
Zoek.exe v5.0.0.0 Updated 15-08-2014
Tool run by FM2A88 on za 16/08/2014 at  2:08:39,04.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\FM2A88\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

16/08/2014 2:10:38 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Advanced System Protector deleted successfully
C:\PROGRA~2\MyFree Codec deleted successfully
C:\PROGRA~2\Nitro PDF deleted successfully
C:\PROGRA~2\predm deleted successfully
C:\PROGRA~2\Samsung deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\TVersity deleted successfully
C:\Users\FM2A88\AppData\Roaming\ap_logs deleted successfully
C:\Users\FM2A88\AppData\Roaming\IrfanView deleted successfully
C:\Users\FM2A88\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\FM2A88\AppData\Local\GGEmpire deleted successfully
C:\Users\FM2A88\AppData\Local\Soldiers deleted successfully
C:\Users\FM2A88\AppData\Local\StormFall deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3437649926-2280246673-654014984-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_USERS\S-1-5-21-3437649926-2280246673-654014984-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3437649926-2280246673-654014984-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe
C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe
C:\Program Files (x86)\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FM2A88\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TBSrv deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Dolphin Deals deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Dolphin Deals deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Dolphin Deals deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Dolphin Deals deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Greener Web deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util Greener Web deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\FM2A88\AppData\Roaming\Mozilla\Firefox\Profiles\t28rcbd9.default

---- Lines {66bd2442-241b-44cd-8c7a-b51037053cdb} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ---- 

user_20141608_0212_.backup
prefs_20141608_0212_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66bd2442-241b-44cd-8c7a-b51037053cdb}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"fst_be_68"=- 
"AnyProtect Scanner"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AnyProtectEx not found
C:\Program Files (x86)\Greener Web not found
C:\Program Files (x86)\Advanced System Protector not found
C:\Program Files (x86)\MyFree Codec not found
"C:\Windows\AutoKMS.exe" not found
C:\Users\FM2A88\AppData\LocalLow\TVersitybar deleted
C:\Program Files (x86)\globalUpdate deleted
C:\ProgramData\IePluginServices deleted
C:\Program Files (x86)\Tbccint deleted
C:\Users\FM2A88\AppData\Roaming\Mozilla\Firefox\Profiles\t28rcbd9.default\extensions\faststartff@gmail.com deleted
C:\Users\FM2A88\AppData\Roaming\Mozilla\Firefox\Profiles\t28rcbd9.default\extensions\jid0-c1av474BVPIHcGJfBp3GkhlhAa4@jetpack deleted
C:\Users\FM2A88\AppData\Roaming\Mozilla\Firefox\Profiles\t28rcbd9.default\extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb} deleted
C:\Users\FM2A88\AppData\Roaming\Mozilla\Firefox\Profiles\t28rcbd9.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} deleted
C:\Users\FM2A88\AppData\Roaming\Systweak deleted
C:\Program Files (x86)\SupTab deleted
C:\Users\FM2A88\AppData\Roaming\OpenCandy deleted
C:\ProgramData\WindowsMangerProtect deleted
C:\ProgramData\374311380 deleted
C:\Program Files (x86)\HaoZip deleted
"C:\Windows\tasks\AmiUpdXp.job" deleted
"C:\Windows\tasks\APSnotifierPP1.job" deleted
"C:\Windows\tasks\APSnotifierPP2.job" deleted
"C:\Windows\tasks\APSnotifierPP3.job" deleted
"C:\Windows\tasks\AutoKMS.job" deleted
"C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job" deleted
"C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job" deleted
"C:\Users\FM2A88\AppData\Roaming\Mozilla\Firefox\Profiles\t28rcbd9.default\searchplugins\Web Search.xml" deleted
"C:\Program Files (x86)\Dolphin Deals\bin\DolphinDeals.PurBrowse64.exe" deleted
"C:\Program Files (x86)\Dolphin Deals" not deleted
"C:\Program Files (x86)\Dolphin Deals\bin" not deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 7603 MB
CPU Info: AMD A6-6400K APU with Radeon(tm) HD Graphics
CPU Speed: 4008,2 MHz
Sound Card: Luidsprekers (2- High Definitio | 
Hoofdtelefoon (2- High Definiti | 
Display Adapters: AMD Radeon HD 8470D | AMD Radeon HD 8470D | AMD Radeon HD 8470D
Monitors: 1x; Acer AL1916 | 
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family-controller
CD / DVD Drives: 1x (D: | ) D: ATAPI   iHAS124   E
Ports: COM1 LPT1
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  397,1GB | F:  534,1GB
Hard Disks - Free: C:  268,3GB | F:  530,9GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 11/19/13 | ALASKA - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: ASRock FM2A88M-HD+
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Windows Defender On-access scanning disabled (Outdated)
Anti-Virus: Norton 360 Premier Edition On-access scanning disabled (Outdated)
Anti-Spyware: Norton 360 Premier Edition disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Norton 360 Premier Edition disabled
Default Browser: Google Chrome	36.0.1985.143
Internet Explorer Version: 11.0.9600.17239 
Mozilla Firefox version: 29.0.1 (x86 nl)
Google Chrome version: 36.0.1985.143
Sun Java version: 1.7.0_67 (32-bit) 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-08-12 20:23:56	AB7AFAC47007D11443AC2C19F9DBAC01	17542	------w-	C:\Windows\FRGN.ico
2014-08-12 20:23:56	827140442773B004768D27614D47AF4D	64	----a-w-	C:\Windows\GPlrLanc.dat
====== C:\Users\FM2A88\AppData\Local\Temp ====
2014-08-14 21:51:27	FEFEF2F226FD6BE184BC4A3378B02AAF	155648	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\psmachine.dll
2014-08-14 21:51:27	FC7A2F466F7A0F3E873077505719C1A1	143360	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleUpdateHelper.msi
2014-08-14 21:51:27	DFAA47C550989865DF07449C1CBA36BC	220672	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\npGoogleUpdate4.dll
2014-08-14 21:51:27	99634FE18B1422EE8B60FDA3D4FAE969	761856	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\goopdate.dll
2014-08-14 21:51:27	8D90BB3A36521B50D0E512A781E36871	155648	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\psuser.dll
2014-08-14 21:51:27	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleUpdateOnDemand.exe
2014-08-14 21:51:26	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleUpdateBroker.exe
2014-08-14 21:51:26	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleUpdate.exe
2014-08-14 21:51:26	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleCrashHandler.exe
2014-08-14 18:34:26	FEFEF2F226FD6BE184BC4A3378B02AAF	155648	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\psmachine.dll
2014-08-14 18:34:26	DFAA47C550989865DF07449C1CBA36BC	220672	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\npGoogleUpdate4.dll
2014-08-14 18:34:26	8D90BB3A36521B50D0E512A781E36871	155648	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\psuser.dll
2014-08-14 18:34:25	FC7A2F466F7A0F3E873077505719C1A1	143360	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleUpdateHelper.msi
2014-08-14 18:34:25	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleUpdateBroker.exe
2014-08-14 18:34:25	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleUpdate.exe
2014-08-14 18:34:25	99634FE18B1422EE8B60FDA3D4FAE969	761856	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\goopdate.dll
2014-08-14 18:34:25	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleUpdateOnDemand.exe
2014-08-14 18:34:25	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleCrashHandler.exe
2014-08-14 18:07:42	BFB6DE3E5654C29E191378E8EF227862	83456	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\post2.exe
2014-08-14 18:07:42	BC55DD74FFCE67E51CF111DB1A2E557D	310272	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\post1.exe
2014-08-14 18:07:42	AD873A78D0EE5EA49EACB2F9B02E0120	84480	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\post2.dll
2014-08-14 17:39:11	C0FE25F036DBAD335A0227D4E7FA7511	28099	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\i4jdel0.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-08-13 15:46:40	2C01D8EA2B0FA834597FCD96AAAE4F52	406400	----a-w-	C:\Windows\SysWOW64\dxgi.dll
2014-08-13 15:46:34	E9B28B60C0272E2E1E462E6FB38E6B55	367104	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 15:46:34	E70C00791A18866BB23B3A652E3390A0	2001920	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 15:46:34	6D017C0E499443ACDE3D9B5DCD753F32	1169920	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-08-13 15:46:34	1A05CFA45B6AEBFCCC835DCF68CBD1D0	526336	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 15:46:33	FF4A917DD7C387BD2715A5F67307FED1	2184704	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-08-13 15:46:33	90FF511B751A0327D07C4073760F1578	11772928	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-08-13 15:46:33	239575F9EA0D227516843EEE8B7342CA	239616	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 15:46:31	7C1BFC2ABE297BCA1A7BA77A8292C088	4204032	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-08-13 15:46:31	18A3154606E3F8945956948A4E708007	704512	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 15:46:28	444EB30B1610A35FC99D62A91B2BCAA7	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 15:46:28	24FA5F74D3B4BA62539DF87285BA934E	597504	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 15:46:27	8453DDF167CE2986AA4AB04BC6824925	17524224	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-08-13 15:46:09	B945BAA81B4805AD6BDDF4D026DCFB47	1792512	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-08-13 15:46:09	030041C8800A1781134B6EC3E3EF3F9C	291840	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 15:46:08	FEE3E022B00A5165ED645E38C1E6C776	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 15:46:07	9D16B568E318F49535AD72539C9997C2	455168	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-08-13 15:46:07	272420427EB96EA052C719AA796C09F2	61952	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 15:45:05	128EC9879D462F89829E663417FE5DBD	710144	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 15:44:56	38045850ACB96313A1983A8803302906	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 15:41:32	16CDD058883E38FB43D582FB080F721A	2318336	----a-w-	C:\Windows\SysWOW64\authui.dll
2014-08-13 15:41:31	F8D0951A75826AD557CFAC323A936AA6	281088	----a-w-	C:\Windows\SysWOW64\msihnd.dll
2014-08-13 15:41:31	86DB4BA87BAF3D467D04821602E586A9	3304448	----a-w-	C:\Windows\SysWOW64\msi.dll
2014-08-13 15:41:24	DB3ED0BA26D7C598481A23E7D06A370E	2344448	----a-w-	C:\Windows\SysWOW64\Wpc.dll
2014-08-13 15:41:23	DBC4D46A7DDC14D1D1ED4B613F9E41A4	1064448	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2014-08-08 18:38:19	07EF2978A5BC36720378F95566697FD8	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-08-08 18:38:14	3BDEB17FE6390BFF1BF3A2D964DE8E48	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-08-08 18:38:14	11FD45A41DF45298686ED39062AABE2A	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-08-08 18:38:14	0F70F4DAF2BC5613EE75C9B2585CE67E	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-08-13 15:46:40	59EAFAE3A34B4925990A2E679CA91C5B	517528	----a-w-	C:\Windows\Sysnative\dxgi.dll
2014-08-13 15:46:40	454978FB3D24DE5C4199162D5F81FBEE	2133504	----a-w-	C:\Windows\Sysnative\dwmcore.dll
2014-08-13 15:46:34	FE7D99399F7761AA2695A7B1AD30DAAF	1431040	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-08-13 15:46:33	F00D0AE7648CA45C6434E2885485BE0B	452096	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-08-13 15:46:33	1FD1F16C35946BA28FDEB40F18B7729D	631808	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-08-13 15:46:32	DB382D89D8004F40BD2C55BAE6A15B30	2774528	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-08-13 15:46:32	39A85C005BCDEEF4092646EBBC2526AA	2087936	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-08-13 15:46:31	1DE8B71A1C7D8943034188556AF50B07	292864	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-08-13 15:46:30	920F690FC7424DE71888AA2E46E917EA	758272	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-08-13 15:46:30	472C409F9B0FF67C1015F511C73E1889	5824512	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-08-13 15:46:30	2639E152D246F2A651F09764807CA153	85504	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-08-13 15:46:30	1B26610C1659EF54ED000233FB96F20C	13547008	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-08-13 15:46:29	ECA387DCD57F683C52171C766CF400F0	23645696	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-08-13 15:46:29	BAC44396088ECC1C9021ED3E3345337C	846336	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-08-13 15:46:09	8E71A5CB5312B8392D4DA4CA37BB5868	2266624	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-08-13 15:46:09	38D14F3D0A289050CA9BF8E98F37313F	333312	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-08-13 15:46:08	52D2151908C2A6388B6561A373488F6F	692736	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-08-13 15:46:08	19FA60D3AE1804A559306DE931A5B415	72704	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-08-13 15:46:07	C02C78DE9BB4E68F6C78B1588ADD6ADC	83968	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-08-13 15:46:07	6ED6DA2A04F8F0C9BDAD647284BAEFB6	548352	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-08-13 15:45:06	1BB9CC78C91536CBA7B04B61ED0F85C4	1273184	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2014-08-13 15:44:56	6DBE73C09215E281F4283641144110A5	35480	----a-w-	C:\Windows\Sysnative\TsWpfWrp.exe
2014-08-13 15:41:32	68F887EF33C09CDA957A51ECE871D642	2642944	----a-w-	C:\Windows\Sysnative\authui.dll
2014-08-13 15:41:32	28E0C3AAA68579ABD9A27B92DFD5F119	2790912	----a-w-	C:\Windows\Sysnative\msi.dll
2014-08-13 15:41:31	10D8859CF01C1284603582ABD9B0482C	114520	----a-w-	C:\Windows\Sysnative\consent.exe
2014-08-13 15:41:31	08914C8989AB93F5EC3A452D014E2C8D	356352	----a-w-	C:\Windows\Sysnative\msihnd.dll
2014-08-13 15:41:28	C27B20D9AA9BE41CCBFD512AABB0E6C3	697856	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-08-13 15:41:28	2D347489E43FAD4E51FDB51BEEBF13F4	527360	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-08-13 15:41:26	00AD15C6BA3C337CB68A476C0AD05338	918528	----a-w-	C:\Windows\Sysnative\MrmCoreR.dll
2014-08-13 15:41:24	E7DE316FEEFC79327CFAD8F527979CC0	3118080	----a-w-	C:\Windows\Sysnative\Wpc.dll
2014-08-13 15:41:24	E2F4125BFAC99244088324A1841C0B83	3048880	----a-w-	C:\Windows\Sysnative\WpcMon.exe
2014-08-13 15:41:24	A39C4AB750E0AD4431C7B7F46AB0EBED	4148224	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-08-13 15:41:24	6BC31FB4E24A962C98801D3687A984C0	2861056	----a-w-	C:\Windows\Sysnative\WpcWebSync.dll
2014-08-13 15:41:23	F381B380B7B2704EA4C0F8D8C49C1C50	623616	----a-w-	C:\Windows\Sysnative\MDMAgent.exe
2014-08-13 15:41:23	87CEF71F9D5951C9379D2F956C07C37D	1336624	----a-w-	C:\Windows\Sysnative\gdi32.dll
====== C:\Windows\Sysnative\drivers =====
2014-08-14 22:49:19	E3CA092329A9CE20C62CFF30E033F4E4	61640	----a-w-	C:\Windows\Sysnative\drivers\{f2dee4ac-05d0-4e54-80bc-2dc0ba61a2c7}Gw64.sys
2014-08-13 15:46:40	313DCE665B57000B18CB26C6B6A10DFE	1557848	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2014-08-10 05:51:45	7D9F124B6093F1C67CF8EB698AB24E51	61632	----a-w-	C:\Windows\Sysnative\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys
2014-08-08 18:21:38	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_webinstr_01009.Wdf
====== C:\Windows\Tasks ======
2014-08-12 20:30:53	C956DCDC1552BEDE2D47203C4D493931	3154	----a-w-	C:\Windows\Sysnative\Tasks\Systweak-Support-Dock
2014-08-11 20:38:49	6D7457B1CE91A427F4B9AFD7812253C9	3098	----a-w-	C:\Windows\Sysnative\Tasks\{9D8D6C9B-CC0F-46F8-9F09-5D237E865773}
2014-08-10 13:56:17	99AA7C39673D4EFC8E84F629FC7F10FF	3246	----a-w-	C:\Windows\Sysnative\Tasks\Optimizer Pro Schedule
2014-08-10 07:42:54	70B972D9F471B40FE171024C593CB067	3100	----a-w-	C:\Windows\Sysnative\Tasks\Update Service SimpleFiles
2014-08-08 18:42:19	7D73CF59F987D5DEB7B1E1818BDB2DB4	3150	----a-w-	C:\Windows\Sysnative\Tasks\{AFD8AB69-5282-4F9D-94FE-CF0916823D9F}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-08-15 07:19:30	--------	d-----w-	C:\Program Files\trend micro
2014-08-11 20:42:25	--------	d-----w-	C:\Program Files\ADVANCED TOOLS
======= C:\PROGRA~2 =====
2014-08-14 21:47:32	--------	d-----w-	C:\PROGRA~2\Dolphin Deals
2014-08-12 20:30:46	--------	d-----w-	C:\PROGRA~2\Systweak Support Dock
2014-08-11 18:20:03	--------	d-----w-	C:\PROGRA~2\Cheat Engine 6.4
2014-08-09 23:16:50	--------	d-----w-	C:\PROGRA~2\COMMON~1\Config
2014-08-08 18:38:23	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2014-08-08 18:38:06	--------	d-----w-	C:\PROGRA~2\Java
======= C: =====
====== C:\Users\FM2A88\AppData\Roaming ======
2014-08-14 18:35:27	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\uTorrent
2014-08-14 18:22:24	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poojary
2014-08-12 20:23:33	--------	d-----w-	C:\Users\FM2A88\AppData\Locallow\Temp
2014-08-11 21:19:58	--------	d--h--w-	C:\Users\FM2A88\AppData\Roaming\GoldenGate
2014-08-11 21:19:38	--------	d-----w-	C:\Users\FM2A88\AppData\Local\Gameo
2014-08-11 20:38:15	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\Soldiers939
2014-08-11 20:38:11	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\GoodGameEmpire
2014-08-11 18:34:17	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG
2014-08-11 18:34:17	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AVG
2014-08-11 18:21:52	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\AVG
2014-08-11 18:21:52	--------	d-----w-	C:\Users\FM2A88\AppData\Local\AVG
2014-08-10 14:50:44	224850413BE208C3BAB41AE0C44BAEAE	591056	----a-w-	C:\Users\FM2A88\AppData\Local\nsu3906.tmp
2014-08-10 13:51:43	A7ED81A0BB0F50C456CFD6048B9A5389	575544	----a-w-	C:\Users\FM2A88\AppData\Local\nsw3C1F.tmp
2014-08-10 13:43:39	--------	d-----r-	C:\Users\FM2A88\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-08-10 13:43:18	--------	d-----w-	C:\Users\FM2A88\AppData\Local\Oxy
2014-08-10 13:43:18	--------	d-----w-	C:\Users\FM2A88\AppData\Local\Chromium
2014-08-10 13:39:52	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\DownloadManager
2014-08-10 07:42:58	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\SimpleFiles
2014-08-09 23:19:07	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan
2014-08-09 23:19:07	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\QuickScan
2014-08-09 23:17:38	--------	d-----w-	C:\Users\FM2A88\AppData\Local\20061
2014-08-09 17:58:24	--------	d-----w-	C:\Users\FM2A88\AppData\Local\freeSOFTtoday
2014-08-08 18:43:28	--------	d-----w-	C:\Users\FM2A88\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-08 18:22:12	--------	d-----w-	C:\Users\FM2A88\AppData\Local\globalUpdate
2014-08-08 18:20:56	--------	d-----w-	C:\Users\FM2A88\AppData\Local\Genesis_08081820
====== C:\Users\FM2A88 ======
2014-08-15 07:34:54	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\FM2A88\Desktop\RSITx64.exe
2014-08-15 07:33:22	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\FM2A88\Downloads\RSITx64.exe
2014-08-11 18:20:43	--------	d-----w-	C:\ProgramData\AVG
2014-08-11 18:20:36	--------	d-sh--w-	C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-08-11 18:20:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2014-08-11 18:19:27	58E286356ED95579127915341D05544A	9052192	----a-w-	C:\Users\FM2A88\Downloads\CheatEngine64.exe
2014-08-11 17:12:11	--------	d-----w-	C:\ProgramData\Real
2014-08-11 17:11:18	E1611B421306F324411134992B9C1BEB	6473436	----a-w-	C:\Users\FM2A88\Downloads\CheatEngine61.exe
2014-08-10 13:43:44	--------	d-----w-	C:\Users\FM2A88\.config
2014-08-08 18:43:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-08 18:38:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-08 18:21:36	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\ProgramData\ntuser.pol

====== C: exe-files ==
2014-08-15 19:34:39	C56CB929FDC62BA6AFA025C0DF95CA73	1836624	----a-w-	C:\Program Files (x86)\Google\Update\Install\{59A61F6D-8333-41B8-B83C-6A521AC2DAC4}\36.0.1985.143_36.0.1985.125_chrome_updater.exe
2014-08-15 19:34:39	C56CB929FDC62BA6AFA025C0DF95CA73	1836624	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.143\36.0.1985.143_36.0.1985.125_chrome_updater.exe
2014-08-15 07:34:54	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\FM2A88\Desktop\RSITx64.exe
2014-08-15 07:33:22	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\FM2A88\Downloads\RSITx64.exe
2014-08-15 07:30:41	3C5F60CF8796E2B1B4049AA0F443D7FB	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IH99ZLK.exe
2014-08-15 07:19:31	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\FM2A88.exe
2014-08-15 07:17:37	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RH99ZLK.exe
2014-08-15 05:59:43	C000289D0AF0CC4D76655243BBC51C64	1947216	----a-w-	C:\Users\FM2A88\AppData\Roaming\uTorrent\updates\3.4.2_32891.exe
2014-08-14 22:11:40	18940C5DFBA3F86169D27956B58B9425	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$ISUBTVV.exe
2014-08-14 22:11:38	4C0A34E111618893C39FAE05C0E9DB22	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I7G9BYI.exe
2014-08-14 22:11:35	D44A6E98098D524191EFC1D204483F18	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I24RCVV.exe
2014-08-14 22:11:33	68273F4DB998395AB3FD8F4132D5F70F	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$II3U968.exe
2014-08-14 22:11:30	D42DBA461E330C35CABEDBCF524A7B63	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I13YMIH.exe
2014-08-14 22:02:13	CC8F3E618CB813B601D8252E79862AB6	2761968	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$R7G9BYI.exe
2014-08-14 22:01:33	ECF5828D79F64A2AA7CD1B0ED8CC7BBF	2581664	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RSUBTVV.exe
2014-08-14 21:58:54	2848C2AFEC7306375B677B70A0EE5C75	454144	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RI3U968.exe
2014-08-14 21:58:02	2848C2AFEC7306375B677B70A0EE5C75	454144	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$R24RCVV.exe
2014-08-14 21:51:27	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleUpdateOnDemand.exe
2014-08-14 21:51:26	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleUpdateBroker.exe
2014-08-14 21:51:26	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleUpdate.exe
2014-08-14 21:51:26	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.370085\GoogleCrashHandler.exe
2014-08-14 18:34:25	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleUpdateBroker.exe
2014-08-14 18:34:25	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleUpdate.exe
2014-08-14 18:34:25	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleUpdateOnDemand.exe
2014-08-14 18:34:25	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\comh.170311\GoogleCrashHandler.exe
2014-08-14 18:33:19	C2F85B5F63ACD0B6A22AB1D15A8CD27D	448720	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$R13YMIH.exe
2014-08-14 18:22:24	12F2A89CC6B69218ACCF90F41978E4BA	398336	----a-w-	C:\Users\FM2A88\AppData\Local\Apps\2.0\30JGTTDO.64V\JKQA1E7G.OR6\lice..tion_782e151fc222c660_0001.0000_fecedb5cfc2f836b\LicenceKeyGenerator.exe
2014-08-14 18:09:40	0B49EBC226883FEC60A93E3CF6769466	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IKKQT4Y.exe
2014-08-14 18:09:38	0B442889FB5EF90A2E51D73CA7230F4B	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IQZC2TX.exe
2014-08-14 18:08:37	21F0E588CB017012978DD4B988AF37AD	448704	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RKKQT4Y.exe
2014-08-14 18:07:49	21F0E588CB017012978DD4B988AF37AD	448704	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RQZC2TX.exe
2014-08-14 18:07:42	BFB6DE3E5654C29E191378E8EF227862	83456	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\post2.exe
2014-08-14 18:07:42	BC55DD74FFCE67E51CF111DB1A2E557D	310272	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\post1.exe
2014-08-14 18:06:13	9C59A4E4D80E5AE515BA00F823B04A2F	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I14HN9V.exe
2014-08-14 18:05:49	7BD733DDF89AE5395CF16B680D2F2E72	366936	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$R14HN9V.exe
2014-08-14 17:39:11	C0FE25F036DBAD335A0227D4E7FA7511	28099	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\i4jdel0.exe
2014-08-13 15:46:34	6A60D0D167D35A07646EBCF796D770B4	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-08-13 15:46:33	771E149F97AA6679DEF79F0953414435	812176	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-08-13 15:46:32	E8F1154367F708BD9E5BFD6A2112B4D3	810128	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-08-13 15:46:32	7D709E893B53092E3F5995FF5C3061E2	483328	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-08-13 15:46:08	52D2151908C2A6388B6561A373488F6F	692736	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-08-13 15:44:56	6DBE73C09215E281F4283641144110A5	35480	----a-w-	C:\Windows\System32\TsWpfWrp.exe
2014-08-13 15:44:56	38045850ACB96313A1983A8803302906	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 15:41:31	10D8859CF01C1284603582ABD9B0482C	114520	----a-w-	C:\Windows\System32\consent.exe
2014-08-13 15:41:28	A9BC10505829051B83D749011F0D45BE	156672	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-08-13 15:41:24	E2F4125BFAC99244088324A1841C0B83	3048880	----a-w-	C:\Windows\System32\WpcMon.exe
2014-08-13 15:41:23	F381B380B7B2704EA4C0F8D8C49C1C50	623616	----a-w-	C:\Windows\System32\MDMAgent.exe
2014-08-12 17:30:18	512F63CF804AAE886D233B202CE07BEF	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IQ12GVX.exe
2014-08-12 17:27:32	481448111E09A81EB879B4D9C7ADA1FF	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IGHX49S.exe
2014-08-11 21:25:00	C0E6864237AB87622695AA471B9043BC	366936	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RGHX49S.exe
2014-08-11 21:23:48	4211745625E0914322048A977E9153EB	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IGJWAQB.exe
2014-08-11 21:19:10	A1E166647082E3C731D119E7919389DF	8066056	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RQ12GVX.exe
2014-08-11 21:18:05	0AF515D192D34D4CD37DABB7BEFCD118	713056	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RGJWAQB.exe
2014-08-11 21:13:48	71A3DF06864F89D34547DC456D6E742B	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I3D6MO7.exe
2014-08-11 21:11:30	D88B272530291195D830CA8AF31F3D81	366928	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$R3D6MO7.exe
2014-08-11 20:57:11	680AF948A0EFA8FE9C0B38AB5E03BE23	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IRR654O.exe
2014-08-11 20:48:54	27CBC57891C2F4A523AA190B3019EE1F	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I4X3VHN.exe
2014-08-11 20:42:25	C6F403E5806331AF3E825135838A80AA	20480	----a-w-	C:\Program Files\ADVANCED TOOLS\ADVANCED TOOLS V.I.P PACK\ADV SETTINGS\ADV SWF LOADER.exe
2014-08-11 20:42:25	C6F403E5806331AF3E825135838A80AA	20480	----a-w-	C:\Program Files\ADVANCED TOOLS\ADV SWF LOADER.exe
2014-08-11 20:42:25	AE160F94BA2995B6691AAA6CEE685160	245760	----a-w-	C:\Program Files\ADVANCED TOOLS\AUDIO Converter.exe
2014-08-11 20:42:25	AE160F94BA2995B6691AAA6CEE685160	245760	----a-w-	C:\Program Files\ADVANCED TOOLS\ADVANCED TOOLS V.I.P PACK\ADV SETTINGS\AUDIO Converter.exe
2014-08-11 20:42:25	9F9002F478B04709664B5CEBDC57C858	4052480	------w-	C:\Program Files\ADVANCED TOOLS\ADVANCED TOOLS.exe
2014-08-11 20:42:25	73CAC988DBD51D953D2FBB6CDB682FBE	784384	----a-w-	C:\Program Files\ADVANCED TOOLS\SILKROAD KEY PRESSER.exe
2014-08-11 20:42:25	73CAC988DBD51D953D2FBB6CDB682FBE	784384	----a-w-	C:\Program Files\ADVANCED TOOLS\ADVANCED TOOLS V.I.P PACK\ADV SETTINGS\SILKROAD KEY PRESSER.exe
2014-08-11 20:42:25	63DC6F3E6E42FC9B6272223300387A65	4063232	----a-w-	C:\Program Files\ADVANCED TOOLS\ADVANCED TOOLS V.I.P PACK\ADVANCED TOOLS.exe
2014-08-11 20:42:25	42CD077539672693BCEEF3BBF9FFF072	279040	----a-w-	C:\Program Files\ADVANCED TOOLS\Video Converter.exe
2014-08-11 20:42:25	42CD077539672693BCEEF3BBF9FFF072	279040	----a-w-	C:\Program Files\ADVANCED TOOLS\ADVANCED TOOLS V.I.P PACK\ADV SETTINGS\Video Converter.exe
2014-08-11 20:42:25	1535E327AE437541C0B1346562A397C5	196608	----a-w-	C:\Program Files\ADVANCED TOOLS\SPAMMER.exe
2014-08-11 20:42:25	1535E327AE437541C0B1346562A397C5	196608	----a-w-	C:\Program Files\ADVANCED TOOLS\ADVANCED TOOLS V.I.P PACK\ADV SETTINGS\SPAMMER.exe
2014-08-11 20:41:14	66E783ADE90AF80AC51154F3982112A6	8055460	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$R4X3VHN.exe
2014-08-11 18:20:08	50BFBEFD1121847B98A455785DA0386B	2416920	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe
2014-08-11 18:20:08	2A95A21CB51B5E321CD3FA3B9F8B3994	3146008	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-x86_64.exe
2014-08-11 18:20:05	F64139E65542DCE8AD6713A0298F02D3	100120	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\DotNetDataCollector64.exe
2014-08-11 18:20:05	B1761FCB265515ADB02D3675C6E0D135	194840	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\xmplayer.exe
2014-08-11 18:20:05	A9D1A77EDF131001CFC481491ED4813E	86808	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\DotNetDataCollector32.exe
2014-08-11 18:20:05	6EAA6B762A0EBC8EEB3A0A25F7FA1111	176200	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe
2014-08-11 18:20:05	633D0232652DEB85E80E74F9F4402759	187160	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe
2014-08-11 18:20:04	1748F63933E6202E82691341CAFB986B	10032920	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe
2014-08-11 18:20:03	B52D2784F9ACE0503CA667DC697F73C3	330008	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe
2014-08-11 18:20:03	8D88C3E4029D2413FC1566FD149209E5	709912	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe
2014-08-11 18:20:03	052F561D15254E91BC505D5066F4F16C	7708952	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe
2014-08-11 18:19:27	58E286356ED95579127915341D05544A	9052192	----a-w-	C:\Users\FM2A88\Downloads\CheatEngine64.exe
2014-08-11 17:11:18	E1611B421306F324411134992B9C1BEB	6473436	----a-w-	C:\Users\FM2A88\Downloads\CheatEngine61.exe
2014-08-10 13:44:43	A7481BD5631AD50C5EA9803E1E9C4FF4	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IODJIFP.exe
2014-08-10 13:43:58	4835084DA90794BBA107D2CFEF60AB66	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$ISHYAIY.exe
2014-08-10 13:43:31	04E875E0B8F5EBAAD4AE909F50789BBE	3589646	----a-w-	C:\Users\FM2A88\AppData\Local\Oxy\Application\bin\oxy-downloader.exe
2014-08-10 13:40:09	733874D236084859907E87A68D21AAF8	63502584	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RSHYAIY.exe
2014-08-10 13:39:53	E79DD280CE696F7557A4355C54A552BE	558872	----a-w-	C:\Users\FM2A88\AppData\Roaming\DownloadManager\top_eleven_tool_2013.exe
2014-08-10 13:38:42	E79DD280CE696F7557A4355C54A552BE	558872	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RODJIFP.exe
2014-08-10 00:07:16	4A02773619090C50263C8DCC8F3EA538	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IPA9WCU.exe
2014-08-09 23:17:47	7C38FC94F9147BA84B65A9028313009D	3524096	----a-w-	C:\Download Genius\Download_Genius.exe
2014-08-09 23:17:38	7610F4B07214CA0717EDB854A316A863	289280	----a-w-	C:\Users\FM2A88\AppData\Local\20061\a2786.exe
2014-08-09 23:16:51	146E368CC6C23737392B0EB2F0C7B945	45406	----a-w-	C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe
=== C: other files ==
2014-08-15 19:15:19	F718A57D946EAC76EFCB351D74E269F4	875736	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\srtsp64.sys
2014-08-15 19:15:19	B18CE01B9C09C59422BA7C7064248B35	36952	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\srtspx64.sys
2014-08-15 19:15:19	9F31630D7FC2DD9D5DA1CE359AAD1F46	1148120	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\symefa64.sys
2014-08-15 19:15:19	5C9EE2303CA7F267665D75237862B39C	493656	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\symds64.sys
2014-08-15 19:15:19	5570A74FF9B1EFBC5154DD1E2F05C517	593112	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\symnets.sys
2014-08-15 19:15:19	48C2934683CBD06F662B088EEF49EF6A	264280	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\ironx64.sys
2014-08-15 19:15:19	20F758E6339A16F97DD83389D582E09A	23568	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\symelam.sys
2014-08-15 19:15:19	0510396A957E9FD7205BA62D3CAE4528	162392	----a-r-	C:\Windows\System32\drivers\N360x64\1505000.013\ccsetx64.sys
2014-08-15 06:07:13	8558F9719E0AC7E4CB5F2E1BC0CB9A56	102	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\utt441C.tmp.bat
2014-08-14 22:49:19	E3CA092329A9CE20C62CFF30E033F4E4	61640	----a-w-	C:\Windows\System32\drivers\{f2dee4ac-05d0-4e54-80bc-2dc0ba61a2c7}Gw64.sys
2014-08-14 21:53:18	8A80554C91D9FCA8ACB82F023DE02F11	3	----a-w-	C:\Users\FM2A88\AppData\Local\Microsoft\Windows\INetCache\Low\IE\TANN7U3Q\crossrider[1].com
2014-08-14 21:49:24	8A80554C91D9FCA8ACB82F023DE02F11	3	----a-w-	C:\Users\FM2A88\AppData\Local\Microsoft\Windows\INetCache\IE\VCLWMENO\clkmon[1].com
2014-08-14 21:49:15	8A80554C91D9FCA8ACB82F023DE02F11	3	----a-w-	C:\Users\FM2A88\AppData\Local\Microsoft\Windows\INetCache\IE\9FFGN237\www.idownloadsnow[1].com
2014-08-14 20:11:22	8558F9719E0AC7E4CB5F2E1BC0CB9A56	102	----a-w-	C:\Users\FM2A88\AppData\Local\Temp\uttBF09.tmp.bat
2014-08-13 15:46:40	313DCE665B57000B18CB26C6B6A10DFE	1557848	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-13 15:41:24	A39C4AB750E0AD4431C7B7F46AB0EBED	4148224	----a-w-	C:\Windows\System32\win32k.sys
2014-08-11 21:02:04	1CD0E9476559FB1604B75716E8FF64F2	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IUN04R3.zip
2014-08-11 20:59:37	2C5464BF0983CCB33C9263BDCFD03D74	1125042	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RUN04R3.zip
2014-08-11 20:57:08	7C56EE63FE6C5C06614C9C68934F82F6	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I5DNFLY.zip
2014-08-11 20:57:04	B4FCDF06165F5B9DFB41FEE6C16E3E4A	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IHEB126.zip
2014-08-11 20:54:24	9BBC9268C1F7229B5500A0B33514E511	88170	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RHEB126.zip
2014-08-11 20:53:59	3F523B6EBCFF3B3D4C6C7EB4F9C01E60	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$IC1NTWE.zip
2014-08-11 20:53:15	187139E8E3BE4EA392D37DE81735C19E	1256267	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$RC1NTWE.zip
2014-08-11 20:27:16	464E1FFCB4C0F11B8CC42572065AA52A	101069	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$R5DNFLY.zip
2014-08-11 18:20:07	AC4238479F47171E4E9D2AAB1464E570	82880	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\dbk32.sys
2014-08-11 18:20:07	535161133C9533C9A83B727B1E78BE44	64064	----a-w-	C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys
2014-08-10 13:46:29	BAD55C5EC9F40B20F14ECD1651A1222D	1793667	----a-w-	C:\Users\FM2A88\Downloads\topeleventrainer.zip
2014-08-10 05:51:45	7D9F124B6093F1C67CF8EB698AB24E51	61632	----a-w-	C:\Windows\System32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gw64.sys
2014-08-10 00:07:22	F13B1E9EA51278CFA498A401366383F7	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$ISD9X0B.zip
2014-08-10 00:07:14	3F92804BE899C32FC411CB36DFB6D4FD	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3437649926-2280246673-654014984-1001\$I5512CF.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"

[HKEY_USERS\S-1-5-21-3437649926-2280246673-654014984-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"dldfmon.exe"="C:\Program Files (x86) (x86)\Dell AIO Printer 948\dldfmon.exe"
"MemoryCardManager"="C:\Program Files (x86) (x86)\Dell AIO Printer 948\memcard.exe"
"Dell AIO Printer 948"="C:\Program Files (x86)\Dell AIO Printer 948\fm3032.exe /s"
"GoforFilesInstaller Starter"="C:\Users\FM2A88\AppData\Local\Temp\install13067082.exe -startup"
"KiesTrayAgent"="C:\Program Files (x86)\Kies\KiesTrayAgent.exe"
"TrojanScanner"="C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"dldfmon.exe"="C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe"
"MemoryCardManager"="C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/05/2014 13:23]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/05/2014 13:23]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoforFilesUpdate" [C:\Program Files (x86)\GoforFiles Updater\GFFUpdater.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe"]
"C:\Windows\SysNative\tasks\Optimizer Pro Schedule" ["C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe"]
"C:\Windows\SysNative\tasks\Systweak-Support-Dock" [C:\Program Files (x86)\Systweak Support Dock\SystweakDock.exe]
"C:\Windows\SysNative\tasks\Update Service SimpleFiles" [C:\Program Files (x86)\SimpleFilesUpdater\SimpleFilesUpdater.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{322DED91-D6D5-4D07-96A3-553A6331731E}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\YourFile DownloaderUpdate" [C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"faststartff@gmail.com"="C:\Users\FM2A88\AppData\Roaming\Mozilla\Firefox\Profiles\t28rcbd9.default\extensions\faststartff@gmail.com" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx[26/06/2014 12:22]

Norton Identity Protection - FM2A88\AppData\Local\Chromium\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Docs - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock Premium - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndlhnanhedoklpdaacidomdnplcjcpj
Norton Security Toolbar - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Ghostery - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
Google Wallet - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Select City - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Gmail - FM2A88\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\FM2A88\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "", "https://www.google.be/" ],


==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.be/"
"Search Page"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Qg,&q={searchTerms}"
"Search Bar"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Qg,&q={searchTerms}"
"Default_Search_URL"="http://www.istartsurf.com/web/?type=ds&ts=1407522120&from=tugs&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F349869998699&q={searchTerms}"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1407875124&from=obw&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F349869998699&q={searchTerms}"
"Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1407875124&from=obw&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F349869998699&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1407875124&from=obw&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F349869998699&q={searchTerms}"
"Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1407875124&from=obw&uid=WDCXWD10EZEX-00BN5A0_WD-WCC3F349869998699&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Q8,&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Q8,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
"Default"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Qg,&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Qg,&q={searchTerms}"
"Default_Search_URL"="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Qg,&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{006ee092-9658-4fd6-bd8e-a21a348e59f5} Web Search Url="http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwgkHH88J8gQeiMG-hmZBsrpaHaiv0Msc1dQG3ass_3e4uC6uFCHkOHJ1yFqknKTf5acwuE_deNsyZo_dWPmc2jmz8BvZKA0TUHh4w2Sri4J555XQMpaFMkGALlv9y5uOOiftYqBiVrV7OAm-nHasUQK9Qg,&q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3437649926-2280246673-654014984-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [dldfmon.exe] "C:\Program Files (x86) (x86)\Dell AIO Printer 948\dldfmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files (x86) (x86)\Dell AIO Printer 948\memcard.exe"
O4 - HKLM\..\Run: [Dell AIO Printer 948] "C:\Program Files (x86)\Dell AIO Printer 948\fm3032.exe" /s
O4 - HKLM\..\Run: [GoforFilesInstaller Starter] "C:\Users\FM2A88\AppData\Local\Temp\install13067082.exe" -startup
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - 
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:  
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dldfCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\x64\3\\dldfserv.exe
O23 - Service: dldf_device -   - C:\Windows\SysWOW64\dldfcoms.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== C:\zoek_backup content ======================

C:\zoek_backup (files=720 folders=243 76131290 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\Dolphin Deals"  not found

==== EOF on za 16/08/2014 at  2:18:42,99 ======================