	10334408	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Bin64\InstallManagerApp.exe
2016-04-04 04:12:08	5E1DFF7A87639F6BBCB402B3A00A511F	541896	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Bin64\ATISetup.exe
2016-04-04 04:12:04	35BFB4D1863DDECB4CBDF003C381064F	320712	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Setup.exe
2016-04-04 03:27:14	A784E92778666733BBFACB2616B74D38	235008	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Packages\Drivers\Display\WT6A_INF\B301130\clinfo.exe
2016-04-03 22:12:42	843D278E48E21371FD9832B31E21D786	368840	----a-w-	C:\Program Files\AMD\CIM\Bin64\Setup.exe
2016-04-03 22:12:40	F9B0CBE83FE0648A38352EC07B41EEF9	10334408	----a-w-	C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe
2016-04-03 22:12:40	DF320D2F10F182EE2AC25A79F42A1312	541896	----a-w-	C:\Program Files\AMD\CIM\Bin64\ATISetup.exe
2016-04-03 22:12:20	E596BE654B6AAC55AB1FE492C1DB58DA	494792	----a-w-	C:\Program Files\AMD\CIM\Bin64\SetACL64.exe
2016-04-03 22:11:52	D02059505D50695A1300226C81B9FCA6	22216	----a-w-	C:\Program Files\AMD\CNext\CNext\MMLoadDrvPXDiscrete.exe
2016-04-03 22:11:52	3043C48E967DBF7155FD755F47950129	5006536	----a-w-	C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
2016-04-03 22:11:50	CCA3F8A1E974E79B982A693EF3C64FFA	22216	----a-w-	C:\Program Files\AMD\CNext\CNext\MMLoadDrv.exe
2016-04-03 22:11:50	96F2ECCA2928FC5A8AF8117E436A0E7B	41160	----a-w-	C:\Program Files\AMD\CNext\CNext\cncmd.exe
2016-04-03 22:01:22	5D7CC19ED784C5EE59AF81D2EDE8DDDE	138752	----a-w-	C:\Program Files\AMD\ATI.ACE\a4\AdaptiveSleepService.exe
=== C: other files ==
2016-04-05 16:52:00	2E43EC3586B90361CE7C0B612835E3E6	10224560	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\library.zip
2016-04-04 04:10:50	2CA1CF462C16B0F72765911BFFC5A3B9	23240	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Packages\Drivers\amdkmafd\WT64A\amdkmafd.sys
2016-04-04 04:10:50	2CA1CF462C16B0F72765911BFFC5A3B9	23240	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Packages\Drivers\amdkmafd\WB64A\amdkmafd.sys
2016-04-04 04:10:34	85B465640BFC3E452DB9E9BB18733CAC	33992	----a-w-	C:\AMD\Non-WHQL-64Bit-Radeon-Software-Crimson-16.4.1-Win10-Win8.1-Win7-Apr4\Bin64\atdcm64a.sys
2016-04-03 22:10:36	726D66DC7E836C6A35ED94AB3ECDF9B2	33992	----a-w-	C:\Program Files\AMD\CIM\Bin64\atdcm64a.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\caroline2359\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"SoftonicAssistant"="C:\Users\caroline2359\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
"OneDrive"="C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h"
"join.me.launcher"="C:\Users\caroline2359\AppData\Local\join.me.launcher\join.me.launcher.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"iCloudPhotos"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"

[HKEY_USERS\S-1-5-21-3071996074-4079803035-1081126145-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
"Uninstall C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
"Uninstall C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"HPMessageService"="C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"Raptr"="C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="C:\Users\caroline2359\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"SoftonicAssistant"="C:\Users\caroline2359\AppData\Local\SoftonicAssistant\SoftonicAssistant.exe"
"OneDrive"="C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h"
"join.me.launcher"="C:\Users\caroline2359\AppData\Local\join.me.launcher\join.me.launcher.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"iCloudPhotos"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
"Uninstall C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
"Uninstall C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\caroline2359\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe /hideui"
"OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"OPBHOBrokerDesktop"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"StartCN"="C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [08/04/2016 17:10]
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/04/2016 17:10]
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3071996074-4079803035-1081126145-1002Core.job --a-------- C:\Users\caroline2359\AppData\Local\Facebook\Update\FacebookUpdate.exe [21/10/2014 18:04]
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3071996074-4079803035-1081126145-1002UA.job --a-------- C:\Users\caroline2359\AppData\Local\Facebook\Update\FacebookUpdate.exe [21/10/2014 18:04]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 15:29]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cfd015f4f6669.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 15:29]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d02b708f94b659.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 15:29]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 15:29]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cfd01512073617.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 15:29]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d02b7090cef2b5.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 15:29]
C:\WINDOWS\tasks\HPCeeScheduleForcaroline2359.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16/06/2015 10:51]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\AMD Updater" ["C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe"]
"C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\WINDOWS\SysNative\tasks\Bitdefender Autoscan" [C:\Program Files\Bitdefender\Bitdefender\mtasklaunch.exe]
"C:\WINDOWS\SysNative\tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8" [C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe]
"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3071996074-4079803035-1081126145-1002Core" [C:\Users\caroline2359\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\WINDOWS\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3071996074-4079803035-1081126145-1002UA" [C:\Users\caroline2359\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1cfd015f4f6669" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d02b708f94b659" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1cfd01512073617" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1d02b7090cef2b5" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForcaroline2359" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{200C28F2-8E7A-48E3-A0AA-0F499DC69953}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe]
"C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\CAROLI~1\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810
- Shopper-Pro - C:\Users\caroline2359\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
- Undetermined - C:\Users\caroline2359\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\extensions\e2b0dff561784e3db84ed9e@2815a71a2f5d474691ed6bbee47c02.com
- Undetermined - C:\Users\caroline2359\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\extensions\0b21f775-d32a-4eac-84c6-c00ac1ae2ec5@gmail.com
- jid0ad08RZ08iNQBNTcg20ZWy84a73Ijetpack - C:\Users\caroline2359\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\extensions\jid0-ad08RZ08iNQBNTcg20ZWy84a73I@jetpack
- jid0ad08RZ08iNQBNTcg20ZWy84a73Ijetpack - %ProfilePath%\extensions\jid0-ad08RZ08iNQBNTcg20ZWy84a73I@jetpack
- Undetermined - %ProfilePath%\extensions\jid1-qj0w91o64N7Eeg@jetpack
- Shopper-Pro - %ProfilePath%\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
- Cyti Web 1.0.1 - %ProfilePath%\extensions\{7b7db604-54eb-492b-a629-19e0f0c6ac57}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\caroline2359\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810
88C9284589B5AEEF93AAF8016BA1290D	- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -	Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\caroline2359\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
0C0C5C207121C7A78414A8250E8E099A	- C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll -	Shockwave for Director / Shockwave for Director


==== Deleted Firefox Extensions ======================

C:\Users\caroline2359\AppData\Roaming\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} deleted

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08/01/2016 11:47]

Google Slides - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Poper Blocker - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche
YouTube - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
wide awake theme - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghojamolcelbkfdejjhaliddkkhhpeb
Chrome Web Store Payments - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - caroline2359\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\caroline2359\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\caroline2359\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS
HKLM\SearchScopes\{4F978EFB-D870-44A4-85B5-3FFD135E0BE0} - http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS
HKLM\Wow6432Node\SearchScopes\{4F978EFB-D870-44A4-85B5-3FFD135E0BE0} - http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{4F978EFB-D870-44A4-85B5-3FFD135E0BE0} - No_Url_Value

==== Reset Google Chrome ======================

C:\Users\caroline2359\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\caroline2359\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\caroline2359\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\caroline2359\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\75590D9D1EC046A45BE94326B4657E44 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D9D09557-0CE1-4A64-B59E-34624B56E744} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\7A6F2EDADB7E5594DB660309B322D3FD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\75590D9D1EC046A45BE94326B4657E44 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\caroline2359\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\caroline2359\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\caroline2359\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\caroline2359\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\caroline2359\AppData\Local\Mozilla\Firefox\Profiles\g85bzgm5.default-1416074736810\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\caroline2359\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\caroline2359\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=12849 folders=736 1802237597 bytes)

==== Empty Temp Folders ======================

C:\Users\caroline2359\AppData\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\CAROLI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\TorrentsTime Media Player"  not found

==== EOF on ma 11/04/2016 at 16:59:10,77 ======================