
Zoek.exe v5.0.0.0 Updated 06-December-2014
Tool run by Rene on zo 07-12-2014 at 12:18:04,22.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rene\Desktop\zoek.exe.scr [Scan all users] [Script inserted] 

==== System Restore Info ======================

7-12-2014 12:19:25 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Synology deleted successfully
C:\Users\Rene\AppData\Roaming\WinRAR deleted successfully
C:\Users\Default\AppData\Local\PackageAware deleted successfully

==== File Information Results ======================


==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2014-11-17 09:03:49	ACDBE1ED38167C8B01B8F63161BB2CEA	2374784	----a-w-	C:\WINDOWS\explorer.exe
2014-11-12 16:32:59	6252728BE03B3134B402032072985DCF	64	----a-w-	C:\WINDOWS\brpcfx.ini
2014-11-12 16:32:59	2A672B9A5CB73E3F610B84E02D9E3594	258	----a-w-	C:\WINDOWS\Brpfx04a.ini
2014-11-12 16:32:36	7D6E128FDC85D9EC2130ECAEC7FB7C76	66	----a-w-	C:\WINDOWS\Brfaxrx.ini
2014-11-12 16:32:35	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\WINDOWS\brdfxspd.dat
2014-11-12 15:35:26	85BDC9BCB8B49319B5A841D5E3EA8A3F	26673	----a-w-	C:\WINDOWS\diagwrn.xml
2014-11-12 15:35:26	85BDC9BCB8B49319B5A841D5E3EA8A3F	26673	----a-w-	C:\WINDOWS\diagerr.xml
2014-11-12 14:36:32	796C63AA8A5F19AC3E52BE0502B4BA5F	519	----a-w-	C:\WINDOWS\ODBCINST.INI
2014-11-12 14:03:16	B59EF013D567E5746F1DEE2565F747ED	43152	----a-w-	C:\WINDOWS\avastSS.scr
====== C:\Users\Rene\AppData\Local\Temp ====
2014-12-05 17:15:44	EB4686F6F4BE2B00AA40978D551F66C4	43008	----a-w-	C:\Users\Rene\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj8mrjz.dll
====== Java Cache =====
2014-11-12 14:10:01	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Rene\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-4960eafb
2014-11-12 14:10:01	2815499CB94DB64CA94E5785CBE722CD	424	----a-w-	C:\Users\Rene\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2014-11-12 14:10:01	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Rene\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-46e2f207
2014-11-12 14:10:02	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Rene\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-19a87aaa
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-12-05 17:13:47	23C5A885C5CA0A838013CD3F1534E79D	1584	----a-w-	C:\WINDOWS\Sysnative\.crusader
====== C:\WINDOWS\Sysnative\drivers =====
2014-12-05 17:14:31	545EE654B04D52AF2E7F5F393D1F7D75	43664	----a-w-	C:\WINDOWS\Sysnative\drivers\hitmanpro37.sys
2014-11-17 09:08:10	8DF1254093B5C354CE725EB6B9B0DE19	146752	----a-w-	C:\WINDOWS\Sysnative\drivers\msgpioclx.sys
2014-11-17 09:05:24	DE8D12B4C3F55FA2C5E9774314F6C58A	258368	----a-w-	C:\WINDOWS\Sysnative\drivers\WdFilter.sys
2014-11-17 09:05:23	4AD874CDC812EC156265E451B6B09DAB	114496	----a-w-	C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys
2014-11-17 09:05:23	0359607177E5E9F6041136CC0A5CB0B6	35320	----a-w-	C:\WINDOWS\Sysnative\drivers\WdBoot.sys
2014-11-17 09:04:19	9F08A6608F98B5407E7DDBCF306573EF	27456	----a-w-	C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys
2014-11-17 09:04:19	6D2EE96150E35B9EA49F2B481DE0369A	177472	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2014-11-17 09:04:19	4E1207CE16E615B0B7A70DC889F4500E	563976	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2014-11-17 09:03:55	7A1A3F213CDB3363D179D5014272025D	402432	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2014-11-17 09:03:55	674A4702E4E144E8710ED1A2EC6DD049	96768	----a-w-	C:\WINDOWS\Sysnative\drivers\agilevpn.sys
2014-11-17 09:03:54	65ED7B9CFEA893DF7748D5FF692690DE	38912	----a-w-	C:\WINDOWS\Sysnative\drivers\vwifimp.sys
2014-11-17 09:03:54	35BF5C5F5E3C9902C98978C7640574DA	71680	----a-w-	C:\WINDOWS\Sysnative\drivers\vwififlt.sys
2014-11-17 09:03:24	D537815E450A149752C15868392AD1F3	110592	----a-w-	C:\WINDOWS\Sysnative\drivers\WUDFPf.sys
2014-11-17 09:03:24	7CCBBCEE408A5DBE3FE47297DB5A6CFC	227840	----a-w-	C:\WINDOWS\Sysnative\drivers\WUDFRd.sys
2014-11-17 09:01:06	CCB3A2BB60FE5073F2DEA63FE83CF8FE	2497344	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2014-11-17 09:01:04	E3FCE2A6B3533D99A3B498504DF9CC47	474432	----a-w-	C:\WINDOWS\Sysnative\drivers\netio.sys
2014-11-17 09:01:03	7F23E38C5B6448F91439E4066645191E	428864	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2014-11-17 09:01:03	66732C13628BDB1AB0D6FD46027327C2	148800	-c--a-w-	C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2014-11-12 19:05:28	67C03C21F319647834DAA61704D8A248	34640	----a-w-	C:\WINDOWS\Sysnative\drivers\AsrRamDisk.sys
2014-11-12 17:51:38	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2014-11-12 17:51:31	CA43F8904E24BBE49982E4C0B29E6579	25816	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2014-11-12 17:51:31	9D7BFFDB5FA62B600DF1FCB4919D9D79	64216	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2014-11-12 17:51:31	478CC94C937D235CB0A96AB8F2359D81	93400	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2014-11-12 16:21:33	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-11-12 15:33:52	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-11-12 15:13:31	EFE63BDFC12A1DD65FBB9E621F29B78C	10224	----a-w-	C:\WINDOWS\Sysnative\drivers\cdr4_xp.sys
2014-11-12 15:13:31	87B04878A6D59D6C79251DC960C674C1	55856	----a-w-	C:\WINDOWS\Sysnative\drivers\PxHlpa64.sys
2014-11-12 15:13:31	60B3B1A2544EB7843F26EC291BB590BB	10224	----a-w-	C:\WINDOWS\Sysnative\drivers\cdralw2k.sys
2014-11-12 14:03:18	E74FD717476B30E23F45354B8F3ACB30	1050432	----a-w-	C:\WINDOWS\Sysnative\drivers\aswsnx.sys
2014-11-12 14:03:18	B1881A01E301990B671694CA1623F1B6	436624	----a-w-	C:\WINDOWS\Sysnative\drivers\aswSP.sys
2014-11-12 14:03:18	9BE9F2B83DE80E2752B1405CC427E2EC	29208	----a-w-	C:\WINDOWS\Sysnative\drivers\aswHwid.sys
2014-11-12 14:03:18	7509F07BA6F84C1E3B2C0D78A1F6F782	116728	----a-w-	C:\WINDOWS\Sysnative\drivers\aswStm.sys
2014-11-12 14:03:18	4750016EF9CC1DEC6DA3FE5AF9A7F095	93568	----a-w-	C:\WINDOWS\Sysnative\drivers\aswRdr2.sys
2014-11-12 14:03:18	2DA1C1AEDF454F8E32A863A1AEACDD8C	83280	----a-w-	C:\WINDOWS\Sysnative\drivers\aswMonFlt.sys
2014-11-12 14:03:18	1A5BDDE65B648DC3AD48B6ECAA3AE9C8	267632	----a-w-	C:\WINDOWS\Sysnative\drivers\aswVmm.sys
2014-11-12 14:03:18	1323269A92645705DEFA053F3596829D	65776	----a-w-	C:\WINDOWS\Sysnative\drivers\aswRvrt.sys
2014-11-12 13:51:46	33F90B202E9DD9B7D489EB59310FDC34	283064	----a-w-	C:\WINDOWS\Sysnative\drivers\dtsoftbus01.sys
2014-11-12 11:47:46	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
====== C:\WINDOWS\Tasks ======
2014-12-05 17:15:52	6D201BD37EF7318D6295D6BEA81DF3FC	3030	----a-w-	C:\WINDOWS\Sysnative\Tasks\asrRd
2014-11-12 19:05:50	12525EB872412451472726A23C09C8EB	2964	----a-w-	C:\WINDOWS\Sysnative\Tasks\AsrXTU
2014-11-12 17:50:40	67903D89EE869BCFDE44B98CA05B3CFC	3966	----a-w-	C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{0AD04A34-0AD0-42A6-B2AB-CA3F467243DB}
2014-11-12 17:38:52	AE9E859AA9828E9D37D2E8B8C830204F	3506	----a-w-	C:\WINDOWS\Sysnative\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rfh.tobe@gmail.com
2014-11-12 14:03:22	417E933B70CFBF0BF22A9B7F379A2137	4182	----a-w-	C:\WINDOWS\Sysnative\Tasks\avast! Emergency Update
2014-11-12 13:47:57	FEDC07B9B95BD7C47A0257228D75A5C0	3812	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 13:47:57	D582AE163BA6B69BBF7E3C161637858C	1072	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 13:47:57	4E7F968B4C85469FE64F0E48ABC3E557	1076	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 13:47:57	179F1410FB2AB0D1C2ADD2A5796323DF	4048	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 13:44:35	6DEAAADBE18EDDD5520F9B955FC9EFC4	3554	----a-w-	C:\WINDOWS\Sysnative\Tasks\CreateChoiceProcessTask
2014-11-12 11:56:44	C243DC26CF5CBE5D9056EE6731E0AB0B	3598	----a-w-	C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3158923719-191908326-2329777105-1001
2014-11-12 11:50:12	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\WPD
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-12-05 17:20:49	--------	d-----w-	C:\Program Files\trend micro
2014-12-05 17:12:05	--------	d-----w-	C:\Program Files\HitmanPro
2014-11-12 19:05:28	--------	d-----w-	C:\Program Files\ASRock Utility
2014-11-12 17:36:25	--------	d-----w-	C:\Program Files\Adobe
2014-11-12 15:32:50	--------	d-----w-	C:\Program Files\Intel
2014-11-12 15:31:31	--------	d-----w-	C:\Program Files\Reference Assemblies
2014-11-12 15:31:31	--------	d-----w-	C:\Program Files\MSBuild
2014-11-12 15:15:03	--------	d-----w-	C:\Program Files\Common Files\Adobe
2014-11-12 14:16:42	--------	d-----w-	C:\Program Files\Microsoft Office
======= C:\PROGRA~2 =====
2014-12-02 16:07:10	--------	d-----w-	C:\PROGRA~2\ITbrain Agent
2014-11-20 14:43:34	--------	d-----w-	C:\PROGRA~2\ABN AMRO e.dentifier2
2014-11-12 19:05:25	--------	d-----w-	C:\PROGRA~2\ASRock Utility
2014-11-12 16:32:39	--------	d-----w-	C:\PROGRA~2\Browny02
2014-11-12 16:32:36	--------	d-----w-	C:\PROGRA~2\ControlCenter4
2014-11-12 16:32:32	--------	d-----w-	C:\PROGRA~2\Brother
2014-11-12 16:32:26	--------	d--h--w-	C:\PROGRA~2\InstallShield Installation Information
2014-11-12 15:32:48	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel
2014-11-12 15:31:32	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2014-11-12 15:31:32	--------	d-----w-	C:\PROGRA~2\MSBuild
2014-11-12 15:15:36	--------	d-----w-	C:\PROGRA~2\ABBYY FineReader 12
2014-11-12 15:14:59	--------	d-----w-	C:\PROGRA~2\COMMON~1\Adobe AIR
2014-11-12 15:13:33	--------	d-----w-	C:\PROGRA~2\Ashampoo
2014-11-12 15:13:23	--------	d-----w-	C:\PROGRA~2\COMMON~1\Sonic Shared
2014-11-12 15:13:23	--------	d-----w-	C:\PROGRA~2\COMMON~1\PX Storage Engine
2014-11-12 15:08:16	--------	d-----w-	C:\PROGRA~2\COMMON~1\Adobe
2014-11-12 15:08:16	--------	d-----w-	C:\PROGRA~2\Adobe
2014-11-12 15:08:09	--------	d-----w-	C:\PROGRA~2\QuickPar
2014-11-12 15:02:37	--------	d-----w-	C:\PROGRA~2\TeamViewer
2014-11-12 14:42:40	--------	d-----w-	C:\PROGRA~2\COMMON~1\InstallShield
2014-11-12 14:36:26	--------	d-----w-	C:\PROGRA~2\Pervasive Software
2014-11-12 14:18:01	--------	d-----w-	C:\PROGRA~2\Microsoft Works
2014-11-12 14:17:53	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio
2014-11-12 14:17:53	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2014-11-12 14:16:25	--------	d-----w-	C:\PROGRA~2\Microsoft Office
2014-11-12 14:12:34	--------	d-----w-	C:\PROGRA~2\KeePass Password Safe
2014-11-12 14:11:07	--------	d-----w-	C:\PROGRA~2\KeePass Password Safe 2
2014-11-12 14:09:49	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2014-11-12 14:09:40	--------	d-----w-	C:\PROGRA~2\Java
2014-11-12 13:51:41	--------	d-----w-	C:\PROGRA~2\DAEMON Tools Lite
2014-11-12 13:47:56	--------	d-----w-	C:\PROGRA~2\Google
2014-11-12 13:47:15	--------	d-----w-	C:\PROGRA~2\WinRAR
2014-11-12 12:24:19	--------	d-----w-	C:\PROGRA~2\Intel
======= C: =====
====== C:\Users\Rene\AppData\Roaming ======
2014-12-05 16:45:16	9BF31C7FF062936A96D3C8BD1F8F2FF3	2	----a-w-	C:\Users\Rene\AppData\Local\DSI.DAT
2014-12-05 16:45:15	BC08640A6145034B7CF9B371351FF8D8	22528	----a-w-	C:\Users\Rene\AppData\Local\dsisetup13030414372.exe
2014-12-03 08:45:29	339D5BCAA122E65E6793335169676FAC	133	----a-w-	C:\Users\Rene\AppData\Roaming\WB.CFG
2014-12-03 07:45:35	--------	d-----w-	C:\Users\Rene\AppData\Roaming\FileZilla
2014-11-19 14:13:30	--------	d-sh--w-	C:\Users\Rene\AppData\Local\EmieBrowserModeList
2014-11-19 14:13:29	--------	d-sh--w-	C:\Users\Rene\AppData\Locallow\EmieBrowserModeList
2014-11-12 17:50:47	--------	d-sh--w-	C:\Users\Rene\AppData\Locallow\EmieUserList
2014-11-12 17:50:40	--------	d-sh--w-	C:\Users\Rene\AppData\Locallow\EmieSiteList
2014-11-12 17:50:40	--------	d-sh--w-	C:\Users\Rene\AppData\Local\EmieUserList
2014-11-12 17:50:40	--------	d-sh--w-	C:\Users\Rene\AppData\Local\EmieSiteList
2014-11-12 17:45:01	DD89B12A21223EE65709C540BEEB4D36	34	----a-w-	C:\Users\Rene\AppData\Roaming\AdobeWLCMCache.dat
2014-11-12 17:38:55	--------	d-----w-	C:\Users\Rene\AppData\Locallow\Adobe
2014-11-12 16:36:59	--------	d-----w-	C:\Users\Rene\AppData\Roaming\ControlCenter4
2014-11-12 16:36:03	84417BD0B25F80D24EC989013F92A419	515792	----a-w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-11-12 16:19:43	--------	d-----w-	C:\Users\Rene\AppData\Roaming\InstallShield
2014-11-12 16:15:22	--------	d-----w-	C:\Users\Rene\AppData\Local\ElevatedDiagnostics
2014-11-12 16:07:28	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Identities
2014-11-12 16:07:26	--------	d-----w-	C:\Users\Rene\AppData\Local\A.E.T. Europe B.V
2014-11-12 15:38:01	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe
2014-11-12 15:37:13	--------	d-s---w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft
2014-11-12 15:37:12	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2014-11-12 15:37:11	--------	d-s---w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
2014-11-12 15:35:23	--------	d-s---w-	C:\Users\Rene\AppData\Roaming\Microsoft
2014-11-12 15:35:23	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-12 15:35:23	--------	d-----w-	C:\Users\Rene\AppData\Local\Temp
2014-11-12 15:35:23	--------	d-----w-	C:\Users\Rene\AppData\Local\Microsoft
2014-11-12 15:35:23	--------	d-----r-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-12 15:35:23	--------	d-----r-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-12 15:35:23	--------	d-----r-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-12 15:32:47	--------	d-s---w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft
2014-11-12 15:15:36	--------	d-----w-	C:\Users\Rene\AppData\Local\ABBYY
2014-11-12 15:13:36	--------	d-----w-	C:\Users\Rene\AppData\Local\ashampoo
2014-11-12 15:08:09	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-11-12 15:07:09	--------	d-----w-	C:\Users\Rene\AppData\Local\Convenient
2014-11-12 15:02:40	--------	d-----w-	C:\Users\Rene\AppData\Roaming\TeamViewer
2014-11-12 14:43:51	--------	d-----w-	C:\Users\Rene\AppData\Local\Diagnostics
2014-11-12 14:38:14	--------	d-----w-	C:\Users\Rene\AppData\Local\Adobe
2014-11-12 14:16:56	--------	d-----w-	C:\Users\Rene\AppData\Roaming\uTorrent
2014-11-12 14:16:26	--------	d-----w-	C:\Users\Rene\AppData\Local\Microsoft Help
2014-11-12 14:12:53	--------	d-----w-	C:\Users\Rene\AppData\Roaming\KeePass
2014-11-12 14:12:28	--------	d-----w-	C:\Users\Rene\AppData\Local\Programs
2014-11-12 14:11:50	--------	d-----w-	C:\Users\Rene\AppData\Local\KeePass
2014-11-12 14:09:15	--------	d-----w-	C:\Users\Rene\AppData\Locallow\Sun
2014-11-12 13:51:44	--------	d-----w-	C:\Users\Rene\AppData\Roaming\DAEMON Tools Lite
2014-11-12 13:49:06	--------	d-----w-	C:\Users\Rene\AppData\Local\Spotify
2014-11-12 13:48:10	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Spotify
2014-11-12 13:47:53	--------	d-----w-	C:\Users\Rene\AppData\Local\Google
2014-11-12 13:47:25	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-12 13:47:17	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-12 13:46:42	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Dropbox
2014-11-12 13:19:13	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-11-12 12:45:55	--------	d-s---w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft
2014-11-12 11:52:14	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-11-12 11:50:09	--------	d-----w-	C:\Users\Rene\AppData\Roaming\Adobe
2014-11-12 11:50:09	--------	d-----r-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-11-12 11:50:09	--------	d-----r-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-11-12 11:49:56	--------	d-s---w-	C:\Users\Rene\AppData\Locallow\Microsoft
2014-11-12 11:49:55	--------	d-----w-	C:\Users\Rene\AppData\Local\Packages
====== C:\Users\Rene ======
2014-12-05 17:20:36	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rene\Desktop\RSITx64.exe
2014-12-05 17:12:05	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-12-05 17:11:56	--------	d-----w-	C:\ProgramData\HitmanPro
2014-12-02 16:07:10	--------	dc-h--w-	C:\ProgramData\{651038AD-E038-410A-BD90-28FB006FD850}
2014-11-20 14:43:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABN AMRO e.dentifier2
2014-11-20 14:43:12	--------	d-----w-	C:\ProgramData\{6CDCEBFA-D5FA-4ED0-A11F-AC1F8BD76DF2}
2014-11-17 08:49:32	--------	d-----r-	C:\WINDOWS\SysNative\config\systemprofile\Searches
2014-11-12 19:05:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2014-11-12 18:28:43	--------	d-----w-	C:\ProgramData\Cisco Systems
2014-11-12 17:37:59	--------	d-----w-	C:\ProgramData\regid.1986-12.com.adobe
2014-11-12 17:37:09	--------	d-----w-	C:\ProgramData\Package Cache
2014-11-12 16:33:02	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-11-12 16:32:41	--------	d-----w-	C:\Users\Public\Documents\BrFaxRx
2014-11-12 16:32:39	--------	d-----w-	C:\ProgramData\ControlCenter4
2014-11-12 16:19:45	--------	d-----w-	C:\ProgramData\Brother
2014-11-12 16:08:37	--------	d---a-w-	C:\Users\Rene\OneDrive
2014-11-12 16:07:24	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Rene\ntuser.ini
2014-11-12 15:35:23	--------	d--h--w-	C:\Users\Rene\AppData
2014-11-12 15:35:23	--------	d-----r-	C:\Users\Rene\Favorites
2014-11-12 15:35:23	--------	d-----r-	C:\Users\Rene\Documents
2014-11-12 15:35:23	--------	d-----r-	C:\Users\Rene\Desktop
2014-11-12 15:16:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-11-12 15:15:30	--------	d-----w-	C:\ProgramData\ABBYY
2014-11-12 15:13:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-11-12 15:13:36	--------	d-----w-	C:\ProgramData\ashampoo
2014-11-12 15:08:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickPar
2014-11-12 14:43:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intramed
2014-11-12 14:38:30	--------	d-----w-	C:\ProgramData\Adobe
2014-11-12 14:36:26	--------	d-----w-	C:\ProgramData\Pervasive Software
2014-11-12 14:36:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pervasive
2014-11-12 14:18:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-12 14:16:25	--------	d-----w-	C:\ProgramData\Microsoft Help
2014-11-12 14:09:49	--------	d-----w-	C:\ProgramData\Sun
2014-11-12 14:09:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-12 14:09:41	--------	d-----w-	C:\ProgramData\Oracle
2014-11-12 13:50:58	--------	d-----w-	C:\ProgramData\DAEMON Tools Lite
2014-11-12 13:48:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-12 13:47:43	--------	d-----r-	C:\Users\Rene\Dropbox
2014-11-12 13:47:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-12 13:44:35	--------	d-sh--w-	C:\Users\Rene\IntelGraphicsProfiles
2014-11-12 11:50:18	--------	d--h--r-	C:\Users\Public\AccountPictures
2014-11-12 11:50:09	--------	d-----r-	C:\Users\Rene\Searches
2014-11-12 11:50:09	--------	d-----r-	C:\Users\Rene\Contacts
2014-11-12 11:49:55	--------	d-----w-	C:\ProgramData\PRICache
2014-11-12 11:49:45	--------	d-----r-	C:\Users\Rene\Videos
2014-11-12 11:49:45	--------	d-----r-	C:\Users\Rene\Saved Games
2014-11-12 11:49:45	--------	d-----r-	C:\Users\Rene\Pictures
2014-11-12 11:49:45	--------	d-----r-	C:\Users\Rene\Music
2014-11-12 11:49:45	--------	d-----r-	C:\Users\Rene\Links
2014-11-12 11:49:45	--------	d-----r-	C:\Users\Rene\Downloads

====== C: exe-files ==
2014-12-05 17:20:49	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Rene.exe
2014-12-05 17:20:36	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rene\Desktop\RSITx64.exe
2014-12-05 17:12:06	E9499A51801037F4E7CD2D7937D76542	127752	----a-w-	C:\Program Files\HitmanPro\hmpsched.exe
2014-12-05 17:12:05	00FD7C6BEDEE9B24B0DB02B68B07AD54	11222744	----a-w-	C:\Program Files\HitmanPro\HitmanPro.exe
2014-12-05 16:45:15	BC08640A6145034B7CF9B371351FF8D8	22528	----a-w-	C:\Users\Rene\AppData\Local\dsisetup13030414372.exe
2014-12-02 16:07:10	C2B6B29CCBB54EDCB6D0E4A1DF0A9974	5567488	----a-w-	C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe
2014-12-02 16:07:10	A4AFFA8D60D66652F0415A4D18CE80BF	1316864	----a-w-	C:\Program Files (x86)\ITbrain Agent\assetscan.exe
2014-12-02 16:07:10	7F5FFD1F6B65E966A98C85C8043941A6	9728	----a-w-	C:\Program Files (x86)\ITbrain Agent\wsus2.exe
2014-12-02 16:07:10	5740EC63D089397026FDE620A464AD6C	6656	----a-w-	C:\Program Files (x86)\ITbrain Agent\wsus.exe
2014-12-02 16:07:10	425E3D564E10B2FE101FA3B5D8AD37C5	3682036	-c--a-w-	C:\ProgramData\{651038AD-E038-410A-BD90-28FB006FD850}\Agent.exe
=== C: other files ==
2014-12-07 11:11:38	EB65FB9ACB253954A051E4BC5CBFB4B4	469691	----a-w-	C:\Users\Rene\AppData\Local\Temp\avastBCLTMP\gomekmidlodglbbmalcneegieacbdmki.zip
2014-12-07 11:11:38	440D463BCDDB1C861D81100FBF959D37	442270	----a-w-	C:\Users\Rene\AppData\Local\Temp\avastBCLTMP\ompiailgknfdndiefoaoiligalphfdae.zip
2014-12-07 11:11:37	F53D639CB1616813D9811BE301CC946A	36369	----a-w-	C:\Users\Rene\AppData\Local\Temp\avastBCLTMP\dmglolhoplikcoamfgjgammjbgchgjdd.zip
2014-12-07 11:11:37	C09702F62014A267790FD079079CFD2C	711370	----a-w-	C:\Users\Rene\AppData\Local\Temp\avastBCLTMP\cfhdojbkjhnklbpkdaibdccddilifddb.zip
2014-12-07 11:11:37	5DCBE51567FB953C15F06785CAECE535	815656	----a-w-	C:\Users\Rene\AppData\Local\Temp\avastBCLTMP\gighmmpiobklfepjocnamgkkbiglidom.zip
2014-12-05 17:14:31	545EE654B04D52AF2E7F5F393D1F7D75	43664	----a-w-	C:\Windows\System32\drivers\hitmanpro37.sys
2014-12-02 16:12:24	E3690255C7592AAB404E7DCC2F445F1C	3385	----a-w-	C:\Program Files (x86)\ITbrain Agent\scripts\script_1023_13.vbs
2014-12-02 16:12:24	DDE4C35EB0140C7C468B6C13F38E94D4	2212	----a-w-	C:\Program Files (x86)\ITbrain Agent\scripts\script_1023_17.vbs
2014-12-02 16:12:24	7F010BD6E26A7670F97ECD7108D4AFDE	2064	----a-w-	C:\Program Files (x86)\ITbrain Agent\scripts\script_1023_16.vbs

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3158923719-191908326-2329777105-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_D381F003BB4051870D1FEC45D55E2467"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"Spotify"="C:\Users\Rene\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Bonus.SSR.FR12"="C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe /autorun"
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_D381F003BB4051870D1FEC45D55E2467"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"Spotify"="C:\Users\Rene\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Folders ======================

2014-11-12 13:47:35	1101	----a-w-	C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2014-11-12 14:36:32	2781	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-11-2014 14:47]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-11-2014 14:47]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\asrRd" [C:\Program Files\ASRock Utility\XFast RAM\asrRd.exe]
"C:\WINDOWS\SysNative\tasks\AsrXTU" [C:\Program Files (x86)\ASRock Utility\AXTU\Bin\AsrXTU.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{0AD04A34-0AD0-42A6-B2AB-CA3F467243DB}" [C:\WINDOWS\system32\msfeedssync.exe]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2014-11-12 11:48:24	--------	d-sh--we	C:\PROGRA~3\Bureaublad
2014-11-12 11:48:24	--------	d-sh--we	C:\PROGRA~3\Documenten
2014-11-12 11:48:24	--------	d-sh--we	C:\PROGRA~3\Menu Start
2014-11-12 11:48:24	--------	d-sh--we	C:\PROGRA~3\Sjablonen
2014-11-12 11:49:55	--------	d-----w-	C:\PROGRA~3\PRICache
2014-11-12 13:50:58	--------	d-----w-	C:\PROGRA~3\DAEMON Tools Lite
2014-11-12 13:55:21	--------	d-----w-	C:\PROGRA~3\AVAST Software
2014-11-12 14:09:41	--------	d-----w-	C:\PROGRA~3\Oracle
2014-11-12 14:09:49	--------	d-----w-	C:\PROGRA~3\Sun
2014-11-12 14:16:25	--------	d-----w-	C:\PROGRA~3\Microsoft Help
2014-11-12 14:36:26	--------	d-----w-	C:\PROGRA~3\Pervasive Software
2014-11-12 14:38:30	--------	d-----w-	C:\PROGRA~3\Adobe
2014-11-12 15:13:36	--------	d-----w-	C:\PROGRA~3\ashampoo
2014-11-12 15:15:30	--------	d-----w-	C:\PROGRA~3\ABBYY
2014-11-12 16:19:45	--------	d-----w-	C:\PROGRA~3\Brother
2014-11-12 16:32:39	--------	d-----w-	C:\PROGRA~3\ControlCenter4
2014-11-12 17:37:09	--------	d-----w-	C:\PROGRA~3\Package Cache
2014-11-12 17:37:59	--------	d-----w-	C:\PROGRA~3\regid.1986-12.com.adobe
2014-11-12 17:51:30	--------	d-----w-	C:\PROGRA~3\Malwarebytes
2014-11-12 18:28:43	--------	d-----w-	C:\PROGRA~3\Cisco Systems
2014-11-20 14:43:12	--------	d-----w-	C:\PROGRA~3\{6CDCEBFA-D5FA-4ED0-A11F-AC1F8BD76DF2}
2014-12-02 16:07:10	--------	dc-h--w-	C:\PROGRA~3\{651038AD-E038-410A-BD90-28FB006FD850}
2014-12-05 17:11:56	--------	d-----w-	C:\PROGRA~3\HitmanPro

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [12-11-2014 15:03]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[12-11-2014 15:03]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12-11-2014 15:03]
oilkkkefbalmbfppgjmgjoefbclebkce - No path found[]
ޘ - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
oilkkkefbalmbfppgjmgjoefbclebkce - No path found[]
ޘ - No path found[]

selector is not a valid CSS selector - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Tasks (by Google) - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd
AdBlock - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Lone Tree - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip
Google Wallet - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
chromeIPass - Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Rene\AppData\Local\VirtualStore" not found

==== EOF on zo 07-12-2014 at 12:23:21,18 ======================