
Zoek.exe v5.0.0.0 Updated 21-March-2015
Tool run by Louise on za 21-03-2015 at 20:40:32,30.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Louise\Downloads\zoek (5).exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-07-20-181751.log	22390 bytes
C:\zoek-results2014-08-09-164348.log	6636 bytes
C:\zoek-results2015-02-07-163146.log	29110 bytes
C:\zoek-results2015-02-08-154105.log	30612 bytes
C:\zoek-results2015-02-09-195351.log	37487 bytes
C:\zoek-results2015-02-10-195613.log	34581 bytes
C:\zoek-results2015-03-19-211356.log	952 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50a6bc53-19e5-4bae-9289-71033846422b}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23882d2c-dc1a-4f7e-83ba-58d0ddf26e8c}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50a6bc53-19e5-4bae-9289-71033846422b}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{911ee4c8-4b68-4cf4-aa46-fbca4f30dfe3}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ca27b8d-ef7f-4905-8b67-f8a6435181f0}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\RRandomPirIcE not found
C:\Program Files (x86)\YouttubeiAdBBlockEa not found
C:\ProgramData\DDIgaiiSaaver not found
C:\Program Files (x86)\uinisaless not found
C:\Program Files (x86)\GreeatSave4U not found
C:\Program Files (x86)\WasteNoTime not found
C:\ProgramData\hnhhpfpodacpcjgnlpeincobanlepfec not found
C:\Users\Louise\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Martijn\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Martijn\AppData\Roaming\Hotspot Shield deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\Hotspot Shield deleted
"C:\PROGRA~2\Hotspot Shield\bin\af_proxy.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\hsswd.exe" deleted
"C:\PROGRA~2\Hotspot Shield\bin\zlib1.dll" deleted
"C:\PROGRA~2\Hotspot Shield" not deleted
"C:\PROGRA~3\Hotspot Shield" not deleted
"C:\PROGRA~2\Hotspot Shield\bin" not deleted
"C:\PROGRA~2\Hotspot Shield\hsswd" not deleted
"C:\PROGRA~2\Hotspot Shield\hsswd\default" not deleted
"C:\PROGRA~3\Hotspot Shield\config" not deleted
"C:\PROGRA~3\Hotspot Shield\config\hsswd" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-03-14 12:01:31	F9F4905664C5B42B49E78EFA12D1A6B6	20	----a-w-	C:\Windows\Аў-
====== C:\Users\Louise\AppData\Local\Temp ====
2015-03-21 19:37:07	12C0789B30AD2425D9F5B63FFFAAEEA6	43008	-c--a-w-	C:\Users\Louise\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplbd4sf.dll
2015-03-19 19:07:11	1AFB9CB6DEC273DEE36F68C8648C088E	45209696	----a-w-	C:\Users\Martijn\AppData\Local\temp\SkypeSetup.exe
2015-03-15 09:35:06	E0DC8C6BBC787B972A9A468648DBFD85	1008128	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\libiconv2.dll
2015-03-15 09:35:06	D202BAA425176287017FFE1FB5D1B77C	103424	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\libintl3.dll
2015-03-15 09:35:06	57CAC848FA14AE38F14F9441F8933282	140288	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\pcre3.dll
2015-03-15 09:35:06	547C43567AB8C08EB30F6C6BACB479A3	79360	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\regex2.dll
2015-03-14 19:23:43	A210F1AC135E5331C314CE5F394FB5A5	413276	----a-w-	C:\Users\Martijn\AppData\Local\temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
2015-03-14 12:26:32	6668DF06D75689D58B49478D471445AE	1093008	----a-w-	C:\Users\Martijn\AppData\Local\temp\b722343f-0171-4baf-ab24-1db27f1a6c58\setiCollect.exe
====== Java Cache =====
2015-02-22 16:53:26	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Louise\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-651ffb37
2015-03-12 18:06:47	D71BB701EECB34878D1F9AAB3CFBA72A	414	----a-w-	C:\Users\Martijn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1d48b60d-a79328e6a4ce2caf3fc4644a56c3ba2fd7f600680259a69c7483689bbef6fe12-6.0.lap
2015-03-12 18:06:54	7EC54FCCC3FC292F0C807D0EDE6866CB	839425	----a-w-	C:\Users\Martijn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\27802a13-6eca5a27
2015-03-12 18:26:14	AA058454DC40F9EB1925371AC53BAD8B	494	----a-w-	C:\Users\Martijn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\45f33470-144e8556
2015-03-12 19:08:20	AA058454DC40F9EB1925371AC53BAD8B	494	----a-w-	C:\Users\Martijn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\45f33470-26d33d88
2015-03-12 18:13:03	AA058454DC40F9EB1925371AC53BAD8B	494	----a-w-	C:\Users\Martijn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\45f33470-4c4429e5
2015-03-12 18:06:52	AA058454DC40F9EB1925371AC53BAD8B	494	----a-w-	C:\Users\Martijn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\45f33470-58e3f520
2015-03-12 18:15:47	AA058454DC40F9EB1925371AC53BAD8B	494	----a-w-	C:\Users\Martijn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\45f33470-6bee05ac
====== C:\Windows\SysWOW64 =====
2015-03-11 18:03:50	ABB358777FDF4AF51B2FE26137D2B8D4	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-03-11 18:03:50	965D6A2B30A95A9F7EF13653988D3D9F	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-03-11 18:03:50	55273844B66D77A2F1A2213C17A9EA4A	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-03-11 18:03:50	274F0540FD4C88FC845C94CA1569688A	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-03-11 18:03:50	01D9C9A70323BC7E5835B92442DD7EC2	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-03-11 18:03:35	B378B6A865C28CE5C1E23C35760A1199	11411968	----a-w-	C:\Windows\SysWOW64\wmp.dll
2015-03-11 18:03:35	5B0C6247027FCF5A2E2F150E298D2FFA	3209728	----a-w-	C:\Windows\SysWOW64\mf.dll
2015-03-11 18:03:33	74264B7F57A16D25CB581C07964D324A	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-03-11 18:03:32	6C2D4DC5D2E271F4AE4016FD4587B0B2	3973048	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-11 18:03:31	2CFE69A0A8AFDA8DB9A773D728000BB7	3917760	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-11 18:03:28	96DB6A923DEDB58FC7CBBF5CFF73314D	1329664	----a-w-	C:\Windows\SysWOW64\quartz.dll
2015-03-11 18:03:27	DCC148408770F2D55B201F8FC26438A1	988160	----a-w-	C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 18:03:27	B7D2BB84C590F0AE9DA51DBB065A780E	1005056	----a-w-	C:\Windows\SysWOW64\cryptui.dll
2015-03-11 18:03:27	98C1191C862B44567FCF3C18BAEE859E	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2015-03-11 18:03:27	003C51B9FE38287BA4E0E58D3AE080BD	744960	----a-w-	C:\Windows\SysWOW64\blackbox.dll
2015-03-11 18:03:26	D5EC42139D6A6158CF188975C50B6A60	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-03-11 18:03:26	3BAA4BAE71460C5CEB40D5E9339A61BC	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 18:03:25	C5667EE72D7364BE81516C0707FEF724	354816	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2015-03-11 18:03:25	BB73C907D1BD437B6C30F2C23BB089FC	406016	----a-w-	C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 18:03:25	833FCABCB5D95B1911BA6E62FC82AC04	617984	----a-w-	C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 18:03:25	2D4814D567E5A85C473228BA772A7AFB	489984	----a-w-	C:\Windows\SysWOW64\evr.dll
2015-03-11 18:03:24	49474B3E37969AF4B5C076F42B623AFF	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 18:03:24	320A8699369C43CF53B2DB4538D17C52	504320	----a-w-	C:\Windows\SysWOW64\msscp.dll
2015-03-11 18:03:22	70E96EBE87A38857619671FCB9C8EC7B	265216	----a-w-	C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 18:03:22	2D21189858856316D55EAD55DF4964C2	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 18:03:22	08FF727297A97907AADED4BA86CF44E9	50176	----a-w-	C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 18:03:21	E0AB9CA912398BE1AAD14FF7AD75C397	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2015-03-11 18:03:21	AF47EAA4ADDA9AA221FB7647EE22BF53	103424	----a-w-	C:\Windows\SysWOW64\mfps.dll
2015-03-11 18:03:21	A56F4029FDCF4F817E78953CDA953E28	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 18:03:20	B54FD1991E659FD61EF1D34EC27AAECD	81408	----a-w-	C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 18:03:20	A4A2EFB40015B76467F09E6DC388BC26	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-03-11 18:03:20	50B8937A81360D16A5C772302BD32CFE	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 18:03:20	49F4EE8DF752CFA159B99046CD1FDD2B	23040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 18:03:19	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 18:03:19	D3916F83AC8F2314262387A2E16C6578	4096	----a-w-	C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 18:03:19	8B07DBA0D77346545C6359AC67DCB980	8192	----a-w-	C:\Windows\SysWOW64\spwmp.dll
2015-03-11 18:03:18	FCD5137A10C8943B34C9BE891C50159F	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-03-11 18:03:18	7C1CADCA0E674212412559B0EAD0919A	12625408	----a-w-	C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 18:03:17	2F3CE58D8C276570EEB69C99CFBAFD58	2048	----a-w-	C:\Windows\SysWOW64\mferror.dll
2015-03-11 18:01:27	B804EAA9E037580F96C22537C2ECB62A	171520	----a-w-	C:\Windows\SysWOW64\ubpm.dll
2015-03-11 18:01:26	340EECB781E6C06A6171B3068DA208AD	12875264	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-03-11 18:01:17	D5063B86DC3F85B93D02AF68099F4C9A	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-03-11 18:01:17	C7D334A01C66BF07B92D04CD7A981B7F	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-03-11 18:01:17	B06A4105DD22E91A1D922D7310803140	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-03-11 18:01:17	84974782ED5D108DA2EFAF3C6534A760	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-03-11 18:01:17	7A71DA6D6F75AB73475128F787DD8EAD	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-03-11 18:01:17	69925A266D265DAD96C6FCBB861FA5CD	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-03-11 18:01:17	5E76C26CAE2810EA71C161ED9A2CF0D1	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-03-11 18:01:17	4E15E2D20AE755FDEACD96F359F732DB	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-03-11 18:01:17	30F5B3E28636009A0B194057AAE4392A	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-03-11 18:01:17	04934912B1317F2F8816208067A32B96	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-03-11 18:01:16	ACD0CA819E279E1C17BE5C8A077EF448	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-03-11 18:01:16	7407DDA27838C393DE67A0BDCDD044D0	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-03-11 18:01:16	0485899A035E02C53014C0545D912405	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-03-11 18:00:51	84B460BB65567ED42DD605FA044DB370	828928	----a-w-	C:\Windows\SysWOW64\msctf.dll
2015-03-11 18:00:49	5F3628DCF926C4499BE1DC74431DFBC8	1230848	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 18:00:45	FDF0B4DC83627A859D18EE439B8E5A26	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-11 18:00:45	B8445B89D0EA5C2575C98EA7BD180C5C	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-03-11 18:00:45	6108ED659B5962DE73DACB3B04D86ED3	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 18:00:45	00F39165D6D14302618C20CDD7BB213A	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 18:00:44	B35C35C55FED3DD7F995C77F63CBC29B	1311232	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-03-11 18:00:44	8FDE1162C9DCF7B180AA702DD9EB6071	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 18:00:44	29EDBC5C381F1406A5262351E69BC87A	342696	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-03-11 18:00:43	AD1BA932AC31D2BC8C9105DA59BEA6BE	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 18:00:43	AD13E719AE506AA0E0BB5D49E0D5B44A	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 18:00:43	95CB6079B3E62D4301958023C2070A48	19720192	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-03-11 18:00:42	BD838E2129623E8311720AA86C5DFBBF	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-03-11 18:00:42	A41C85FDB2275FA9AAA821A118807FDB	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 18:00:42	A34897A1A39316BDECCA3E61986F98F2	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 18:00:42	08B30EB9751858C1C369E8775492D732	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-03-11 18:00:41	F5F730ED126DCFBEBDB9BB629BD482C4	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-03-11 18:00:41	E868396BC5F8957A9E39BD9A28EA814D	12827648	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-03-11 18:00:41	BA10D970EB39913357B224F4473D535B	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-03-11 18:00:41	AC35DA94A14679E8E515A44A8CF90804	478208	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-03-11 18:00:41	988AB676FBF4484508BA134CAAB711EB	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-03-11 18:00:41	756B4F77945C61ADBE68150D7D2EC7A6	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-03-11 18:00:41	52B4DECDC70B8758380D37EA2CDD4254	2278400	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-03-11 18:00:39	02C0770DA3BE9231EFAF7185EE51020C	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-11 18:00:38	FC5FE9F2D140435FC95CB3EF6724EF0A	4300288	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-03-11 18:00:38	EA6EA6912F27F05C61D8D747517EB47E	1888256	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-03-11 18:00:38	BC9CE46C3F05CCC40F8F1EFC7E4B41C7	503296	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-03-11 18:00:38	B0B83B31853E15C619FDB91B64F8349A	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-03-11 18:00:10	9566C8BBD2271A7962D4432A624762AD	417792	----a-w-	C:\Windows\SysWOW64\WMPhoto.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-11 18:03:51	1307814243F21EB129852D59B5AB37FB	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-03-11 18:03:50	F351B0E520502552734BE70AA5940784	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-03-11 18:03:50	DB0BD8B8D68D8211CA23FBE52DACE549	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-03-11 18:03:50	85D3E918658C2766780F7DEE5F8FBE57	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-03-11 18:03:50	39A108604F51821F6F4E2001E9A1CB60	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-03-11 18:03:35	FDA5F186596288F0B9ECE9DC7A5AA868	5554104	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-03-11 18:03:34	3FECBED0EACABD22E024EF4E50CF987B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-03-11 18:03:31	6AEEC5677AD522786CED371A7BEE620C	616360	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-03-11 18:03:30	29143C7827F9F2AC543E792A8C63FBB0	4121600	----a-w-	C:\Windows\Sysnative\mf.dll
2015-03-11 18:03:29	BD311BB00DD0D656C091AC8888C2369D	14632960	----a-w-	C:\Windows\Sysnative\wmp.dll
2015-03-11 18:03:28	DF6104DCED89E13A78BA5539CEF5100A	1202176	----a-w-	C:\Windows\Sysnative\drmv2clt.dll
2015-03-11 18:03:28	8DFDB70E3E56C2F1AE09CB3C03E266E5	1574400	----a-w-	C:\Windows\Sysnative\quartz.dll
2015-03-11 18:03:27	F88B4A9EA1A956F09D5001D08B546228	641024	----a-w-	C:\Windows\Sysnative\msscp.dll
2015-03-11 18:03:27	B7E752FFD95DC61FCB7A6E70E37175E5	693176	----a-w-	C:\Windows\Sysnative\winload.efi
2015-03-11 18:03:27	7A4064169FBA91F39DB1FDC094A18DA8	619056	----a-w-	C:\Windows\Sysnative\winload.exe
2015-03-11 18:03:27	410F6B1BE785F3630B4782F8E3D85A24	1069056	----a-w-	C:\Windows\Sysnative\cryptui.dll
2015-03-11 18:03:26	DB2D62AA2DF6B1F3D690A9EC9701AA2C	188416	----a-w-	C:\Windows\Sysnative\pcasvc.dll
2015-03-11 18:03:26	A53A63831185FF5339E76221BE45E6B9	842240	----a-w-	C:\Windows\Sysnative\blackbox.dll
2015-03-11 18:03:26	93C7D1C3941086162B433107D9E8BCE3	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-03-11 18:03:26	7F4D59E70DD6E757E96B40570B498D5C	782848	----a-w-	C:\Windows\Sysnative\wmdrmsdk.dll
2015-03-11 18:03:26	6968D02DC38757C3FBE7ED7C2F9670AA	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-03-11 18:03:26	577D0B947B49DB83E2054FA169B2ECBF	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-03-11 18:03:26	483221CC1AAC288368292899E32B6B9B	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-03-11 18:03:26	1BE9877B199184D7657BC4CFCB7B4A99	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-03-11 18:03:25	B2F02AB28864B6D5B5B9BEDA565D41BB	497664	----a-w-	C:\Windows\Sysnative\drmmgrtn.dll
2015-03-11 18:03:25	7BC64DEEFD0E6812E21DE89F0CF50A49	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2015-03-11 18:03:25	5FFEE6CA63E27CBA1F32002743E58F3C	631808	----a-w-	C:\Windows\Sysnative\evr.dll
2015-03-11 18:03:25	0BC72EA80234382701EAFC1BE0ECD7E4	432128	----a-w-	C:\Windows\Sysnative\mfplat.dll
2015-03-11 18:03:24	C0AE7ABD87254B2789C8CB34AF274A65	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2015-03-11 18:03:24	AE66D26930CA536706078537CB5AC840	325632	----a-w-	C:\Windows\Sysnative\msnetobj.dll
2015-03-11 18:03:24	6E974F1C384615DEB0710E44F4847351	126464	----a-w-	C:\Windows\Sysnative\audiodg.exe
2015-03-11 18:03:24	3029D8E78E4BF18A0551E22CD4CB892C	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
2015-03-11 18:03:24	1CD76A83B9E8E9A5A3519B39E28354D9	187904	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-03-11 18:03:22	CBE684883A45E5B047DA6B4AC46C2112	55808	----a-w-	C:\Windows\Sysnative\rrinstaller.exe
2015-03-11 18:03:22	3A7BC2DC99D3C5B172465E890B3C3B14	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2015-03-11 18:03:22	27793FE3FF2D0123896D1A01A2D222C7	37376	----a-w-	C:\Windows\Sysnative\pcadm.dll
2015-03-11 18:03:21	947938F265D7CB99653CDFF2B3C0468D	206848	----a-w-	C:\Windows\Sysnative\mfps.dll
2015-03-11 18:03:21	63D3C30B497347495B8EA78A38188969	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-03-11 18:03:20	ED6BF1E1C4F40F600DFEC0CB101A1789	9728	----a-w-	C:\Windows\Sysnative\pcalua.exe
2015-03-11 18:03:20	C4937B9D6EF4D309A60054D4D00EE9DB	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2015-03-11 18:03:20	BE7DA70C9F4A97CCA9ED78B70BCFC9AC	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-03-11 18:03:20	A84C94CF795E08BBB99E4E145F9E81A3	11264	----a-w-	C:\Windows\Sysnative\pcawrk.exe
2015-03-11 18:03:20	94BC902494AFC9F5EBC5FBB61445D73F	82432	----a-w-	C:\Windows\Sysnative\cryptsp.dll
2015-03-11 18:03:20	84DB8EB3C184BB549ED90A842020F278	58880	----a-w-	C:\Windows\Sysnative\appidapi.dll
2015-03-11 18:03:20	72D4757510FDA69D729169C00AFC211E	32256	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2015-03-11 18:03:20	589852B65C91F574E980ABDB8205080A	146944	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2015-03-11 18:03:20	56FD1BC602EE0E7949F92EE2EE327B72	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2015-03-11 18:03:20	29088A5723C81BF75AD909AAB6A91610	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-03-11 18:03:20	0F79883E27BB1AFE2D9BB4656A1CEFCD	11264	----a-w-	C:\Windows\Sysnative\msmmsp.dll
2015-03-11 18:03:20	00EE5D3E16D42F25F7813ACFA10EC803	24576	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2015-03-11 18:03:19	FE03B35A22C3D2714B494FC2AB32AC5B	8704	----a-w-	C:\Windows\Sysnative\pcaevts.dll
2015-03-11 18:03:19	F43B09E257121ADC501ABE9367FAA850	9728	----a-w-	C:\Windows\Sysnative\spwmp.dll
2015-03-11 18:03:19	EA285B947EE48103697CDA53D76C9EEC	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2015-03-11 18:03:19	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\msdxm.ocx
2015-03-11 18:03:19	D3F1F9C784BCCDF2C880669D69FC1970	5120	----a-w-	C:\Windows\Sysnative\dxmasf.dll
2015-03-11 18:03:18	DBCD54B841F2B216B2F0F86E18205C22	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-03-11 18:03:17	8364A0F7633414DC5C50A37295B1FAFF	2048	----a-w-	C:\Windows\Sysnative\mferror.dll
2015-03-11 18:03:17	77D49942BD5DC97723ABC8A6D2757B6E	12625920	----a-w-	C:\Windows\Sysnative\wmploc.DLL
2015-03-11 18:01:27	1FB81632476857E8451DDA8A456EF3CE	215552	----a-w-	C:\Windows\Sysnative\ubpm.dll
2015-03-11 18:01:26	01F9FEB7F0C84EA1AC6A9B4D7C6B0435	14177280	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-03-11 18:01:18	3807605BDA83C0DA729A5219CEBB9041	341504	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-03-11 18:01:17	FB95F6E11AAD62F24C2DB01E6E9D7BE7	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-03-11 18:01:17	E1404987DCD392AF9D67F6A26CE21175	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-03-11 18:01:17	DB2904A4CEBC39DF8892A613BEC71512	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-03-11 18:01:17	B6C7729936AAF8E0697F0A7DCA82CED8	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-03-11 18:01:17	9B644AC070576AAE701910874C241DBD	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-03-11 18:01:17	92F920EE9EAF7306B4AB8124D474AB52	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-03-11 18:01:17	7BC39275661EA7DEE54135AA26DF733E	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-03-11 18:01:17	6536829F6EA1149527728A210F493B79	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-03-11 18:01:17	54CD467B3A6DA02E9449DB7FB1830612	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-03-11 18:01:17	473BCBFFC55C9FE33D502035322E759D	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-03-11 18:01:17	28CC69865D5DC458EDDCEA35F01D71DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-03-11 18:01:17	1DB278E5834B08F9A184F953F2D31FF7	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-03-11 18:01:16	65CF54B1D8CB1B085B6D8BC210E2C45F	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-03-11 18:01:16	543553AD3E30CB261C8B436DF644F23E	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-03-11 18:01:16	378B175D0F0A1C38026F280BF6C8D0C6	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-03-11 18:00:52	E88A78273D429554B6B2D2BDA945ED9B	1067520	----a-w-	C:\Windows\Sysnative\msctf.dll
2015-03-11 18:00:50	0A4D03A4C0F908B15B8A4C48FB18F197	1424896	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2015-03-11 18:00:47	A0DEE06D68F210CA090FD4D9A33CDC12	3204096	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-03-11 18:00:45	2CA6A98547E799812489E5ADF2774D97	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-03-11 18:00:45	289581F0FDA6B93A0FAFE979486AD6FA	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-03-11 18:00:44	D2BF72C0A9E26BE91C1DEEACF7C430E0	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-03-11 18:00:44	7FA2B43D940DF41E46B8049B59AB6639	718848	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-03-11 18:00:44	08892A4ED848386E6B901723C1EF611B	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-03-11 18:00:43	D3EA5B5E606EF17804B5BF565BEAD937	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-03-11 18:00:42	585B29EFB4954902FD53C4F8F9A0D39F	389800	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-03-11 18:00:42	501A38B72FA264605123B4FACF53F057	1548288	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-03-11 18:00:41	F5E5E96E188934BAB22C0916C91F46B3	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-03-11 18:00:41	80B3AD73027A2CCD42C47EBF5C89124F	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-03-11 18:00:41	5443F21A33DB376734DBE47F7635542C	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-03-11 18:00:41	132862B0FC4A1B7CB45C274DE169DBB2	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-03-11 18:00:40	D0767EA3A59FA70C7ACF59EE0C8CD42A	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-03-11 18:00:40	9E9B757A677927110393A505822D9174	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-03-11 18:00:39	62269DEFF17AB006217330A24EA8577B	2886144	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-03-11 18:00:39	22C4867C690C38B18B2C1A0B072CD0C4	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-03-11 18:00:38	A1264D16AF506125C974775C833A063C	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-03-11 18:00:38	1EC0BF321D3B14D02B9A8BAC134570F4	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-03-11 18:00:37	FB8C4EE9889790466A0174923410649E	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-03-11 18:00:37	D373113A84C12BA7F07CE1E9CAF4747F	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-03-11 18:00:37	76B53D2150284E138B46410EA54967FA	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-03-11 18:00:37	2335F6BF8A127E31EB0E2D9A82F188A0	14398976	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-03-11 18:00:36	A9190899A35431CF8ABBEF5E1BB0C8F9	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-03-11 18:00:36	687E11F36832BFF65EF0CD2FA3DB1966	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-03-11 18:00:36	4870B24EA7D4EEF5E1C4675AC47796B8	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-03-11 18:00:36	40DF85D8B2B0171EF5F23AA1B5CD9A62	6035456	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-03-11 18:00:36	36F99BD8A0F09BDBB7850A138845A014	2358784	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-03-11 18:00:35	667229C8F194D619D12F05943D7F61F0	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-03-11 18:00:35	1C393E42928BF55B3796E732B678CD5B	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-03-11 18:00:34	1193400D8E29A5A010135FB09A4EB1E8	25021440	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-03-11 18:00:11	CBA2694BFC61F371181F2BE2BCD66C40	465920	----a-w-	C:\Windows\Sysnative\WMPhoto.dll
====== C:\Windows\Sysnative\drivers =====
2015-03-14 18:44:43	0063ACEBB5BBE8C563A6ADB09155E644	44744	----a-w-	C:\Windows\Sysnative\drivers\hssdrv6.sys
2015-03-11 18:03:31	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-11 18:03:20	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-11 18:03:19	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-03-11 18:01:17	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-11 18:01:17	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-03-11 18:01:17	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
====== C:\Windows\Tasks ======
2015-03-04 14:42:50	6970511C54CE5738880BC1FF3B9E444B	3548	----a-w-	C:\Windows\Sysnative\Tasks\HP AR Program Upload - a364086f41794e9e8093872bf91b41629d759379d1e44bd3a213c79d014d3e1b
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-03-14 19:26:30	--------	dc----w-	C:\Program Files\WinPcap
2015-02-26 11:37:54	--------	dc----w-	C:\Program Files\Wireshark
======= C:\PROGRA~2 =====
2015-03-20 04:59:13	--------	d-----w-	C:\PROGRA~2\Unchecky
2015-03-15 09:42:33	--------	d-----w-	C:\PROGRA~2\ESET
2015-03-14 18:44:41	--------	d-----w-	C:\PROGRA~2\Hotspot Shield
2015-02-26 11:38:34	--------	d-----w-	C:\PROGRA~2\WinPcap
======= C: =====
2015-03-11 19:00:05	A7525A7E621CA98E16B77E31756800EF	19344	----a-w-	C:\slowloris.pl
====== C:\Users\Louise\AppData\Roaming ======
2015-03-15 09:47:10	--------	d-----w-	C:\Users\Martijn\AppData\Roaming\Wargaming.net
2015-03-14 18:18:32	--------	d-----w-	C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-03-14 12:42:25	--------	d-----w-	C:\Users\Martijn\AppData\Locallow\Evernote
2015-03-14 12:42:25	--------	d-----w-	C:\Users\Martijn\AppData\Local\Evernote
2015-03-04 14:30:42	--------	d-----w-	C:\Users\Fleur\AppData\Roaming\AVG2015
2015-02-28 09:45:54	--------	d-----w-	C:\Users\Martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2.7
2015-02-27 21:41:58	--------	d-----w-	C:\Users\Fleur\AppData\Local\Avg2015
2015-02-21 14:26:29	--------	d-----w-	C:\Users\Default\AppData\Roaming\TuneUp Software
2015-02-21 14:26:29	--------	d-----w-	C:\Users\Default User\AppData\Roaming\TuneUp Software
====== C:\Users\Louise ======
2015-03-20 04:59:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2015-03-20 04:59:13	--------	d-----w-	C:\ProgramData\Unchecky
2015-03-20 04:58:51	C133DE62453AC5362B13B8007E1659C4	986472	----a-w-	C:\Users\Louise\Downloads\unchecky_setup.exe
2015-03-17 21:02:15	E8D3E34FFDAF21DF7C09CBBBA5763237	2347384	----a-w-	C:\Users\Louise\Downloads\esetsmartinstaller_enu (4).exe
2015-03-17 21:00:40	E8D3E34FFDAF21DF7C09CBBBA5763237	2347384	----a-w-	C:\Users\Louise\Downloads\esetsmartinstaller_enu (3).exe
2015-03-17 19:22:06	E8D3E34FFDAF21DF7C09CBBBA5763237	2347384	----a-w-	C:\Users\Louise\Downloads\esetsmartinstaller_enu (2).exe
2015-03-15 09:34:57	596F915D9D12A1C2C7836EAAEBBB9CBC	1388333	----a-w-	C:\Users\Martijn\Downloads\JRT.exe
2015-03-14 19:42:53	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metasploit
2015-03-14 19:02:00	A46DBAA3F285556610F1F2EB163F4D84	193567896	----a-w-	C:\Users\Martijn\Downloads\metasploit-latest-windows-installer.exe
2015-03-14 18:47:22	--------	d-----w-	C:\ProgramData\Hotspot Shield
2015-03-14 18:17:55	C3700C7D790F32DD1FAF4F53B0781D5D	5995160	----a-w-	C:\Users\Martijn\Downloads\WoT_internet_install_eu.exe
2015-03-14 12:37:28	CA5ADBB3F1D71729F1F4440699EC6F2B	142464	----a-w-	C:\Users\Martijn\Downloads\Redacted.exe
2015-03-14 12:37:28	9948C73E8D6CEDD2E1160FF5147EC193	410824	----a-w-	C:\Users\Martijn\Downloads\Launcher.exe
2015-03-14 12:37:27	CF096FB00135F5350AA466B3EA3D3B9F	105808	----a-w-	C:\Users\Martijn\Downloads\ValveAPI.dll
2015-03-14 12:37:27	B0AC1EA684C64ED70A1319B935BC4B4F	105472	----a-w-	C:\Users\Martijn\Downloads\steam_api_SP.dll
2015-03-14 12:37:27	756B21CC4017292EE16C88A0648A48CF	13084312	----a-w-	C:\Users\Martijn\Downloads\t6mp.exe
2015-03-14 12:37:27	2B01B4FE7D6E3767AB6B58B1266855CF	12820632	----a-w-	C:\Users\Martijn\Downloads\t6zm.exe
2015-03-14 12:37:27	26C909CBCF86907D6542BBDEACF35A31	711680	----a-w-	C:\Users\Martijn\Downloads\steam_api_MP.dll
2015-03-14 12:37:27	26C909CBCF86907D6542BBDEACF35A31	711680	----a-w-	C:\Users\Martijn\Downloads\steam_api.dll
2015-03-14 12:37:27	1E169393BF4EDC543B5E75A2D6D2999C	66048	----a-w-	C:\Users\Martijn\Downloads\tserv.dll
2015-03-14 12:37:27	1ABBC2AFEAD90E7521009622E4CA0725	11522712	----a-w-	C:\Users\Martijn\Downloads\t6sp.exe
2015-03-14 12:37:26	4BA25D2CBE1587A841DCFB8C8C4A6EA6	875472	----a-w-	C:\Users\Martijn\Downloads\msvcr110.dll
2015-03-14 12:37:26	3E29914113EC4B968BA5EB1F6D194A0A	535008	----a-w-	C:\Users\Martijn\Downloads\msvcp110.dll
2015-03-14 12:37:24	37FFEF7B08AFF2538A5EFE404DD9BF18	806912	----a-w-	C:\Users\Martijn\Downloads\libnp.dll
2015-03-14 12:37:22	15D15BFCB0918B2BCDF6CEA415F5D121	64512	----a-w-	C:\Users\Martijn\Downloads\GabensWrath.dll
2015-03-14 12:37:12	A22B3288322A5A154AAA63CDC67326BF	215040	----a-w-	C:\Users\Martijn\Downloads\binkw32.dll
2015-03-14 12:37:12	0F8AA7838037702C48ADBEB2DD97BA1A	255	----a-w-	C:\Users\Martijn\Downloads\update-CODBO2.bat
2015-03-14 12:23:05	62ACE8A553828E5C876C4325F210BA1A	369832947	----a-w-	C:\Users\Martijn\Downloads\BO2_fix_v_2014-06-25.exe
2015-03-11 19:03:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.20.1 Build 2000
2015-02-26 11:38:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap

====== C: exe-files ==
2015-03-20 04:59:13	A749C9A2385C10AEABE5EDF85D653AC3	253392	----a-w-	C:\Program Files (x86)\Unchecky\uninstall.exe
2015-03-20 04:59:13	79CAF0B07A8C15537D668768E5A18488	403408	----a-w-	C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
2015-03-20 04:59:13	44E536748A1D1908D1D814D6B026AC29	1575376	----a-w-	C:\Program Files (x86)\Unchecky\unchecky.exe
2015-03-20 04:59:13	2F665FCF5B0BE6733251D9A711024B37	161744	----a-w-	C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
2015-03-20 04:58:51	C133DE62453AC5362B13B8007E1659C4	986472	----a-w-	C:\Users\Louise\Downloads\unchecky_setup.exe
2015-03-19 21:39:20	FAD5EA601378A1CF3276FB846B699D1E	41950376	-c--a-w-	C:\Users\Louise\AppData\Local\Spotify\Update\spotify_installer-1.0.2.6.g9977a14b-15.exe
2015-03-18 14:14:45	31E2010740EB58527BCFF133DB771AAD	73272	----a-w-	C:\Users\Louise\AppData\Roaming\Spotify\wow_helper.exe
2015-03-18 14:14:44	D5DA6286EF0635B1E1B2FBA493755AB2	762424	----a-w-	C:\Users\Louise\AppData\Roaming\Spotify\SpotifyCrashService.exe
2015-03-18 14:14:44	32E8A4FCE03B255E7C7448F3B4910BC0	1964088	----a-w-	C:\Users\Louise\AppData\Roaming\Spotify\SpotifyWebHelper.exe
2015-03-17 21:02:15	E8D3E34FFDAF21DF7C09CBBBA5763237	2347384	----a-w-	C:\Users\Louise\Downloads\esetsmartinstaller_enu (4).exe
2015-03-17 21:00:40	E8D3E34FFDAF21DF7C09CBBBA5763237	2347384	----a-w-	C:\Users\Louise\Downloads\esetsmartinstaller_enu (3).exe
2015-03-17 19:22:06	E8D3E34FFDAF21DF7C09CBBBA5763237	2347384	----a-w-	C:\Users\Louise\Downloads\esetsmartinstaller_enu (2).exe
2015-03-15 09:42:37	E273331224005C5A8A504164373DE1DC	535304	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2015-03-15 09:42:37	9E47522861242EE002D7F385C35D1322	2887824	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2015-03-15 09:42:37	5B3DE7968D23B476AFB256D8014B25B9	333424	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2015-03-15 09:42:37	47B06E473B78A792DF07D226E0537D63	119184	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2015-03-15 09:42:37	3C3F35C91F230493B088B334E39D1F7A	358144	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
=== C: other files ==
2015-03-15 11:38:29	599844EC97A400ADFF8C30F9877404AA	1492385	----a-w-	C:\Users\Martijn\Downloads\Factions-2.7.5.zip
2015-03-15 09:35:05	F56A319979F631C141F5FF02DF87FDB1	43563	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\prelim.bat
2015-03-15 09:35:05	E49F9C309DC32E854A081507B89EBE39	11201	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\runvalues.bat
2015-03-15 09:35:05	DD1E4D974B1672ABD09EFFB225791C4A	1230	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\TDL4.bat
2015-03-15 09:35:05	AD2F52DC72B10AF331692E4A4DD80DFC	18670	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\medfos.bat
2015-03-15 09:35:05	AA0C656F898523BEDF2DA6923197BB80	1264	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\surfvox.bat
2015-03-15 09:35:05	8E6020C14F982CF11B3FE7DBB0CB8EDE	24738	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\searchlnk.bat
2015-03-15 09:35:05	883C768ADFD65F6C4968BD852B8D45E5	14924	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\get.bat
2015-03-15 09:35:05	86707BCE5CBB65D9B1C41E249B4423BA	152733	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\firefox.bat
2015-03-15 09:35:05	83F691D8398F0E37E71E9355BF730DB9	719	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\ev_clear.bat
2015-03-15 09:35:05	56CE326F6AAE3CF1709D332C04E8F9F1	191237	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\misc.bat
2015-03-15 09:35:05	38A0BDF322ACCC968B0A824C38D50157	29635	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\ask.bat
2015-03-15 09:35:05	335DFF8F23E5EC02B5426362F0F8509B	31401	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\iexplore.bat
2015-03-15 09:35:05	0C4649A62845AB5D5DBCC4998477FF6D	1813	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\delfolders.bat
2015-03-15 09:35:05	080CFDE64F31E7B50EECF4552033E84D	9937	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\mws.bat
2015-03-15 09:35:05	048407135C9B1FB6A355E256BD96160D	14192	----a-w-	C:\Users\Martijn\AppData\Local\temp\jrt\chrome.bat
2015-03-15 09:34:27	2D9A27911C7209D31767D912FBF253EC	150281	----a-w-	C:\Users\Martijn\Downloads\ProxyFix.zip
2015-03-15 09:28:03	083077ECDDE16FA2113A21BEFF8D1697	335	----a-w-	C:\Users\Martijn\AppData\Local\temp\download8.bat

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EgisTecPMMUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EgisUpdate"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InterPro DDosser.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InterPro DDosser.exe"
"hkey"="HKCU"
"command"="C:\\Users\\Martijn\\Desktop\\beruablad stuff\\InterPro DDosser.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SuiteTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\""


==== Startup Folders ======================

2014-02-25 19:18:04	1143	----a-w-	C:\Users\Louise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-12-2013 17:59]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Louise-PC-Martijn" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP AR Program Upload - a364086f41794e9e8093872bf91b41629d759379d1e44bd3a213c79d014d3e1b" [C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe]
"C:\Windows\SysNative\tasks\HP AR Program Upload - e82353b7bf0e487db1116a779fa4254ec29882fc8f4f4ec8b99b8d2125929322" [C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe]
"C:\Windows\SysNative\tasks\{C9330069-EB10-4CD2-BB8C-9AA3B1FF77FD}" [C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe]
"C:\Windows\SysNative\tasks\{FBCC7BFE-8E4C-438A-92CA-133C146A45EF}" [C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF" [14-12-2013 15:21]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Wallet - Fleur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Monster energy - Martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikmiciggennficcomjdfkpniplkpihm
Google Wallet - Martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:

New Values:

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InterPro DDosser.exe deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fleur\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Louise\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martijn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Martijn\AppData\Local\Mozilla\Firefox\Profiles\t30rbs2p.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Fleur\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Louise\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Martijn\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=4449 folders=896 434117833 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Fleur\AppData\Local\temp emptied successfully
C:\Users\Louise\AppData\Local\Temp will be emptied at reboot
C:\Users\Martijn\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot