
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by fenerbhache on wo 24/02/2016 at 23:45:27,43.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\fenerbhache\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

==== Empty Folders Check ======================

C:\PROGRA~2\BearShare Applications deleted successfully
C:\PROGRA~2\iMesh Applications deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\log deleted successfully
C:\Users\Administrator\AppData\Roaming\WinRAR deleted successfully
C:\Users\fenerbhache\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\fenerbhache\AppData\Roaming\TP deleted successfully
C:\Users\fenerbhache\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Administrator\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Administrator\AppData\Local\EmieSiteList deleted successfully
C:\Users\Administrator\AppData\Local\EmieUserList deleted successfully
C:\Users\Administrator\AppData\Local\{1AC9AC47-E1DE-4539-A0D2-D233A83C5ADA} deleted successfully
C:\Users\Administrator\AppData\Local\{A1937E23-20CE-4CAD-85D4-B18BFFB24900} deleted successfully
C:\Users\fenerbhache\AppData\Local\Adobe deleted successfully
C:\Users\fenerbhache\AppData\Local\BrowserWeb deleted successfully
C:\Users\fenerbhache\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\fenerbhache\AppData\Local\EmieSiteList deleted successfully
C:\Users\fenerbhache\AppData\Local\EmieUserList deleted successfully
C:\Users\fenerbhache\AppData\Local\PackageAware deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully
HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mvhv1mt.default

user.js not found
---- Lines Search-Results removed from prefs.js ----
user_pref("keyword.URL", "http://dts.search-results.com/sr?src=ffb&appid=20&systemid=2&sr=0&q=");
---- FireFox user.js and prefs.js backups ---- 

prefs_20162502_0003_.backup

ProfilePath: C:\Users\FENERB~1\AppData\Roaming\Mozilla\Firefox\Profiles\2anmxqcv.default

user.js not found
---- Lines saeListNT" removed from prefs.js ----
user_pref("extensions.saeListNT", "[\"about:newtab\",\"LVD-SAE@iacsearchandmedia.com\"]");
---- Lines ask.com removed from prefs.js ----
user_pref("extensions.LVD-SAE.newTabSearchURL", "\"http://dts.search.ask.com/sr?gct=hp&o=APN10644A&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfIns
user_pref("extensions.LVD-SAE.searchURL", "\"http://dts.search.ask.com/sr?gct=ds&o=APN10644&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=20
---- FireFox user.js and prefs.js backups ---- 

prefs_20162502_0003_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\BearShare Applications not found
C:\PROGRA~2\iMesh Applications not found
C:\PROGRA~3\HPs deleted
C:\PROGRA~3\HP deleted
C:\Program Files (x86)\Microsoft\BingBar deleted
C:\Windows\syswow64\appdata deleted
C:\PROGRA~3\12140 deleted
C:\Users\fenerbhache\.android deleted
C:\PROGRA~2\GUT730E.tmp deleted
C:\PROGRA~2\GUM730D.tmp deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted
C:\AAHQ_CTemp.tmp deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\found.004 deleted
C:\Users\fenerbhache\AppData\Roaming\Registry Mechanic deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\Partner deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\iMesh deleted
C:\PROGRA~3\{0B944FF9-D61F-4D53-99D1-CBD889A971D0} deleted
C:\PROGRA~3\{54354A6F-DFEF-43FB-B54D-C03C4D79EED5} deleted
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted
C:\Users\fenerbhache\AppData\Local\mixvideoplayer deleted
C:\Users\fenerbhache\AppData\Local\Unity deleted
C:\Users\fenerbhache\AppData\Local\com deleted
C:\Users\fenerbhache\AppData\Local\BearShare deleted
C:\Users\fenerbhache\AppData\Local\iMesh deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer deleted
C:\Users\Administrator\AppData\LocalLow\imeshtoolbar2 deleted
C:\Users\Administrator\AppData\LocalLow\AVG Web TuneUp deleted
C:\Users\Administrator\AppData\LocalLow\wincorebsband deleted
C:\Users\Administrator\AppData\LocalLow\mediabarbs deleted
C:\Users\fenerbhache\AppData\LocalLow\Unity deleted
C:\Users\fenerbhache\AppData\LocalLow\imeshtoolbar2 deleted
C:\Users\fenerbhache\AppData\LocalLow\wincorebsband deleted
C:\Users\fenerbhache\AppData\LocalLow\mediabarbs deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\FENERB~1\AppData\Roaming\Mozilla\Firefox\Profiles\2anmxqcv.default\searchplugins\ask-search.xml deleted
C:\Users\Public\Desktop\Emoticons for your messenger!.url deleted
C:\Users\fenerbhache\Desktop\YTD Video Downloader.lnk deleted
"C:\Windows\Installer\213fb6.msi" deleted
"C:\Users\fenerbhache\AppData\Roaming\Yandex\ui" deleted
"C:\Users\fenerbhache\AppData\Roaming\Yandex" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-02-12 13:59:28	9D77CC4A36FEEA644D002CFB9B2D42C0	3231232	----a-w-	C:\Windows\explorer.exe
====== C:\Users\FENERB~1\AppData\Local\Temp ====
2016-02-15 19:24:51	BF2297EEB101701FCB575CC0FFF50BE4	3011144	----a-w-	C:\Users\fenerbhache\AppData\Local\Temp\UNINSTALL.EXE
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-02-12 14:01:24	F681617A48EC4FA8E560D4F8F98DD94F	216064	----a-w-	C:\Windows\SysWOW64\InkEd.dll
2016-02-12 14:01:22	BE97A22AA001C112729BC6C20710EB95	91136	----a-w-	C:\Windows\SysWOW64\inseng.dll
2016-02-12 14:01:22	AEC354F085817A1EDF09354F187F04F7	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-12 14:01:22	79875578EBB8F8ACAF339301A0F0B663	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2016-02-12 14:01:22	57499EAC0ECCB7537D15011FECCCAE98	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2016-02-12 14:01:21	FA063E55773A925EA50BB6C32BDA6A4D	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-12 14:01:21	9A974C50E003639FED1F4540D606277E	496640	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2016-02-12 14:01:21	83C2C80E6F582B2B3B657DB7AD3D8025	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2016-02-12 14:01:21	72E9450D57439BFB285333C216D4D689	341200	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2016-02-12 14:01:21	6F24910AC7C489AEBC9B07B1C7B95055	687104	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2016-02-12 14:01:21	2D1D550594CDDC6F384AFCF702F333BB	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2016-02-12 14:01:20	A5E6C79B466BBEB5795F59E1B1DE634C	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2016-02-12 14:01:20	A34630CC8CE946941F7145AA7EE358B4	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2016-02-12 14:01:20	9D3DF899B79050492962D0B9256DCB57	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2016-02-12 14:01:20	8C4AF7FA8E097BEE33AD430D335F942A	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2016-02-12 14:01:20	711E2340B245214EC8EE7028646AE69B	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2016-02-12 14:01:20	6483EA614DA752566A20EC8CB20E7B3F	2050560	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2016-02-12 14:01:20	27BDBE4BC3AE6011480E0B3ACD20C527	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2016-02-12 14:01:18	CB4959DB1E0D9D60FB271474DFDE303C	4611072	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-02-12 14:01:18	5FEA0799C84EDA2A4B1EBE5C3D2D0730	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-12 14:01:18	11733FDE983323DD1F7493B5576FC84F	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2016-02-12 14:01:17	C7CC591E41287CEB01FDBC425DAEF043	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2016-02-12 14:01:17	5CB71C6DB91BAC78E1F0E9953CAB8969	2120704	----a-w-	C:\Windows\SysWOW64\wininet.dll
2016-02-12 14:01:17	381FCCE72078D0FD6CDE012F7383825A	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-12 14:01:17	0C8336742D48676B47B9A94B6AF5673F	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2016-02-12 14:01:06	E0F8B86E21CE366C41FD641A5904B399	2280448	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2016-02-12 14:01:05	5AA6B93A3561DD11BE89A0E994C78B9E	20366848	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2016-02-12 14:01:04	C65C32F73DB0FF40CD0B07A378ED7E31	12857856	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2016-02-12 14:01:04	C2974E63D8C9B6A2914EF4F8BF986A0D	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2016-02-12 14:01:04	A80DB9FC25D728E990E4F183BBFB0B46	476160	----a-w-	C:\Windows\SysWOW64\ieui.dll
2016-02-12 14:01:04	31129AB73DE8B2C7AA60B04EE2931717	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2016-02-12 14:01:04	05DC4CD07D10626D4EF38AB7A9F45771	1312256	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2016-02-12 14:00:47	F595AD526491E0787BD070B2E968AFAE	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2016-02-12 14:00:47	6B2BCCCF3BE6C29A72397ED1BDBEFE33	174080	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2016-02-12 14:00:47	4006F0B422E19AA0E459A85C612A9F9D	573440	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2016-02-12 14:00:47	3FE0CD5FAA51481051B8D21D68C5CBC9	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2016-02-12 14:00:47	318AEAAF2A4F5488A3740005CA841FC5	93696	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2016-02-12 14:00:33	E00604CE082BA387AC1D354C45F7EDEC	1413632	----a-w-	C:\Windows\SysWOW64\ole32.dll
2016-02-12 13:59:52	6AF4B613D9EAC33034D2B5776B89394D	535040	----a-w-	C:\Windows\SysWOW64\EncDec.dll
2016-02-12 13:59:52	3F37385824263575518137EB6D60C90B	642048	----a-w-	C:\Windows\SysWOW64\CPFilters.dll
2016-02-12 13:59:48	A9AE21C45FBF6CE1E6B5C5FEBB38004C	3938752	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-12 13:59:48	8D8374FD723FEB2800305A8A66CD1ABA	3993536	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-12 13:59:48	65FAD1A0049B6101F37BBFE7682DFE4C	1314328	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2016-02-12 13:59:47	C8D06454D122EE572A117CB2BD198E2E	114176	----a-w-	C:\Windows\SysWOW64\mtxoci.dll
2016-02-12 13:59:47	8E906BEE0415C2D4689305B8406B5E07	642560	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2016-02-12 13:59:47	3ECF55A5D03F20BAF2189DE7C334E7F9	275456	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2016-02-12 13:59:47	1682569FCB2BD576B7F8BCC5506BAF24	176128	----a-w-	C:\Windows\SysWOW64\msorcl32.dll
2016-02-12 13:59:47	024D25AC7C7A17868A85786D54FADA1F	553472	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2016-02-12 13:59:46	FE2F52304F3B5BD8281350DC69E13063	171520	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2016-02-12 13:59:46	D860E93BA9E5B4332C87159D7EA46343	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2016-02-12 13:59:46	D2CB5AE05C05A22428D0D241B1B93615	251392	----a-w-	C:\Windows\SysWOW64\schannel.dll
2016-02-12 13:59:46	D12750DF9F955B9C8FB18C9B26BC8FA8	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2016-02-12 13:59:46	B1D78C40DFB3D3AB0B24F4C452AF2D32	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2016-02-12 13:59:46	B01C6902EBFDC171D4AC3B55B695F017	223232	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2016-02-12 13:59:46	AF9A6DDDAF80F06854774B97A5CABACD	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2016-02-12 13:59:46	986235D261FEADC0825CC4287CA2FD61	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2016-02-12 13:59:46	973475BA1F197D8AA7B9DC10046C80BA	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2016-02-12 13:59:46	8A4577DE02C55182ED46202BA2E06DA5	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2016-02-12 13:59:46	67BCCAF06AD5F12DC7599AC02A2C40E7	36352	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2016-02-12 13:59:46	5595E457CCB6FAEBC0244F1C20E8761F	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2016-02-12 13:59:46	375BC0AA1E753C96D97D20444017F083	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2016-02-12 13:59:46	2A7DDF3441564E2615A88A840ECC19ED	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2016-02-12 13:59:46	2A49D72DC3627DA7E90FD6673549E5F4	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2016-02-12 13:59:45	E88699C4C98E249DD2F13B315F6A199B	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2016-02-12 13:59:45	B76BE60C53603EBBF65957CB95B3EF7A	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2016-02-12 13:59:45	B6ACF0FA1236D1F89205DB4AFF1F6BB4	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2016-02-12 13:59:45	35CAEF79BE44688A750CFDA3FAE7AC45	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2016-02-12 13:59:44	BD8774545A855B6559FD70E609830685	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2016-02-12 13:59:44	95CDF95F17CBC4038235DA5525DE8A39	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2016-02-12 13:59:44	5BF47EDE7A7D9143E5CB299FEB0173A2	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2016-02-12 13:59:28	F4AC739D8C76DD13CA2EBF638D030B2D	12877824	----a-w-	C:\Windows\SysWOW64\shell32.dll
2016-02-12 13:59:27	B4ABC755C1CB8066DA8EE29100C78FC4	1498624	----a-w-	C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-12 13:59:27	7335DD3AB298309DD343DD0785144E59	1805824	----a-w-	C:\Windows\SysWOW64\authui.dll
2016-02-12 13:59:27	2A156D5EBF221EF2A6AE7CE452324DAC	2973184	----a-w-	C:\Windows\SysWOW64\explorer.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-02-12 14:01:30	A99A8E3835606F731DB54826D7836F88	3211776	----a-w-	C:\Windows\Sysnative\win32k.sys
2016-02-12 14:01:24	799E20ADF08BB7EB5D0FF784C311F4B3	275456	----a-w-	C:\Windows\Sysnative\InkEd.dll
2016-02-12 14:01:24	313E9727FD22B721E356B3E75D3B7FDD	24576	----a-w-	C:\Windows\Sysnative\jnwmon.dll
2016-02-12 14:01:22	F53C5CD60B0C574F420AC23D04629CD4	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2016-02-12 14:01:22	B96B87565BAFE37CB4ADC2B3DB4E4918	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2016-02-12 14:01:22	6D87E73C26D1A17C077EE52C9F17F600	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2016-02-12 14:01:21	4730E75B886E79785D98F3B52F70E857	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2016-02-12 14:01:21	28BB2A430DF3FBEF849DA23DCE091E0C	107520	----a-w-	C:\Windows\Sysnative\inseng.dll
2016-02-12 14:01:21	0FDC94FE7AF583F1F251DB2F8AA775FB	718336	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2016-02-12 14:01:20	FC9C018B47585694C1FDEE9315A00811	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2016-02-12 14:01:20	EF331A0C738A3DB59910426166F7AA6F	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2016-02-12 14:01:20	9C790C93BDCEC5357763A0D76769A532	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2016-02-12 14:01:20	855087A6E66B7F26DDB4DD0AAC8F2002	798208	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2016-02-12 14:01:20	66E9C715417016B5E8844BAD52ECEC1F	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2016-02-12 14:01:20	2204FE30C9DB8CE0C9D2766E7B36C3FB	387784	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2016-02-12 14:01:19	933A0F38EA8562C6FBFBCC7DB8403E49	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2016-02-12 14:01:19	31BFBD55D80391FE1F57C5F08520AB19	2123264	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2016-02-12 14:01:19	2E147B50D120FFAA29B8AEF4AA251DD6	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2016-02-12 14:01:18	167C24BD00918779F6FB2A143EB881C9	571904	----a-w-	C:\Windows\Sysnative\vbscript.dll
2016-02-12 14:01:17	31D8B409C26258A622886818B8446319	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2016-02-12 14:01:16	4F6A864F5AEEC16B871275FBD2ED9507	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2016-02-12 14:01:15	D5D3113FE5FEC7E17AF441116DFD0AA5	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2016-02-12 14:01:15	A53BA92BB2AD12CD588D608653D837FA	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2016-02-12 14:01:15	8781623BFFDB7373B6BE21D6BB0CF091	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2016-02-12 14:01:15	30F1422DE58ECA22EFF68E32EE230FB3	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2016-02-12 14:01:15	2C76A9F160B31AD4B6BEB0E6AEDF0051	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2016-02-12 14:01:14	CB10939701B2B334E5AC019823FD43EF	2597376	----a-w-	C:\Windows\Sysnative\wininet.dll
2016-02-12 14:01:14	2465699318A732E42243FDA8B9E53EBD	6052352	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-02-12 14:01:13	F1B946B1C712A670705A4FEFFD7B20E9	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2016-02-12 14:01:13	7B83F058C60F64D992D664C09AC97D68	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2016-02-12 14:01:13	01F62BB0005ECEFC807CCAE071568DC7	417792	----a-w-	C:\Windows\Sysnative\html.iec
2016-02-12 14:01:06	7B755E401A318D3136948C72CD8AAB32	2887680	----a-w-	C:\Windows\Sysnative\iertutil.dll
2016-02-12 14:01:05	FFF68D1EA1C9B09091D91D4D493F00CD	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2016-02-12 14:01:04	D7733D44A51BD06CD3D4E8EFFA00F1DB	1547264	----a-w-	C:\Windows\Sysnative\urlmon.dll
2016-02-12 14:01:04	1F386DDDF890891B4FA29D1EE066A4C7	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2016-02-12 14:01:03	748391D06E84EA371ADE4B10E38D54E9	25839104	----a-w-	C:\Windows\Sysnative\mshtml.dll
2016-02-12 14:01:03	1E6D1853706F8DE25F07823A97E714EB	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2016-02-12 14:01:03	1162B324D878C71ADFB97392888266E7	14458368	----a-w-	C:\Windows\Sysnative\ieframe.dll
2016-02-12 14:00:57	C0B408465FD3981832D0ED8F9ADF9827	25024	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2016-02-12 14:00:57	A6E72DCF9A575C56021037C0500D8396	499200	----a-w-	C:\Windows\Sysnative\devinv.dll
2016-02-12 14:00:57	9F50126D50691F89C3ADD4A3060D41EF	76800	----a-w-	C:\Windows\Sysnative\acmigration.dll
2016-02-12 14:00:57	8451F5DB58916753D1574F394931B2CA	677376	----a-w-	C:\Windows\Sysnative\generaltel.dll
2016-02-12 14:00:57	677E1065159AE6E895A2FCCE3C405C3B	1162240	----a-w-	C:\Windows\Sysnative\aeinv.dll
2016-02-12 14:00:57	497DA176FCEAEC2D3C0F8664474FEA3F	1362944	----a-w-	C:\Windows\Sysnative\appraiser.dll
2016-02-12 14:00:57	3D71FAD5B40B3249333C6AEF4F889C61	696320	----a-w-	C:\Windows\Sysnative\invagent.dll
2016-02-12 14:00:48	837A9343D4189DD27899C0E1F0DDDCB0	709120	----a-w-	C:\Windows\Sysnative\wuapi.dll
2016-02-12 14:00:48	3D4032E6A5885C007AEF4BA816AB4032	2610176	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2016-02-12 14:00:47	C0494660BB55A8378A2BE3B4DAA35ED7	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2016-02-12 14:00:47	BD2BD297693266EED05053BEA303A6EA	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2016-02-12 14:00:47	B0A43EC743402EDBA9527365291708A3	140288	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2016-02-12 14:00:47	ACE31C1714B290EABEDEAFF347ED0CE4	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2016-02-12 14:00:47	A57F0922744677D2196AB6D51547546A	192512	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2016-02-12 14:00:47	A074D8FDDA2E42170AA073C60DC6877B	98816	----a-w-	C:\Windows\Sysnative\wudriver.dll
2016-02-12 14:00:47	863E3C01F7C2EB0C2E7A87005219A78F	3169792	----a-w-	C:\Windows\Sysnative\wucltux.dll
2016-02-12 14:00:47	7EB6752403FDC5C9737E2A942D041705	37888	----a-w-	C:\Windows\Sysnative\wuapp.exe
2016-02-12 14:00:47	0C14B42D43673DF46D915E57843B85ED	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2016-02-12 14:00:34	E8089A2512554E3C97423D89F3253CD0	2085888	----a-w-	C:\Windows\Sysnative\ole32.dll
2016-02-12 13:59:52	EC51D04CF0ED31C8B0FDEB00A7155596	723968	----a-w-	C:\Windows\Sysnative\EncDec.dll
2016-02-12 13:59:52	3D0AB0FA5B425420B6F6AD261874200D	961024	----a-w-	C:\Windows\Sysnative\CPFilters.dll
2016-02-12 13:59:51	DDC8747E8EA0D44C1DCB14B872F07AD8	5573056	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-02-12 13:59:50	EDD3A375BAEC5B67227EF91E767D1383	1733592	----a-w-	C:\Windows\Sysnative\ntdll.dll
2016-02-12 13:59:49	613E5CBB94EF8F2EB15812EB003BC667	422400	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2016-02-12 13:59:48	C66C5B5793F458807AE043E73440EB47	159744	----a-w-	C:\Windows\Sysnative\mtxoci.dll
2016-02-12 13:59:48	BB3249DA371BC3D18F71684E4274B853	730112	----a-w-	C:\Windows\Sysnative\kerberos.dll
2016-02-12 13:59:48	0547E50F916294862FDAF11A4D701547	1163264	----a-w-	C:\Windows\Sysnative\kernel32.dll
2016-02-12 13:59:47	748F82A2222C49C3FED6D1695083716A	880128	----a-w-	C:\Windows\Sysnative\advapi32.dll
2016-02-12 13:59:46	EF831C8EA02FCD61982C1ADCD7771003	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2016-02-12 13:59:46	EB4B3461CCF52627D0DDF6C5EA6706D1	1461248	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2016-02-12 13:59:46	DFC485D181251BBD363A01C7FB26BC31	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2016-02-12 13:59:46	D37FFF32F1F5CE52B0C5C527E8E7F213	210432	----a-w-	C:\Windows\Sysnative\wdigest.dll
2016-02-12 13:59:46	C96D13751309F1099FF89347F0289789	1214464	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2016-02-12 13:59:46	BDABFB9F7588C20ECA9CB7848000F471	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2016-02-12 13:59:46	B9721CADDD9B4D06913F9954A0BF9143	135680	----a-w-	C:\Windows\Sysnative\sspicli.dll
2016-02-12 13:59:46	B7657890A3CC88B07034BABEB9CA70D4	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2016-02-12 13:59:46	B62C3D440D413A31F55D6E917C45C520	28672	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2016-02-12 13:59:46	B19AF473CF32091B62C5B0260A0F059F	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2016-02-12 13:59:46	AF4737408711F28233FDA52000AF463D	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2016-02-12 13:59:46	AC90998CB8B16566102AA50E64A595E5	312320	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2016-02-12 13:59:46	96AEEE466EA56AF34AE4AD5E55DAD164	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2016-02-12 13:59:46	8B240443503DC920964A9AD0216DA10F	344064	----a-w-	C:\Windows\Sysnative\schannel.dll
2016-02-12 13:59:46	83A5E8CC7663573BFFF420CE8E3C2A68	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2016-02-12 13:59:46	789035A84618AC25CEDC91606029A4A2	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2016-02-12 13:59:46	6B7C61834990694B9A0E1620ABDFCCAC	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2016-02-12 13:59:46	5A71F01035A69E3C00B5D7CA99410A0F	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2016-02-12 13:59:46	5673794F254FE312AF62D9DA32805A2F	30720	----a-w-	C:\Windows\Sysnative\lsass.exe
2016-02-12 13:59:46	54ADDA9F5DA7E7470B11066AD9F4AED8	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2016-02-12 13:59:46	51F4A1B05E04EEAB0856A2C97958656C	43520	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2016-02-12 13:59:46	41BF4D76AF0228B658DF37DE900B56E0	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2016-02-12 13:59:46	171925BA54D712707770738C71287F88	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2016-02-12 13:59:46	0BC3CBABA9A24F52176929563A4B6829	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2016-02-12 13:59:46	0164AB7D14560DCE1B879E4F7CDB2FAF	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2016-02-12 13:59:45	AB2716613CE2FCE51E91A9CA0F019B2F	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2016-02-12 13:59:44	D2F5A80E0EF6B319FD8795914A0AAB70	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2016-02-12 13:59:44	C16168C644D59D08556286A46637253D	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2016-02-12 13:59:44	805F5BF7343F4FED5AEBF458BCF04AC8	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2016-02-12 13:59:29	BE2A89D0652666AE9DE606B1063DBF01	14179840	----a-w-	C:\Windows\Sysnative\shell32.dll
2016-02-12 13:59:27	AEDC4464B75A44811F18A312392E4B22	1866752	----a-w-	C:\Windows\Sysnative\ExplorerFrame.dll
2016-02-12 13:59:27	94B4047E4646C15B893271BAA6A55953	1940992	----a-w-	C:\Windows\Sysnative\authui.dll
====== C:\Windows\Sysnative\drivers =====
2016-02-12 14:00:53	D7ADC2B83CA0B0381F75A98351F72CEE	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2016-02-12 13:59:47	BA500732D160C61E889E8180EE53C86F	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-02-12 13:59:47	7BDDD24C5A148534D3737DBFA96B3E69	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2016-02-12 13:59:46	A16FC9323A85CAEA5804D04646A91CF9	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2016-02-12 13:59:46	355DF71D1DD1999E8AEDF986534B233C	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2016-02-12 13:59:46	2539BE615440BA1EA4CF84A66B6C0AF9	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-02-20 17:00:37	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2016-01-30 17:07:09	--------	d-----w-	C:\PROGRA~2\Belgium Identity Card
======= C: =====
====== C:\Users\fenerbhache\AppData\Roaming ======
2016-02-14 21:32:11	--------	d-----w-	C:\Users\fenerbhache\AppData\Local\TempTaskUpdateDetection1DA6E64C-9F99-4AC7-890F-1AEEC7C13D42
2016-02-14 20:57:58	--------	d-----w-	C:\Users\fenerbhache\AppData\Local\TempTaskUpdateDetection47D255EB-B515-4594-99FF-686F0537EC73
2016-02-07 22:06:03	--------	d-----w-	C:\Users\fenerbhache\AppData\Local\TempTaskUpdateDetectionD9DE4D2A-C14A-4BC4-9B90-5D88F6CE969A
2016-02-07 20:22:50	--------	d-----w-	C:\Users\fenerbhache\AppData\Local\TempTaskUpdateDetectionAAC4AA2D-6F63-4735-88DB-F2337AAEBEE5
2016-01-30 18:18:14	--------	d-----w-	C:\Users\fenerbhache\AppData\Local\TempTaskUpdateDetectionCBF00AF1-98B6-4D18-89BB-2B2BC1057510
====== C:\Users\fenerbhache ======
2016-02-20 21:30:54	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\fenerbhache\Desktop\RSITx64 (3).exe
2016-02-20 16:57:51	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\fenerbhache\Downloads\RSITx64.exe
2016-01-30 17:08:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID

====== C: exe-files ==
2016-02-24 22:42:21	7C00DCF350310EA0E7C8ABE065B245A7	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$IB8XCO7.exe
2016-02-24 22:39:39	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$RB8XCO7.exe
2016-02-24 22:37:00	151070165BA2D448C7A5DF9D2D6F7800	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$INZNOLS.exe
2016-02-24 22:36:45	68BC8F5E784B8C1139797C12C5E85A63	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$IGM0TGI.exe
2016-02-20 23:02:59	C912F62CC507C9E8D5DE7BF6FAB1E980	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$IM08JUP.exe
2016-02-20 23:02:56	6516EBD666EE81BCB781405E3E9C18BF	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$ILPPSQ5.exe
2016-02-20 23:02:52	725CF1DDB9ED7552AAD40D33C08FD4C5	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$IR2FK4B.exe
2016-02-20 23:02:47	A2B6A503CE2061EEB478E79FDA1529D5	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$I2YAQ0P.exe
2016-02-20 22:58:55	19BA5B88E1C73E9500976A68CDDBCBBF	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$I43YGI5.exe
2016-02-20 22:58:51	D294F2F196B6BE2082F3D24B60963131	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$IPC9MB5.exe
2016-02-20 22:58:38	BE9912E9E1F929AB1F3C87502029DDF3	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$IJUGO2I.exe
2016-02-20 22:58:34	B94D0A51D0BF636EDE9ED71503113E57	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$IDMAFTO.exe
2016-02-20 22:10:53	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$R43YGI5.exe
2016-02-20 22:09:43	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$RPC9MB5.exe
2016-02-20 17:00:37	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\fenerbhache.exe
2016-02-20 16:59:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$RJUGO2I.exe
2016-02-20 16:58:54	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\$Recycle.Bin\S-1-5-21-3325079892-3987089185-3461139799-1002\$RDMAFTO.exe
2016-02-20 09:23:02	761204CE1F26D946B2ACE5D5FF2D5D16	1579928	----a-w-	C:\Users\fenerbhache\AppData\Local\Google\Chrome\User Data\SwReporter\6.44.3\software_reporter_tool.exe
=== C: other files ==

==== Orphaned Tasks deleted from Registry ======================

MixVideoPlayer Update deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\fenerbhache\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"EPSON Stylus DX7400 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU C:\Windows\TEMP\E_S257A.tmp /EF HKCU"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"HP ENVY 5530 series (NET)"="C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe -deviceID CN48L210WD05XT:NW -scfn HP ENVY 5530 series (NET) -AutoStart 1"
"Dropbox Update"="C:\Users\fenerbhache\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\fenerbhache\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\fenerbhache\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
"ClearTemp"="del C:\Users\FENERB~1\AppData\Local\Temp\yupdate.exe-{CDEFFB70-3C31-462C-A77E-8B1C1F4EFAEF}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S"
"SonicMasterTray"="C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\fenerbhache\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"EPSON Stylus DX7400 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICDE.EXE /FU C:\Windows\TEMP\E_S257A.tmp /EF HKCU"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"HP ENVY 5530 series (NET)"="C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe -deviceID CN48L210WD05XT:NW -scfn HP ENVY 5530 series (NET) -AutoStart 1"
"Dropbox Update"="C:\Users\fenerbhache\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\fenerbhache\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\fenerbhache\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
"ClearTemp"="del C:\Users\FENERB~1\AppData\Local\Temp\yupdate.exe-{CDEFFB70-3C31-462C-A77E-8B1C1F4EFAEF}"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\BEARSH~1\\MediaBar\\Datamngr\\datamngr.dll  C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 "
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SynAsusAcpi"="%ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\fenerbhache\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nuance PDF Reader-reminder]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Nuance PDF Reader-reminder"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PDF Reader\\Ereg\\Ereg.exe\" -r \"C:\\ProgramData\\Nuance\\PDF Reader\\Ereg\\Ereg.ini\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateLBPShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdateP2GoShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\""


==== Startup Folders ======================

2012-10-17 12:10:49	1065	----a-w-	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk
2013-03-28 21:44:45	1163	----a-w-	C:\Users\fenerbhache\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2011-04-13 02:49:43	2062	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20/08/2015 21:45]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002Core.job --a------ C:\Users\fenerbhache\AppData\Local\Dropbox\Update\DropboxUpdate.exe [20/06/2015 23:46]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002UA.job --a------ C:\Users\fenerbhache\AppData\Local\Dropbox\Update\DropboxUpdate.exe [20/06/2015 23:46]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002Core.job --a------ C:\Users\fenerbhache\AppData\Local\Facebook\Update\FacebookUpdate.exe [18/12/2012 20:04]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002UA.job --a------ C:\Users\fenerbhache\AppData\Local\Facebook\Update\FacebookUpdate.exe [18/12/2012 20:04]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:6C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002Core.job --a------ C:\Users\fenerbhache\AppData\Local\Google\Update\GoogleUpdate.exe [27/08/2015 19:22]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002UA.job --a------ C:\Users\fenerbhache\AppData\Local\Google\Update\GoogleUpdate.exe [27/08/2015 19:22]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002Core" [C:\Users\fenerbhache\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002UA" [C:\Users\fenerbhache\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002Core" [C:\Users\fenerbhache\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002UA" [C:\Users\fenerbhache\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002Core" [C:\Users\fenerbhache\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3325079892-3987089185-3461139799-1002UA" [C:\Users\fenerbhache\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP ENVY 5530 series" ["C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{19B9876E-439F-4BED-BE6F-7F8ACE5AB6BA}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{A9E33621-39A2-4319-B36F-0ABD28A74A85}" [C:\Program Files (x86)\HP\HP ENVY 5530 series\bin\HPScan.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\6mvhv1mt.default
user_pref("browser.startup.homepage", "http://www.google.be/");
user_pref("browser.search.defaultenginename", "bol.com");

ProfilePath: C:\Users\FENERB~1\AppData\Roaming\Mozilla\Firefox\Profiles\2anmxqcv.default
user_pref("browser.newtab.url", "chrome://LVD-SAE/content/unpackedcrx/newtab/newtab.html");
user_pref("browser.search.defaultenginename", "Ask Search");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================

Profilepath: C:\Users\fenerbhache\AppData\Roaming\Mozilla\Firefox\Profiles\2anmxqcv.default
0015C790161C5698FDDC22613C19533B	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll -	Shockwave for Director / Shockwave for Director
B16EC84E06F26B8B85800F3B07B8D757	- C:\Windows\SysWoW64\Macromed\Flash\NPSWF32.dll -	Shockwave Flash
AF8A94BCB98C299C49B28CC12EBC0ED2	- C:\Users\fenerbhache\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll -	Google Update
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\fenerbhache\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin


==== Chromium Look ======================

Dislike on Facebook - fenerbhache\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpdjlpboamepnnngafgepjcflmmcecc

==== Chromium Fix ======================

C:\Users\fenerbhache\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\fenerbhache\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\fenerbhache\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpdjlpboamepnnngafgepjcflmmcecc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
HKCU\SearchScopes "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_nlBE462
HKCU\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
HKCU\SearchScopes\{BE28B068-6710-4801-B7C6-C2AD2660BEDC} - https://www.google.com/search?q={searchTerms}

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully
HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully
HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_USERS\S-1-5-21-3325079892-3987089185-3461139799-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{eec0f710-38b5-4aba-99bf-ec87564a4e13} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iMesh deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fenerbhache\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fenerbhache\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Administrator\AppData\Local\Mozilla\Firefox\Profiles\6mvhv1mt.default\cache2 emptied successfully
C:\Users\fenerbhache\AppData\Local\Mozilla\Firefox\Profiles\2anmxqcv.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\fenerbhache\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\fenerbhache\AppData\Local\Yandex\YandexBrowser\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=7786 folders=2320 508735108 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\fenerbhache\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\FENERB~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 25/02/2016 at  0:18:32,06 ======================