
Zoek.exe v5.0.0.0 Updated 18-08-2014
Tool run by Michael Kempen on ma 18-08-2014 at  8:09:18,32.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Michael Kempen\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

18-8-2014 8:11:11 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~3\Oracle deleted successfully
C:\Users\Michael Kempen\AppData\Local\DriverTuner deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mysearchdial deleted
C:\PROGRA~2\SearchProtect deleted
C:\PROGRA~2\SupTab deleted
C:\Users\Michael Kempen\AppData\Roaming\sweet-page deleted
C:\Users\Michael Kempen\AppData\Roaming\MySearchDial deleted
C:\PROGRA~3\IePluginService deleted
C:\PROGRA~3\WPM deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Michael Kempen\AppData\Local\Softonic deleted
C:\Users\Michael Kempen\AppData\Local\SearchProtect deleted
C:\Users\Michael Kempen\Searches deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Michael Kempen\lide20lide30n670un676un1240uvst7031a_xpnl.exe deleted
C:\Users\Michael Kempen\s3A01nlx.exe deleted
C:\Users\Michael Kempen\s7117NLx.exe deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\MICHAE~1\AppData\Local\Temp ====
2014-08-14 03:55:03	D11FB7A5078631BE2E183DC56FCD5375	43008	----a-w-	C:\Users\Michael Kempen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplbmbbm.dll
2014-08-13 04:06:31	3F512AF8DB108FCA028BA731CE0B4700	224408	----a-w-	C:\Users\Michael Kempen\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
====== Java Cache =====
2014-08-14 08:41:14	E8C80BF60938EE72EE77AB866EA40E2B	282048	----a-w-	C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-6f54ea02
2014-08-14 08:41:14	0B23B3044AE9E02DCE26DB4D5E007252	848	----a-w-	C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\31b19ba-2ddf49f9
2014-08-14 08:41:14	0B23B3044AE9E02DCE26DB4D5E007252	848	----a-w-	C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-5e3080b6
2014-08-14 08:41:14	37C0E14CC7F3CD3CB6E76B716C9D97D8	445	----a-w-	C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap
====== C:\Windows\SysWOW64 =====
2014-08-14 08:40:56	07EF2978A5BC36720378F95566697FD8	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-08-14 08:40:51	3BDEB17FE6390BFF1BF3A2D964DE8E48	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-08-14 08:40:51	11FD45A41DF45298686ED39062AABE2A	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-08-14 08:40:51	0F70F4DAF2BC5613EE75C9B2585CE67E	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-14 04:24:07	AF6655214DEBB2C8446DE843A02AAEBA	99480	----a-w-	C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 04:24:07	8D466B36076BCD7997838C0DDB69764C	619672	----a-w-	C:\Windows\SysWOW64\icardagt.exe
2014-08-14 04:24:05	370FC4421ADE62FC89AC93B345570388	8856	----a-w-	C:\Windows\SysWOW64\icardres.dll
2014-08-14 04:23:34	28A8B99DE70F376B18709E6B07D6A352	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 04:04:54	06FC8A93A4FA1F42A3D1D06694F2B339	419992	----a-w-	C:\Windows\SysWOW64\locale.nls
2014-08-14 04:04:51	C7673B3F8BB35221B42D67BF7ADAFDFD	7168	----a-w-	C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 04:04:51	730B7C639957EA0BF37C1459831A1E19	6656	----a-w-	C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 04:04:51	72222991598E173BBE1429426926C020	7168	----a-w-	C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 04:04:51	45B308F20FEF040BD7321E85F69DF5E2	6656	----a-w-	C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 04:04:51	2BD0519015E899A2FF52210CC5875F88	6656	----a-w-	C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 04:04:45	D08819FEE0CDB8A8A58E2B34D05E7A11	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
2014-08-14 04:04:40	C212A43AA83A717AD38505F23ACDCB33	2363392	----a-w-	C:\Windows\SysWOW64\msi.dll
2014-08-14 04:04:39	9DA1CCDBBF8136AC2383C2624CA8CD14	337408	----a-w-	C:\Windows\SysWOW64\msihnd.dll
2014-08-14 04:04:39	43CD23B65CBF04D6F8ACA984B0EF93FE	1805824	----a-w-	C:\Windows\SysWOW64\authui.dll
2014-08-14 04:04:27	0C2390376D95B0D27A6317F017CD58DC	311808	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2014-08-14 04:04:22	386BF6FD9FC562B1A5558C49E1C3A6FB	12874240	----a-w-	C:\Windows\SysWOW64\shell32.dll
2014-08-14 04:04:16	6D017C0E499443ACDE3D9B5DCD753F32	1169920	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-08-14 04:04:16	478824EC0BCE9968C0DC787164B1753B	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-08-14 04:04:16	444EB30B1610A35FC99D62A91B2BCAA7	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 04:04:16	41A3A54603686FD437FA4E8EB95025F9	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 04:04:16	24FA5F74D3B4BA62539DF87285BA934E	597504	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 04:04:15	FEE3E022B00A5165ED645E38C1E6C776	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 04:04:15	E9B28B60C0272E2E1E462E6FB38E6B55	367104	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 04:04:15	8453DDF167CE2986AA4AB04BC6824925	17524224	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-08-14 04:04:15	1A05CFA45B6AEBFCCC835DCF68CBD1D0	526336	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 04:04:14	FF4A917DD7C387BD2715A5F67307FED1	2184704	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-08-14 04:04:14	E70C00791A18866BB23B3A652E3390A0	2001920	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 04:04:14	7B051C4A70F23A84A09366999FE63CBD	307384	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 04:04:14	4D0E91438CE181AF94C653B3BBE3C65A	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-08-14 04:04:13	F48A1A114382AB4EF8000E1943E6CF1F	438784	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-08-14 04:04:13	E8D46F442AB53A52BDBB3EA0C51BDABD	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 04:04:13	90FF511B751A0327D07C4073760F1578	11772928	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-08-14 04:04:13	36B67392AFB8901CC442EA988AD4603D	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 04:04:13	239575F9EA0D227516843EEE8B7342CA	239616	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 04:04:12	49FFD37673BD20279A8BF27CC20040B3	1068032	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 04:04:11	B945BAA81B4805AD6BDDF4D026DCFB47	1792512	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-08-14 04:04:11	B91AA3BC8083E66925FAE29FDA485CEA	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-08-14 04:04:11	9D16B568E318F49535AD72539C9997C2	455168	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-08-14 04:04:11	87C2B5010779DF6BE4732751C5DB5D64	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 04:04:11	7C1BFC2ABE297BCA1A7BA77A8292C088	4204032	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-08-14 04:04:11	272420427EB96EA052C719AA796C09F2	61952	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 04:04:11	18A3154606E3F8945956948A4E708007	704512	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 04:03:53	D8BED6BA298DBAAF6F3D746739FCD333	664064	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-08-14 04:24:07	9C44FB5B3A8A192FCE1103AC9BA4E576	171160	----a-w-	C:\Windows\Sysnative\infocardapi.dll
2014-08-14 04:24:07	8A08BB0D12BE40DC09632CD5D04A48A0	1389208	----a-w-	C:\Windows\Sysnative\icardagt.exe
2014-08-14 04:24:05	EE415EC9288182BCFB6E6896A376EA53	8856	----a-w-	C:\Windows\Sysnative\icardres.dll
2014-08-14 04:23:34	E4312738B500577BABC232A49F67A67D	35480	----a-w-	C:\Windows\Sysnative\TsWpfWrp.exe
2014-08-14 04:04:54	06FC8A93A4FA1F42A3D1D06694F2B339	419992	----a-w-	C:\Windows\Sysnative\locale.nls
2014-08-14 04:04:51	EA21295A386C6DB2A2A90E657B37C5F4	7168	----a-w-	C:\Windows\Sysnative\KBDYAK.DLL
2014-08-14 04:04:51	BE67D99EDA34A68B827868371B5529AD	7168	----a-w-	C:\Windows\Sysnative\KBDTAT.DLL
2014-08-14 04:04:51	920B5C1CC0BAB6E574297BC3D945DA31	7168	----a-w-	C:\Windows\Sysnative\KBDBASH.DLL
2014-08-14 04:04:51	80EDA24B00478FA795F90DFA09C12E86	7168	----a-w-	C:\Windows\Sysnative\KBDRU1.DLL
2014-08-14 04:04:51	353C4A38042819CA83AEFC6F2E7051CD	6656	----a-w-	C:\Windows\Sysnative\KBDRU.DLL
2014-08-14 04:04:45	EBFEF789E32279C2ED7C81260B186AD7	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
2014-08-14 04:04:40	5DFFC12BF7DB53BDB401804A3C3A475E	1941504	----a-w-	C:\Windows\Sysnative\authui.dll
2014-08-14 04:04:40	3B39F9D51E4D8BAABDA6518955B58C13	3241984	----a-w-	C:\Windows\Sysnative\msi.dll
2014-08-14 04:04:39	B0F8CCA08DBC392442E27377B98DD0CD	112064	----a-w-	C:\Windows\Sysnative\consent.exe
2014-08-14 04:04:39	A6D0DC3B30F6BB1421DAA92537424822	504320	----a-w-	C:\Windows\Sysnative\msihnd.dll
2014-08-14 04:04:28	AF00649558BFB211A9091F4A6E7B4A0C	3163648	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-08-14 04:04:27	9E19DEED6FEB140DA3764C32F2DC4849	404480	----a-w-	C:\Windows\Sysnative\gdi32.dll
2014-08-14 04:04:22	AE57F6C7AB3ED244B5F14151C4EA0057	14175744	----a-w-	C:\Windows\Sysnative\shell32.dll
2014-08-14 04:04:15	19FA60D3AE1804A559306DE931A5B415	72704	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-08-14 04:04:15	08C5E6033786C1E41B63FD38CA22917A	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-08-14 04:04:14	FE7D99399F7761AA2695A7B1AD30DAAF	1431040	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-08-14 04:04:14	6598F2A876E13B6FFA5AE418D41CE7D6	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-08-14 04:04:14	5574B09C4676E8E2EBE125C18BDF9FBF	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-08-14 04:04:14	52D2151908C2A6388B6561A373488F6F	692736	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-08-14 04:04:14	13A852B606F3644A7A35EDD99F74A685	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-08-14 04:04:13	FCF5C8BB9AFD8D15B324B702F9B186B7	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-08-14 04:04:13	F00D0AE7648CA45C6434E2885485BE0B	452096	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-08-14 04:04:13	1FD1F16C35946BA28FDEB40F18B7729D	631808	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-08-14 04:04:12	DF485877CCE229776E6B8BB9116B67FE	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-08-14 04:04:12	DB382D89D8004F40BD2C55BAE6A15B30	2774528	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-08-14 04:04:12	9C9FE69902CD45A7D9AB1F0C4EDE646C	348856	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-08-14 04:04:12	39A85C005BCDEEF4092646EBBC2526AA	2087936	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-08-14 04:04:11	FCC86367BB0FB6DEB6614885CBE74FD5	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-08-14 04:04:10	72B7D166D1B0D353330A34FDED3F5AA6	598016	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-08-14 04:04:10	2639E152D246F2A651F09764807CA153	85504	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-08-14 04:04:10	1F02286D001AB5EA5719540C587224FE	1249280	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-08-14 04:04:10	1DE8B71A1C7D8943034188556AF50B07	292864	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-08-14 04:04:10	1B26610C1659EF54ED000233FB96F20C	13547008	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-08-14 04:04:09	BAC44396088ECC1C9021ED3E3345337C	846336	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-08-14 04:04:09	920F690FC7424DE71888AA2E46E917EA	758272	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-08-14 04:04:09	8E71A5CB5312B8392D4DA4CA37BB5868	2266624	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-08-14 04:04:09	6ED6DA2A04F8F0C9BDAD647284BAEFB6	548352	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-08-14 04:04:09	472C409F9B0FF67C1015F511C73E1889	5824512	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-08-14 04:04:09	1EEF9FE30DBE458A89B5F7A16FC68397	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-08-14 04:04:08	EDF22FBAE75ACB48BF51D099C6808B39	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-08-14 04:04:08	C02C78DE9BB4E68F6C78B1588ADD6ADC	83968	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-08-14 04:04:07	1C660588CFFB3A17BCF0F6B4779BF985	940032	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-08-14 04:04:02	ECA387DCD57F683C52171C766CF400F0	23645696	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-08-14 04:03:53	F947D57534E01E3CA597BCF2AD8AE65B	1216000	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2014-08-14 04:03:52	9D455E3049B7F93483D7165422B7D0AF	529920	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-08-14 04:03:50	349CF386805783D2E6810A767642F1B8	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
2014-08-14 04:04:31	87CE5C8965E101CCCED1F4675557E868	985536	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-08-14 08:41:01	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Michael Kempen\AppData\Roaming ======
2014-08-14 08:41:17	--------	d-----w-	C:\Users\Michael Kempen\AppData\Roaming\Oracle
2014-07-24 19:51:06	--------	d-sh--w-	C:\Users\Michael Kempen\AppData\Local\EmieUserList
2014-07-24 19:51:06	--------	d-sh--w-	C:\Users\Michael Kempen\AppData\Local\EmieSiteList
====== C:\Users\Michael Kempen ======
2014-08-17 10:45:31	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Michael Kempen\Downloads\RSITx64.exe
2014-08-14 08:38:14	9473F655CAE1A13C311C3FF1134D79DC	918440	----a-w-	C:\Users\Michael Kempen\Downloads\chromeinstall-7u67.exe

====== C: exe-files ==
2014-08-17 10:45:31	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Michael Kempen\Downloads\RSITx64.exe
2014-08-15 17:54:34	C56CB929FDC62BA6AFA025C0DF95CA73	1836624	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.143\36.0.1985.143_36.0.1985.125_chrome_updater.exe
2014-08-14 08:40:56	07EF2978A5BC36720378F95566697FD8	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-08-14 08:40:51	3BDEB17FE6390BFF1BF3A2D964DE8E48	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-08-14 08:40:51	11FD45A41DF45298686ED39062AABE2A	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-08-14 08:38:28	3842C46F2FBC7522EF625F1833530804	145408	----a-w-	C:\Users\Michael Kempen\AppData\LocalLow\Sun\Java\jre1.7.0_67\lzma.exe
2014-08-14 08:38:14	9473F655CAE1A13C311C3FF1134D79DC	918440	----a-w-	C:\Users\Michael Kempen\Downloads\chromeinstall-7u67.exe
2014-08-14 04:28:01	B1954CE581555EC9AEBFDFBACE30972C	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$IHNX2CE.exe
2014-08-14 04:28:01	9514D038FB11D6AD065B67F205E64175	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$ID3MUXP.exe
2014-08-14 04:24:07	8D466B36076BCD7997838C0DDB69764C	619672	----a-w-	C:\Windows\SysWOW64\icardagt.exe
2014-08-14 04:24:07	8A08BB0D12BE40DC09632CD5D04A48A0	1389208	----a-w-	C:\Windows\System32\icardagt.exe
2014-08-14 04:23:34	E4312738B500577BABC232A49F67A67D	35480	----a-w-	C:\Windows\System32\TsWpfWrp.exe
2014-08-14 04:23:34	28A8B99DE70F376B18709E6B07D6A352	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 04:04:45	37C7C89B03F9D39629EDA545A1645D68	49664	----a-w-	C:\Windows\servicing\GC64\tzupd.exe
2014-08-14 04:04:39	B0F8CCA08DBC392442E27377B98DD0CD	112064	----a-w-	C:\Windows\System32\consent.exe
2014-08-14 04:04:16	7BAF83ECFCB4AC9E90A4B459BDD59BCA	222720	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-08-14 04:04:16	31A7689F580F37B52F65B9653F8916D4	810176	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-08-14 04:04:14	CDF01A5C7927786A708EAEE91F14797B	812224	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-08-14 04:04:14	8D526C6DFC13CC2F81395771B7BE1AC6	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-08-14 04:04:14	6A60D0D167D35A07646EBCF796D770B4	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-08-14 04:04:14	52D2151908C2A6388B6561A373488F6F	692736	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-08-14 04:04:13	FCF5C8BB9AFD8D15B324B702F9B186B7	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-08-14 04:04:12	7D709E893B53092E3F5995FF5C3061E2	483328	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-08-14 04:04:11	87C2B5010779DF6BE4732751C5DB5D64	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 04:04:09	1EEF9FE30DBE458A89B5F7A16FC68397	139264	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-08-14 04:04:07	1C660588CFFB3A17BCF0F6B4779BF985	940032	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-14 04:03:51	5BB980114F9A3D750A5C827B69C8A13B	156672	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-08-14 04:03:51	1E3976298791F63775B64BE5B9C97618	31232	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2014-08-13 04:06:31	3F512AF8DB108FCA028BA731CE0B4700	224408	----a-w-	C:\Users\Michael Kempen\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
=== C: other files ==
2014-08-14 04:28:01	F1438BFFDCA0ED51E1B165AA1D6202C6	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$IHXSJG0.zip
2014-08-14 04:28:01	EC5450EDEA01650AFA40CB9731155029	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$IAQYB07.zip
2014-08-14 04:28:01	BA66CF67693DB7EFA1E48D3C08BBBF8A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$IWMERKW.zip
2014-08-14 04:28:01	B346B0CABD70BBD7C1964211EB74CF96	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$I34DBKE.zip
2014-08-14 04:28:01	8E94C398FBB3FBB5CB0B00871D970063	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$I66NMND.zip
2014-08-14 04:28:01	8C9444AA4EA88E95F5FCE3EFADC56020	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$IY6YU9Q.zip
2014-08-14 04:28:01	02A5E1D32E96C1F8AD5EE0D708545DFA	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1758146858-1784735532-1013142320-1000\$IFBN3H5.zip
2014-08-14 04:04:31	87CE5C8965E101CCCED1F4675557E868	985536	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-14 04:04:28	AF00649558BFB211A9091F4A6E7B4A0C	3163648	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1758146858-1784735532-1013142320-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"PDFPrint"="C:\Program Files (x86)\pdf24\pdf24.exe"
"ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"Sticky Pad"="C:\Program Files (x86)\StickyPad\StickyPad.exe"

==== Startup Folders ======================

2013-08-11 08:55:30	2081	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-07-2014 08:15]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 18:17]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-03-2013 18:17]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D20AD8BA-418C-4CB9-97A2-117293E3D896}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13-05-2014 11:52]

Google Docs - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
avast Online Security - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://news.google.de/",
"startup_urls": [ "https://mail.google.com/mail/u/0/#inbox", "https://mail.google.com/mail/u/1/#inbox", "https://mail.google.com/mail/u/2/#inbox", "https://mail.google.com/mail/u/3/#inbox", "http://news.google.de/", "http://www.nu.nl/", "https://www.facebook.com/", "http://de.wikipedia.org/wiki/Wikipedia:Hauptseite" ],


==== Chrome Fix ======================

C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ashampoo-clipfinder-hd.nl.softonic.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ashampoo-clipfinder-hd.nl.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.gayfinder.tv_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.gayfinder.tv_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gayboysfind.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gayboysfind.com_0.localstorage-journal deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_camtasia-studio.nl.softonic.com_0.localstorage deleted successfully
C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_camtasia-studio.nl.softonic.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{C1374C69-C05C-43BA-9D2A-C99E5BDD545F} Google  Url="http://www.google.nl/search?hl=nl&q={searchTerms}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Michael Kempen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Michael Kempen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4472 folders=540 239366488 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Michael Kempen\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MICHAE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 18-08-2014 at  8:27:22,24 ======================