
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by PaulGJ on di 20-05-2014 at  6:33:10,89.

Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\PaulGJ\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

Failed to create System Restore Point

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Nosibay deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\PaulGJ\AppData\Roaming\Nosibay deleted successfully
C:\Users\PaulGJ\AppData\Local\CrashDumps deleted successfully
C:\Users\PaulGJ\AppData\Local\Wisdom-soft deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1002\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5C718B25-300F-42C9-9794-D3CB32C333EF} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1002\Software\Microsoft\Internet Explorer\SearchScopes\{5C718B25-300F-42C9-9794-D3CB32C333EF} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1002\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\etdzk0j7.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20-05-2014_0701_.backup

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default

user.js not found
---- Lines snap.do removed from prefs.js ----
user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\"www.only-apartments.es\\\
---- Lines helperbar removed from prefs.js ----
user_pref("extensions.helperbar.BackPageActive", true);
user_pref("extensions.helperbar.backPageCapacity", 3);
user_pref("extensions.helperbar.backPageCounter", 0);
user_pref("extensions.helperbar.backPageDay", 4);
user_pref("extensions.helperbar.backPageLastEvent", "1399015034668");
user_pref("extensions.helperbar.backPageMinInterval", 15);
user_pref("extensions.helperbar.barcodeid", "132921");
user_pref("extensions.helperbar.countryiso", "fr");
user_pref("extensions.helperbar.DockingPositionDown", false);
user_pref("extensions.helperbar.downloadprovider", "yahootr_pkr");
user_pref("extensions.helperbar.fromautoupdate", "false");
user_pref("extensions.helperbar.installationid", "4074d95f-fa20-4adf-8723-2087d4149027");
user_pref("extensions.helperbar.installdate", "03/05/2014");
user_pref("extensions.helperbar.keepAliveLastevent", "1399187833");
user_pref("extensions.helperbar.lastExternalJsUpdate", "1399703847868");
user_pref("extensions.helperbar.LastHiddenTime", 23320415);
user_pref("extensions.helperbar.publisher", "yahootr");
user_pref("extensions.helperbar.SmartbarDisabled", true);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("extensions.helperbar.Visibility", true);
---- Lines smartbar removed from prefs.js ----
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private
---- FireFox user.js and prefs.js backups ---- 

prefs_20-05-2014_0701_.backup

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Thunderbird\Profiles\pgfiju2j.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20-05-2014_0701_.backup

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Thunderbird\Profiles\v3d9aldm.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20-05-2014_0701_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] 
"SpUninstallCleanUp"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\searchplugins\trovi-search.xml" not found
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\searchplugins\Web Search.xml" not found
C:\Users\PaulGJ\daemonprocess.txt deleted
C:\Users\PaulGJ\.android deleted
C:\search.sqlite deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk deleted
C:\PROGRA~3\ProductData deleted
C:\Users\PaulGJ\AppData\Local\Software deleted
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\PaulGJ\AppData\LocalLow\Smartbar deleted
C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\Invalidprefs.js deleted
"C:\Users\PaulGJ\chromeinstall-7u51.exe" not deleted
"C:\Users\PaulGJ\Encoder_en.exe" not deleted
"C:\Users\PaulGJ\UGA5_EFG_3in1.exe" not deleted
"C:\Users\PaulGJ\wlsetup-web.exe" not deleted
"C:\Program Files (x86)\sweetpacks bundle uninstaller_ScreenHunter Free_1520630\uninstaller.exe" not deleted
"C:\PROGRA~2\sweetpacks bundle uninstaller_ScreenHunter Free_1520630\uninstaller.exe" not deleted
"C:\found.003\Callisto.dll" not deleted
"C:\found.003\Thumbmunkeys.Adverts.dll" not deleted
"C:\found.003\Thumbmunkeys.Cloud.dll" not deleted
"C:\found.003\Thumbmunkeys.Dx.dll" not deleted
"C:\found.003\Thumbmunkeys.Phototastic.exe" not deleted
"C:\found.003\ThumbmunkeysCommon.dll" not deleted
"C:\found.003\ThumbMunkeysCommonUI.dll" not deleted
"C:\found.003\WinRTXamlToolkit.dll" not deleted
"C:\found.003\WriteableBitmapEx.WinRT.dll" not deleted
"C:\PROGRA~3\boost_interprocess\Nobu64AgentService" deleted
"C:\PROGRA~3\boost_interprocess\Nobu64TrayIcon" deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}\components\SmartbarFireFoxRemotePlugin_23.dll" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}\components\SmartbarFireFoxRemotePlugin_24.dll" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}\components\SmartbarFireFoxRemotePlugin_25.dll" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}\components\SmartbarFireFoxRemotePlugin_26.dll" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}\components\SmartbarFireFoxRemotePlugin_27.dll" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}\components\SmartbarFireFoxRemotePlugin_28.dll" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\ascsurfingprotection@iobit.com" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\PrivDog@AdTrustMedia.com" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}" not deleted
"C:\Program Files (x86)\sweetpacks bundle uninstaller_ScreenHunter Free_1520630" not deleted
"C:\PROGRA~2\sweetpacks bundle uninstaller_ScreenHunter Free_1520630" not deleted
"C:\found.002" deleted
"C:\found.003" not deleted
"C:\PROGRA~3\boost_interprocess" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\PrivDog@AdTrustMedia.com" not deleted
"C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}\components" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\PaulGJ\AppData\Local\Temp ====
2014-05-19 07:09:21	19C1B3FA0DFE65A00E96E94E8B7F24F0	1065784	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\~nsu.tmp\Au_.exe
2014-05-19 07:08:13	9BB41CA8F66EC7D3132E869670D7EA34	6281976	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsuF89B\SpSetup.exe
2014-05-19 07:07:42	DBFABA3A1329A0925530482CFD700B21	230200	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsq7EB6.tmp\DownloadACC.dll
2014-05-19 07:07:41	6482716B29A424ADE699F29560302F5D	1131832	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsq7EB6.tmp\webapphost.dll
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsy41E4.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsn2887.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsm2663.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nse450E.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsd42EA.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsc40C6.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsb244F.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-05-16 07:54:13	AB66E9607A22E2789F00F5744E0F4FDB	78296	----a-w-	C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-16 07:54:13	71F546631768F9A06E8095B212C4A7AD	694240	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 04:42:33	5C1611E2B668727FF22150D108FCB06F	17562112	----a-w-	C:\Windows\SysWOW64\shell32.dll
2014-05-14 04:42:25	F8B1D218C6D90674A2BC0E36AD33B44B	452608	----a-w-	C:\Windows\SysWOW64\SHCore.dll
2014-05-14 04:42:25	A7EB6E44E7B850028DE3765A00FFC3E6	668160	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 04:42:25	8BE0E10A872DB03E12E9E7AACB5F1707	559104	----a-w-	C:\Windows\SysWOW64\objsel.dll
2014-05-14 04:42:25	7F14619A35EFD2A6C2676A5DA44DF669	961536	----a-w-	C:\Windows\SysWOW64\usercpl.dll
2014-05-14 04:42:25	79453BAE17B59ECF80D5AAB5AC21E289	666624	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-05-14 04:42:25	54A7E41968B1014510928096E812D6D8	273920	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 04:42:24	FE08612815D2A3CE56A9A2EFE54DE876	99840	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2014-05-14 04:42:24	80CAD18595095CE6FAFD7B72354ABB3D	76800	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 04:42:24	7D4DCF88AA0F3C5B9CD9F5DB17A0D224	323072	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-05-14 04:42:24	6C3F68096889CFD2D1CC68212C736E60	38400	----a-w-	C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 04:42:24	3A19DD75AB1ECF87885ED308DFB5D32B	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-05-14 04:42:24	1C0AC35405717EC499F5E2B8ADC28E97	178688	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-05-14 04:42:17	F2E912C438B0BB201391B831DA63BE06	14367232	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-05-14 04:42:17	ED62B3E8207C19D6F7898F211ADE8B60	80384	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 04:42:16	CCDFE595668082AED67C7161DB88E6EE	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 07:22:43	985A570128DAEB86F77DE843028BDC9C	974848	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2014-05-08 07:22:42	352190626162123D949303CE208B3E5A	1075200	----a-w-	C:\Windows\SysWOW64\gpedit.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-05-14 04:42:34	9002A0C3E940E1A01BD03A7062B27B41	19759104	----a-w-	C:\Windows\Sysnative\shell32.dll
2014-05-14 04:42:25	D85E906ACB458BE4BF5F3C9B35404A74	439808	----a-w-	C:\Windows\Sysnative\lsm.dll
2014-05-14 04:42:25	D736F2A53EEC2CD9AEAE44B653A7CCDB	1043968	----a-w-	C:\Windows\Sysnative\usercpl.dll
2014-05-14 04:42:25	D082B5BEBF77753442BA212DA7BD6D93	827904	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-05-14 04:42:25	A294087B82A4EB0CD179D0A90DE3B651	318464	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-05-14 04:42:25	8501267018C90AE5C6D736D673B8DA2A	982016	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2014-05-14 04:42:25	773DF0EC54E53CE2CEEFB776CF941A93	164864	----a-w-	C:\Windows\Sysnative\sspicli.dll
2014-05-14 04:42:25	425B488F076DF105CFB8A700D2A50352	6987096	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2014-05-14 04:42:25	3A52B02E38CE289A05EAFC42844D714D	588288	----a-w-	C:\Windows\Sysnative\SHCore.dll
2014-05-14 04:42:25	37C282CF52358E6CF25A36B2D94EC4D1	684032	----a-w-	C:\Windows\Sysnative\objsel.dll
2014-05-14 04:42:25	0D56D94264702B235C87EAD49D443949	179712	----a-w-	C:\Windows\Sysnative\dpapisrv.dll
2014-05-14 04:42:25	02D1B7DF0EF66CF5C20C7412E4CB094F	1281536	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-05-14 04:42:24	F1DA34D64F2BA200D28A7451804E2FEE	35840	----a-w-	C:\Windows\Sysnative\lsass.exe
2014-05-14 04:42:24	E6A730CD372B10DB1AA3BC7D4DF39AD7	45056	----a-w-	C:\Windows\Sysnative\dimsroam.dll
2014-05-14 04:42:24	8B072BB69984C8FE36914BF0E9F69281	419328	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-05-14 04:42:24	7926C10A43BBED1D04DFC17A7042FF68	208896	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-05-14 04:42:24	578F8E769CAB4B52D132843B6FE85475	14848	----a-w-	C:\Windows\Sysnative\workerdd.dll
2014-05-14 04:42:24	5579488320C3C827E75F5E8BBDF44AF6	20480	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-05-14 04:42:24	3639852ECE97DF80A23DF26E41C5A9AF	94720	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-05-14 04:42:24	14D42343D1FBA771C8884B705637A821	27648	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2014-05-14 04:42:23	EE5B8FE4C7B9769C7DC5C3C856E140C3	19274752	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-05-14 04:42:23	E2D565F6B39A79C3BB7B16EBFDF97418	97280	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-05-14 04:42:23	03F58B3FA4B5329F21F770B1EF8D984A	1287168	----a-w-	C:\Windows\Sysnative\schedsvc.dll
2014-05-14 04:42:16	778398489B152DC4DB04B9AC9BFF5D99	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-05-08 07:22:42	AA6FD65C372252A338D8CD0E704D30D7	1120768	----a-w-	C:\Windows\Sysnative\gpedit.dll
2014-05-08 07:22:42	7BDE8F40FF491D8507CE3A6BF4EF0851	1258496	----a-w-	C:\Windows\Sysnative\kernel32.dll
2014-05-08 07:22:14	2A99F3410342F2B058109CFEEDF45F64	27456	----a-w-	C:\Windows\Sysnative\RegistryDefragBootTime.exe
====== C:\Windows\Sysnative\drivers =====
2014-05-19 16:35:21	95B3CEAF06A2DF96FE28CD0755D319C4	79064	----a-w-	C:\Windows\Sysnative\drivers\ylgw.sys
2014-05-19 16:23:48	6140163BFE9D8F2DFDBA088ED5521C13	119512	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-05-19 16:23:25	FD5465B876D55534117963FAAA4B9DFC	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2014-05-19 16:23:25	4A1356200B82B852E137B687F03E8054	88280	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-05-19 16:23:25	3FFFB7F54CD7A792099C10402FCF8F56	63192	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-05-14 04:42:28	AB6F7DE8BFBF61A42F8764D9A621BD8B	269592	----a-w-	C:\Windows\Sysnative\drivers\WdFilter.sys
2014-05-14 04:42:28	3772FF85F0098686B0DCD77076AE0786	35856	----a-w-	C:\Windows\Sysnative\drivers\WdBoot.sys
2014-05-14 04:42:25	DBF9E5346431557BF56F41E7F8EC0DC1	570216	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2014-05-14 04:42:25	8B3EB6372436195B8EA8AE09A184BCE2	100184	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2014-05-14 04:42:25	3DD9C86EA88E8B5A51904AD87E1F2E78	172888	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-05-08 07:22:42	BB0F9E19C5CE4DC765B263E2A5561DE1	247808	----a-w-	C:\Windows\Sysnative\drivers\srvnet.sys
2014-05-08 07:22:42	A4071DA3AE419F9694BFCB267C7DB8D7	78336	----a-w-	C:\Windows\Sysnative\drivers\IPMIDrv.sys
2014-05-08 07:22:42	961A45CC15514178E511BBF1384CE0B8	83968	----a-w-	C:\Windows\Sysnative\drivers\hidclass.sys
2014-05-08 07:22:42	851149B9F9254BD67F907C44A9D2242D	621568	----a-w-	C:\Windows\Sysnative\drivers\srv2.sys
2014-05-08 07:22:42	7A761AEE58658378BBA45D360F874CB0	370688	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2014-05-08 07:22:42	697B78CE3925E4FBFC544232A5E9E2EB	215040	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2014-04-29 07:23:13	DE70B1D2CA8051C33FFA4172ACED37B0	1474832	----a-w-	C:\Windows\Sysnative\drivers\sfi.dat
====== C:\Windows\Tasks ======
2014-05-20 04:27:57	0432D9723C1A1C58893BD8E73C92ECDC	2396	----a-w-	C:\Windows\Sysnative\Tasks\Uninstaller_SkipUac_Administrator
2014-05-20 04:27:57	0382BA91A8A46C9C1F36D525669E7E5F	294	----a-w-	C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job
2014-05-20 04:27:54	8760E8C5C8C433099DD4ECFE6113C786	2360	----a-w-	C:\Windows\Sysnative\Tasks\ASC7_SkipUac_PaulGJ
2014-05-20 04:27:54	7CED9722200C61C125C949A236877F43	258	----a-w-	C:\Windows\Tasks\ASC7_SkipUac_PaulGJ.job
2014-04-29 07:23:16	CD82E9405FA493E2602AFB65E2FE0867	3028	----a-w-	C:\Windows\Sysnative\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2014-04-29 07:23:16	--------	d-----w-	C:\Windows\Sysnative\Tasks\COMODO
2014-04-23 06:34:26	5FE8D6F983F62316BFE985979DA74B85	3096	----a-w-	C:\Windows\Sysnative\Tasks\ASC7_PerformanceMonitor
2014-04-23 05:37:58	83FC9FB5B6F8453EDC5E079BBB43B8A5	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 05:37:58	8359454A524F2FDE9603A069F24BCD65	3828	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-19 16:31:33	--------	d-----w-	C:\Program Files\trend micro
2014-05-11 14:28:29	--------	d-----w-	C:\Program Files\Common Files\Protexis
2014-05-11 14:28:17	--------	d-----w-	C:\Program Files\Corel
2014-04-29 07:23:02	--------	d-----w-	C:\Program Files\AdTrustMedia
2014-04-29 07:22:53	--------	d-----w-	C:\Program Files\COMODO
======= C:\PROGRA~2 =====
2014-05-19 07:07:44	--------	d-----w-	C:\PROGRA~2\sweetpacks bundle uninstaller_ScreenHunter Free_1520630
2014-05-11 14:28:11	--------	d-----w-	C:\PROGRA~2\COMMON~1\Protexis
2014-05-11 14:27:52	--------	d-----w-	C:\PROGRA~2\Corel
2014-05-10 04:56:27	--------	d-----w-	C:\PROGRA~2\COMMON~1\ArcSoft
2014-05-10 04:56:27	--------	d-----w-	C:\PROGRA~2\ArcSoft
2014-05-08 17:22:58	--------	d-----w-	C:\PROGRA~2\Adres 2000
2014-05-04 07:08:25	--------	d-----w-	C:\PROGRA~2\COMMON~1\Apple
2014-05-04 07:08:24	--------	d-----w-	C:\PROGRA~2\QuickTime
2014-05-03 07:34:55	--------	d-----w-	C:\PROGRA~2\LPT
2014-05-03 07:21:10	--------	d-----w-	C:\PROGRA~2\Wisdom-soft ScreenHunter 6.0 Free
2014-04-30 20:02:20	--------	d-----w-	C:\PROGRA~2\Mozilla Thunderbird
2014-04-29 07:28:22	--------	d-----w-	C:\PROGRA~2\FileZilla FTP Client
2014-04-29 07:21:23	--------	d-----w-	C:\PROGRA~2\BlueGriffon
2014-04-23 06:32:36	--------	d-----w-	C:\PROGRA~2\IObit
======= C: =====
2014-05-09 04:44:52	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\asc_rdflag
====== C:\Users\PaulGJ\AppData\Roaming ======
2014-05-19 14:53:24	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\LibreOffice
2014-05-19 07:08:51	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free
2014-05-11 14:28:44	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\Ulead Systems
2014-05-11 14:28:43	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\Corel PaintShop Pro
2014-05-10 04:58:13	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\ArcSoft
2014-05-09 04:47:07	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2014-05-07 18:32:56	D282ABCE31B97D01EF9AEBA319A903A5	2691	----a-w-	C:\Users\PaulGJ\AppData\Local\recently-used.xbel
2014-05-04 17:25:15	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\Apple Computer
2014-05-04 07:08:23	--------	d-----w-	C:\Users\PaulGJ\AppData\Locallow\Apple Computer
2014-05-04 07:07:27	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\Corel
2014-05-03 07:34:25	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\LPT
2014-04-30 19:23:17	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\gtk-2.0
2014-04-30 19:19:31	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\fontconfig
2014-04-30 19:19:30	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\gegl-0.2
2014-04-29 11:17:44	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\AdTrustMedia
2014-04-29 07:56:32	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\IObit
2014-04-29 07:56:10	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-04-29 07:28:26	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\FileZilla
2014-04-29 07:24:25	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Comodo
2014-04-29 07:23:01	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\COMODO
2014-04-29 07:21:30	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\Disruptive Innovations SARL
2014-04-29 07:21:30	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\Disruptive Innovations SARL
2014-04-28 10:48:01	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-04-28 10:47:57	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\CyberLink
2014-04-28 10:47:53	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\Cyberlink
2014-04-24 04:58:15	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\ProductData
2014-04-23 06:34:29	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\Apple Computer
2014-04-23 06:34:28	--------	d-----w-	C:\Users\PaulGJ\AppData\Locallow\IObit
2014-04-23 06:32:57	--------	d-----w-	C:\Users\PaulGJ\AppData\Roaming\IObit
2014-04-20 05:09:40	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\Apps
2014-04-20 05:09:04	--------	d-----w-	C:\Users\PaulGJ\AppData\Local\Programs
====== C:\Users\PaulGJ ======
2014-05-20 04:27:56	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2014-05-19 16:31:00	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\PaulGJ\Downloads\RSITx64.exe
2014-05-19 16:21:20	302103AF95A8F43AD85F80DAE14BDB9C	17305616	----a-w-	C:\Users\PaulGJ\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 07:08:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free
2014-05-19 07:08:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft-Now bundle
2014-05-19 06:01:13	4A78777FD4A6C5B8512EA49B49B997D3	138977299	----a-w-	C:\Users\PaulGJ\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_nl.exe
2014-05-11 14:45:21	507E610551128B8AAB0F2098DDAB62CA	6387728	----a-w-	C:\Users\PaulGJ\Downloads\PSPX6_ScriptGuide.exe
2014-05-11 14:45:13	1B2505CDF0397A0550EA7A5014AA6151	85699664	----a-w-	C:\Users\PaulGJ\Downloads\Corel_KPT.exe
2014-05-11 14:45:04	9AF23465A6BA177F6FD1655743F572EF	138557816	----a-w-	C:\Users\PaulGJ\Downloads\Corel_CreativeContent.exe
2014-05-11 14:28:06	--------	d-----w-	C:\ProgramData\Corel
2014-05-11 14:28:03	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6
2014-05-11 14:20:39	7E0C4E4442EB3FF09A2B48D3062CE6AB	257244424	----a-w-	C:\Users\PaulGJ\Downloads\PaintShop_Pro_X6_Windows.exe
2014-05-11 09:02:59	8C34D153D1C274B11E4BF7820B91AB75	496402592	----a-w-	C:\Users\PaulGJ\Downloads\PSPP_X3_Ult_PF (1).exe
2014-05-10 04:56:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft MediaImpression 2
2014-05-08 17:23:40	0C054870BA20483EEB79AAD7F49C6C0B	2557420	----a-w-	C:\Users\PaulGJ\Downloads\Adres2k_update.exe
2014-05-08 17:22:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adres 2000
2014-05-08 17:22:59	--------	d-----w-	C:\ProgramData\Adres 2000
2014-05-08 17:21:53	90E08DDF4665AC592A3621EF8D8CE942	2541056	----a-w-	C:\Users\PaulGJ\Downloads\Adres2k_setup.exe
2014-05-07 20:41:54	38A9E0486F627B21923646173547D715	1212232	----a-w-	C:\Users\PaulGJ\Downloads\printscreencapture-setup.exe
2014-05-04 17:27:26	0641A46F1E58529A42EAD4573A3A0861	8	--sha-r-	C:\ProgramData\673EF9B759.sys
2014-05-04 17:27:25	5CA387396180B4BE22879798626C10AB	3140	--sha-w-	C:\ProgramData\KGyGaAvL.sys
2014-05-04 07:08:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-05-04 07:08:24	--------	d-----w-	C:\ProgramData\Apple Computer
2014-04-29 07:28:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-29 07:23:12	--------	d-s---w-	C:\ProgramData\Shared Space
2014-04-29 07:23:01	--------	d-----w-	C:\ProgramData\Adtrustmedia
2014-04-29 07:22:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-29 07:22:36	--------	d-----w-	C:\ProgramData\Comodo Downloader
2014-04-29 07:21:58	--------	d-----w-	C:\ProgramData\Comodo
2014-04-29 07:21:29	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueGriffon
2014-04-23 06:34:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-04-23 06:32:36	--------	d-----w-	C:\ProgramData\IObit
2014-04-21 05:22:45	--------	d-----w-	C:\Users\PaulGJ\Nieuwe map
2014-04-21 05:01:33	--------	d-----w-	C:\Users\PaulGJ\Users
2014-04-21 05:01:33	--------	d-----w-	C:\Users\PaulGJ\AppDat
2014-04-20 05:26:49	--------	d-----w-	C:\Users\PaulGJ\scan_results
2014-04-20 05:09:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ UNDELETE Professional

====== C: exe-files ==
2014-05-20 04:27:56	F0D13521B4723FD213ED9CDCB5A50F6E	7664928	----a-w-	C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
2014-05-20 04:27:56	C098B4EA64D8C957486ACD736031435C	588608	----a-w-	C:\Program Files (x86)\IObit\IObit Uninstaller\Install_PintoStartMenu.exe
2014-05-20 04:27:56	78148DC7BA8C46551929FF7E47FA4133	1114944	----a-w-	C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe
2014-05-20 04:27:56	5D4ACF36CF6B3E2453C2E39216BD173B	629568	----a-w-	C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe
2014-05-20 04:27:55	FFFE93851E1DB6B112007AE6077BA2A5	1270080	----a-w-	C:\Program Files (x86)\IObit\Surfing Protection\PluginInstall.exe
2014-05-20 04:27:55	F1A522373D76B164ED357FD60314854D	1195808	----a-w-	C:\Program Files (x86)\IObit\Surfing Protection\unins000.exe
2014-05-20 04:27:55	497AF28F6231FA74DE734C9628F30FAD	1362240	----a-w-	C:\Program Files (x86)\IObit\Surfing Protection\SPUpdate.exe
2014-05-20 04:27:54	88B7F951A2DD14BFF31AD74B4E624E98	2130720	----a-w-	C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallPromote.exe
2014-05-20 04:27:52	CB89633C0495D54654FC5A6441EB3894	23872	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wnet_x86\RegistryDefragBootTime.exe
2014-05-20 04:27:52	9689B85C7E3C33F6C7788BC72C31C8B4	24384	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wlh_x86\RegistryDefragBootTime.exe
2014-05-20 04:27:52	78282F48B994EB1A2E9F942DF0749052	27456	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wlh_amd64\RegistryDefragBootTime.exe
2014-05-20 04:27:52	30E954BC3C98E9419DEA06F42D861010	23872	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wxp_x86\RegistryDefragBootTime.exe
2014-05-20 04:27:52	2BA0E72EEB74142DEE05D80392DD21AB	26432	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wnet_amd64\RegistryDefragBootTime.exe
2014-05-20 04:27:52	16BE2D88119757E7B32E12901E35E58A	26432	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\wxp_amd64\RegistryDefragBootTime.exe
2014-05-20 04:27:51	FB095D321D05F7B9999829650B059FC6	949024	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo12_StartupManager.exe
2014-05-20 04:27:51	D2F7C7DD5828AD6AA1BD74A336833E2A	24384	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\win7_x86\RegistryDefragBootTime.exe
2014-05-20 04:27:51	B7600792B16CA0D6811D4297BE8BDDA5	1852192	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo11_InternetBooster.exe
2014-05-20 04:27:51	9100EA060BA3D3EEC330CE791E9BACA9	243488	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\TbAppCaller.exe
2014-05-20 04:27:51	5AE7353BCD47D0C04A377844A9C9AC6F	900384	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Sur13_WinFix.exe
2014-05-20 04:27:51	2A99F3410342F2B058109CFEEDF45F64	27456	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\drivers\win7_amd64\RegistryDefragBootTime.exe
2014-05-20 04:27:51	28D0247314629C67AB7F6AA2D99E1DAE	5422184	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\SPSetup.exe
2014-05-20 04:27:50	F0D13521B4723FD213ED9CDCB5A50F6E	7664928	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\IObitUninstaller.exe
2014-05-20 04:27:50	EE1F12BFCCFE1526CCBDBABB88493DF4	1082144	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Wizard.exe
2014-05-20 04:27:50	D68B87B1F80E8C15C969B88F7BF08D4E	544544	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
2014-05-20 04:27:50	D2F3674FB4BCB1244E6028755B90AC27	603424	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Report.exe
2014-05-20 04:27:50	BE6DAB0C8CCB34AF60FCC907EF371346	2042144	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Register.exe
2014-05-20 04:27:50	A2D598483C3D21ABC0B41C56704BB6C7	578336	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\UpgradeTip.exe
2014-05-20 04:27:50	9EFC08CE346349C6BFA3B25A63FF286A	838432	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Reinforce.exe
2014-05-20 04:27:50	88B7F951A2DD14BFF31AD74B4E624E98	2130720	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\UninstallPromote.exe
2014-05-20 04:27:50	85CC4370FBA31C5B98719A791D63603C	580384	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suc12_DiskCleaner.exe
2014-05-20 04:27:50	7B44D4796E929393EC9B330AD52DFF4F	562464	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\SendBugReportNew.exe
2014-05-20 04:27:50	743E8C8E1A56B6065DB83BD3EE2A7901	2229024	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suc11_RegistryCleaner.exe
2014-05-20 04:27:50	5C74AD321FDD45D4562F6F67D9A75C84	1145120	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProjectOnUninstall.exe
2014-05-20 04:27:50	3EF183CD81F9792303812714D883FBF6	1264928	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\SPInit.exe
2014-05-20 04:27:50	3B74149C570AD751B377132D7C28411F	1084192	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\RescueCenter.exe
2014-05-20 04:27:50	21DB3A2FEA6E43EA830925331778A980	1900832	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Sua11_DiskExplorer.exe
2014-05-20 04:27:50	212BE27E48344EFD78BF173C5CA27C4A	167712	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
2014-05-20 04:27:50	13D946D32A1E816341D7FA3D48F5B468	947488	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\SendBugReport.exe
2014-05-20 04:27:50	1157313BE0C81895F49B1D25CE77826A	687392	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProgramDeactivator.exe
2014-05-20 04:27:50	0C2F9B66D80EE02A51D0CB15E2F61864	1214240	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
2014-05-20 04:27:50	093CE9D2C6E64F23107DFB07DA1721B6	703776	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Homepage.exe
2014-05-20 04:27:49	FBC25AE0FF76FFFE0FCC7F4CEC5E6489	44320	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\DiskScan.exe
2014-05-20 04:27:49	FA149A9A6DDDCC222865077D07DD1C51	2152736	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\LiveUpdate.exe
2014-05-20 04:27:49	F5ADB51BC6EBF55B052B581FBC23C1E1	1107744	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\CheckDevice.exe
2014-05-20 04:27:49	E94D75A9D6E4724075BB6E6CC6FE3DD3	548128	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCUpgrade.exe
2014-05-20 04:27:49	E382AF1BEBEAB8CA249E0064E0B2F161	1141536	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoSweep.exe
2014-05-20 04:27:49	E13E1FC432E031C164B241E38C214949	1757472	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ActionCenterDownloader.exe
2014-05-20 04:27:49	E0EB7A942405BB5A0CAAB5CFF2C78D0C	4474144	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
2014-05-20 04:27:49	DFBA16F3983B2FB5C9B479B577BCDE67	92960	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\PerformUpdate.exe
2014-05-20 04:27:49	D3029F71E7F453C833D28AA8CD08D14A	1873184	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\QuickSettings.exe
2014-05-20 04:27:49	CC6B26C922B4480FCBDFF565C9ABFB6F	36640	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCFixer.exe
2014-05-20 04:27:49	99E9041F77D7988C2851153E3E0F5EBF	236320	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ProTip.exe
2014-05-20 04:27:49	8E13CA0B48A1298F46F8739B95DBE4BF	781600	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
2014-05-20 04:27:49	6C856C581ACE1785CE3FC2414E9859A3	881952	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
2014-05-20 04:27:49	6A30A6E6164C1AC03B4F00356DED9607	645408	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCDownload.exe
2014-05-20 04:27:49	67CD9833ECFE329A35892321E71E9FE8	1327392	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoUpdate.exe
2014-05-20 04:27:49	66ED963FBA998E887C88FE6FCA46E2B9	43808	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\DiskDefrag.exe
2014-05-20 04:27:49	49F4367F0885E9A77210EA9AC5835A16	468768	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\DelayLoad.exe
2014-05-20 04:27:49	3EB3B7885DD64FB1E360710790320D22	323360	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Nfeatures.exe
2014-05-20 04:27:49	37E24A946C409B7A0F7BE1FBC02218ED	1198368	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe
2014-05-20 04:27:49	350E1CE270A22CF8D9584D508F0DC850	1863456	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoCare.exe
2014-05-20 04:27:49	32AE2F1A4CEB3588F50611FD27BFA7E8	441120	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\MonitorDisk.exe
2014-05-20 04:27:49	22B9972EB524057C8CDE6168845C579C	580896	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCInit.exe
2014-05-20 04:27:49	1F98172C060A5328459A56CB7ECDA779	96032	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\Display.exe
2014-05-20 04:27:49	127687F1D171D0820D02851A9FA62525	2295584	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
2014-05-20 04:27:37	A6A93CE12CF1B7840B20008260CCF336	36530832	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCPatch.exe
2014-05-19 16:31:33	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\PaulGJ.exe
2014-05-19 16:31:00	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\PaulGJ\Downloads\RSITx64.exe
2014-05-19 16:21:20	302103AF95A8F43AD85F80DAE14BDB9C	17305616	----a-w-	C:\Users\PaulGJ\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 07:09:21	19C1B3FA0DFE65A00E96E94E8B7F24F0	1065784	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\~nsu.tmp\Au_.exe
2014-05-19 07:08:51	2439E00C5BDDB031E671D7D066CA55C7	8871752	----a-w-	C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
2014-05-19 07:08:50	2B85FE26CA828485BFF6A454B881A295	164864	----a-w-	C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\UNWISE.EXE
2014-05-19 07:08:13	9BB41CA8F66EC7D3132E869670D7EA34	6281976	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsuF89B\SpSetup.exe
2014-05-19 07:07:58	01C3E4184A59EE9B4E3630E138F2C4BE	11289952	----a-w-	C:\Users\PaulGJ\Downloads\ScreenHunter_Free_TSA13IA0C\01c3e4184a59ee9b4e3630e138f2c4be_setupscreenhunterfree.exe
2014-05-19 07:07:45	553DBE69A3768937FDDB807084C969EF	384312	----a-w-	C:\Program Files (x86)\sweetpacks bundle uninstaller_ScreenHunter Free_1520630\uninstaller.exe
2014-05-19 06:01:13	4A78777FD4A6C5B8512EA49B49B997D3	138977299	----a-w-	C:\Users\PaulGJ\Downloads\Apache_OpenOffice_4.1.0_Win_x86_install_nl.exe
2014-05-16 07:54:13	71F546631768F9A06E8095B212C4A7AD	694240	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 05:52:24	A742CCF738AEFEF3078683BD0E803215	739808	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.137\34.0.1847.137_34.0.1847.131_chrome_updater.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsy41E4.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsn2887.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsm2663.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nse450E.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsd42EA.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsc40C6.exe
2014-05-14 20:02:00	02C162FD7706E887624DFCC410979355	156061	----a-w-	C:\Users\PaulGJ\AppData\Local\Temp\nsb244F.exe
2014-05-14 04:42:25	425B488F076DF105CFB8A700D2A50352	6987096	----a-w-	C:\Windows\System32\ntoskrnl.exe
2014-05-14 04:42:24	F1DA34D64F2BA200D28A7451804E2FEE	35840	----a-w-	C:\Windows\System32\lsass.exe
2014-05-13 20:14:19	E24DAD8D5A27366EFC8D9E2507CAA220	381520	----a-w-	C:\ProgramData\NVIDIA\Updatus\Packages\00005ace\updatus.18464474_RUNASUSER.exe
=== C: other files ==
2014-05-20 04:27:55	032694B0FE8D2AE6EC544B989E1CBF75	341164	----a-w-	C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx
2014-05-19 16:35:21	95B3CEAF06A2DF96FE28CD0755D319C4	79064	----a-w-	C:\Windows\System32\Drivers\ylgw.sys
2014-05-19 16:23:48	6140163BFE9D8F2DFDBA088ED5521C13	119512	----a-w-	C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-19 16:23:25	FD5465B876D55534117963FAAA4B9DFC	25816	----a-w-	C:\Windows\System32\Drivers\mbam.sys
2014-05-19 16:23:25	4A1356200B82B852E137B687F03E8054	88280	----a-w-	C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-19 16:23:25	3FFFB7F54CD7A792099C10402FCF8F56	63192	----a-w-	C:\Windows\System32\Drivers\mwac.sys
2014-05-19 08:14:34	B8B5383C690AD7134E356DACF2F03CF4	2836	----a-w-	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[8].zip
2014-05-15 20:12:14	B8B5383C690AD7134E356DACF2F03CF4	2836	----a-w-	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[7].zip
2014-05-14 04:42:28	AB6F7DE8BFBF61A42F8764D9A621BD8B	269592	----a-w-	C:\Windows\System32\Drivers\WdFilter.sys
2014-05-14 04:42:28	3772FF85F0098686B0DCD77076AE0786	35856	----a-w-	C:\Windows\System32\Drivers\WdBoot.sys
2014-05-14 04:42:25	DBF9E5346431557BF56F41E7F8EC0DC1	570216	----a-w-	C:\Windows\System32\Drivers\cng.sys
2014-05-14 04:42:25	8B3EB6372436195B8EA8AE09A184BCE2	100184	----a-w-	C:\Windows\System32\Drivers\ksecdd.sys
2014-05-14 04:42:25	3DD9C86EA88E8B5A51904AD87E1F2E78	172888	----a-w-	C:\Windows\System32\Drivers\ksecpkg.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN3611C3P505SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_USERS\S-1-5-21-1844672479-915764875-3806880301-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN3611C3P505SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO"
"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN3611C3P505SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1"
"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Folders ======================


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-05-2014 20:40]
C:\Windows\tasks\ASC7_SkipUac_PaulGJ.job --a-------- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [04-05-2014 18:59]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-04-2014 17:42]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-04-2014 17:42]
C:\Windows\tasks\Uninstaller_SkipUac_Administrator.job --a-------- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [06-05-2014 17:52]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe]
"C:\Windows\SysNative\tasks\ASC7_SkipUac_PaulGJ" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\Windows\SysNative\tasks\Dolby Selector" [C:\Dolby PCEE4\pcee4.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\iuBrowserIEAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"]
"C:\Windows\SysNative\tasks\iuEmailOutlookAgent" ["C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"]
"C:\Windows\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"]
"C:\Windows\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"]
"C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\Windows\SysNative\tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" [C:\Program Files\COMODO\COMODO Internet Security\cistray.exe]
"C:\Windows\SysNative\tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\SysNative\tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\SysNative\tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\SysNative\tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}" ["C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe"]
"C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\etdzk0j7.default
- CSS Stylesheet Editor - %ProfilePath%\extensions\csseditor@bluegriffon.com.xpi
- EyeDropper - %ProfilePath%\extensions\eyedropper@bluegriffon.com.xpi
- FontSquirrel Manager - %ProfilePath%\extensions\fs@bluegriffon.com.xpi
- Fullscreen - %ProfilePath%\extensions\fullscreen@bluegriffon.com.xpi
- Google Font Directory Manager - %ProfilePath%\extensions\gfd@bluegriffon.com.xpi
- Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@bluegriffon.org.xpi
- Deutsch DE Language Pack - %ProfilePath%\extensions\langpack-de@bluegriffon.org.xpi
- English US Language Pack - %ProfilePath%\extensions\langpack-en-US@bluegriffon.org.xpi
- Espaol Espaa Language Pack - %ProfilePath%\extensions\langpack-es-ES@bluegriffon.org.xpi
- Suomenkielinen FI Language Pack - %ProfilePath%\extensions\langpack-fi@bluegriffon.org.xpi
- Franais Language Pack - %ProfilePath%\extensions\langpack-fr@bluegriffon.org.xpi
- Galego Espaa Language Pack - %ProfilePath%\extensions\langpack-gl@bluegriffon.org.xpi
- Hebrew IL Language Pack - %ProfilePath%\extensions\langpack-he@bluegriffon.org.xpi
- Magyar HU Language Pack - %ProfilePath%\extensions\langpack-hu@bluegriffon.org.xpi
- Italiano IT Language Pack - %ProfilePath%\extensions\langpack-it@bluegriffon.org.xpi
- Japanese Language Pack - %ProfilePath%\extensions\langpack-ja@bluegriffon.org.xpi
- Korean KR Language Pack - %ProfilePath%\extensions\langpack-ko@bluegriffon.org.xpi
- Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@bluegriffon.org.xpi
- Polski Language Pack - %ProfilePath%\extensions\langpack-pl@bluegriffon.org.xpi
- Slovenski jezik Language Pack - %ProfilePath%\extensions\langpack-sl@bluegriffon.org.xpi
- sr Language Pack - %ProfilePath%\extensions\langpack-sr@bluegriffon.org.xpi
- Svenska SE Language Pack - %ProfilePath%\extensions\langpack-sv-SE@bluegriffon.org.xpi
- Chinese Simplified zh-CN Language Pack - %ProfilePath%\extensions\langpack-zh-CN@bluegriffon.org.xpi
- Traditional Chinese zh-TW Language Pack - %ProfilePath%\extensions\langpack-zh-TW@bluegriffon.org.xpi
- MathML - %ProfilePath%\extensions\mathml@bluegriffon.com.xpi
- Opquast Accessibility First Step - %ProfilePath%\extensions\op1@bluegriffon.com.xpi
- Snippets - %ProfilePath%\extensions\snippets@bluegriffon.com.xpi
- SVG-edit - %ProfilePath%\extensions\svg-edit@googlegroups.com.xpi
- Table Layouts - %ProfilePath%\extensions\tablelayout@bluegriffon.com.xpi
- One-click Templates - %ProfilePath%\extensions\templatesManager@bluegriffon.com.xpi
- Thumbnailer - %ProfilePath%\extensions\thumbnailer@bluegriffon.com.xpi
- Tip of the Day - %ProfilePath%\extensions\tipoftheday@bluegriffon.com.xpi

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default
- Undetermined - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- Undetermined - %ProfilePath%\extensions\PrivDog@AdTrustMedia.com
- Undetermined - %ProfilePath%\extensions\{4074d95f-fa20-4adf-8723-2087d4149027}
- Media Hint - %ProfilePath%\extensions\mediahint@jetpack.xpi
- FindWide Toolbar - %ProfilePath%\extensions\toolbar10817@findwide.com.xpi

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Thunderbird\Profiles\pgfiju2j.default
- Mail Merge - %ProfilePath%\extensions\mailmerge@example.net.xpi
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

ProfilePath: C:\Users\PaulGJ\AppData\Roaming\Thunderbird\Profiles\v3d9aldm.default
- Mail Merge - %ProfilePath%\extensions\mailmerge@example.net.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\PaulGJ\AppData\Roaming\Mozilla\Firefox\Profiles\1l0q1y7a.default
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash


==== Chrome Look ======================

CookiesOK - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\afmkbjoakcacgljcdccofbffloabfbni
Theme Creator - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc
Google Docs - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Advanced SystemCare Surfing Protection - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
YouTube - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Search by Image by Google - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
Beautiful QR Code generator - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkmjofjfechnmgaedinbgnkdgpodncf
Matome Slideshow - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\echieaebhflmcmnmpbjkajgooidbkgop
500px - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\egpociadnldbkfkjpmjoaibnbcoeplja
Hola Better Internet - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
PDF Mergy - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha
Send Page - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\higemadklcnjhjpgcbnnbpgeeippjjcp
Custom Google™ Background - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg
Auto Replay for YouTube™ - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb
Over hundred of currencies with daily exchange rates historical charts and more. - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbhghjdcfghfhlogkgdklfgmpodeglno
Planner 5D - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna
deviantART muro - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei
Edge (Ruler) - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\njlkegdphefeellhaongiopcfgcinikh
Google Wallet - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
ColorPick Eyedropper - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg
WeVideo - Video Editor and Maker - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb
Autumn - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncooeidkmfddiohbpfcfbenjdnpdkac
QR Code Decoder - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pafahhgpmimhoiglnpehhjpnkkppfpek
Gmail - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Similar Pages beta by Google - PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnfggphgdjblhfjaphkjhfpiiekbbej

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{AA9A4890-4262-4441-8977-E2FFCBFB706C}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0A579910-7C10-4D86-A4C4-77621B5735C2} FindWide  Url="http://search.findwide.com/serp?guid={33A40125-444A-41ED-A6E4-5013D5BB47C5}&action=default_search&serpv=22&k={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{AA9A4890-4262-4441-8977-E2FFCBFB706C} Yahoo//fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo"

==== shortcuts on Users Desktops ======================

C:\Users\UpdatusUser\Desktop\ScreenHunter 6.0 Free.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe 
C:\Users\UpdatusUser\Desktop\ScreenHunter 6.0 Pro.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Pro\ScreenHunter.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\Public\Desktop\Corel PaintShop Pro X6.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X6\Corel PaintShop Pro.exe 
C:\Users\Public\Desktop\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\ScreenHunter 6.0 Free.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer_0001.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\500px.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\500px_0001.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --profile-directory=Default --app-id=egpociadnldbkfkjpmjoaibnbcoeplja
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Edge_ The Web Ruler.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --profile-directory=Default --app-id=njlkegdphefeellhaongiopcfgcinikh
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Edge_ The Web Ruler_0001.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  --profile-directory=Default --app-id=njlkegdphefeellhaongiopcfgcinikh
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3520 series (r�seau).lnk -  
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3520 series (r�seau)_0001.lnk -  
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series (r�seau).lnk -  
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series (r�seau)_0001.lnk -  

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adres 2000\Adres 2000 help.lnk - C:\Program Files (x86)\Adres 2000\Adreshelp.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adres 2000\Adres 2000.lnk - C:\Program Files (x86)\Adres 2000\Adres2000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adres 2000\Uninstall Adres 2000.lnk - C:\Program Files (x86)\Adres 2000\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Toolbox.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /toolbox
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Turbo Boost.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /turboboost
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7\Verwijder Advanced SystemCare.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueGriffon\BlueGriffon.lnk - C:\Program Files (x86)\BlueGriffon\bluegriffon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueGriffon\Verwijder BlueGriffon.lnk - C:\Program Files (x86)\BlueGriffon\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Antivirus\COMODO Antivirus.lnk - C:\Program Files (x86)\COMODO\COMODO Internet Security\cistray.exe --shortcut
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo\COMODO Antivirus\Toevoegen en Verwijderen van onderdelen.lnk - C:\Windows\system32\msiexec.exe /I{D32EF4F9-1506-434E-A813-3D4C0AA50300}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6\Corel PaintShop Pro X6 (64-bit).lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X6 (64-bit)\Corel PaintShop Pro.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6\Corel PaintShop Pro X6.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X6\Corel PaintShop Pro.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X6\Restore Database.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X6 (64-bit)\ResetDB.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk - C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk - C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Help.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\help.html 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Over QuickTime.lnk - C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\RichText.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk - C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\PictureViewer.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime de�nstalleren.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{8DC42D05-680B-41B0-8878-6C14D24602DB}\QTPlayer.ico 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soft-Now bundle\Soft-Now bundle.lnk - C:\Program Files (x86)\sweetpacks bundle uninstaller_ScreenHunter Free_1520630\uninstaller.exe "C:\Program Files (x86)\sweetpacks bundle uninstaller_ScreenHunter Free_1520630\uninstaller.exe" "/appName=Soft-Now bundle" "/linkurl=http://lp.sweetim.com/SweetPacksBundleUninstaller/" "/searchProviderApp=Soft-Now" "/searchProvider=a different"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free\ScreenHunter 6.0 Free.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free\ScreenHunter User Guide.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free\Uninstall.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\UNWISE.EXE 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome_0001.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser_0001.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane_0001.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Power Button_0001.lnk - C:\Program Files (x86)\Acer\Acer Power Management\ePowerButton.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Active@ UNDELETE 64-bit.lnk - C:\Program Files\LSoft Technologies\Active@ UNDELETE Professional\Undelete64.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adres 2000.lnk - C:\Program Files (x86)\Adres 2000\Adres2000.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7 (2).lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /manual
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare 7.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BlueGriffon.lnk - C:\Program Files (x86)\BlueGriffon\bluegriffon.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CCleaner_0001.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear_0001.fi Media.lnk - C:\Program Files (x86)\Acer\clear.fi Media\ClearfiMedia.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\clear_0001.fi Photo.lnk - C:\Program Files (x86)\Acer\clear.fi Photo\ClearfiPhoto.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\COMODO Antivirus.lnk - C:\Program Files (x86)\COMODO\COMODO Internet Security\cistray.exe --shortcut
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Corel PaintShop Pro X6 (64-bit).lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X6 (64-bit)\Corel PaintShop Pro.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Docs_0001.lnk - C:\Program Files (x86)\Acer\AcerCloud Docs\AcerCloud Docs.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Libraries 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer_0001.lnk - C:\Users\PaulGJ\AppData\Roaming\Microsoft\Windows\Libraries 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FileZilla Client.lnk - C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome_0001.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer_0001.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer_0002.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer_0003.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox_0001.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe 
C:\Users\PaulGJ\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ScreenHunter 6.0 Free.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe 
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PaulGJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PaulGJ\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[1].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[2].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[3].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[4].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[5].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[6].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[7].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[8].udt will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[1].zip will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[2].zip will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[3].zip will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[4].zip will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[5].zip will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[6].zip will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[7].zip will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[8].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[1].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[2].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[3].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[4].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[5].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[6].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[7].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1378296933jtun_engine$ara_exe[8].udt will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[1].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[2].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[3].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[4].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[5].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[6].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[7].zip will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.1_all_livetri[8].zip will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\PaulGJ\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=260 folders=93 68697108 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\PaulGJ\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot