
Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by beheerder on ma 20/10/2014 at 19:22:13,86.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\beheerder\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

20/10/2014 19:26:52 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\log deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\PROGRA~3\Oracle deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YahooAUService deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] 
"Application Restart #4"=- 
"Application Restart #2"=- 
"Application Restart #1"=- 

==== Deleting Files \ Folders ======================

"C:\Users\beheerder\AppData\Roaming\HBRYY.exe" not found
"C:\Users\beheerder\AppData\Roaming\IXFVXUGO.exe" not found
C:\Users\beheerder\AppData\Local\Pokki deleted
C:\PROGRA~2\Yahoo! deleted
C:\Users\beheerder\AppData\Roaming\Yahoo! deleted
C:\PROGRA~3\Yahoo! deleted
C:\Users\beheerder\AppData\Local\com deleted
C:\Users\beheerder\AppData\Local\Software deleted
C:\Users\beheerder\AppData\Local\CrashRpt deleted
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx deleted
C:\Users\beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\beheerder\Downloads\SoftonicDownloader_voor_google-sketchup.exe deleted
C:\Users\beheerder\AppData\LocalLow\Yahoo! deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\BEHEER~1\AppData\Roaming\Mozilla\Firefox\Profiles\c15y67we.default-1409299182851\extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com deleted
"C:\Windows\tasks\HBRYY.job" deleted
"C:\Windows\tasks\IXFVXUGO.job" deleted
"C:\Windows\tasks\HBRYY.job" deleted
"C:\Windows\SysNative\tasks\HBRYY" deleted
"C:\Windows\tasks\IXFVXUGO.job" deleted
"C:\Windows\SysNative\tasks\IXFVXUGO" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\BEHEER~1\AppData\Local\Temp ====
2014-10-19 18:36:52	FEFEF2F226FD6BE184BC4A3378B02AAF	155648	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\psmachine.dll
2014-10-19 18:36:52	8D90BB3A36521B50D0E512A781E36871	155648	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\psuser.dll
2014-10-19 18:36:51	F38F35C16BF1AEE3D289AA4CE7A4E50A	761856	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\goopdate.dll
2014-10-19 18:36:51	AC2F77F6B5E0A13BB8ACC062E01C6D61	220672	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\npGoogleUpdate4.dll
2014-10-19 18:36:50	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleUpdateOnDemand.exe
2014-10-19 18:36:49	FC7A2F466F7A0F3E873077505719C1A1	143360	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleUpdateHelper.msi
2014-10-19 18:36:49	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleUpdateBroker.exe
2014-10-19 18:36:48	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleUpdate.exe
2014-10-19 18:36:47	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleCrashHandler.exe
2014-10-19 18:34:21	F941BD0D562C6A653A8FAF252614BB9E	417280	----a-w-	C:\Users\beheerder\AppData\Local\Temp\YjUc0.exe
2014-10-19 18:34:21	68752E43C4C077A1F7E06A441F1E8503	88576	----a-w-	C:\Users\beheerder\AppData\Local\Temp\vwkT0.dll
2014-10-19 18:34:21	5B9C89A31AF5AA240E8DF2D79F4CDC84	100864	----a-w-	C:\Users\beheerder\AppData\Local\Temp\vwkT0.exe
2014-10-19 18:33:41	6FD09E8F12EA543EC1EE2887AD599AAA	1294488	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D9tmp\speedupmypc.exe
2014-10-19 18:33:38	FC21A1E3C73717CF909843CCF8D53F45	5879123	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69DAtmp\optimizerpro.exe
2014-10-19 18:33:38	E63993CE7CE3945FA7DB7AB8202F2823	11210064	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D7tmp\setup.exe
2014-10-19 18:33:38	A4C6DD6C7E63CA486299179E1270ABF5	284264	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D8tmp\vopackage.exe
2014-10-19 18:33:38	854A13B86B3FA7A85774D28F2E8026BB	557432	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69DBtmp\lly_omiga-plus.exe
2014-10-19 18:33:38	7AE1648C791AE0C68DC6DFCEE8CD5F37	13088475	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D5tmp\fastplayersetup.exe
2014-10-19 18:33:38	397DB6A50D4ABB17362A6E752193F9AE	3774600	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69EBtmp\3333-2080_speedchecker.exe
2014-10-19 09:27:06	6D9BFDEE755D4AF0676356E1DCF93E2A	175851	------w-	C:\Users\beheerder\AppData\Local\Temp\is45637729\234385_stp\Generic_vo.exe
2014-10-12 16:54:48	E17B30D3B06DBC63E9E94DAE70290A35	787968	----a-w-	C:\Users\beheerder\AppData\Local\Temp\sqlite3.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-10-15 07:11:29	A139A5E6B34F136405B030EA04595A20	156824	----a-w-	C:\Windows\SysWOW64\mscorier.dll
2014-10-15 07:11:28	8580484193CE0A0788830FBAB97CF13B	1131664	----a-w-	C:\Windows\SysWOW64\dfshim.dll
2014-10-15 07:11:27	D5D5BBF6AA45D820BAA0BD1303B8AAF6	81560	----a-w-	C:\Windows\SysWOW64\mscories.dll
2014-10-15 07:11:06	2C5D7D6C3C3E998306F0BFD7FF7114B9	744960	----a-w-	C:\Windows\SysWOW64\blackbox.dll
2014-10-15 07:11:03	C1140AAB50F59C68394CE4C4046A9A8D	988160	----a-w-	C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 07:10:58	089236B6EC2E6C52A1864B79A09D7690	617984	----a-w-	C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 07:10:55	152FCD9B979D70FDB703A28152B634EA	11411456	----a-w-	C:\Windows\SysWOW64\wmp.dll
2014-10-15 07:10:51	F50F1EBD832CA070E1717C2044806ECF	3208704	----a-w-	C:\Windows\SysWOW64\mf.dll
2014-10-15 07:10:51	1858EF9B8A1E334AC1262D664367F451	406016	----a-w-	C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 07:10:50	9153F819C855EBD72417DAE7C176CF50	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 07:10:39	776DBF61BA3E8FA64FFA052559A29174	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 07:10:31	FDA08BEB01B0B0E372088DC21CBA73F3	3970488	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 07:10:28	623E143F2DF17C0106A9988F5D7DC878	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 07:10:26	E365C7B3EBB96451D3C9DF6B6B6900C2	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2014-10-15 07:10:26	B18B9BD51C8D86596110B9ABD138B92F	3914680	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 07:10:25	F8028D69DE63F180623D4444A39BAB3E	489984	----a-w-	C:\Windows\SysWOW64\evr.dll
2014-10-15 07:10:25	5C3BA07E215B4F693E7D78D6F4980D98	1329664	----a-w-	C:\Windows\SysWOW64\quartz.dll
2014-10-15 07:10:24	8C147D67D4E75882DA88206DF098229A	354816	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2014-10-15 07:10:24	6BB12A7CA8779D96334B258548B071F5	1005056	----a-w-	C:\Windows\SysWOW64\cryptui.dll
2014-10-15 07:10:24	454BF1E3B844306E764ADC0EA7B6E64C	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2014-10-15 07:10:22	77F95AE51E834BAFE903912F7EBE825B	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 07:10:22	6B07EE9C7668D2C704563DA838026828	81408	----a-w-	C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 07:10:20	534177269B23D1999DD1FCA50A396611	504320	----a-w-	C:\Windows\SysWOW64\msscp.dll
2014-10-15 07:10:19	4BA17820B97F1CAED69E5BE5F1BC7C96	265216	----a-w-	C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 07:10:18	60FBCF033FF42A40C916C01A962A8802	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 07:10:15	20257A0BFB824B49055A6EEC29C72C03	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2014-10-15 07:10:11	4F1FCBB6A312825B9A84F813E5093AE9	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2014-10-15 07:10:08	D17954CA6343F43B62637F51996B4E95	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 07:10:04	9590D4F5699C176217A8CA2330E54D8A	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2014-10-15 07:09:57	E637A7187CAFB3EEEED0540CBEF27C8B	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2014-10-15 07:09:57	73AC4B12E706CD7D0447976507E50DBE	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 07:09:56	A7DD5C1F29877A473265D4B98B3495ED	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 07:09:56	73AC4B12E706CD7D0447976507E50DBE	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 07:09:56	52096F5F476733F2E2725CF346FF373B	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2014-10-15 07:09:34	DF59F2510EDABBF216FA837D5D964106	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 07:09:34	604C67F58747D6A333EA641BCCC2C842	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-10-15 07:09:34	201EAFA3F17BE4990999C28657212D8E	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 07:09:33	D78C4DB153874DB7AC6AA6A03BE38B66	331448	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 07:09:33	BD66BA5A924DCC8392CFAEB67131A246	597504	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 07:09:33	3065FF6794A7FDC882F0DA8B6230AB6E	1190400	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-10-15 07:09:32	F91E55DA404B834648A3B0A2477C10DB	17484800	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-10-15 07:09:32	B89F5D2B3D3BC730FAB93CFCD931742F	607744	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 07:09:32	B5B1C277E46A5B0E2FC63E5FC5624CE5	365056	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 07:09:32	97F2F82BF0B4AF86A85FFDD78DFDC87D	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 07:09:30	8FAA1E45198C4ECEC691326B7F5E71C5	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-10-15 07:09:30	58EC068116BCE16A94B1B2C429A35E41	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 07:09:29	835807E2AC0A8FA15B9A2EA80E2D5169	2017280	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 07:09:29	55A400FDB21D157E947A0EE65AEDB1B3	2187264	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-10-15 07:09:28	B74B348D13134D67B4F68ADDDC76A447	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 07:09:28	410BECCA3354D471E45344F0754CC0E4	243200	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 07:09:28	158690737381C49120165A7F3F5D13EB	440320	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-10-15 07:09:27	EF94FA1F3D90520CCA4AE65D639A9E62	11807232	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-10-15 07:09:24	FBE852643EDEB9D6D6502AFE6017CD64	678400	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 07:09:24	DF4BA130BD41F29A894E026E456B8481	454656	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-10-15 07:09:24	D03EB7605435FE24ADE670661A932651	4201472	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-10-15 07:09:24	AA103FEAD721863B86A1B1260948E662	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 07:09:24	8E8E6E7B4CC27B92F40F74E29C1F6290	1068032	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 07:09:24	7AE80F921027CF88CB9D0433088A3E55	1810944	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-10-15 07:09:23	6D4DD5706C297234F457B9D9018C493F	61952	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 07:09:23	2409C41081D657A3FABE3659BB989AFB	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-10-15 07:07:33	3888D02CE6413C2A06D903DE1C778BF5	2363904	----a-w-	C:\Windows\SysWOW64\msi.dll
2014-10-15 07:07:22	37C395C075E6FA66623C82DE50A8FAED	372736	----a-w-	C:\Windows\SysWOW64\rastls.dll
2014-10-15 07:07:08	3ABACF6D4EBEA5EF3014FEFA1D8FF5F8	3221504	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2014-10-15 07:07:04	FD67683FBA9B2C4BB551780BD8846F64	157696	----a-w-	C:\Windows\SysWOW64\winsta.dll
2014-10-15 07:07:04	97896EE4254176CFDD9010B5B243B89F	131584	----a-w-	C:\Windows\SysWOW64\aaclient.dll
2014-10-15 07:07:04	13829161C1297F4170A5546430147BBD	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 07:07:04	0DBD0B4D4766CADEB8C30242A0611395	1051136	----a-w-	C:\Windows\SysWOW64\mstsc.exe
2014-10-15 07:07:03	DB1D6751689B4A7EE2439C64F2ADF1C9	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-10-15 07:06:44	C120855C1133DF8FFD5E0C04A7E70B67	67072	----a-w-	C:\Windows\SysWOW64\packager.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-10-15 07:11:32	5602D4C331FD7938ADE06D9242138922	3198976	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-10-15 07:11:29	2D6C77A3DB3D8EE00FB55834A67E4073	156312	----a-w-	C:\Windows\Sysnative\mscorier.dll
2014-10-15 07:11:28	50EC828370CB5F5E9FF08B10F1B701C8	73880	----a-w-	C:\Windows\Sysnative\mscories.dll
2014-10-15 07:11:28	5083CC5456FE8A5D21ECF9E32ACC779F	1943696	----a-w-	C:\Windows\Sysnative\dfshim.dll
2014-10-15 07:11:06	2F5AF776A7B24C6B82D20B5F3179B235	842240	----a-w-	C:\Windows\Sysnative\blackbox.dll
2014-10-15 07:11:05	EF86A7118A3950F03B364FAC93A08E96	1202176	----a-w-	C:\Windows\Sysnative\drmv2clt.dll
2014-10-15 07:11:01	73D3B2408952890DE8157EAA014B9A52	14632960	----a-w-	C:\Windows\Sysnative\wmp.dll
2014-10-15 07:10:59	FE4ABDE0BC70BF9F82531FDB416C4B4E	4120576	----a-w-	C:\Windows\Sysnative\mf.dll
2014-10-15 07:10:58	868FE3B478D05A225D27A28E933CE33C	782848	----a-w-	C:\Windows\Sysnative\wmdrmsdk.dll
2014-10-15 07:10:56	87222A707545E783D9FAE7940645A2C3	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2014-10-15 07:10:52	5807843607013D16EEEDC15DA4AA83E7	497664	----a-w-	C:\Windows\Sysnative\drmmgrtn.dll
2014-10-15 07:10:51	999A7FD4D9F8B1656F1167D94743E50A	457400	----a-w-	C:\Windows\Sysnative\ci.dll
2014-10-15 07:10:47	84396ACFCF981E2CBFACD084DF1271B9	616352	----a-w-	C:\Windows\Sysnative\winresume.efi
2014-10-15 07:10:45	DA9AF4793B4874BE0BE28170DB890CDF	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2014-10-15 07:10:45	00B454421642EF68B7A17D2C153920E2	693176	----a-w-	C:\Windows\Sysnative\winload.efi
2014-10-15 07:10:44	8F3FE4C327D30629266F1F0650C2E910	1574400	----a-w-	C:\Windows\Sysnative\quartz.dll
2014-10-15 07:10:42	C2664AA33B7127C737FC5612EBEB4DE9	619056	----a-w-	C:\Windows\Sysnative\winload.exe
2014-10-15 07:10:40	73D81B5B4B2655CB1B5662E770F755D5	532176	----a-w-	C:\Windows\Sysnative\winresume.exe
2014-10-15 07:10:39	19D511CC455C19DE1ADF60E6C39C85B6	187904	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2014-10-15 07:10:37	7FC292D1527EDFEBA2576B6789DE6AB5	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2014-10-15 07:10:35	D382414098819BA8A0C2A5F362A710DC	5551032	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2014-10-15 07:10:32	F06D511B37BB101A7951A1837224B7A5	631808	----a-w-	C:\Windows\Sysnative\evr.dll
2014-10-15 07:10:28	6B381E24EC6A6519DC0A67F1DF5EF82C	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2014-10-15 07:10:28	08835F1772B58DE4C3AAF604760276A5	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2014-10-15 07:10:27	C92075D9FFC8429E6CA1279EA8D25722	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2014-10-15 07:10:26	81A2008198A6E450E4BC7EF361154C8A	1069056	----a-w-	C:\Windows\Sysnative\cryptui.dll
2014-10-15 07:10:25	4BE4D8091FBE4DE496B3EFBA206F29AE	432128	----a-w-	C:\Windows\Sysnative\mfplat.dll
2014-10-15 07:10:25	2C1B6A64294F2182DC4999F923873974	679424	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2014-10-15 07:10:24	724EE88C7003974720087A4344331FC1	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2014-10-15 07:10:24	256390425414F90FCBC12F525A84EB11	188416	----a-w-	C:\Windows\Sysnative\pcasvc.dll
2014-10-15 07:10:22	D9A61370B40ABAA9F509113504CD8425	82432	----a-w-	C:\Windows\Sysnative\cryptsp.dll
2014-10-15 07:10:22	6F86A81133E8D468DDBE74E2A96CEA03	641024	----a-w-	C:\Windows\Sysnative\msscp.dll
2014-10-15 07:10:20	F71CA01C24FC3798A717B5A6F682F9AD	32256	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2014-10-15 07:10:20	F4F4D51214FEC718D798CA4FF7629FC5	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2014-10-15 07:10:20	D179B4872554CFFD5621FD76E4469C81	325632	----a-w-	C:\Windows\Sysnative\msnetobj.dll
2014-10-15 07:10:19	A8DDFADCA566D4EA38C9DA928D14A658	126464	----a-w-	C:\Windows\Sysnative\audiodg.exe
2014-10-15 07:10:19	68E09E7CD4DC52F132A4B492ACE8C243	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2014-10-15 07:10:19	01C98E5902E428D5C7EA136895FAEF4C	58880	----a-w-	C:\Windows\Sysnative\appidapi.dll
2014-10-15 07:10:14	9797A23F773C0782A0D91BEC44054166	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2014-10-15 07:10:11	D79539E35A0F4A1A6E5DC9A268696DC5	146944	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2014-10-15 07:10:10	AB2EB93A982A2C26BA3E4D2D65328804	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2014-10-15 07:10:08	C15F3DF9122C70F42AC6D66CBC90918B	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2014-10-15 07:10:07	310A2A61A5588D932002F83651188C9E	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2014-10-15 07:10:02	B86AE91A441FA81CFFF2B53F2A1BF123	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2014-10-15 07:09:58	5C90E1F072AF0579620B500DA14588C3	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2014-10-15 07:09:57	855056F06F3677063DB2CC51899BC216	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2014-10-15 07:09:57	855056F06F3677063DB2CC51899BC216	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2014-10-15 07:09:56	71EF970D853661A6BAFBD45C36714FEC	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2014-10-15 07:09:56	63578DB847FCC40883CB8F303E785D46	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2014-10-15 07:09:41	974F83636F841739FEA5CC6219BFB241	276480	----a-w-	C:\Windows\Sysnative\generaltel.dll
2014-10-15 07:09:40	510D5492BCA9E63E10E3CE0285965722	507392	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-10-15 07:09:39	767D478BB4B2F84B47B3C0956E6A5A05	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-10-15 07:09:33	C109D5136DF0A6CA668C7AD888AA125F	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-10-15 07:09:33	739D9C9F220CCEDAFD8212C6B976B60D	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-10-15 07:09:33	29C0530E0F120AC3E583889DCD6A63DD	710656	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-10-15 07:09:32	DD8E9C85F9F428859713055183661956	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-10-15 07:09:32	4D21F4FDF57DF86FAD9149ED1C071D15	72704	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-10-15 07:09:30	87D14AF9A2C3F3D5233B613CFA9C321D	378552	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-10-15 07:09:29	0F5A279522FA6A30C9C5A297A1064933	1447936	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-10-15 07:09:28	E9109E91BB8366759822DC2FC9B5DA8B	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-10-15 07:09:28	DAF317E9F4CEC206D0D443014A427341	446464	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-10-15 07:09:28	B07E9AFF50DC007E7D5AC54736AA5A25	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-10-15 07:09:28	45B736E3184B68515FDB71D4083A9BCF	731136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-10-15 07:09:26	646C004F58AA4762F92BF7C595216C37	2108416	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-10-15 07:09:26	0467A4DDA6B2CE8E27A8178BF035BA18	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-10-15 07:09:25	050FD78BA4EFA62417F61F4C098B5B25	2796032	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-10-15 07:09:23	BE37AA454460539877420951EEA16EF0	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-10-15 07:09:22	98241BE7EB26C41562D33393DD12608F	289280	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-10-15 07:09:22	88D2165E07CEDC3F34CBE1A5A807673D	595968	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-10-15 07:09:21	7E60EE8A68F7270D1E1662CBA275D4FA	13619200	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-10-15 07:09:20	F9FA80C1CB6EAC55A7F534937F6AC4E4	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-10-15 07:09:20	A2105E46DC9CE38A1D57FB124436E1BC	85504	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-10-15 07:09:20	70527367E5779C3537992F0768D9C59A	1249280	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-10-15 07:09:19	DB101A62F9BF8E7765685950169EF52B	758272	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-10-15 07:09:19	D3B07C2FABEAE749E4E51F1E93CABA23	5829632	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-10-15 07:09:18	328143D6BC5951E1797BD524C4E98CDC	547328	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-10-15 07:09:18	2E5AF1507CBE735B4D7EBFF1908EA0E1	775168	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-10-15 07:09:17	9D98D4F390F0B14A782F3B931E613A1A	2309632	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-10-15 07:09:16	EB710A3AF29BEC4EE7475A1ED5C575DE	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-10-15 07:09:16	30FB9ABB6C45C3299CFA5F556904DD5F	83968	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-10-15 07:09:15	7415B29AFE2E4494A57358B8C7E78600	23631360	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-10-15 07:09:15	15847E14811FEDDF77E934AF4F0BEF45	940032	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-10-15 07:07:33	ADD3F2C3E6B89BD16D4BFC61B3658DD9	3241472	----a-w-	C:\Windows\Sysnative\msi.dll
2014-10-15 07:07:22	DD7C31F12936795C0516BB6C59CBCCD8	424448	----a-w-	C:\Windows\Sysnative\rastls.dll
2014-10-15 07:07:07	467D0E831D6DF8DA16BF856D0537A153	3722240	----a-w-	C:\Windows\Sysnative\mstscax.dll
2014-10-15 07:07:05	8516703179C3BDE90A3ED31B9EC16F8D	1118720	----a-w-	C:\Windows\Sysnative\mstsc.exe
2014-10-15 07:07:05	4FC4C50985E5B840F4D72E57286887B8	681984	----a-w-	C:\Windows\Sysnative\termsrv.dll
2014-10-15 07:07:04	C23B6D9D16FD86F446BE607CA18389D9	235520	----a-w-	C:\Windows\Sysnative\winsta.dll
2014-10-15 07:07:04	85E03B6E05939845BC924C91AEDE0E24	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-10-15 07:07:04	0374D83D003043E7DE33036294A2EFAE	150528	----a-w-	C:\Windows\Sysnative\rdpcorekmts.dll
2014-10-15 07:07:03	560CF90C026C0FE51CC6820302FF94FE	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-10-15 07:06:44	1DB68B8A1E3BDE3C19F1D3612CE436CA	77312	----a-w-	C:\Windows\Sysnative\packager.dll
====== C:\Windows\Sysnative\drivers =====
2014-10-19 19:52:19	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-10-19 19:51:44	D3311B31C470E7681B14D9B014CBF9ED	93400	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-10-19 19:51:44	95EF63A7827D4E3A229CBBCB42619E93	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-10-19 19:51:44	5C3669B71657F22E67A1D4BD49D2CBE7	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2014-10-15 07:10:50	946010CDFA91469351B22E2620CEBCD8	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2014-10-15 07:10:19	80B9412C4DE09147581FC935FB4C97AB	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2014-10-15 07:07:04	FE571E088C2D83619D2D48D4E961BF41	212480	----a-w-	C:\Windows\Sysnative\drivers\rdpwd.sys
2014-10-15 07:07:03	E232A3B43A894BB327FC161529BD9ED1	39936	----a-w-	C:\Windows\Sysnative\drivers\tssecsrv.sys
====== C:\Windows\Tasks ======
2014-10-19 19:33:57	33020DD6495F45CB45BA40B786AA7BCC	3172	----a-w-	C:\Windows\Sysnative\Tasks\{B2255FDC-E80A-4F60-86F7-474141ACD540}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-10-20 10:41:23	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\beheerder\AppData\Roaming ======
2014-10-20 11:40:50	--------	d-----r-	C:\Users\beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-10-19 18:34:39	--------	d-----w-	C:\Users\beheerder\AppData\Local\Programs
2014-10-19 18:34:08	--------	d-----w-	C:\Users\beheerder\AppData\Local\ESET
====== C:\Users\beheerder ======
2014-10-20 10:40:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\beheerder\Desktop\RSITx64.exe
2014-10-20 10:40:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\beheerder\Downloads\RSITx64.exe
2014-10-20 10:32:57	590AE97695A21AE8FA5B419BE3E13452	1976320	----a-w-	C:\Users\beheerder\Desktop\adwcleaner_4.000.exe
2014-10-20 10:32:26	590AE97695A21AE8FA5B419BE3E13452	1976320	----a-w-	C:\Users\beheerder\Downloads\adwcleaner_4.000.exe
2014-10-19 19:49:31	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\beheerder\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-10-19 19:48:46	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\beheerder\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-19 18:32:30	AFB62E3C2EB88B8126B21157D16ED668	1230792	----a-w-	C:\Users\beheerder\Downloads\Setup.exe
2014-10-17 22:17:01	C3863B6BF0C75EE3545DB38FB4D60E3D	422096	----a-w-	C:\Users\beheerder\Downloads\3d intro software__3516_i1376601810_il2400112.exe

====== C: exe-files ==
2014-10-20 10:41:24	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\beheerder.exe
2014-10-20 10:40:50	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\beheerder\Desktop\RSITx64.exe
2014-10-20 10:40:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\beheerder\Downloads\RSITx64.exe
2014-10-20 10:32:57	590AE97695A21AE8FA5B419BE3E13452	1976320	----a-w-	C:\Users\beheerder\Desktop\adwcleaner_4.000.exe
2014-10-20 10:32:26	590AE97695A21AE8FA5B419BE3E13452	1976320	----a-w-	C:\Users\beheerder\Downloads\adwcleaner_4.000.exe
2014-10-19 19:49:31	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\beheerder\Downloads\mbam-setup-2.0.3.1025 (1).exe
2014-10-19 19:48:46	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\beheerder\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-19 18:49:43	59780B706506CBC1F38D4C65A5C12F16	590036	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G46IME6C\Setup[2].exe
2014-10-19 18:36:50	7E767B342E55EB1DFD74A65D24EA4B70	46080	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleUpdateOnDemand.exe
2014-10-19 18:36:49	F98DE4108614E4BB81E95E58E36C7000	46080	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleUpdateBroker.exe
2014-10-19 18:36:48	D858BA2EE718B1DB1CED20646E641D08	68608	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleUpdate.exe
2014-10-19 18:36:47	03114DADBD9977FC823F95B21FB987E7	72872	----a-w-	C:\Users\beheerder\AppData\Local\Temp\comh.43120\GoogleCrashHandler.exe
2014-10-19 18:36:12	FC21A1E3C73717CF909843CCF8D53F45	5879123	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\STU0XCY3\OptimizerPro[1].exe
2014-10-19 18:35:10	EE0F1A317902357B1E5E10831CC56D69	18726016	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UPVV65M8\SpeedUpMyPC-standalone-setup[1].exe
2014-10-19 18:34:21	F941BD0D562C6A653A8FAF252614BB9E	417280	----a-w-	C:\Users\beheerder\AppData\Local\Temp\YjUc0.exe
2014-10-19 18:34:21	5B9C89A31AF5AA240E8DF2D79F4CDC84	100864	----a-w-	C:\Users\beheerder\AppData\Local\Temp\vwkT0.exe
2014-10-19 18:33:41	6FD09E8F12EA543EC1EE2887AD599AAA	1294488	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D9tmp\speedupmypc.exe
2014-10-19 18:33:41	6FD09E8F12EA543EC1EE2887AD599AAA	1294488	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G46IME6C\speedupmypc[1].exe
2014-10-19 18:33:38	FC21A1E3C73717CF909843CCF8D53F45	5879123	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69DAtmp\optimizerpro.exe
2014-10-19 18:33:38	E63993CE7CE3945FA7DB7AB8202F2823	11210064	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D7tmp\setup.exe
2014-10-19 18:33:38	E63993CE7CE3945FA7DB7AB8202F2823	11210064	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G46IME6C\setup[1].exe
2014-10-19 18:33:38	A4C6DD6C7E63CA486299179E1270ABF5	284264	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D8tmp\vopackage.exe
2014-10-19 18:33:38	A4C6DD6C7E63CA486299179E1270ABF5	284264	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G46IME6C\VOPackage[1].exe
2014-10-19 18:33:38	854A13B86B3FA7A85774D28F2E8026BB	557432	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69DBtmp\lly_omiga-plus.exe
2014-10-19 18:33:38	7AE1648C791AE0C68DC6DFCEE8CD5F37	13088475	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69D5tmp\fastplayersetup.exe
2014-10-19 18:33:38	7AE1648C791AE0C68DC6DFCEE8CD5F37	13088475	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G46IME6C\FastPlayerSetup[1].exe
2014-10-19 18:33:38	397DB6A50D4ABB17362A6E752193F9AE	3774600	----a-w-	C:\Users\beheerder\AppData\Local\Temp\69EBtmp\3333-2080_speedchecker.exe
2014-10-19 18:33:37	854A13B86B3FA7A85774D28F2E8026BB	557432	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G46IME6C\lly_omiga-plus[1].exe
2014-10-19 18:33:37	397DB6A50D4ABB17362A6E752193F9AE	3774600	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G46IME6C\3333-2080_SpeedChecker[1].exe
2014-10-19 18:32:30	AFB62E3C2EB88B8126B21157D16ED668	1230792	----a-w-	C:\Users\beheerder\Downloads\Setup.exe
2014-10-19 09:27:06	6D9BFDEE755D4AF0676356E1DCF93E2A	175851	------w-	C:\Users\beheerder\AppData\Local\Temp\is45637729\234385_stp\Generic_vo.exe
2014-10-17 22:17:01	C3863B6BF0C75EE3545DB38FB4D60E3D	422096	----a-w-	C:\Users\beheerder\Downloads\3d intro software__3516_i1376601810_il2400112.exe
2014-10-15 12:24:34	FDEF10DAABBC25DFCED4A80FBED334C7	938064	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.104\38.0.2125.104_38.0.2125.101_chrome_updater.exe
2014-10-15 07:10:27	C97F0824615473C485B882E5E19CFCC9	497080	----a-w-	C:\Windows\Boot\PCAT\memtest.exe
2014-10-15 07:10:03	D5F60B28FB5F9210AD9827FEB47B1AF2	167424	----a-w-	C:\Program Files\Windows Media Player\wmplayer.exe
2014-10-15 07:10:02	686A215E51F5FF66B529AF7AA940EAE3	102912	----a-w-	C:\Program Files\Windows Media Player\wmpshare.exe
2014-10-15 07:10:02	0786D45A6F41F075E20A18E2F7285BA0	164864	----a-w-	C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-10-15 07:10:00	E017E313FB86FDD356D3F15A7024B4F2	102400	----a-w-	C:\Program Files\Windows Media Player\wmpconfig.exe
2014-10-15 07:10:00	AC3B58FFD38D515DE923C63C2ACDFD54	102400	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpshare.exe
2014-10-15 07:09:58	B56E64D20C205B219C717496E00303D0	101888	----a-w-	C:\Program Files (x86)\Windows Media Player\wmpconfig.exe
2014-10-15 07:09:33	6B9FDB34A5A490FF6A7EDE280062626A	810680	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-10-15 07:09:33	54C9747BB0A64F4D9D401E4648363386	222720	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-10-15 07:09:30	F9F310F9FB7F294F00ABDD03453D8CEE	812736	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-10-15 07:09:30	649E8F572EC0D929F4EED13A53AC0475	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-10-15 07:09:30	53E24F2DB97EFAF85FE093AA254790EC	470528	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-10-15 07:09:26	C876F8303AA30481A36FE2AACDE77671	483840	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
=== C: other files ==
2014-10-19 19:52:19	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-10-19 19:51:44	D3311B31C470E7681B14D9B014CBF9ED	93400	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-19 19:51:44	95EF63A7827D4E3A229CBBCB42619E93	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2014-10-19 19:51:44	5C3669B71657F22E67A1D4BD49D2CBE7	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2014-10-19 18:37:17	75CEC9CCDB27EF7C4625D96E7168B125	2898284	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UPVV65M8\2[1].zip
2014-10-19 18:36:29	1E36A920E3FCE279BD021B4C72F2C9C1	394185	----a-w-	C:\Users\beheerder\AppData\Local\Temp\scoped_dir_4296_26911\pelmeidfhdlhlbjimpabfcbnnojbboma.crx
2014-10-19 18:36:16	1E36A920E3FCE279BD021B4C72F2C9C1	394185	----a-w-	C:\Users\beheerder\AppData\Local\Temp\scoped_dir_5196_25721\pelmeidfhdlhlbjimpabfcbnnojbboma.crx
2014-10-19 18:33:57	0D419045421666AC273272DF2BB7F376	2489525	----a-w-	C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YJU5I48B\1[1].zip
2014-10-15 07:11:32	5602D4C331FD7938ADE06D9242138922	3198976	----a-w-	C:\Windows\System32\win32k.sys
2014-10-15 07:10:50	946010CDFA91469351B22E2620CEBCD8	663552	----a-w-	C:\Windows\System32\drivers\PEAuth.sys
2014-10-15 07:10:19	80B9412C4DE09147581FC935FB4C97AB	61440	----a-w-	C:\Windows\System32\drivers\appid.sys
2014-10-15 07:07:04	FE571E088C2D83619D2D48D4E961BF41	212480	----a-w-	C:\Windows\System32\drivers\rdpwd.sys
2014-10-15 07:07:03	E232A3B43A894BB327FC161529BD9ED1	39936	----a-w-	C:\Windows\System32\drivers\tssecsrv.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1970109917-990858796-2414450077-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo\PROGRA~2\Yahoo\MESSEN~1\YahooMessenger.exe -quiet"
"MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"Dolby Advanced Audio v2"="C:\Dolby PCEE4\pcee4.exe -autostart"
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo\PROGRA~2\Yahoo\MESSEN~1\YahooMessenger.exe -quiet"
"MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"InstantUpdate"="C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe"
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Folders ======================

2013-01-22 13:41:14	1300	----a-w-	C:\Users\beheerder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25/09/2014 03:43]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/09/2013 15:55]
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8af01bf5227c.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29/09/2013 15:55]
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf25a936a301aa" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf8af01bf5227c" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\Windows\SysNative\tasks\UALU notificatin" ["C:\Program Files\Acer\Acer Updater\UALU.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Recovery Management\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 12:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\BEHEER~1\AppData\Roaming\Mozilla\Firefox\Profiles\c15y67we.default-1409299182851
- Undetermined - C:\Users\beheerder\AppData\Roaming\Mozilla\Firefox\Profiles\c15y67we.default-1409299182851\extensions\975af956-6d8c-4897-837a-25c267d2cec1@gmail.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================


==== Chromium Look ======================


==== Chromium Fix ======================

C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsondemand.com_0.localstorage deleted successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsondemand.com_0.localstorage-journal deleted successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.supersaver.nl_0.localstorage deleted successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.supersaver.nl_0.localstorage-journal deleted successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.omiga-plus.com_0.localstorage deleted successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.omiga-plus.com_0.localstorage-journal deleted successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage deleted successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.omiga-plus.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\omiga-plus uninstall deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\beheerder\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\beheerder\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\beheerder\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\beheerder\AppData\Local\Mozilla\Firefox\Profiles\c15y67we.default-1409299182851\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\beheerder\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\beheerder\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=123 folders=24 1650644 bytes)

==== Empty Temp Folders ======================

C:\Users\beheerder\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\BEHEER~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 20/10/2014 at 20:14:53,40 ======================