
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Charlie on za 06/08/2016 at 19:17:46,32.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Charlie\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

3DMark 11  
64 Bit HP CIO Components Installer  
7-Zip 15.06 beta (x64)  
Adblock Plus voor IE (32-bit en 64-bit)  
Adobe Acrobat Reader DC - Nederlands  
Adobe Flash Player 22 ActiveX  
Adobe Flash Player 22 NPAPI  
Adobe Refresh Manager  
Adobe Shockwave Player 12.2  
AlarmXP Pro  
Alles wat je wilt weten over...  
AMD APP SDK Runtime  
Apple Application Support  
Apple Mobile Device Support  
ATI Catalyst Install Manager  
Avast Free Antivirus  
Belgium e-ID middleware 4.0.7 (build 7466)  
BitTorrent  
Bonjour  
Catalyst Control Center - Branding  
Catalyst Control Center  
Catalyst Control Center InstallProxy  
Catalyst Control Center Localization All  
ccc-utility64  
CCC Help Chinese Standard  
CCC Help Chinese Traditional  
CCC Help Czech  
CCC Help Danish  
CCC Help Dutch  
CCC Help English  
CCC Help Finnish  
CCC Help French  
CCC Help German  
CCC Help Greek  
CCC Help Hungarian  
CCC Help Italian  
CCC Help Japanese  
CCC Help Korean  
CCC Help Norwegian  
CCC Help Polish  
CCC Help Portuguese  
CCC Help Russian  
CCC Help Spanish  
CCC Help Swedish  
CCC Help Thai  
CCC Help Turkish  
Cl1ckClock Demo 1.3  
Futuremark SystemInfo  
Geeks3D FurMark 1.17.0.0  
HandBrake 0.9.9.1  
Heaven Benchmark version 4.0  
Hotkey 3.3028  
HP ePrint  
HP LJ300-400 color M351-M451  
HP Unified IO  
hpbDSService  
hpbM351M451DSService  
hppLaserJetService  
hppM351_M451LaserJetService  
IE Download Helper  
Intel(R) Management Engine Components  
Intel(R) Rapid Storage Technology  
ISO Opener  
Java 8 Update 101  
Java Auto Updater  
JMicron Ethernet Adapter NDIS Driver  
Magic ISO Maker v5.5 (build 0281)  
Malwarebytes Anti-Malware versie 2.2.1.1043  
Microsoft .NET Framework 4.5  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727  
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727  
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727  
Mozilla Firefox 47.0 (x86 nl)  
Mozilla Maintenance Service  
MPC-HC 1.7.10 (64-bit)  
OpenOffice 4.1.2  
PlaysTV  
QuickTime  
Raptr  
Realtek High Definition Audio Driver  
Renesas Electronics USB 3.0 Host Controller Driver  
SafeZone Stable 1.51.2220.47  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/30/2014 4.0.7.5)  
SUPERAntiSpyware  
swMSM  
Synaptics Pointing Device Driver  
TeamViewer 11  
THX TruStudio Pro  
Unity Web Player  
USB Multi-Channel Audio Device  
VASCO Card Reader Plug-In (64-Bit)  
VASCO Smart Card Reader Plug-In (User)  
Visual Studio 2012 x64 Redistributables  
Visual Studio 2012 x86 Redistributables  
VLC media player  
WinRAR 5.11 (64-bit)  

==== Running Processes ======================

C:\Users\Charlie\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\s9eofe9f.default\searchplugins\avg-secure-search.xml not found

==== System Specs ======================

Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 16362 MB
CPU Info: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
CPU Speed: 2015,3 MHz
Sound Card: Not detected
Display Adapters: | RDP Encoder Mirror Driver
Monitors: 1x; 
Screen Resolution: 1400 X 1050 - 32 bit
Network: Network Present
Network Adapters: JMicron PCI Express Gigabit Ethernet Adapter
CD / DVD Drives: 1x (E: | ) E: HL-DT-STBDDVDRW CT30N
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 13 Button Wheel Mouse Present
Hard Disks: C:  698,6GB | D:  698,6GB
Hard Disks - Free: C:  212,7GB | D:  214,8GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 08/09/11 | ALASKA - 1072009
Time Zone: Romance (standaardtijd)
Motherboard *: CLEVO                             P170HMx
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

AV: Avast Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
Default Browser: Firefox	47.0
Internet Explorer Version: 11.0.9600.17126 
Mozilla Firefox version: 47.0 (x86 nl)
Adobe Reader version: 15.17.20050.192152
Sun Java version: 1.8.0_101 (32-bit) 
Sun Java version: 1.8.0_101 (64-bit) 
Flash Player version: 22.0.0.209
Shockwave Player version: 12.2.3r183

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-11-03 16:42:58	0C1AF67FA744891C8388228909B37E42	53208	----a-w-	C:\Windows\avastSS.scr
2016-08-03 17:15:40	8856B9BA680B32400288AB3D5818DEAD	32200	----a-w-	C:\Windows\atiogl.xml
====== C:\Users\Charlie\AppData\Local\Temp ====
2016-11-03 16:50:13	BBC3BCAD0B8B57A63CE83B77EBC48F4C	59757792	----a-w-	C:\Users\Charlie\AppData\Local\Temp\playstv_patch.exe
2016-11-03 16:49:11	60D88EE4E5CC036ABA3B2AE402C458FA	59386024	----a-w-	C:\Users\Charlie\AppData\Local\Temp\raptrpatch.exe
2016-11-03 16:49:08	222F76D913947F1991D2DE68DF526209	221632	----a-w-	C:\Users\Charlie\AppData\Local\Temp\raptr_stub.exe
2016-11-03 15:45:33	322AE63A8E640B1CB92C90F4E924195F	65536	----a-w-	C:\Users\Charlie\AppData\Local\Temp\ddu.exe
2016-11-03 15:45:32	DA5F0B0AAF3262D93661465726E9FE24	1115136	----a-w-	C:\Users\Charlie\AppData\Local\Temp\AMDCleanupUtility.exe
2016-11-03 15:45:32	C332DB81197E6E5D4A67D3789DBEB02A	1061376	----a-w-	C:\Users\Charlie\AppData\Local\Temp\msvcp80.dll
2016-11-03 15:45:32	60A6DE55AA50D57A01B7148B0A7EA139	516096	----a-w-	C:\Users\Charlie\AppData\Local\Temp\msvcm80.dll
2016-11-03 15:45:32	4D89F6191DB56CFA659388378F3DD688	796672	----a-w-	C:\Users\Charlie\AppData\Local\Temp\msvcr80.dll
2016-11-03 15:45:32	246A3EE2B5B6647D2A26A56528401296	232960	----a-w-	C:\Users\Charlie\AppData\Local\Temp\Cleanup.dll
2016-11-03 01:13:49	CE93E7959F8D52537025606C2AD38EDF	33992	----a-w-	C:\Users\Charlie\AppData\Local\Temp\atdcm64a.sys
====== Java Cache =====
2016-07-07 18:01:08	8251A7E296FFAE95BD2B818914111280	38	----a-w-	C:\Users\Charlie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\622dff1b-c38d3f5abd7e31f54aec16b0cc5138a4a90273c59c4aea9ad33ba082f7fe4c99-6.0.lap
2016-07-07 18:01:11	215F50F8CB678DFA9E837E14B1D637F6	9328	----a-w-	C:\Users\Charlie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27\7106b59b-2c19b12e
2016-11-03 16:04:47	31E4BBBEB928589CA5EC34CDAFF80F4F	554	----a-w-	C:\Users\Charlie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\54281e60-250553ff
2016-08-06 15:25:11	4F85459CEC4F78A3987FFFD5B6A816C5	605	----a-w-	C:\Users\Charlie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-6ae9713e
2016-08-06 15:25:11	FB89CA06CA610DDDAB1F70D63BFBA798	429	----a-w-	C:\Users\Charlie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap
2016-08-06 15:25:11	33E6A7F07217C4DAFA9AA4E7714A0CCA	8513	----a-w-	C:\Users\Charlie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-5cb4be1d
2016-08-06 15:25:18	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Charlie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-5a1fe46b
====== C:\Windows\SysWOW64 =====
2016-11-01 13:43:43	8A4CEBF34370D689E198E6673C1F2C40	74072	----a-w-	C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-11-01 13:43:43	81DFDDFB401D663BA7E6AD1C80364216	527192	----a-w-	C:\Windows\SysWOW64\XAudio2_7.dll
2016-11-01 13:43:43	4FD7BCB9D8AF6A165E9BA0C2EB702E7C	239960	----a-w-	C:\Windows\SysWOW64\xactengine3_7.dll
2016-11-01 13:43:43	1C9B45E87528B8BB8CFA884EA0099A85	2106216	----a-w-	C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-11-01 13:43:42	8E0BB968FF41D80E5F2C747C04DB79AE	248672	----a-w-	C:\Windows\SysWOW64\d3dx11_43.dll
2016-11-01 13:43:42	86E39E9161C3D930D93822F1563C280D	1998168	----a-w-	C:\Windows\SysWOW64\D3DX9_43.dll
2016-11-01 13:43:42	83EBA442F07AAB8D6375D2EEC945C46C	1868128	----a-w-	C:\Windows\SysWOW64\d3dcsx_43.dll
2016-11-01 13:43:42	797E24743937D67D69F28F2CF5052EE8	2414360	----a-w-	C:\Windows\SysWOW64\d3dx9_31.dll
2016-11-01 13:43:42	20C835843FCEC4DEDFCD7BFFA3B91641	470880	----a-w-	C:\Windows\SysWOW64\d3dx10_43.dll
2016-08-03 17:15:41	E966F754D583302A655E40EEE3DDDE93	1923584	----a-w-	C:\Windows\SysWOW64\atiumdmv.dll
2016-08-03 17:15:41	D0B97A43C86BB56297491ECC1D6B2625	989600	----a-w-	C:\Windows\SysWOW64\atiumdva.cap
2016-08-03 17:15:41	A43F68D39403926B925D8238F956F530	31232	----a-w-	C:\Windows\SysWOW64\atiuxpag.dll
2016-08-03 17:15:41	75FCA6334DD97B196D269C10AA7F8ABB	4056576	----a-w-	C:\Windows\SysWOW64\atiumdva.dll
2016-08-03 17:15:41	04A518F86D66E856FEB554B924749FCC	4286464	----a-w-	C:\Windows\SysWOW64\atiumdag.dll
2016-08-03 17:15:40	FD923C3FAEF684061F4EEC048F3AC6BF	44032	----a-w-	C:\Windows\SysWOW64\aticalcl.dll
2016-08-03 17:15:40	F90E6D9039175F65DDBBA43582F94AD0	52736	----a-w-	C:\Windows\SysWOW64\atimpc32.dll
2016-08-03 17:15:40	F90E6D9039175F65DDBBA43582F94AD0	52736	----a-w-	C:\Windows\SysWOW64\amdpcom32.dll
2016-08-03 17:15:40	F83545109A656BAD61B8817CEBF1896E	17693184	----a-w-	C:\Windows\SysWOW64\atioglxx.dll
2016-08-03 17:15:40	E71CABEF4FF9AC88F727A9F13128ED2C	46080	----a-w-	C:\Windows\SysWOW64\aticalrt.dll
2016-08-03 17:15:40	CF0CF87FDA9A64E1EE3EAD69969F1868	3929	----a-w-	C:\Windows\SysWOW64\atipblag.dat
2016-08-03 17:15:40	BFDBA94AFDC117D0767863ECAABBDAC1	32768	----a-w-	C:\Windows\SysWOW64\atigktxx.dll
2016-08-03 17:15:40	9F4CE6ACF73FC5B2E0C5025EB52F547C	29184	----a-w-	C:\Windows\SysWOW64\atiu9pag.dll
2016-08-03 17:15:40	84833A860BB0754D5AE48C22134C6260	356352	----a-w-	C:\Windows\SysWOW64\atipdlxx.dll
2016-08-03 17:15:40	4DF1CD37F2BCD69DA23CAB5DFE1A6317	43520	----a-w-	C:\Windows\SysWOW64\ati2edxx.dll
2016-08-03 17:15:40	47164A8FF5856CB490760BDA53EB4119	4161536	----a-w-	C:\Windows\SysWOW64\atidxx32.dll
2016-08-03 17:15:40	3C7B7077FB810434500F64327F01E273	262144	----a-w-	C:\Windows\SysWOW64\atiadlxy.dll
2016-08-03 17:15:40	2F5A6145DF867BBB48B97732A9482D1A	12800	----a-w-	C:\Windows\SysWOW64\atiglpxx.dll
2016-08-03 17:15:40	0E4F5F276AC0DD50233FC4074CF30F8C	676864	----a-w-	C:\Windows\SysWOW64\aticfx32.dll
2016-08-03 17:15:40	0195816C4BB52F4F2F5F9F7E77263CF0	6389760	----a-w-	C:\Windows\SysWOW64\aticaldd.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-11-03 16:43:12	6A4648D2E894B7919DD80F76B82375E6	391496	----a-w-	C:\Windows\Sysnative\aswBoot.exe
2016-11-01 13:43:43	E9739AE8B2FA28DCD6F2EF5525DA8827	77656	----a-w-	C:\Windows\Sysnative\XAPOFX1_5.dll
2016-11-01 13:43:43	BDEC09A032DB44D9CDB3A0D97224D64E	176984	----a-w-	C:\Windows\Sysnative\xactengine3_7.dll
2016-11-01 13:43:43	ADA0C39D4EACDC81FD84163A95D62079	2526056	----a-w-	C:\Windows\Sysnative\D3DCompiler_43.dll
2016-11-01 13:43:43	4F7513FF4DE6303088DB28DCBCEF372C	518488	----a-w-	C:\Windows\Sysnative\XAudio2_7.dll
2016-11-01 13:43:42	FAAA0BB9CD2905B25334132E5BA093EB	3977496	----a-w-	C:\Windows\Sysnative\d3dx9_31.dll
2016-11-01 13:43:42	AD7FA9485059F4DC53C98B49CAB13F0B	511328	----a-w-	C:\Windows\Sysnative\d3dx10_43.dll
2016-11-01 13:43:42	9D6429F410597750B2DC2579B2347303	276832	----a-w-	C:\Windows\Sysnative\d3dx11_43.dll
2016-11-01 13:43:42	7160FC226391C0B50C85571FA1A546E5	2401112	----a-w-	C:\Windows\Sysnative\D3DX9_43.dll
2016-11-01 13:43:42	5F1DA86286A2DFB01C4FED55C2DD1D61	1907552	----a-w-	C:\Windows\Sysnative\d3dcsx_43.dll
2016-08-03 17:15:41	C42627669E5307F923FA416BC1156F1B	40960	----a-w-	C:\Windows\Sysnative\atiuxp64.dll
2016-08-03 17:15:41	C016E5936908931F92401C8847A408FF	1222656	----a-w-	C:\Windows\Sysnative\atiumd6v.dll
2016-08-03 17:15:41	A5C6C1DFBE8D41C8DA62727B7E4C1B9A	58880	----a-w-	C:\Windows\Sysnative\coinst.dll
2016-08-03 17:15:40	F87BEBB188F9130EFB5FD58002DDFD1E	51200	----a-w-	C:\Windows\Sysnative\aticalrt64.dll
2016-08-03 17:15:40	EA61EC62B70FAF09468E53E598ABAC63	423424	----a-w-	C:\Windows\Sysnative\atipdl64.dll
2016-08-03 17:15:40	D8F88E5FDE04273F2FA64857990B970D	462848	----a-w-	C:\Windows\Sysnative\ATIDEMGX.dll
2016-08-03 17:15:40	D0B97A43C86BB56297491ECC1D6B2625	989600	----a-w-	C:\Windows\Sysnative\atiumd6a.cap
2016-08-03 17:15:40	CF0CF87FDA9A64E1EE3EAD69969F1868	3929	----a-w-	C:\Windows\Sysnative\atipblag.dat
2016-08-03 17:15:40	CBAC31CAC13BE9E20931289A4ADD7434	53760	----a-w-	C:\Windows\Sysnative\atimpc64.dll
2016-08-03 17:15:40	CBAC31CAC13BE9E20931289A4ADD7434	53760	----a-w-	C:\Windows\Sysnative\amdpcom64.dll
2016-08-03 17:15:40	BA43D5553AB01E74DB3220F5AD0A0DFF	38912	----a-w-	C:\Windows\Sysnative\atiu9p64.dll
2016-08-03 17:15:40	A6D6FAFBCB66F89969065DE9A55C91B8	120320	----a-w-	C:\Windows\Sysnative\atitmm64.dll
2016-08-03 17:15:40	A6BAAA6608A9B00220E9D5C023FC53D1	51200	----a-w-	C:\Windows\Sysnative\ATIODCLI.exe
2016-08-03 17:15:40	A57D0253F8DABF0B474FC129F86C245C	14848	----a-w-	C:\Windows\Sysnative\atig6pxx.dll
2016-08-03 17:15:40	A359974EAAC83A435497C52F62A2E590	203776	----a-w-	C:\Windows\Sysnative\atiesrxx.exe
2016-08-03 17:15:40	9D2112F3D3321CBAFB3EE460C1D78E62	366080	----a-w-	C:\Windows\Sysnative\atiadlxx.dll
2016-08-03 17:15:40	96360FF15946F676E8D3630798A3F896	3868672	----a-w-	C:\Windows\Sysnative\atiumd6a.dll
2016-08-03 17:15:40	861803E9EE221DAA2F80CAF9AE9485AD	5440000	----a-w-	C:\Windows\Sysnative\atiumd64.dll
2016-08-03 17:15:40	7C9F23E39F24E1A5B9583F5E99BB6060	233012	----a-w-	C:\Windows\Sysnative\atiicdxx.dat
2016-08-03 17:15:40	749584902AE80A53EFDA4F8FA03E1713	118784	----a-w-	C:\Windows\Sysnative\atibtmon.exe
2016-08-03 17:15:40	6E570050E6CF5D6F6DC1C1EEF9BB3949	151552	----a-w-	C:\Windows\Sysnative\atiapfxx.exe
2016-08-03 17:15:40	4EFC5F29CA5CF912C09BD5586468A945	480256	----a-w-	C:\Windows\Sysnative\atieclxx.exe
2016-08-03 17:15:40	4B9226E19E2D19C03477BF8CFE9583D8	795648	----a-w-	C:\Windows\Sysnative\aticfx64.dll
2016-08-03 17:15:40	46EBB2A81F9030FABE5A8C970E4C489B	44544	----a-w-	C:\Windows\Sysnative\aticalcl64.dll
2016-08-03 17:15:40	463FFBD3350E3EB57F7D5746EBD233CA	332800	----a-w-	C:\Windows\Sysnative\ATIODE.exe
2016-08-03 17:15:40	4354D3FCA67D685CFA39FDD0A3DF108B	39936	----a-w-	C:\Windows\Sysnative\atig6txx.dll
2016-08-03 17:15:40	399A9A3E61130451E462719CC76FBE8E	59392	----a-w-	C:\Windows\Sysnative\atiedu64.dll
2016-08-03 17:15:40	2F5A6145DF867BBB48B97732A9482D1A	12800	----a-w-	C:\Windows\Sysnative\atiglpxx.dll
2016-08-03 17:15:40	2217F68D3AFBE5ACE37F2CF952A141C8	22900736	----a-w-	C:\Windows\Sysnative\atio6axx.dll
2016-08-03 17:15:40	1B9AB24698B1941CC00F2A2E5C14AF1E	165296	----a-w-	C:\Windows\Sysnative\atiapfxx.blb
2016-08-03 17:15:40	18D719D4351FB06EDBB59577C04AF52A	4951552	----a-w-	C:\Windows\Sysnative\atidxx64.dll
2016-08-03 17:15:40	1385AEA49EDE300E54128053F5E420CA	16384	----a-w-	C:\Windows\Sysnative\atimuixx.dll
2016-08-03 17:15:40	0875FBCE2FB8ED7C32E0817EE4833073	7768064	----a-w-	C:\Windows\Sysnative\aticaldd64.dll
====== C:\Windows\Sysnative\drivers =====
2016-08-03 17:15:41	4BF5BCA6E2608CD8A00BC4A6673A9F47	115216	----a-w-	C:\Windows\Sysnative\drivers\AtihdW76.sys
2016-08-03 17:15:40	F713C30A9F5EBF1B9691140784A52465	53248	----a-w-	C:\Windows\Sysnative\drivers\ati2erec.dll
2016-08-03 17:15:40	6B4E9261B613B047A9A145F328889968	306176	----a-w-	C:\Windows\Sysnative\drivers\atikmpag.sys
2016-08-03 17:15:40	60216B0E704584DE6D5A9F59E9C34C47	9319936	----a-w-	C:\Windows\Sysnative\drivers\atikmdag.sys
====== C:\Windows\Tasks ======
2016-07-20 19:35:15	0D1051F4C3DE4C06BA95440BFD57F46F	4020	----a-w-	C:\Windows\Sysnative\Tasks\Stoppen om 21 u
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-11-01 13:42:02	--------	d-----w-	C:\Program Files\Futuremark
2016-08-04 15:13:50	--------	d-----w-	C:\Program Files\trend micro
2016-08-03 17:23:27	--------	d-----w-	C:\Program Files\ATI
2016-08-03 17:22:40	--------	d-----w-	C:\Program Files\ATI Technologies
======= C:\PROGRA~2 =====
2016-11-03 16:49:28	--------	d-----w-	C:\PROGRA~2\Raptr Inc
2016-11-01 13:45:21	--------	d-----w-	C:\PROGRA~2\Unigine
2016-11-01 13:43:40	--------	d-----w-	C:\PROGRA~2\Futuremark
2016-11-01 13:36:44	--------	d-----w-	C:\PROGRA~2\Geeks3D
2016-08-06 15:23:05	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2016-08-03 17:24:24	--------	d-----w-	C:\PROGRA~2\AMD APP
2016-08-03 17:23:36	--------	d-----w-	C:\PROGRA~2\ATI Technologies
======= C: =====
====== C:\Users\Charlie\AppData\Roaming ======
2016-11-03 16:50:34	--------	d-----w-	C:\Users\Charlie\AppData\Roaming\PlaysTV
2016-11-01 13:45:35	683340C1C3BA510986FB000E8F315A57	1065984	----a-w-	C:\Users\Charlie\AppData\Local\file__0.localstorage
2016-11-01 13:43:50	--------	d-----w-	C:\Users\Charlie\AppData\Local\Futuremark
2016-08-06 14:47:24	--------	d-----w-	C:\Users\Charlie\AppData\Local\ElevatedDiagnostics
2016-08-03 16:27:08	--------	d-----w-	C:\Users\Charlie\AppData\Roaming\ATI
2016-08-03 16:27:08	--------	d-----w-	C:\Users\Charlie\AppData\Local\ATI
====== C:\Users\Charlie ======
2016-11-03 16:50:56	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-11-03 16:13:23	8C2CD32501FF69EF33E6D65F1C7F6AB7	300906040	----a-w-	C:\Users\Charlie\Desktop\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe
2016-11-01 13:46:08	--------	d-----w-	C:\Users\Charlie\Heaven
2016-11-01 13:45:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2016-11-01 13:36:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2016-08-06 15:20:13	0AF64B59269F6F5C7DF5B97DF8C0E0AB	739904	----a-w-	C:\Users\Charlie\Downloads\JavaSetup8u101.exe
2016-08-04 15:17:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Charlie\Desktop\RSITx64.exe
2016-08-03 17:24:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2016-08-03 16:11:59	2B23336D940231EE3D4E84CB56EF9324	6737632	----a-w-	C:\Users\Charlie\Downloads\amdcleanuputility.exe

====== C: exe-files ==
2016-11-03 16:50:51	F06C878D6CFB53D5A2AB62E44C3E0F5F	63882	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\uninstall.exe
2016-11-03 16:50:13	EFBF4F172A86FF840867B35E944A063C	61362	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\uninstall.exe
2016-11-03 16:50:13	BBC3BCAD0B8B57A63CE83B77EBC48F4C	59757792	----a-w-	C:\Users\Charlie\AppData\Local\Temp\playstv_patch.exe
2016-11-03 16:49:11	60D88EE4E5CC036ABA3B2AE402C458FA	59386024	----a-w-	C:\Users\Charlie\AppData\Local\Temp\raptrpatch.exe
2016-11-03 16:49:08	222F76D913947F1991D2DE68DF526209	221632	----a-w-	C:\Users\Charlie\AppData\Local\Temp\raptr_stub.exe
2016-11-03 16:13:23	8C2CD32501FF69EF33E6D65F1C7F6AB7	300906040	----a-w-	C:\Users\Charlie\Desktop\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe
2016-11-03 15:45:33	322AE63A8E640B1CB92C90F4E924195F	65536	----a-w-	C:\Users\Charlie\AppData\Local\Temp\ddu.exe
2016-11-03 15:45:32	DA5F0B0AAF3262D93661465726E9FE24	1115136	----a-w-	C:\Users\Charlie\AppData\Local\Temp\AMDCleanupUtility.exe
2016-11-03 15:45:26	2B23336D940231EE3D4E84CB56EF9324	6737632	----a-w-	C:\Users\Charlie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7P7PNE0\amdcleanuputility.exe
2016-11-01 13:45:25	A99E8EFAED785A4F56CD559C69900769	29184	----a-w-	C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\bin\Heaven.exe
2016-11-01 13:45:25	11B3E5B658E0DBFE7209ADB6A69A8DB8	64512	----a-w-	C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\bin\browser_x86.exe
2016-11-01 13:45:21	5E052857D4B17D9E9177382D067DCC98	1234371	----a-w-	C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\unins000.exe
2016-11-01 13:41:36	5D8A767EC277AA29ADB517E5C4A5752D	719521	----a-w-	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\unins000.exe
2016-11-01 13:36:45	683C7A8A3240F53976EF67219D43505B	503808	----a-w-	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\gpushark.exe
2016-11-01 13:36:45	513D1606FD1216CBE56FB1E2DC8D38A2	1809192	----a-w-	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\gpuz.exe
2016-11-01 13:36:44	8A2A6B3AAAA5B6162C6085EDAC54D5F2	90112	----a-w-	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\cpuburner.exe
2016-11-01 13:36:44	01D32EB253D5DC3D33C508397B2A4EF8	3305984	----a-w-	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\FurMark.exe
2016-11-01 13:36:18	06D1F2BD3018BFDF91945F573ECA7682	5503236	----a-w-	C:\Users\Charlie\Pictures\G\FurMark_1.17.0.0_Setup.exe
2016-11-01 13:33:51	907FCEC26BF1B0DA2F2403A8D4109A3B	13635384	----a-w-	C:\Users\Charlie\Pictures\G\setup.exe
2016-08-06 15:22:32	F8211DB97BF852C3292C3E9C710C19D9	269888	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaws.exe
2016-08-06 15:22:32	F434A8AC7F1C8C0E2587B9A9F30E397B	52800	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssvagent.exe
2016-08-06 15:22:32	ED3F3D8E4C382BF8095B9DE217511E29	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\policytool.exe
2016-08-06 15:22:32	E9AA62B1696145A08D223E7190785E25	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\pack200.exe
2016-08-06 15:22:32	E3E51A21B00CDDE757E4247257AA7891	191040	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\java.exe
2016-08-06 15:22:32	CF2F023D2B5F0BFB2ECF8AEEA7C51481	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\java-rmi.exe
2016-08-06 15:22:32	CA17B8CBD623477C5D1D334B79890225	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\klist.exe
2016-08-06 15:22:32	C2A59C7343D370BC57765896490331E5	70208	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe
2016-08-06 15:22:32	C15F0FE651B05F4288CBC3672F6DC3CE	159296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\unpack200.exe
2016-08-06 15:22:32	B4AD335E868693F009B7644E2ED555C1	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\ktab.exe
2016-08-06 15:22:32	9A4CF09834F086568DF469E3F670BF07	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\keytool.exe
2016-08-06 15:22:32	7DA6AA3CC4763C6F9C20B43E6C9A9547	16448	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\orbd.exe
2016-08-06 15:22:32	7624A9B769CDCF3A75FE5A9FEAADD61F	16448	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\tnameserv.exe
2016-08-06 15:22:32	5F85F7F2DFAC397D642834B61809240F	82496	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2launcher.exe
2016-08-06 15:22:32	530D5597E565654D378F3C87654CCABA	30784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\jabswitch.exe
2016-08-06 15:22:32	4F11D43AA2215CE771DA528878F01C8E	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\jjs.exe
2016-08-06 15:22:32	4DE6BFE6EA98BC42A5358ED8307107B2	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\kinit.exe
2016-08-06 15:22:32	48C96771106DBDD5D42BBA3772E4B414	191552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\javaw.exe
2016-08-06 15:22:32	43C1D1D0E248604CB3B643C0BDF4EC9A	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\servertool.exe
2016-08-06 15:22:32	31C0CED43A07A2DFF3AFC557EBABBE0F	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\rmiregistry.exe
2016-08-06 15:22:32	12B6E1C3205A8B17AC20E00A889DFC43	15936	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\bin\rmid.exe
2016-08-06 15:20:13	0AF64B59269F6F5C7DF5B97DF8C0E0AB	739904	----a-w-	C:\Users\Charlie\Downloads\JavaSetup8u101.exe
2016-08-04 15:17:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Charlie\Desktop\RSITx64.exe
2016-08-04 15:13:50	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Charlie.exe
2016-08-03 17:24:24	6E42CF0D47AF25DEA4CECDBE093D521C	10134	----a-r-	C:\Users\Charlie\AppData\Roaming\Microsoft\Installer\{A02153E8-8DF8-42E6-B7BF-D88EEA33565F}\ARPPRODUCTICON.exe
2016-08-03 17:15:41	196CA289CD3E36AD53C9F4A577106B87	416272	----a-w-	C:\Users\Charlie\Downloads\XTX\Setup.exe
2016-08-03 17:15:40	006F8A615020A4A17F5E63801485DF46	78152	----a-w-	C:\Users\Charlie\Downloads\XTX\Packages\Apps\VC10RTx86\vcredist_x86\Setup.exe
2016-08-03 17:15:39	006F8A615020A4A17F5E63801485DF46	78152	----a-w-	C:\Users\Charlie\Downloads\XTX\Packages\Apps\VC10RTx64\vcredist_x64\Setup.exe
2016-08-03 17:15:37	F58C8EFC00403B78FD527440147D3EAF	423952	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin64\ATISetup.exe
2016-08-03 17:15:37	E0872616E7E706C20F5A3C27A5BF9404	330256	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin\ATISetup.exe
2016-08-03 17:15:37	D27605573DB7AED3A6E3164135B6DB06	5353984	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin64\InstallManagerApp.exe
2016-08-03 17:15:37	9B6E8310ABEE6937DF2E03DC5FBDF8E0	4612096	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin\InstallManagerApp.exe
2016-08-03 17:15:37	944E76C72F2C16EAEEFBEDE8D43BCF49	416272	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin\Setup.exe
2016-08-03 17:15:37	5DC919F8CBDB1628B5DAACA5AA09CA9B	582672	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin64\Setup.exe
2016-08-03 16:46:34	630D75210B325A280C3352F879297ED5	5718872	----a-w-	C:\Users\Charlie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CIJZIZRU\vcredist_x64.exe
2016-08-03 16:11:59	2B23336D940231EE3D4E84CB56EF9324	6737632	----a-w-	C:\Users\Charlie\Downloads\amdcleanuputility.exe
2016-08-02 20:39:12	DED60327DE6DEE352865ECE78AA12EF7	50448	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\upload_logs.exe
2016-08-02 20:39:12	B5E2DD06AA45629277E683CFEA71E6B1	4214544	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\vcredist_x86.exe
2016-08-02 20:39:12	9DE2E1E044E8F24A3077B84113CB260E	46352	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
2016-08-02 20:39:12	30D98A8B5CC558CEA6A5A01A096B9CA9	58640	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
2016-08-02 20:39:10	B91C1FA5E307B3ACB4BBE6E77B1190A8	1028880	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\raptr_encoder_server-114887.exe
2016-08-02 20:39:10	4082C62BAD9C0D76A2E5D2009B81E782	47376	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\f2p_ping.exe
2016-08-02 20:39:10	271EFD4BF87CA07EC0C826268026C27C	1107216	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\raptr_encoder_server64-114887.exe
2016-08-02 20:39:10	0B95F777143A114069F4D06BA605B620	66320	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
2016-08-02 20:24:00	9DF2A29B22989E0E766AA32DD10B1001	4214544	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\vcredist_x86.exe
2016-08-02 20:23:58	FE85813E3E6DC79515AAD051830FC863	1107216	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_encoder_server64-114887.exe
2016-08-02 20:23:58	B63CE58BF0BA2D5B391C3A1B0C88D032	74512	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
2016-08-02 20:23:58	7159835A2B5925A9D774B183A6978115	32528	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
2016-08-02 20:23:58	4D513C28CD37C533224DE0EB89149AE3	61200	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\upload_logs.exe
2016-08-02 20:23:58	3F9D9BE7EFED2DC22C3A7A136D20D3F0	71440	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
2016-08-02 20:23:56	93D3C953E61632817C4D7FE0D0D451ED	1029392	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_encoder_server-114887.exe
2016-08-02 20:23:56	33EA5FEF227A0B13734B39407725CDF7	58640	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\f2p_ping.exe
2016-08-02 20:23:42	AB5501A7299BBFC7EEFB97288FB3449A	169216	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
2016-08-02 20:23:34	9FFB9916CF3F04AA86BE7A034CE0277D	169224	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
=== C: other files ==
2016-11-03 16:55:03	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Charlie\AppData\Roaming\Raptr\data\raptrguestmksy0klv\config\certificates\x509\tls_peers\xmpp-server8.raptr.com
2016-11-03 01:13:49	CE93E7959F8D52537025606C2AD38EDF	33992	----a-w-	C:\Users\Charlie\AppData\Local\Temp\atdcm64a.sys
2016-11-01 13:45:27	0420430D8217A75D6E1224DFA9287547	83	----a-w-	C:\Program Files (x86)\Unigine\Heaven Benchmark 4.0\heaven.bat
2016-11-01 13:36:45	C18248628C327C1322C45E11AA78020B	56	----a-w-	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\gpushark.bat
2016-11-01 13:36:45	84956631BAE2B3A5975CBF0211F58115	234	----a-w-	C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark\start.bat
2016-11-01 13:32:01	3A1ED9152D44264B0065590211EE70ED	271860249	----a-w-	C:\Users\Charlie\Pictures\G\3DMark11-v1-0-132-[Guru3D.com].zip
2016-08-06 15:46:11	7E00F111D6D1135BCF5BC62A8D548336	4867	----a-w-	C:\Users\Charlie\AppData\Local\Temp\xpi\tmp.zip
2016-08-06 15:22:32	91052ADB799AEF68EA76931997C40CE4	14156	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_101\lib\deploy\ffjcext.zip
2016-08-03 17:21:51	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Charlie\AppData\Roaming\Raptr\data\raptrguestmksy0klv\config\certificates\x509\tls_peers\xmpp-server5.raptr.com
2016-08-03 17:15:41	95B1E9804CA10D096C0383F7C6684950	101392	----a-w-	C:\Users\Charlie\Downloads\XTX\Packages\Drivers\WDM\HDMI\W7\AtihdW73.sys
2016-08-03 17:15:41	5D6566D19FCCAF8A10D46B6C479227A9	111120	----a-w-	C:\Users\Charlie\Downloads\XTX\Packages\Drivers\WDM\HDMI\LH64a\AtihdLH6.sys
2016-08-03 17:15:41	4BF5BCA6E2608CD8A00BC4A6673A9F47	115216	----a-w-	C:\Windows\System32\drivers\AtihdW76.sys
2016-08-03 17:15:41	4BF5BCA6E2608CD8A00BC4A6673A9F47	115216	----a-w-	C:\Users\Charlie\Downloads\XTX\Packages\Drivers\WDM\HDMI\W764a\AtihdW76.sys
2016-08-03 17:15:41	0C3C2E9136397E1AAA9033DCAE25CED2	97296	----a-w-	C:\Users\Charlie\Downloads\XTX\Packages\Drivers\WDM\HDMI\LH\AtihdLH3.sys
2016-08-03 17:15:40	6B4E9261B613B047A9A145F328889968	306176	----a-w-	C:\Windows\System32\drivers\atikmpag.sys
2016-08-03 17:15:40	60216B0E704584DE6D5A9F59E9C34C47	9319936	----a-w-	C:\Windows\System32\drivers\atikmdag.sys
2016-08-03 17:15:37	BFE65371C5207FD1C47EDFA7E34D2E61	23440	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin\atidcmxx.sys
2016-08-03 17:15:37	48A174AD25C6EC3DC94AE81639A2C9E1	26640	----a-w-	C:\Users\Charlie\Downloads\XTX\Bin64\atdcm64a.sys
2016-08-03 17:12:58	41767F2DAC716B367BD4D9FA6A59DA97	162613600	----a-w-	C:\Users\Charlie\Downloads\HD6990M.zip
2016-08-03 16:27:08	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Charlie\AppData\Roaming\Raptr\data\raptrguestmksy0klv\config\certificates\x509\tls_peers\xmpp-server2.raptr.com
2016-08-03 16:16:13	B5BBC86645A135B13E6B41C5B0E7DE2D	1217	----a-w-	C:\Users\Charlie\AppData\Roaming\Raptr\data\raptrguestmksy0klv\config\certificates\x509\tls_peers\xmpp-server4.raptr.com
2016-08-02 20:39:04	73767BF17292900E740498E88FB03866	10815054	----a-w-	C:\Program Files (x86)\Raptr Inc\Raptr\library.zip
2016-08-02 20:23:54	5CB7A3A44C9D2F635C108388F9ACC691	11915226	----a-w-	C:\Program Files (x86)\Raptr Inc\PlaysTV\library.zip

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3286806498-1252364628-237332688-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe /r"
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"PlaysTV"="C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe --startup"
"Raptr"="C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THXCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Cm106Sound"="C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"UpdReg"="C:\\Windows\\UpdReg.EXE"
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Raptr]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Raptr"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Raptr\\raptrstub.exe\" --startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SUPERAntiSpyware"
"hkey"="HKCU"
"command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"


==== Startup Folders ======================

2014-04-30 19:17:36	865	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/07/2016 21:54]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe]
"C:\Windows\SysNative\tasks\Java Platform SE Auto Updater" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\SafeZone scheduled Autoupdate 1458682025" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe]
"C:\Windows\SysNative\tasks\Stoppen om 21 u" [C:\Users\Charlie\Documents\Old-alarm-clock-ringing.mp3]
"C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\s9eofe9f.default
user_pref("browser.startup.homepage", "https://www.google.com/?trackid=sp-006");
user_pref("browser.search.defaulturl", "https://www.google.com/search?trackid=sp-006");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "https://www.google.com/search?trackid=sp-006");

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\s9eofe9f.default
user_pref("network.proxy.type", 1);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03/11/2016 18:43]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03/11/2016 18:43]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\s9eofe9f.default
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\s9eofe9f.default
C788C801C5FAE1BEC62C7D2F1BBC9255	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll -	Shockwave for Director / Shockwave for Director
62D98B286C805E193568037B70D936D2	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll -	Shockwave Flash
CAF78E18A9E1380A0A38065B3B1210E0	- C:\Users\Charlie\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin
1CDD28B47D8198F868349BDFBCD1281B	- C:\Users\Charlie\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll -	VASCO Card Reader Plugin


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?bcutc=sp-006"
"Search Page"="https://www.google.com/search?bcutc=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?bcutc=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?bcutc=sp-006"
"Search Bar"="https://www.google.com/?bcutc=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?bcutc=sp-006"
"Search Bar"="https://www.google.com/?bcutc=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.com/?bcutc=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKCU\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
HKCU\SearchScopes\8BE25BBE9BC84833882C40DD10ED8E2E - https://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{B45A9CA8-CF61-4EB5-BDA3-FF65A8CE6F9A} - http://www.bing.com/search?FORM=U220DF&PC=U220&q={searchTerms}&src=IE-SearchBox
HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?bcutc=sp-006&q={searchTerms}

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: DownloadHelper Class - {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} - C:\Program Files (x86)\Common Files\Download Helper\DownloadHelper.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} - http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Charlie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Charlie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Charlie\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Charlie\AppData\Local\Mozilla\Firefox\Profiles\s9eofe9f.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=72 folders=50 260199941 bytes)

==== Empty Temp Folders ======================

C:\Users\Charlie\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Charlie\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 06/08/2016 at 20:22:45,32 ======================