Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by Volkswagen on Mon 02/02/2015 at 14:26:38.23.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Chrome downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

2/2/2015 2:29:13 PM Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\VS Revo Group deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\Users\Volkswagen\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Volkswagen\AppData\Roaming\Performersoft deleted successfully
C:\Users\Volkswagen\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-701674012-1377702198-172202822-1000\Software\Microsoft\Internet Explorer\SearchScopes\{e356db0d-d1d6-4af6-9513-b881d460e240} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{252b4a29-a74e-4e27-a91f-cb89f1626a16} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{252b4a29-a74e-4e27-a91f-cb89f1626a16} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{252b4a29-a74e-4e27-a91f-cb89f1626a16} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{252b4a29-a74e-4e27-a91f-cb89f1626a16} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{252b4a29-a74e-4e27-a91f-cb89f1626a16} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{252b4a29-a74e-4e27-a91f-cb89f1626a16} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{45e2282e-9076-4a92-831f-dc89048ae5ae} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{45e2282e-9076-4a92-831f-dc89048ae5ae} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{45e2282e-9076-4a92-831f-dc89048ae5ae} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{45e2282e-9076-4a92-831f-dc89048ae5ae} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45e2282e-9076-4a92-831f-dc89048ae5ae} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45e2282e-9076-4a92-831f-dc89048ae5ae} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{68ad082a-fcc2-4838-8297-9b5ee45325b6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{68ad082a-fcc2-4838-8297-9b5ee45325b6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{68ad082a-fcc2-4838-8297-9b5ee45325b6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{68ad082a-fcc2-4838-8297-9b5ee45325b6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68ad082a-fcc2-4838-8297-9b5ee45325b6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68ad082a-fcc2-4838-8297-9b5ee45325b6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fae670f0-5118-4381-ac4c-91f1848353f6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fae670f0-5118-4381-ac4c-91f1848353f6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{fae670f0-5118-4381-ac4c-91f1848353f6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{fae670f0-5118-4381-ac4c-91f1848353f6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fae670f0-5118-4381-ac4c-91f1848353f6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fae670f0-5118-4381-ac4c-91f1848353f6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

ęTorrent  
7-Zip 9.20 (x64 edition)  
Adobe AIR  
Adobe Flash Player 15 ActiveX  
Adobe Reader XI (11.0.06)  
Adobe Shockwave Player 12.1  
Alcor Micro USB Card Reader  
AMD APP SDK Runtime  
AMD Catalyst Install Manager  
Apple Application Support  
Apple Software Update  
CCleaner  
Facebook Video Calling 3.1.0.521  
foobar2000 v1.3.1  
Google Chrome  
Google Update Helper  
Intel(R) Control Center  
Intel(R) Management Engine Components  
Java 7 Update 51  
Java 7 Update 51 (64-bit)  
Java 8 Update 31  
Java 8 Update 31 (64-bit)  
Java Auto Updater  
Malwarebytes Anti-Malware versie 2.0.4.1028  
Microsoft .NET Framework 4.5.2  
Microsoft Security Client  
Microsoft Security Essentials  
Microsoft Silverlight  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
PragmaGeneration  
Qualcomm Atheros WiFi Driver Installation  
QuickTime 7  
Ralink RT2860 Wireless LAN Card  
Realtek High Definition Audio Driver  
SkypeT 6.14  
Speccy  
swMSM  
Synaptics Pointing Device Driver  
TeamViewer 9  
VLC media player  
WinDirStat 1.1.2  

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Chrome downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{252b4a29-a74e-4e27-a91f-cb89f1626a16}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45e2282e-9076-4a92-831f-dc89048ae5ae}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68ad082a-fcc2-4838-8297-9b5ee45325b6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fae670f0-5118-4381-ac4c-91f1848353f6}] 

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{252b4a29-a74e-4e27-a91f-cb89f1626a16}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45e2282e-9076-4a92-831f-dc89048ae5ae}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68ad082a-fcc2-4838-8297-9b5ee45325b6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fae670f0-5118-4381-ac4c-91f1848353f6}] 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\FFLexibleeShoppper deleted
C:\Program Files (x86)\topebuYer deleted
C:\Program Files (x86)\deaalstero deleted
C:\Program Files (x86)\PProShopper deleted
C:\Program Files (x86)\DealsFienderPRo deleted
C:\Program Files (x86)\SaferwEb deleted
C:\Program Files (x86)\shOpnndrop deleted
C:\ProgramData\RoYalShopperAppe deleted
C:\ProgramData\gReeaatsaviingg deleted
C:\ProgramData\FlasehCoupon deleted
c:\Program Files (x86)\PragmaGeneration deleted
C:\PROGRA~3\374311380 deleted
C:\PROGRA~3\6814833979050533019 deleted
C:\PROGRA~3\5e932765bc91a09b deleted
C:\Users\Volkswagen\AppData\Roaming\appdataFr2.bin deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\SearchProtect deleted
C:\windows\SysNative\Tasks\LaunchSignup deleted
C:\windows\SysNative\drivers\SPPD.sys deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Volkswagen\Documents\Optimizer Pro deleted
C:\Users\Volkswagen\Desktop\Sync Folder.lnk deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4001 MB
CPU Info: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
CPU Speed: 2147.5 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: Standard VGA Graphics Adapter | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: Atheros AR9285 Wireless Network Adapter | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8B0AW
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  119.2GB | D:  153.9GB
Hard Disks - Free: C:  87.9GB | D:  153.1GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 08/12/11 | _ASUS_ - 6222004
Time Zone: W. Europe Standard Time
Motherboard *: ASUSTeK Computer Inc. K54L
Country: United States 
Language: ENU 

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome	40.0.2214.93
Internet Explorer Version: 11.0.9600.17501 
Google Chrome version: 40.0.2214.93
Adobe Reader version: 11.0.06.70
Sun Java version: 1.8.0_31 (32-bit) 
Sun Java version: 1.8.0_31 (64-bit) 
Shockwave Player version: 12.1.6r156

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\VOLKSW~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-01-28 21:07:12	0481346D0EF668C0D4FF69A7BBEFA846	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-01-27 19:22:09	F25284C763E728E4DAC248C211D1FC5B	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-01-27 19:22:09	BB25F69463AD8E7E51B5D9D158B5F8DF	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-01-27 19:22:09	2EADED07BDA52C1FC5A6D4E1CC5858F0	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-01-27 19:22:08	F98B3860BB47089EA8C1504F043E90E9	342200	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-01-27 19:22:08	F34F6DC38A21FCDBB50CDD1EE97B1EA3	1307136	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-01-27 19:22:08	D7A98A4CEA2E89F544065A00BF37FC10	688640	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-01-27 19:22:08	69AC6FD5B0B4DC963723E1EBDEE10A2C	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-01-27 19:22:08	2ABC5587D582ACCEA30B4CF968C2A4A5	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-01-27 19:22:08	220505B0B3E96C857DD01729AF0CD369	19749376	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-01-27 19:22:07	F0BCBD8FCDA145EED53ED66C45CC378B	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-01-27 19:22:07	DEB9476A3CD1A5819DD4504BB7C6BA66	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-01-27 19:22:07	41AFA61E061E98E97272AC02184C8C2C	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-01-27 19:22:06	EC5A3E4E21079B9D423AA0760828D678	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-01-27 19:22:06	759E2FAD5371512C6679FA346719493E	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-01-27 19:22:06	543ADCEA31CF9C2B4EEB900D4AAFD0F9	2052096	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-01-27 19:22:06	01777AB557997E98691E322225314E57	2277888	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-01-27 19:22:05	CF9D05678B02B44FBC8D8AD8C9F30D58	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-01-27 19:22:05	B59E370277EDB6643083B62297175628	12836864	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-01-27 19:22:05	35BD045804B67E78F4CAB72CB820AF7F	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-01-27 19:22:03	2E9E105037AC1274656C3D1125323352	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-01-27 19:22:02	F728E7E9937117E0F32F39840EB6D737	4299264	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-01-27 19:22:02	5E4E0E43E0A5BF9F089696DFA7A3D677	1888256	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-01-27 19:22:02	37F078B5B435AFC6BF316F2AD14B469A	501248	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-01-27 19:22:01	930F63D6BC43D4BCD937DFCECDA95F82	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-01-27 19:22:01	29CED1A4777A43526A4ED8A7B6936883	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-01-27 18:47:55	D17954CA6343F43B62637F51996B4E95	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-01-27 18:47:55	60FBCF033FF42A40C916C01A962A8802	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-01-27 18:47:55	52096F5F476733F2E2725CF346FF373B	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2015-01-27 18:47:55	20257A0BFB824B49055A6EEC29C72C03	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2015-01-27 18:47:54	FF0A6E76FAE624AC74780AB008752F98	3209728	----a-w-	C:\Windows\SysWOW64\mf.dll
2015-01-27 14:54:02	FE48346938C1CDDDF4E4097DB9B99764	52224	----a-w-	C:\Windows\SysWOW64\nlaapi.dll
2015-01-27 14:54:02	92940397DFFB4D237EA5BB22FF912BDC	156672	----a-w-	C:\Windows\SysWOW64\ncsi.dll
2015-01-27 14:53:59	E1456E7396022EBE4E5434188D1AC8B0	1230336	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2015-01-27 14:53:33	8A289EF0AE709327D6AA9769E108B5A6	3916728	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-27 14:53:33	2AF481C03C0383ADE09FFEDA0C583140	3971512	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-27 14:53:31	9606307F5E1EABA98ACB61206EFC2127	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-01-27 14:53:06	9EA3783672D21817B9DF1061B54C3B3C	155136	----a-w-	C:\Windows\SysWOW64\charmap.exe
2015-01-27 14:53:05	1DE9BD23AFA36150586C732D876D9B74	1177088	----a-w-	C:\Windows\SysWOW64\WsmSvc.dll
2015-01-27 14:53:04	B975C202F590BBC5AA63225FBD148791	198656	----a-w-	C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-27 14:53:04	B6AC69FFBAA159DD5CEED814245A286D	214016	----a-w-	C:\Windows\SysWOW64\WsmWmiPl.dll
2015-01-27 14:53:04	5D9A1A3E5824CECE65871C60E5A08A1A	145920	----a-w-	C:\Windows\SysWOW64\WsmAuto.dll
2015-01-27 14:53:04	2C28FEC61C4AC68480A99CB7AA197FA9	248832	----a-w-	C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-01-27 14:52:30	50C73E54062BA252350F3F29580E28DA	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-01-28 21:07:12	5564883BFB523D5078A5B1FE3128FD63	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-01-27 19:22:09	F987718A5CA053DC23E94A531F1754A4	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-01-27 19:22:09	D471F7A428C21DB04D810445D12D68E0	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-01-27 19:22:09	39B512C643812FC2D4843C0D4206C759	718848	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-01-27 19:22:09	0FABE2AB8CA2D5CC7C95798533B4D057	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-01-27 19:22:09	077AEB068A51B396F25BBCAB0944FC3A	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-01-27 19:22:08	9F07E8FC75C5F98A783ABFD3005EFC22	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-01-27 19:22:06	E7A2061ADF0F4D430FECDA1E8D6B7BA6	1548288	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-01-27 19:22:06	B4E481E9498CE22113628C4E9EA24427	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-01-27 19:22:06	5BF0BAA1E5EF724287565E97C9219254	389296	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-01-27 19:22:05	EBC8C9F61F4C148B8C6A28EDE80C51E4	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-01-27 19:22:05	14BA910E7731FC84EB85328BD0F1EE81	800768	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-01-27 19:22:05	0AF0AEF0BA9EF6169E61C78504DCAE55	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-01-27 19:22:04	EFBA893429814EA3244C87C2D1256618	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-01-27 19:22:04	23AE7A3B44D5C550B81347288CE3230E	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-01-27 19:22:03	982B871A25B5078093FAD82D0AB0E3FC	2885120	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-01-27 19:22:03	3FE71E2A5BD3EC652E64FC8BCEFEDD2C	2125312	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-01-27 19:22:02	DFECAE6D925FBC9078870E16F98C471F	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-01-27 19:21:57	F7CCA58B973FB5EAED8D1F12DD3E51F6	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-01-27 19:21:57	8EF01E2EF21D41A23FF70B28179F9ABE	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-01-27 19:21:57	556D271F4243B273EDA353512BF3608A	14412800	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-01-27 19:21:56	DB10D681314714E0D4623E4C0CF6654A	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-01-27 19:21:56	7AC115968B8856004920057B2271224C	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-01-27 19:21:56	021DFF3CB0ADCD19B3AAA00A650FDEE2	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-01-27 19:21:55	8D64466AD12CA5677CD0099C43C58569	6039552	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-01-27 19:21:55	4AF089160FE082E5EA5C4AA72782DCA2	2358272	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-01-27 19:21:55	1D294810D3A8A8F722E86AA001F54DCC	580096	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-01-27 19:21:54	89296EF4A3729A049DA25B7D67A04078	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-01-27 19:21:54	17A157A4225CF562202AC71DB8103177	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-01-27 19:21:53	D478A4CF07FB8ADF72FB16B88E8030B8	25059840	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-01-27 18:47:55	AB2EB93A982A2C26BA3E4D2D65328804	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2015-01-27 18:47:55	68E09E7CD4DC52F132A4B492ACE8C243	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2015-01-27 18:47:55	63578DB847FCC40883CB8F303E785D46	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2015-01-27 18:47:54	9797A23F773C0782A0D91BEC44054166	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2015-01-27 18:47:54	6E1DDE0E72FB8268F42F6777CE4C5036	4121600	----a-w-	C:\Windows\Sysnative\mf.dll
2015-01-27 14:54:26	5B9954AE9FD4682DADD5EBC0301366B0	52736	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2015-01-27 14:54:25	F0356290BA3940F31AFF5566501495F7	192000	----a-w-	C:\Windows\Sysnative\aepic.dll
2015-01-27 14:54:25	D257AF48934D2167BE15AA4008176381	1083392	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-01-27 14:54:25	985558125FEEC89AB4AD142158B066D7	830976	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-01-27 14:54:25	8E64BB62AB3810D3C29ED50C405AD3BD	1232040	----a-w-	C:\Windows\Sysnative\aitstatic.exe
2015-01-27 14:54:24	E00981CF227CEEBE7B5A8D99C76D1116	741376	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-01-27 14:54:24	DAF13A81A5FC895D68B1D9A72F65F4CB	413184	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-01-27 14:54:24	4253086737D81D7C9C160FDE6C037F44	396800	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-01-27 14:54:23	5CD6E919CE938A98AB25A2EA2C8C4EDA	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
2015-01-27 14:54:03	B6A58491307B4CADA572583D863DC602	210432	----a-w-	C:\Windows\Sysnative\profsvc.dll
2015-01-27 14:54:02	8B301D474B478E9A92823BAB50A7BC49	303616	----a-w-	C:\Windows\Sysnative\nlasvc.dll
2015-01-27 14:54:00	A9A0BFD706B3A24C403EEFEB0790D011	1424384	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2015-01-27 14:53:35	0A70B8D78AF95894E221DDAC6482DF6D	5553592	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-01-27 14:53:31	F4846789B3795F14DCB7D92ED1DAF74F	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-01-27 14:53:31	DE595EACC79006E7B15B848BF0831E78	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-01-27 14:53:31	BA6D609BAB615991E8791CA1DFFD034C	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-01-27 14:53:06	36E5E9D0400475230A7F57F274B88321	165888	----a-w-	C:\Windows\Sysnative\charmap.exe
2015-01-27 14:53:05	D929ABD465A2DED963DA8B30946A8D5C	2020352	----a-w-	C:\Windows\Sysnative\WsmSvc.dll
2015-01-27 14:53:04	FDEB5EE2E4DB9DE9251DDAF6A5BCA070	346624	----a-w-	C:\Windows\Sysnative\WSManMigrationPlugin.dll
2015-01-27 14:53:04	9B44CABE3536D0E3BF627176318AAFC9	181248	----a-w-	C:\Windows\Sysnative\WsmAuto.dll
2015-01-27 14:53:04	5C642B7B0365305451D579F3EFAD57D4	310272	----a-w-	C:\Windows\Sysnative\WsmWmiPl.dll
2015-01-27 14:53:04	41457C1909F6D1100C0F9B9CFF7960FC	266240	----a-w-	C:\Windows\Sysnative\WSManHTTPConfig.exe
2015-01-27 14:52:30	A026998E927FD2095505154CBD72F35B	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
====== C:\Windows\Sysnative\drivers =====
2015-01-27 16:19:14	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-01-27 16:18:03	A646C2DDB8C46E9B20A326FAF566646C	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-01-27 16:18:03	478CC94C937D235CB0A96AB8F2359D81	93400	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-01-27 14:54:01	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2015-01-27 14:53:58	70988118145F5F10EF24720B97F35F65	119296	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
====== C:\Windows\Tasks ======
2015-01-29 01:40:23	--------	d-----w-	C:\Windows\Sysnative\Tasks\Apple
2015-01-27 14:48:33	6A7457E3886303F023C507EE969D3253	3512	----a-w-	C:\Windows\Sysnative\Tasks\avaxvyvax
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-02 03:07:44	--------	d-----w-	C:\Program Files\Speccy
2015-02-02 03:03:06	--------	d-----w-	C:\Program Files\trend micro
2015-01-29 01:35:35	--------	d-----w-	C:\Program Files\Microsoft Silverlight
======= C:\PROGRA~2 =====
2015-01-29 01:40:31	--------	d-----w-	C:\PROGRA~2\QuickTime
2015-01-29 01:40:22	--------	d-----w-	C:\PROGRA~2\Apple Software Update
2015-01-29 01:40:05	--------	d-----w-	C:\PROGRA~2\COMMON~1\Apple
2015-01-29 01:39:44	--------	d-----w-	C:\PROGRA~2\VideoLAN
2015-01-29 01:39:38	--------	d-----w-	C:\PROGRA~2\WinDirStat
2015-01-29 01:38:03	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-01-29 01:36:58	--------	d-----w-	C:\PROGRA~2\COMMON~1\Adobe AIR
2015-01-29 01:35:35	--------	d-----w-	C:\PROGRA~2\Microsoft Silverlight
2015-01-27 17:00:37	--------	d-----w-	C:\PROGRA~2\ActiveMail
======= C: =====
====== C:\Users\Volkswagen\AppData\Roaming ======
2015-02-02 03:07:58	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2015-02-01 21:16:57	--------	d-----w-	C:\Users\Volkswagen\AppData\Roaming\Apple Computer
2015-01-29 01:40:25	--------	d-----w-	C:\Users\Volkswagen\AppData\Locallow\Apple Computer
2015-01-29 01:40:23	--------	d-----w-	C:\Users\Volkswagen\AppData\Local\Apple
2015-01-29 01:39:39	--------	d-----w-	C:\Users\Volkswagen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2015-01-29 01:37:54	--------	d-----w-	C:\Users\Volkswagen\AppData\Locallow\Oracle
2015-01-27 14:48:22	--------	d-----w-	C:\Users\Volkswagen\AppData\Local\avaxvyvax
2015-01-27 14:47:47	C758A90CB0644449F2CBA04CCC5F2F9A	58016	----a-w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
====== C:\Users\Volkswagen ======
2015-02-02 03:07:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-01-29 01:40:43	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-29 01:40:31	--------	d-----w-	C:\ProgramData\Apple Computer
2015-01-29 01:40:05	--------	d-----w-	C:\ProgramData\Apple
2015-01-29 01:39:57	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-01-29 01:39:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2015-01-29 01:37:26	--------	d-----w-	C:\ProgramData\Oracle
2015-01-29 01:36:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-01-27 15:27:01	--------	d-----w-	C:\ProgramData\6814833979050533019UL

====== C: exe-files ==
2015-02-02 03:03:06	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Volkswagen.exe
2015-01-29 01:39:58	52437302E4A48A6915AFE987423A1587	275217	----a-w-	C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
2015-01-29 01:39:38	A127E6118B9DD2F9D5A7CC4D697A0105	47846	----a-w-	C:\Program Files (x86)\WinDirStat\Uninstall.exe
2015-01-29 01:39:36	E9152207FA10BBF2D76F15AD2AB43F06	88537	----a-w-	C:\Windows\SysWOW64\Adobe\Shockwave 12\uninstaller.exe
2015-01-29 01:38:47	FA78A9BBAF7352401B7F982464160448	16808	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\rmiregistry.exe
2015-01-29 01:38:47	CB836597AE26F0D031CF7A0C934EC218	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\pack200.exe
2015-01-29 01:38:47	B9BAB51EDBBF27E480A07F904124F810	197544	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\unpack200.exe
2015-01-29 01:38:47	B53F3B97AA13A200F8DB5BFA2684F953	16808	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\servertool.exe
2015-01-29 01:38:47	B4614F21174A2F1DAA5394062885C8E5	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\ktab.exe
2015-01-29 01:38:47	886C21FEA39553EA786355C58379AB75	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\tnameserv.exe
2015-01-29 01:38:47	713DBD861EC396B286A1970A4F0F6951	16808	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\policytool.exe
2015-01-29 01:38:47	5657E104B156F043BC002C3EDC1C79E4	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\orbd.exe
2015-01-29 01:38:47	4AE110AC85558EF04CB3677754A98427	66472	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\ssvagent.exe
2015-01-29 01:38:47	3B65C09A8A823334CE0EB9AA3F9BDFE5	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\rmid.exe
2015-01-29 01:38:46	F37694550A132DB95F52A14D65C3BF7D	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\kinit.exe
2015-01-29 01:38:46	C7FDEF85040A4602C3547E4C5B700CF9	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\keytool.exe
2015-01-29 01:38:46	0F19A5EE1E440C0F05554FA3A48EF000	100264	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jp2launcher.exe
2015-01-29 01:38:46	06CE06172AA1185E701647429A9C18C9	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jjs.exe
2015-01-29 01:38:46	03597BDF891C9FDB3A4F1C2DA591A4C4	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\klist.exe
2015-01-29 01:38:45	F951A8D249C943E7ECDF66D2FE16CDCD	191400	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe
2015-01-29 01:38:45	F40410CE27DE0823A93B2BD4BFE4F3F6	319912	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javaws.exe
2015-01-29 01:38:45	F1D678998EDEAE9DF3300E6521A119F2	77224	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe
2015-01-29 01:38:45	6E23278A38DCB78C29B19386B1D509DC	34216	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jabswitch.exe
2015-01-29 01:38:45	12B174AA182C0C98ACAE637EEA9C52A0	190888	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\java.exe
2015-01-29 01:38:45	1125B37F1D6BAF143AF129831B06D1BD	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\java-rmi.exe
2015-01-29 01:37:41	F951A8D249C943E7ECDF66D2FE16CDCD	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-01-29 01:37:41	F40410CE27DE0823A93B2BD4BFE4F3F6	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-01-29 01:37:41	12B174AA182C0C98ACAE637EEA9C52A0	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-01-29 01:37:34	F9D744CD9BC58F287F8FA59D32508EDD	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe
2015-01-29 01:37:34	DBB5C8AE19ACFA2857CFB90C7305AC56	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe
2015-01-29 01:37:34	CDB1FE0DCF2ADB755EBF65C8AEBBC871	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe
2015-01-29 01:37:34	8B6DF9CD28359C5E819446FD79CE3948	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe
2015-01-29 01:37:34	7479DA0BED071427A3F0017AC51CC27B	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe
2015-01-29 01:37:34	5F7C51E0DCA813D647F14FC12AE675F2	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe
2015-01-29 01:37:34	577F5DCBA4DE4C345631873670F84E79	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe
2015-01-29 01:37:34	39685FC75B6FB2144E793595F1AB111D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe
2015-01-29 01:37:34	0FB2ACAC796B166F6486B593B604A3FF	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe
2015-01-29 01:37:33	F5EA785B2BCC08DC28CBC2D96E05F2C1	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe
2015-01-29 01:37:33	DA34E76DE9CD93471F24E7BD43139958	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe
2015-01-29 01:37:33	B0D46640968F989830413EB88F43E0D0	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe
2015-01-29 01:37:33	AF82EA1498FEC5C49B8A1AE5AA0A5F6C	77224	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe
2015-01-29 01:37:33	A8884FB8246655C84F110E77DF5E1B4A	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe
2015-01-29 01:37:33	90C02BD6D01BBC1C620323F9E330E89C	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe
2015-01-29 01:37:33	69BD74EE834B5629226BF89468B8020B	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe
2015-01-29 01:37:33	52C8B9FD016E6317FDB151296FF90877	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe
2015-01-29 01:37:33	3E72E1AB196855916E2065C604674631	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe
2015-01-29 01:37:33	2F77C9862B1A2401278C4A5B932DA69D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe
2015-01-29 01:37:32	DF1C8EDDAF14D2960A06A9DF7B2D0A89	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe
2015-01-29 01:37:32	063A1044A451660B159426B9C5E75957	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe
2015-01-29 01:36:52	F1546E6359715C3A87273760A935BE8D	54432	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2015-01-29 01:36:52	F1546E6359715C3A87273760A935BE8D	54432	----a-w-	C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
2015-01-29 01:36:52	99F744C8DF9AFF058D45E2870EC6C6D7	96768	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2015-01-29 01:36:52	32146D6C26CD993F72F298E26DA1B75D	59392	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2015-01-29 01:36:52	1DEF6E8D8BCDB1CF4C9597C414281A38	130208	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2015-01-29 01:35:01	E839BB31789D4FCF75A834B506842F64	41168464	----atw-	C:\Program Files (x86)\Google\Update\Install\{2013C4EE-45CA-4AE7-8E28-D4B272F75740}\chrome_installer.exe
2015-01-29 01:34:59	E839BB31789D4FCF75A834B506842F64	41168464	----atw-	C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\40.0.2214.93\chrome_installer.exe
2015-01-28 21:07:12	5564883BFB523D5078A5B1FE3128FD63	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-01-28 21:07:12	0481346D0EF668C0D4FF69A7BBEFA846	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-01-27 19:22:09	A8A8FD02E3A9264A603892DE1F522166	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-01-27 19:22:09	39B512C643812FC2D4843C0D4206C759	718848	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-01-27 19:22:09	0FABE2AB8CA2D5CC7C95798533B4D057	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-01-27 19:22:06	B7BCC767AC0E76384BCDC292184DD8C8	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-01-27 19:22:06	A24BFBAE8B50A6780B68FF3673FAB52F	815280	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-01-27 19:22:06	43CE0C99DBC0F96DB2B7259B0BE0930E	468992	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-01-27 19:22:05	EBC8C9F61F4C148B8C6A28EDE80C51E4	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-01-27 19:22:03	C3D17F3199D39A2AB85956A63731F188	484352	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-01-27 19:22:03	2A9DA9E7462EBA3F6D2036E8D18FF773	813744	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-01-27 18:47:55	D17954CA6343F43B62637F51996B4E95	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-01-27 18:47:55	AB2EB93A982A2C26BA3E4D2D65328804	24576	----a-w-	C:\Windows\System32\mfpmp.exe
2015-01-27 18:47:55	68E09E7CD4DC52F132A4B492ACE8C243	55808	----a-w-	C:\Windows\System32\rrinstaller.exe
2015-01-27 18:47:55	60FBCF033FF42A40C916C01A962A8802	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-01-27 14:54:26	5B9954AE9FD4682DADD5EBC0301366B0	52736	----a-w-	C:\Windows\System32\TSWbPrxy.exe
2015-01-27 14:54:25	8E64BB62AB3810D3C29ED50C405AD3BD	1232040	----a-w-	C:\Windows\System32\aitstatic.exe
2015-01-27 14:54:25	65536EB5F53B76562BBE0DE332A8BA3C	66216	----a-w-	C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-01-27 14:54:23	CCEE34CF7D700825AD839FAB298A0129	46760	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2015-01-27 14:54:23	A192555B09BD2A45940D7E449F311AF6	161960	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2015-01-27 14:53:35	0A70B8D78AF95894E221DDAC6482DF6D	5553592	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-01-27 14:53:33	8A289EF0AE709327D6AA9769E108B5A6	3916728	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-27 14:53:33	2AF481C03C0383ADE09FFEDA0C583140	3971512	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-27 14:53:31	DE595EACC79006E7B15B848BF0831E78	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-01-27 14:53:06	9EA3783672D21817B9DF1061B54C3B3C	155136	----a-w-	C:\Windows\SysWOW64\charmap.exe
2015-01-27 14:53:06	36E5E9D0400475230A7F57F274B88321	165888	----a-w-	C:\Windows\System32\charmap.exe
2015-01-27 14:53:04	B975C202F590BBC5AA63225FBD148791	198656	----a-w-	C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-01-27 14:53:04	41457C1909F6D1100C0F9B9CFF7960FC	266240	----a-w-	C:\Windows\System32\WSManHTTPConfig.exe
2015-01-27 14:52:30	BE8F985609BE0809B7E29960AC997511	49664	----a-w-	C:\Windows\servicing\GC64\tzupd.exe
=== C: other files ==
2015-01-29 01:38:47	CE38122121C784E6380EF424637DBC3F	14130	----a-w-	C:\Program Files\Java\jre1.8.0_31\lib\deploy\ffjcext.zip
2015-01-29 01:37:34	3315140254247E248C3531F159C79109	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip
2015-01-27 16:19:14	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-01-27 16:18:03	A646C2DDB8C46E9B20A326FAF566646C	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-01-27 16:18:03	478CC94C937D235CB0A96AB8F2359D81	93400	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-01-27 14:54:01	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\System32\drivers\mrxdav.sys
2015-01-27 14:53:58	70988118145F5F10EF24720B97F35F65	119296	----a-w-	C:\Windows\System32\drivers\tdx.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-701674012-1377702198-172202822-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 "
"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AmIcoSinglun64"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Volkswagen\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Optimizer Pro]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Optimizer Pro"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Optimizer Pro\\OptProLauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SonicMasterTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SonicMasterTray"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\Sonic Focus\\SonicFocusTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="%ProgramFiles%\\Synaptics\\SynTP\\SynTPEnh.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Volkswagen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
"path"="C:\\Users\\Volkswagen\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MyPC Backup.lnk"
"backup"="C:\\Windows\\pss\\MyPC Backup.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\MYPCBA~1\\MYPCBA~1.EXE "
"item"="MyPC Backup"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-701674012-1377702198-172202822-1000Core.job --a------ C:\Users\Volkswagen\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/08/2014 08:26 PM]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-701674012-1377702198-172202822-1000UA.job --a------ C:\Users\Volkswagen\AppData\Local\Facebook\Update\FacebookUpdate.exe [07/08/2014 08:26 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/08/2014 01:45 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/08/2014 01:45 AM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\avaxvyvax" [C:\Users\Volkswagen\AppData\Local\avaxvyvax\avaxvyvax.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-701674012-1377702198-172202822-1000Core" [C:\Users\Volkswagen\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-701674012-1377702198-172202822-1000UA" [C:\Users\Volkswagen\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Chromium Look ======================

Google Docs - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
DealsFienderPRo - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklhnlbmocplcanelmoakmdakgloehnm
YouTube - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Carbon Footprint for Google Maps - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednfpjleaanokkjcgljbmamhlbkddcgh
Google Wallet - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
surfkeepit - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmmipdcopbpilkhofehjnnnfgplbkmo
Gmail - Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully
C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully
C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklhnlbmocplcanelmoakmdakgloehnm deleted successfully
C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednfpjleaanokkjcgljbmamhlbkddcgh deleted successfully
C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ednfpjleaanokkjcgljbmamhlbkddcgh_0.localstorage deleted successfully
C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ednfpjleaanokkjcgljbmamhlbkddcgh deleted successfully
C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Extensions\okmmipdcopbpilkhofehjnnnfgplbkmo deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSSE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSSE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{80c554b9-c7f8-4a21-9471-06d606da78a2}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{80c554b9-c7f8-4a21-9471-06d606da78a2} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE"

==== Reset Google Chrome ======================

C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Volkswagen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Volkswagen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Volkswagen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=99 folders=32 12434688 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Volkswagen\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\VOLKSW~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Mon 02/02/2015 at 15:28:58.05 ======================