
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Marieke on ma 17-03-2014 at 20:12:47,29.
Microsoft Windows 8.1 Pro 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Marieke\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

17-3-2014 20:14:15 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Users\Marieke\AppData\Roaming\OpenCandy deleted
C:\END deleted
C:\WINDOWS\Syswow64\SearchProtect deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Marieke\AppData\Local\Temp ====
2014-03-17 09:30:52	8B503F430D46473E53683C61A340BCBB	365112	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\PNPINST64.exe
2014-03-17 09:30:52	38A3AC2C466C9308AC12931A9630F47C	2554664	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\Setup.exe
2014-03-17 09:30:51	FF1451DCA906C3B343D9EFF2F318BBF5	87336	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDMag.exe
2014-03-17 09:30:51	F4BF93D9006E1C360D831200FC4E96AD	252712	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDUninst.dll
2014-03-17 09:30:51	C96865D0186FB7118E8B449315777BAA	2541352	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDUn_inst.exe
2014-03-17 09:30:51	6B121FDEB66E35CC2576989BFB147702	2499368	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDDeviceInformation.exe
2014-03-17 09:30:51	43D6BB398C32B127A3EA250EC89C4B6A	5099304	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDMcpl.dll
2014-03-17 09:30:51	381CF052785F8C644128A50B8F5DD184	351016	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDFavorite.dll
2014-03-17 09:30:51	2CFC4593494249147DBE0F9F8748952B	2967848	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDHValueMonitor.exe
2014-03-17 09:30:51	1D4D94B8CF0A8B04ACC1487DD6BDFB83	2374952	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDFingerPositioner.exe
2014-03-17 09:30:50	D859B2E8E7160FC4081124E6D1F98C4A	2366760	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDCtrlHelper.exe
2014-03-17 09:30:50	A4FBAA985D1DC842631473DC604100B2	335144	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDApix.dll
2014-03-17 09:30:50	958DFA5C74A57CE27E1B8A663FA398DF	227112	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDApi32.dll
2014-03-17 09:30:50	91F4824D216ABE624C95EA0047FA0A2B	1048872	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\dpinst.exe
2014-03-17 09:30:50	5CFB72E40A3C5F1070333BCF7E52E651	266536	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDApi.dll
2014-03-17 09:30:50	4E39830415EEA68CFCB737FE3D6A0E28	369960	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDCmds.dll
2014-03-17 09:30:50	4C120D2B2EA269EAE7A5744794EB6DB1	138024	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETD.sys
2014-03-17 09:30:50	215DF39F5A4D23FC21F018760B3A261C	2587944	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDCtrl.exe
2014-03-17 09:22:52	FDD88A3131FA33B8B820734129097170	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\TRK\ChipsetTRK.dll
2014-03-17 09:22:52	F5558C67A3ADB662D43D40A1CBDE4160	525792	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\x64\difxapi.dll
2014-03-17 09:22:52	B753CE3F2DDD93F55BBBF56FD773E75F	69632	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\SVE\ChipsetSVE.dll
2014-03-17 09:22:52	B38240049B507C63BD821BBAB1793E66	65536	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\KOR\ChipsetKOR.dll
2014-03-17 09:22:52	B03E31AA2CDEC006B4416122E8BA5C24	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\NLD\ChipsetNLD.dll
2014-03-17 09:22:52	9742E862D16930C2D6453563B524E419	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\PLK\ChipsetPLK.dll
2014-03-17 09:22:52	7F0A9C71155C2C99E87BE082F63D1174	53248	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\CSVer.dll
2014-03-17 09:22:52	78B05EEA36DA2DAD741183E4EA046FCB	69632	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\NOR\ChipsetNOR.dll
2014-03-17 09:22:52	50DB491742D3849A8A2D0A0B214F3605	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\PTB\ChipsetPTB.dll
2014-03-17 09:22:52	503A3F7C7540EF8CBFA582F3B541E072	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\ITA\ChipsetITA.dll
2014-03-17 09:22:52	4FC051A8F6ECD60861F3B7C1D7341520	65536	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\JPN\ChipsetJPN.dll
2014-03-17 09:22:52	35CC9A0F13C5D6BD4DC44970844C1DBF	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\PTG\ChipsetPTG.dll
2014-03-17 09:22:52	2FD69AE8F097CC52896B4ECB5A6BECD5	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\HUN\ChipsetHUN.dll
2014-03-17 09:22:52	2B1F12214C7B1144F6140DAEB58CB2C0	113176	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\x64\Difx64.exe
2014-03-17 09:22:52	1E44788A4A8FC710BC480DEB119495B4	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\RUS\ChipsetRUS.dll
2014-03-17 09:22:52	1BD976DD77B31FE0F25708AD5C1351AE	319456	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\difxapi.dll
2014-03-17 09:22:52	1AD26AF8F65617D57627121C8FB98963	69632	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\THA\ChipsetTHA.dll
2014-03-17 09:22:52	036802079FD51EF00262A48579B18A2E	65536	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\HEB\ChipsetHEB.dll
2014-03-17 09:22:51	F227E390189C992A66DBA68A6A363C76	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\FRA\ChipsetFRA.dll
2014-03-17 09:22:51	EDB336A8798A4D24465E3EEF57D15573	65536	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\ARA\ChipsetARA.dll
2014-03-17 09:22:51	EB60C35D49BFE040BB1ED1B36EE03C8E	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\ELL\ChipsetELL.dll
2014-03-17 09:22:51	E2D404252AE54734E8F9754BD22054FB	57344	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\ENU\ChipsetENU.dll
2014-03-17 09:22:51	A84D03D1FAA10BAE01D36A8EC78E946F	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\DAN\ChipsetDAN.dll
2014-03-17 09:22:51	86841ABE7918C074F0728AE690C08B5C	61440	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\CHT\ChipsetCHT.dll
2014-03-17 09:22:51	85AF8D19C827AB88AF40D3FB687CC255	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\DEU\ChipsetDEU.dll
2014-03-17 09:22:51	7D9257455DCF1A031D465D649303C89C	61440	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\CHS\ChipsetCHS.dll
2014-03-17 09:22:51	3DC67C4833188E524BA97275FE658D57	69632	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\CSY\ChipsetCSY.dll
2014-03-17 09:22:51	33F33754BDCE54F2E5C08308F8D06E5F	688128	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\ia64\difxapi.dll
2014-03-17 09:22:51	2F91841CC287E1931170B7A2222C2820	73728	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\ESP\ChipsetESP.dll
2014-03-17 09:22:51	1AD3A2ABCEA7B96C646D3197C5211410	69632	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Lang\CHIP\FIN\ChipsetFIN.dll
2014-03-17 09:22:51	0249CEC5E468853A99ACAB2CD9184866	195096	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\ia64\Difx64.exe
2014-03-17 09:22:50	0411B34B2BD3BCFD12316A3CEE20E896	956952	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Setup.exe
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-03-17 09:24:07	7F0A9C71155C2C99E87BE082F63D1174	53248	----a-w-	C:\WINDOWS\SysWOW64\CSVer.dll
2014-03-13 11:43:19	70462E0A4E293FC80620AB945D8A59BB	17074688	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-13 11:43:16	4831AA1A6A112ACCEE240C9D5FA2108B	11266048	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-13 11:43:14	FC46FE32B043CA7251B1D707B91BA6A7	4244480	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-13 11:43:14	BD5E6C894130E7BB7ECE9A0925383068	2168320	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-13 11:43:12	AAFEAB4FC9D70253F8C7E353E879E8A2	1820160	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2014-03-13 11:43:12	0FF358906F2333B26267BC0064DC02C4	1156096	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-13 11:43:11	A045DAE4D242A9A50FF6902774C55BE0	524288	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-13 11:43:11	4605E0295C8E742B28FD63D255322795	703488	----a-w-	C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-13 11:43:07	D34CE666D9BA3D5232609D3C15075B70	5770752	----a-w-	C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-13 11:43:06	ECEBFCEF5799B57BFF242D24B27E4FE4	2143960	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-13 11:43:05	2A3626E0B7F5A5317902EBDAF2B4CCE0	1371824	----a-w-	C:\WINDOWS\SysWOW64\combase.dll
2014-03-13 11:43:04	6C8AC5035C39C818624EFA962B24AB3D	1036288	----a-w-	C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-13 11:43:04	34823DAA381423CAE81FEE7C2EEE52F4	669352	----a-w-	C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-13 11:43:02	17500825FE6C7094ACC6E7DC6B578399	369280	----a-w-	C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-13 11:43:01	FCD51A3EB7E47FBCE17382A95FD3AB35	2873344	----a-w-	C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-13 11:43:01	F5033F3C6F8E706D78ACB9351EBF7B3E	1238016	----a-w-	C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-13 11:43:01	878B3C936C3C2850A57C24C6F104EBC5	208896	----a-w-	C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-13 11:43:01	249DE8C6F690646CC8EC53D49ABC6BE9	408480	----a-w-	C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-13 11:43:00	D4A17A8DEB194D77AD9651F0EE0C76EB	138752	----a-w-	C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-13 11:43:00	3DA5CD1E3B9BDAF79731CB6CB1029CB3	53248	----a-w-	C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-13 11:42:59	D0B6EB329D696A5C2122352EAE722290	855552	----a-w-	C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-13 11:42:44	F80E8CF9E4A051C2CC338C85088A046C	488448	----a-w-	C:\WINDOWS\SysWOW64\qedit.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-03-17 09:30:51	900D718C91168EF0C98C464035CDCAA1	5047080	----a-w-	C:\WINDOWS\Sysnative\ETDUI.cpl
2014-03-13 11:43:23	695C842DAA76536CE44C336C9E27B25D	1507704	----a-w-	C:\WINDOWS\Sysnative\winload.exe
2014-03-13 11:43:23	1A1DDFD4BA6523979C76BE188984C3AC	1643584	----a-w-	C:\WINDOWS\Sysnative\winload.efi
2014-03-13 11:43:20	4E0709D9BB951AD1C22E4FF519B90839	23133696	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2014-03-13 11:43:17	9C5ADB26632D46919ABB231CF7DE98B9	13051904	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2014-03-13 11:43:15	76862AAF77C049EC20217FDC209F7F13	2765824	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2014-03-13 11:43:14	D378AB3C9178424588B55AC7B652D7F9	218624	----a-w-	C:\WINDOWS\Sysnative\ie4uinit.exe
2014-03-13 11:43:13	DF79CE9B950C62677D232154E93A81C7	2334208	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2014-03-13 11:43:13	CF1C73DE1FADE3D3C44FCAF254F57DB2	5768704	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2014-03-13 11:43:12	E6ACA421DA3E50D7F0A31228F0C547B0	627200	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2014-03-13 11:43:12	BA0A21F761CE5001DF712C51BF11F953	1393664	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2014-03-13 11:43:11	48ED94DA88F65684B28FCD87C01288A7	817664	----a-w-	C:\WINDOWS\Sysnative\ieapfltr.dll
2014-03-13 11:43:08	C993A0B97BECD3AAF5158E3869878465	6353960	----a-w-	C:\WINDOWS\Sysnative\sppsvc.exe
2014-03-13 11:43:08	BAAD43360A7DF630ECC414671AEFA28C	6640640	----a-w-	C:\WINDOWS\Sysnative\mstscax.dll
2014-03-13 11:43:06	977F77CE98456F6B115E5360A1160449	2133208	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2014-03-13 11:43:05	C039246195C736A602F581D29F18A43D	1928144	----a-w-	C:\WINDOWS\Sysnative\combase.dll
2014-03-13 11:43:04	CFADC50692A845BAC30940E203393219	1287064	----a-w-	C:\WINDOWS\Sysnative\kernel32.dll
2014-03-13 11:43:04	C7B69F90B823182CE6BE7C5374832DE5	764864	----a-w-	C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
2014-03-13 11:43:03	B5D2EBAD81739185A91D210F5F01824B	407024	----a-w-	C:\WINDOWS\Sysnative\Faultrep.dll
2014-03-13 11:43:03	819A1E0F89B6AC222E9D95CA000A40B1	4175360	----a-w-	C:\WINDOWS\Sysnative\dbgeng.dll
2014-03-13 11:43:02	C7DFBE21051D5E44B479CBF74B968335	1486848	----a-w-	C:\WINDOWS\Sysnative\dbghelp.dll
2014-03-13 11:43:01	C83AFB0B285F293EDECF5EBDEC074A94	458616	----a-w-	C:\WINDOWS\Sysnative\WerFault.exe
2014-03-13 11:43:01	99453C649DC4B0BE6D062B701CD2917F	716288	----a-w-	C:\WINDOWS\Sysnative\swprv.dll
2014-03-13 11:43:01	735CB57F806D292FB7ABE8BDFD3B5853	233920	----a-w-	C:\WINDOWS\Sysnative\mfps.dll
2014-03-13 11:43:01	2684605E822359CBD1ED2BD2C8E76397	249856	----a-w-	C:\WINDOWS\Sysnative\rdpencom.dll
2014-03-13 11:43:00	AFCAB4DC692CCE37E283B00E2D7B438F	447488	----a-w-	C:\WINDOWS\Sysnative\sppcomapi.dll
2014-03-13 11:43:00	94D79382FB796B0A8C90270654A70563	1057280	----a-w-	C:\WINDOWS\Sysnative\rdvidcrl.dll
2014-03-13 11:43:00	724ADFEE7743C26C550ABFE04271DCFD	160256	----a-w-	C:\WINDOWS\Sysnative\DWWIN.EXE
2014-03-13 11:43:00	3FFEC6927D4017829A82ECDB277BB23E	64512	----a-w-	C:\WINDOWS\Sysnative\tsgqec.dll
2014-03-13 11:43:00	110BE5198A63D3FF3CE9C30F1DC12EC3	386722	----a-w-	C:\WINDOWS\Sysnative\ApnDatabase.xml
2014-03-13 11:42:44	05894DFC52A78C3B1DD5EF6F30FAD28C	586240	----a-w-	C:\WINDOWS\Sysnative\qedit.dll
2014-03-13 11:42:43	1A69D165DDA78A4329B854D4FEDAD132	4189184	----a-w-	C:\WINDOWS\Sysnative\win32k.sys
====== C:\WINDOWS\Sysnative\drivers =====
2014-03-13 11:43:06	ECC68BD5347BDE9631EE68274858A41F	2543960	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2014-03-13 11:43:01	C85C075DE5B6D0FE116043054DE8EE02	311640	----a-w-	C:\WINDOWS\Sysnative\drivers\volsnap.sys
2014-03-13 11:42:56	C52148456E0F6EAD9E903020A79207FC	236888	----a-w-	C:\WINDOWS\Sysnative\drivers\WdFilter.sys
2014-03-13 11:42:55	241895E8A9C158DF86E12FDD21033A32	35856	----a-w-	C:\WINDOWS\Sysnative\drivers\WdBoot.sys
2014-03-13 11:42:54	57F22324FAAF92ADF957B281E88F1743	124760	----a-w-	C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys
2014-02-16 19:13:21	7E8902F9929A5D9FFD0F545332CE0F10	1439792	----a-w-	C:\WINDOWS\Sysnative\drivers\SynTP.sys
2014-02-16 11:32:20	ED39D676080A1AEA755F1DEC1A8DF1A4	1119064	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2014-02-16 11:32:19	79B6F3DF7CDFD12159871FF71464F0CE	403456	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2014-02-16 11:32:17	B7342B3C58E91107F6E946A93D9D4EFD	142848	----a-w-	C:\WINDOWS\Sysnative\drivers\ipnat.sys
2014-02-16 11:32:17	4628B415A84EA9D4D396A56F1D0CB6C6	142680	-c--a-w-	C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2014-02-16 11:32:15	1C89EF529DB7DCA98E801EFDCC8437DE	19456	-c--a-w-	C:\WINDOWS\Sysnative\drivers\BtaMPM.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-03-17 09:42:42	--------	d-----w-	C:\Program Files\trend micro
2014-03-17 09:31:17	--------	d-----w-	C:\Program Files\Elantech
======= C:\PROGRA~2 =====
2014-03-17 10:03:41	--------	d-----w-	C:\PROGRA~2\Belastingdienst
2014-03-17 09:24:06	--------	d-----w-	C:\PROGRA~2\Intel
2014-03-07 11:36:02	--------	d-----w-	C:\PROGRA~2\Windows Phone
2014-02-16 20:16:16	--------	d-----w-	C:\PROGRA~2\ASUS
======= C: =====
====== C:\Users\Marieke\AppData\Roaming ======
2014-03-17 10:04:59	--------	d-----w-	C:\Users\Marieke\AppData\Roaming\Belastingdienst
2014-03-16 12:45:38	--------	d-----w-	C:\Users\Marieke\AppData\Roaming\TuneUp Software
2014-02-27 16:32:39	--------	d-----w-	C:\Users\Marieke\AppData\Roaming\dvdcss
====== C:\Users\Marieke ======
2014-03-17 10:03:43	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst
2014-03-07 11:36:15	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-03-07 11:35:05	--------	d-----w-	C:\ProgramData\Applications
2014-03-07 11:34:56	4769BCC1C0B540776551EA0BD9C393C7	6790816	----a-w-	C:\Users\Marieke\Downloads\WindowsPhone.exe

====== C: exe-files ==
2014-03-17 10:03:43	73090B22743F14A20903523356BF296D	183720	------r-	C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013u.exe
2014-03-17 10:03:27	6463A4FA57AEE1597C26EC75DFD911D2	2836400	----a-w-	C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\IE\H0S4PNXW\ib2013_win_setup.exe
2014-03-17 09:42:42	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Marieke.exe
2014-03-17 09:42:27	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\IE\9EMQIKRI\RSITx64.exe
2014-03-17 09:30:52	8B503F430D46473E53683C61A340BCBB	365112	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\PNPINST64.exe
2014-03-17 09:30:52	38A3AC2C466C9308AC12931A9630F47C	2554664	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\Setup.exe
2014-03-17 09:30:51	FF1451DCA906C3B343D9EFF2F318BBF5	87336	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDMag.exe
2014-03-17 09:30:51	FF1451DCA906C3B343D9EFF2F318BBF5	87336	----a-w-	C:\Program Files\Elantech\ETDMag.exe
2014-03-17 09:30:51	C96865D0186FB7118E8B449315777BAA	2541352	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDUn_inst.exe
2014-03-17 09:30:51	C96865D0186FB7118E8B449315777BAA	2541352	----a-w-	C:\Program Files\Elantech\ETDUn_inst.exe
2014-03-17 09:30:51	6B121FDEB66E35CC2576989BFB147702	2499368	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDDeviceInformation.exe
2014-03-17 09:30:51	6B121FDEB66E35CC2576989BFB147702	2499368	----a-w-	C:\Program Files\Elantech\ETDDeviceInformation.exe
2014-03-17 09:30:51	2CFC4593494249147DBE0F9F8748952B	2967848	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDHValueMonitor.exe
2014-03-17 09:30:51	1D4D94B8CF0A8B04ACC1487DD6BDFB83	2374952	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDFingerPositioner.exe
2014-03-17 09:30:50	D859B2E8E7160FC4081124E6D1F98C4A	2366760	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDCtrlHelper.exe
2014-03-17 09:30:50	D859B2E8E7160FC4081124E6D1F98C4A	2366760	----a-w-	C:\Program Files\Elantech\ETDCtrlHelper.exe
2014-03-17 09:30:50	91F4824D216ABE624C95EA0047FA0A2B	1048872	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\dpinst.exe
2014-03-17 09:30:50	215DF39F5A4D23FC21F018760B3A261C	2587944	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETDCtrl.exe
2014-03-17 09:30:50	215DF39F5A4D23FC21F018760B3A261C	2587944	----a-w-	C:\Program Files\Elantech\ETDCtrl.exe
2014-03-17 09:22:52	2B1F12214C7B1144F6140DAEB58CB2C0	113176	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\x64\Difx64.exe
2014-03-17 09:22:51	0249CEC5E468853A99ACAB2CD9184866	195096	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\ia64\Difx64.exe
2014-03-17 09:22:50	0411B34B2BD3BCFD12316A3CEE20E896	956952	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.557\Setup.exe
2014-03-16 13:17:52	64114D2EEEF70DF310F2EA1FC34C232F	2816072	----a-w-	C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\IE\90MJHZGG\setup.exe
2014-03-16 13:16:49	64114D2EEEF70DF310F2EA1FC34C232F	2816072	----a-w-	C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\IE\90MJHZGG\setup (1).exe
2014-03-16 10:23:25	E677174AA15D1B9D9E0B0F1C8DB8CC56	892120	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.154\33.0.1750.154_33.0.1750.146_chrome_updater.exe
2014-03-13 11:43:23	695C842DAA76536CE44C336C9E27B25D	1507704	----a-w-	C:\Windows\System32\winload.exe
2014-03-13 11:43:22	695C842DAA76536CE44C336C9E27B25D	1507704	----a-w-	C:\Windows\System32\Boot\winload.exe
2014-03-13 11:43:14	D378AB3C9178424588B55AC7B652D7F9	218624	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-03-13 11:43:08	C993A0B97BECD3AAF5158E3869878465	6353960	----a-w-	C:\Windows\System32\sppsvc.exe
2014-03-13 11:43:01	C83AFB0B285F293EDECF5EBDEC074A94	458616	----a-w-	C:\Windows\System32\WerFault.exe
2014-03-13 11:43:01	249DE8C6F690646CC8EC53D49ABC6BE9	408480	----a-w-	C:\Windows\SysWOW64\WerFault.exe
2014-03-13 11:43:00	D4A17A8DEB194D77AD9651F0EE0C76EB	138752	----a-w-	C:\Windows\SysWOW64\DWWIN.EXE
2014-03-13 11:43:00	724ADFEE7743C26C550ABFE04271DCFD	160256	----a-w-	C:\Windows\System32\DWWIN.EXE
=== C: other files ==
2014-03-17 09:30:50	4C120D2B2EA269EAE7A5744794EB6DB1	138024	----a-w-	C:\Users\Marieke\AppData\Local\Temp\Rar$EXa0.045\ETD.sys
2014-03-17 09:30:33	70A0A0330C59CA0DDFB178BABAE8FB5A	11705182	----a-w-	C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\IE\H0S4PNXW\Touchpad_Elantech_Win7_64_Z8051.zip
2014-03-17 09:28:22	560A1B31057DB6DE948975BF688F4A95	45752289	----a-w-	C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\IE\90MJHZGG\Touchpad_Synaptics_Win7_64_Z15360.zip
2014-03-17 09:22:26	3F5376FFD446ED35046ACDDE9B5907C6	2609804	----a-w-	C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\IE\90MJHZGG\Chipset_Intel_INFUpdate_Win7_32_64_Z9201021.zip
2014-03-13 11:43:06	ECC68BD5347BDE9631EE68274858A41F	2543960	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2014-03-13 11:43:01	C85C075DE5B6D0FE116043054DE8EE02	311640	----a-w-	C:\Windows\System32\drivers\volsnap.sys
2014-03-13 11:42:56	C52148456E0F6EAD9E903020A79207FC	236888	----a-w-	C:\Windows\System32\drivers\WdFilter.sys
2014-03-13 11:42:55	241895E8A9C158DF86E12FDD21033A32	35856	----a-w-	C:\Windows\System32\drivers\WdBoot.sys
2014-03-13 11:42:54	57F22324FAAF92ADF957B281E88F1743	124760	----a-w-	C:\Windows\System32\drivers\WdNisDrv.sys
2014-03-13 11:42:43	1A69D165DDA78A4329B854D4FEDAD132	4189184	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-01-2014 10:08]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-01-2014 10:08]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{3C549C1A-45C6-4317-9D0C-ECAA1E6200B1}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\{6E4BD834-5C92-490D-8921-CB8D6B8DF9A0}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.13.0.104/nl/abandoninstall?source=lightinstaller&amp;page=tsMain]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chrome Look ======================

Google Docs - Marieke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Marieke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Marieke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Marieke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Marieke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Marieke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8401A931-D2EB-4E59-921D-766289862F3C&SSPV="

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67607409-7552-4EEF-AC18-BF1FD8D484D4}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{67607409-7552-4EEF-AC18-BF1FD8D484D4} Google  Url="http://www.google.nl/search?hl=nl&q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Marieke\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Marieke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=123 folders=27 46982388 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Marieke\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Marieke\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 17-03-2014 at 20:25:35,88 ======================