
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Rita Vanrunxt on vr 27/05/2016 at 12:09:06,41.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rita Vanrunxt\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

27/05/2016 12:12:16 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\ClearfiCopyHook {ED32C084-BABB-11E1-B491-D4D66088709B} C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~3\Comms deleted successfully
C:\Users\Rita Vanrunxt\AppData\Local\ActiveSync deleted successfully
C:\Users\Rita Vanrunxt\AppData\Local\NetworkTiles deleted successfully
C:\Users\ritatjevanrunxt\AppData\Local\ActiveSync deleted successfully
C:\Users\ritatjevanrunxt\AppData\Local\EmieSiteList deleted successfully
C:\Users\ritatjevanrunxt\AppData\Local\EmieUserList deleted successfully
C:\Users\ritatjevanrunxt\AppData\Local\NetworkTiles deleted successfully
C:\Users\ritatjevanrunxt\AppData\Local\PackageStaging deleted successfully
C:\Users\ritatjevanrunxt\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

abDocs  
abDocs Office AddIn  
abFiles  
abMusic  
abPhoto  
Acer Care Center  
Acer Explorer Agent  
Acer Launch Manager  
Acer Portal  
Acer Power Management  
Acer Quick Access  
Acer User Experience Improvement Program App Monitor Plugin  
Acer User Experience Improvement Program Framework  
Acer Video Player  
Ad-Aware Antivirus  
AdAwareInstaller  
AdAwareUpdater  
All Family Games  
Aloha TriPeaks  
AntimalwareEngine  
AntispamEngine  
AOP Framework  
AvcEngine  
Bejeweled 2 Deluxe  
CyberLink PhotoDirector 3  
CyberLink PowerDirector 10  
EPSON XP-215 217 Series Printer Uninstall  
Farm to Fork Collector's Edition  
FirewallEngine  
Foxit PhantomPDF  
Game Explorer Categories - genres  
Game Explorer Categories - main  
Google Chrome  
Google Update Helper  
Governor of Poker 2 Premium Edition  
Intel(R) Control Center  
Intel(R) Processor Graphics  
Intel(R) Trusted Execution Engine  
Intel(R) Trusted Execution Engine Driver  
Jewel Match 3  
Kaspersky Anti-Virus  
King Oddball  
LUXOR Evolved  
Magic Academy  
Malwarebytes Anti-Malware versie 2.2.1.1043  
Microsoft Office 365 - nl-nl  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148  
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319  
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030  
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030  
More Games from WildTangent Games  
Office 16 Click-to-Run Extensibility Component  
Office 16 Click-to-Run Licensing Component  
Office 16 Click-to-Run Localization Component  
OnlineThreatsEngine  
Peggle Nights  
Plants vs. Zombies - Game of the Year  
Polar Bowler 1st Frame  
Qualcomm Atheros Bluetooth Suite (64)  
Qualcomm Atheros WLAN and Bluetooth Client Installation Program  
Realtek Card Reader  
Realtek Ethernet Controller Driver  
Realtek High Definition Audio Driver  
Spotify  
The Chronicles of Emerland Solitaire  
Trinklit Supreme  
Update Installer for WildTangent Games App  
Zuma's Revenge  

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\windows\SysNative\Tasks\Software Update Application deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\{69533018-33A8-4C46-869A-11AA2CDF4EDC} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\WINDOWS\Installer\a2cfd.msi" deleted
"C:\Windows\Installer\93745.msi" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-05-26 07:46:42	2617877C5761B8A696FD0368861EE6E4	4515256	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\RITAVA~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-05-26 07:49:52	15F732C297CE4B169D85214A96A16559	792064	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-26 07:49:42	22120EE8EC8AC405618FEA768071E267	19344384	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-26 07:49:32	52FEDEA32F2BBFCD3AAA83FD39852C1A	2061824	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-26 07:49:14	3A5C07D5517087143701DBEB749F0EF1	18676224	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-26 07:48:58	0561104CC8619EC5A53848F642434235	13018112	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-26 07:48:04	9CD20753821A4F28AA797B5C9A24050F	9918976	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2016-05-26 07:47:45	5D9BB3289D25FDEA1B2DD491C9771778	21123320	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-05-26 07:47:35	468AA89AF32BEE9D6B0ABBDF7C88CF20	5240960	----a-w-	C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-26 07:47:32	98DA2DE9A1AC739DF3750F7DABECC9CF	6295552	----a-w-	C:\WINDOWS\SysWOW64\mos.dll
2016-05-26 07:47:27	9F6F693FD7738B8DA4B420E46E973F35	2919832	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-26 07:47:25	5A77C7C30E117F60ACCEF43E2EA6841D	12125696	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-26 07:47:19	A404EA688829EF2657431CB34D0C72DF	5660160	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-26 07:47:15	85ED26DB17B3270944C344E0E5B7C34A	1542816	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-26 07:47:07	FB01CB67364FF3AA677F0CFD8C958E50	5324288	----a-w-	C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-26 07:46:57	3AEDE16F62921F443DDE37440C84B6F1	5205504	----a-w-	C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-26 07:46:38	FA6CCFE5305E3D276F06A104EAA83029	4759040	----a-w-	C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-26 07:46:33	692E62EA6039478321AE5D24A68E1FE2	4074160	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2016-05-26 07:46:31	80785EA474D952CC0CB2CF936E36DDE0	3666432	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-26 07:46:24	717DDEC1ABA5678EDC9F2AF1044BAA69	2000896	----a-w-	C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-26 07:46:00	2942FB92C23B77D3BD9D38117AF3663B	1557768	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-26 07:46:00	1D04327817511268754ED6F177DAD3E8	754176	----a-w-	C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-26 07:45:53	1F90253211F8E102D814F4DE4D550B85	1626624	----a-w-	C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-26 07:45:51	362C9AA8696C74CD38F1416FF866C25C	522176	----a-w-	C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-26 07:45:51	0188F4F7264EE585DE518FD02DDD9F79	711680	----a-w-	C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-26 07:45:49	2CE163D00A7DA251D77F7B39E267382B	925064	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-26 07:45:48	35E635469515D564CE418DDCC7B7BC96	1500160	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-26 07:45:47	32A696B0A48CCCCE5FC8E8E572FD4E90	434688	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-26 07:45:44	B6506139C8A4CE3BDD3B4EFDF63A87B5	348672	----a-w-	C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-26 07:45:44	03B7C4D05DB7FF060E49FA900FCE627E	451928	----a-w-	C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-26 07:45:43	E48F0A089D9BAE356BF14FE3A16B1147	489984	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-26 07:45:41	25E42F5C3FDE0E96BF3C16814DC7A688	1372304	----a-w-	C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-26 07:45:38	30E3DC9ED2C6641709AC961CB7CE72BB	647680	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2016-05-26 07:45:37	4AE45F3077E79A3E3B22996F80DA9E7A	354304	----a-w-	C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-26 07:45:34	3A1BD59AF5A0D20438D1E44FCF5EA4E8	349696	----a-w-	C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-26 07:45:31	4ECC2FAF9F29066636E06253C0D7FA06	503296	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-26 07:45:28	DFB54165665C7E369A59B273C91B90B0	800768	----a-w-	C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-26 07:45:26	D408D20295BA135DC1B9B181FADF78DD	255168	----a-w-	C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-26 07:45:26	318E2A6EC26C9703A5B273B015672660	388608	----a-w-	C:\WINDOWS\SysWOW64\schannel.dll
2016-05-26 07:45:24	CD36155EE56E94B4E8830FA90822511F	503296	----a-w-	C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-26 07:45:22	4B71644224F39A390B6DCC482B3D582A	639488	----a-w-	C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-26 07:45:22	1B26C71109A2EA27DD6684719BF493EC	188256	----a-w-	C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-26 07:45:21	89C74675E6DE7888153B1F6644772774	1536088	----a-w-	C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-26 07:45:19	122F8F0FAF690B88FBDE2DB097740AB6	569744	----a-w-	C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-26 07:45:15	10564E7A7EE807FF580E34A94ACF5590	1522152	----a-w-	C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-26 07:45:14	1587235261E629DFFAA0C39A72CAD1A6	667648	----a-w-	C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-26 07:45:11	8E8FBA400CD678AB46D46BB24921A051	342528	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-26 07:45:09	A825405D442EB9A2526468E16296DD58	513368	----a-w-	C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-26 07:45:08	9E6DBA611E99BE75589D6A358F54364F	137728	----a-w-	C:\WINDOWS\SysWOW64\shacct.dll
2016-05-26 07:45:06	E7BD4D15CDC5A1E162256CFADCA92344	1337240	----a-w-	C:\WINDOWS\SysWOW64\user32.dll
2016-05-26 07:45:04	525FC35182F9660E2A7DCC75607535DC	707608	----a-w-	C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-26 07:44:59	A1A9DDD5C6A335C0B97423A2F75C9299	453472	----a-w-	C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-26 07:44:59	30F680D95B0CCABE46C775672C912C0A	306832	----a-w-	C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-26 07:44:58	9F8A026A9643F89B4E451539A7AAC0C9	50176	----a-w-	C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-26 07:44:58	460CDD92C5283DCB9E35AF2B8DB7F200	461824	----a-w-	C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-26 07:44:57	5AEDC6D333BC8D8B1DE5928FCE2150DB	400896	----a-w-	C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-26 07:44:57	1159023FAA938BF54C7C033D2BC643BE	59904	----a-w-	C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-26 07:44:53	FAD56D0A789345614220D9B770DF400A	465760	----a-w-	C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-26 07:44:52	B91176A909798C7EAC28AB4FE786CA53	705536	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-26 07:44:50	25B0BAA64D6D62873FAA7719DB64015C	183904	----a-w-	C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-26 07:44:47	AB48B90C4DB88D2F31D1A6F460F76D29	241664	----a-w-	C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-26 07:44:45	9CAC58EBAFB3E32711920568810CDCD7	307200	----a-w-	C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-26 07:44:44	E9E7FA1FC796ADC16A1169736EFC7AF3	84480	----a-w-	C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-26 07:44:43	96101F3B90BDE894A862CDF1B808A03F	84832	----a-w-	C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-26 07:44:42	0D19695F93813C63B4656E42536892FA	47104	----a-w-	C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-26 07:44:41	DA97C8A8C517210E4ACA90E45C836E80	80896	----a-w-	C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-26 07:44:41	AA7CBB3B7A7BFC41E9EC4EF645797DFA	502104	----a-w-	C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-26 07:44:40	98DA8D97E83C73E7AD7A142A801E1898	2193408	----a-w-	C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-26 07:44:37	359765C7C700F7CED909A69C5DBBD943	140800	----a-w-	C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-26 07:44:36	89C06DA6E3B3C06F69E2CAFB3431CAF5	31232	----a-w-	C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-26 07:44:36	3166A46AA132AACD035C7163108F2DA1	103936	----a-w-	C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-26 07:44:35	F5814ED9E8B83F872FBDCB139B001C8A	23552	----a-w-	C:\WINDOWS\SysWOW64\wups.dll
2016-05-26 07:44:30	CD94405BB0A90B179E94BE23F4D2B79D	39424	----a-w-	C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-26 07:44:29	486919689633D1C0DADA718DF1A3E7FB	219648	----a-w-	C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-26 07:44:27	3D3BBD2DA5660B0B6C9F6A8B9401648C	337920	----a-w-	C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-26 07:44:24	51DF6FC12B5EF8CA87414D79C98CBC7A	395264	----a-w-	C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-26 07:44:23	8450005F7BA8662A64E3FB7B0C3EE836	51712	----a-w-	C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-26 07:44:23	6BC0E961EA78AFD90348C8E05896A7DC	784896	----a-w-	C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-26 07:44:20	40591C3BEBAEA638423B10863315D93F	87040	----a-w-	C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-26 07:44:12	9B034D049D1C6EC9BED55D2F27D86ED9	2186	----a-w-	C:\WINDOWS\SysWOW64\AppxProvisioning.xml
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-05-26 07:50:33	FA05A804701A1BF900577A0F7C14B59E	24604672	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-05-26 07:49:51	A1144CA95D4C30449331D3DF39F295F9	970752	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2016-05-26 07:49:50	3602BE2186C15362DF2B5C489AC1B1D1	22379008	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2016-05-26 07:49:31	E4B5C9FEF4C8978CF75B584188868AF8	2582016	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2016-05-26 07:49:27	D2EF3FDF915BBA7C9832FA890DD4D85A	16984576	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-05-26 07:48:42	79BF53E386256057C30EF606DC3CFDFB	870400	----a-w-	C:\WINDOWS\Sysnative\modernexecserver.dll
2016-05-26 07:48:41	0BECECA1B6DA7B022FC9502D22B9E9B3	22561256	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-05-26 07:48:30	75A22EF6AC813D4FE63E30C3C292F871	11545088	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2016-05-26 07:48:19	24F2141493C1A2F6FDEC8C3FA5A95CDE	6605504	----a-w-	C:\WINDOWS\Sysnative\windows.storage.dll
2016-05-26 07:48:15	8F225A78F60DB08D4691C1C27CF644F2	6974464	----a-w-	C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-05-26 07:48:10	614EF7EFFE6896791CC8E4D045F37579	7977472	----a-w-	C:\WINDOWS\Sysnative\mos.dll
2016-05-26 07:47:59	5EED294E19B8293E4F0845CED31489BA	13383168	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-05-26 07:47:50	62D33462C8781DA354519488A571A9AD	7832576	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2016-05-26 07:47:29	5BDA53E18911DEAB35F03AA1C3213A78	3673424	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-05-26 07:47:14	03DE6DE0019FFC0DE60759A893BD8B3F	1819208	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2016-05-26 07:47:11	89FE1A65D15DE2AA9CBF86AA6A731557	7474528	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-05-26 07:47:00	F6718A9F2B5BFA1A42618F63BC890713	5502976	----a-w-	C:\WINDOWS\Sysnative\d2d1.dll
2016-05-26 07:46:53	7E500CCA3EC66C419F2E4BBDE8617647	4894208	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-05-26 07:46:46	1B8A57EC632457E909A06957CB216806	7200256	----a-w-	C:\WINDOWS\Sysnative\BingMaps.dll
2016-05-26 07:46:40	F83E3BAEF5931399978A31753B22D0BE	713920	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2016-05-26 07:46:40	7539A3BF1DC12C53D6DDE078BE888951	190144	----a-w-	C:\WINDOWS\Sysnative\DeviceCensus.exe
2016-05-26 07:46:39	3F943A9A21814C6A394FBB8F1D4E622D	1401024	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-05-26 07:46:36	2A643E48326E427C6A43005EC29F314D	2444288	----a-w-	C:\WINDOWS\Sysnative\twinui.appcore.dll
2016-05-26 07:46:17	0BF8D8C7EC9FB15D6480A12101E88B71	606720	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2016-05-26 07:46:14	087FBBC026DCC0F693E91079B9901B7E	2166784	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-05-26 07:46:13	1A944DC7982279E73C4181DD5D50E021	3591168	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2016-05-26 07:46:10	C57CBD3D0A4B832F3DC18250FC02C3DE	46784	----a-w-	C:\WINDOWS\Sysnative\CompatTelRunner.exe
2016-05-26 07:46:10	AB17E08B47FECDAF0E1349797A6C41A4	1184960	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2016-05-26 07:46:09	A8ECAFE7C58ABABA7CB1C377B7A7E309	984576	----a-w-	C:\WINDOWS\Sysnative\SettingSyncCore.dll
2016-05-26 07:46:08	19D88BF131158F4286294C372B4410B3	1946112	----a-w-	C:\WINDOWS\Sysnative\dwmcore.dll
2016-05-26 07:46:07	082DC7D3704A17FF022D70C577785254	2066432	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2016-05-26 07:46:06	F172E5709824756634091047826E7A9F	1319424	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2016-05-26 07:46:01	0C8655AAC4EA262F62B00DCDA4639819	2598912	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2016-05-26 07:45:59	FD60606E2E7F74D7104A5DA1210D38E6	460800	----a-w-	C:\WINDOWS\Sysnative\MapConfiguration.dll
2016-05-26 07:45:59	78A9EBBAC348ACD9AF5B72ECF90944A7	853504	----a-w-	C:\WINDOWS\Sysnative\MapsStore.dll
2016-05-26 07:45:57	DA5108028A00B865BBECB1980EB05EB8	1997328	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2016-05-26 07:45:57	A5C14F8FE076B41778C56F2414F5D246	650304	----a-w-	C:\WINDOWS\Sysnative\dxgi.dll
2016-05-26 07:45:55	C1D51970E74AB5FFE46FE624BFE900C6	1731072	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-05-26 07:45:55	6D8365722FBB3E58FC2B10FEA00BE840	514752	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2016-05-26 07:45:54	5FD7FDCE260C2ADE6CFFBC141657E8C0	939520	----a-w-	C:\WINDOWS\Sysnative\MapControlCore.dll
2016-05-26 07:45:54	54D6AEA7933377556BBBEC5F45539922	673280	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.dll
2016-05-26 07:45:53	090AAD83736B45769D2688E3BC1AB80A	1092464	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2016-05-26 07:45:52	F75A1710366B5C6B02D3C061DAA4C578	529920	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2016-05-26 07:45:50	DBD087566420D945303C278A4FD90E60	440320	----a-w-	C:\WINDOWS\Sysnative\CredProvDataModel.dll
2016-05-26 07:45:50	00A8CD22CCF7FA34501038C3C35186BD	498960	----a-w-	C:\WINDOWS\Sysnative\MFCaptureEngine.dll
2016-05-26 07:45:49	0B28F2ACE5103586D322AD98FAA01309	870912	----a-w-	C:\WINDOWS\Sysnative\MPSSVC.dll
2016-05-26 07:45:47	EBE067467C144B097CEF5F609F6ABF43	865792	----a-w-	C:\WINDOWS\Sysnative\AzureSettingSyncProvider.dll
2016-05-26 07:45:46	D5D0D1345DEAC9D08A6A5B146A29ADBE	1390080	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2016-05-26 07:45:45	0676A6C9A6EECA48E14B9AE13B0E3508	1387520	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2016-05-26 07:45:43	86BE19C6A177AEB93302EA5C4FBE2D11	754664	----a-w-	C:\WINDOWS\Sysnative\CoreMessaging.dll
2016-05-26 07:45:43	2453622FF2CCB1BA1DFA588207E9C7A4	294592	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2016-05-26 07:45:42	ECF260CA5837CE3174AAAE450C1888C6	605184	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2016-05-26 07:45:41	191A50C760243B5B8E08E0A1CA0B1F7C	821760	----a-w-	C:\WINDOWS\Sysnative\TokenBroker.dll
2016-05-26 07:45:40	8B4111E094EDDBED23EFA1FF8B5F314A	613376	----a-w-	C:\WINDOWS\Sysnative\SettingSync.dll
2016-05-26 07:45:40	85A676350B7A349B1DFB47654FBF8C71	804352	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2016-05-26 07:45:39	ACC6B16066D073AA0E20B044BFEF9CD1	471552	----a-w-	C:\WINDOWS\Sysnative\NetSetupShim.dll
2016-05-26 07:45:36	6EA247B3631FE0181583566B9D828B22	413536	----a-w-	C:\WINDOWS\Sysnative\wifitask.exe
2016-05-26 07:45:32	93C28A95FC5CA7F420343AC9693E05E6	1594920	----a-w-	C:\WINDOWS\Sysnative\gdi32.dll
2016-05-26 07:45:32	82BC3D304654F8EBEFABDDC2AD70AFE3	497152	----a-w-	C:\WINDOWS\Sysnative\tileobjserver.dll
2016-05-26 07:45:31	70C5D325E1BBD9C771542375F9DE5711	303216	----a-w-	C:\WINDOWS\Sysnative\LockAppHost.exe
2016-05-26 07:45:30	99DDB4A100F6013E6B6B269880F0C936	988160	----a-w-	C:\WINDOWS\Sysnative\NMAA.dll
2016-05-26 07:45:29	3CFA0EA6ABC10436D998F7958912387C	1848072	----a-w-	C:\WINDOWS\Sysnative\crypt32.dll
2016-05-26 07:45:28	F5F7CE3E32536F1A37FB3972F27A814F	1399224	----a-w-	C:\WINDOWS\Sysnative\user32.dll
2016-05-26 07:45:27	52C95CFC459242ECBD8A557A197F6FF6	725776	----a-w-	C:\WINDOWS\Sysnative\SHCore.dll
2016-05-26 07:45:26	A29004CC4FE3A06B5C71969F6411FD41	287232	----a-w-	C:\WINDOWS\Sysnative\provhandlers.dll
2016-05-26 07:45:25	810B7BA7636930BD6A21A93296FBCA51	292864	----a-w-	C:\WINDOWS\Sysnative\provengine.dll
2016-05-26 07:45:25	453EEF8F903DE266D9CB16313B5FA796	215040	----a-w-	C:\WINDOWS\Sysnative\aepic.dll
2016-05-26 07:45:24	F7DD01F464ED3ADB8477CD5FD1DE6CF4	356864	----a-w-	C:\WINDOWS\Sysnative\ActivationManager.dll
2016-05-26 07:45:24	82C4028BABC9BADCD89600F5084E4543	479232	----a-w-	C:\WINDOWS\Sysnative\schannel.dll
2016-05-26 07:45:23	ABF13620065E258771320165E0759761	1776768	----a-w-	C:\WINDOWS\Sysnative\WindowsCodecs.dll
2016-05-26 07:45:22	F1CC271FBAD94FBD3D69BC6BE443C33B	1056256	----a-w-	C:\WINDOWS\Sysnative\JpMapControl.dll
2016-05-26 07:45:20	F00A2E895B61858DBB3FE870495E37FA	210432	----a-w-	C:\WINDOWS\Sysnative\wcmcsp.dll
2016-05-26 07:45:20	7F0318ECC1E6E566D02F218DD59CEA84	484352	----a-w-	C:\WINDOWS\Sysnative\DataSenseHandlers.dll
2016-05-26 07:45:20	37E893F5A0BB0DCF89D8464F4D5E0C3D	217440	----a-w-	C:\WINDOWS\Sysnative\AppxAllUserStore.dll
2016-05-26 07:45:18	489EDA0C433F5B0AA54033F523F2C80E	269824	----a-w-	C:\WINDOWS\Sysnative\moshostcore.dll
2016-05-26 07:45:17	C49BB15138D9A7AE2901692CA30E11D1	181248	----a-w-	C:\WINDOWS\Sysnative\shacct.dll
2016-05-26 07:45:17	1997A751EF0FB9889E6642428DC4CAB2	1161120	----a-w-	C:\WINDOWS\Sysnative\rpcrt4.dll
2016-05-26 07:45:16	50E41D3203DA334DBBD2B3B6C7EA64CD	988672	----a-w-	C:\WINDOWS\Sysnative\SharedStartModel.dll
2016-05-26 07:45:15	5470B002C5E5D4DC8C4C330EAE8A685D	619296	----a-w-	C:\WINDOWS\Sysnative\d3d10level9.dll
2016-05-26 07:45:13	FE42F8A07885E518ED1E846C93E4B78C	617984	----a-w-	C:\WINDOWS\Sysnative\StorSvc.dll
2016-05-26 07:45:13	1D7F891D7ADCE1A6824FCB57D6768E14	689152	----a-w-	C:\WINDOWS\Sysnative\ieproxy.dll
2016-05-26 07:45:12	A55AB67676D0E90C279E36AF78EECCFA	515072	----a-w-	C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll
2016-05-26 07:45:11	734B3E9E4DA94DD093C6759CA0C2AA1E	4775424	----a-w-	C:\WINDOWS\Sysnative\actxprxy.dll
2016-05-26 07:45:09	56B24B359838BE86B013C2CFD38BDFC4	72704	----a-w-	C:\WINDOWS\Sysnative\moshost.dll
2016-05-26 07:45:08	3655A59A1E16307F2F6475AC037C1EE4	87040	----a-w-	C:\WINDOWS\Sysnative\MDMAppInstaller.exe
2016-05-26 07:45:08	33C215D1F36A184FB0C0F83ECBE12B5B	351232	----a-w-	C:\WINDOWS\Sysnative\NgcCtnr.dll
2016-05-26 07:45:07	C1C81AAF533552B3C4D9F11A5FF97700	291360	----a-w-	C:\WINDOWS\Sysnative\wininit.exe
2016-05-26 07:45:05	0CFE0F27EC828D9659FD8BF3A529F7B1	166400	----a-w-	C:\WINDOWS\Sysnative\SubscriptionMgr.dll
2016-05-26 07:45:04	CFF943806EBAD5CFAC26FD3DF304E79F	1073152	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2016-05-26 07:45:04	3C52661045548D78EC0EB76495CB978F	66560	----a-w-	C:\WINDOWS\Sysnative\MosHostClient.dll
2016-05-26 07:45:03	EED30CDEAB6E4B45CBF1BD5298952049	550656	----a-w-	C:\WINDOWS\Sysnative\directmanipulation.dll
2016-05-26 07:45:03	981F6C7FB2338CC7889BA4D37C1A9DCE	69632	----a-w-	C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
2016-05-26 07:45:03	242DA5F2A6D9C5DFE2F99127BD2077A4	92352	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2016-05-26 07:45:02	7AAA9916AA10F4B0E9743798A5BA6549	649216	----a-w-	C:\WINDOWS\Sysnative\ngcsvc.dll
2016-05-26 07:45:02	679DD4763AA8028B2F26651D3D02A2E1	582656	----a-w-	C:\WINDOWS\Sysnative\ngccredprov.dll
2016-05-26 07:45:02	0FB83658FBB2C5A18AB98C5C94DB9FAF	289792	----a-w-	C:\WINDOWS\Sysnative\NgcCtnrSvc.dll
2016-05-26 07:44:58	B9B902C12D6872DE9135B0A7C1ACA5A8	565600	----a-w-	C:\WINDOWS\Sysnative\SettingSyncHost.exe
2016-05-26 07:44:58	B28EA19205448B34303D006D50E9E65A	74752	----a-w-	C:\WINDOWS\Sysnative\MosStorage.dll
2016-05-26 07:44:58	5907323899BCEFA32BF6B002F2493C09	76288	----a-w-	C:\WINDOWS\Sysnative\ngcpopkeysrv.dll
2016-05-26 07:44:57	B985F4CC9D63594D8D3DCADAC07F257E	130560	----a-w-	C:\WINDOWS\Sysnative\CloudDomainJoinDataModelServer.dll
2016-05-26 07:44:57	A1BFD44C6343BDF582828EAB6B4CBDE5	630784	----a-w-	C:\WINDOWS\Sysnative\PhoneProviders.dll
2016-05-26 07:44:53	E650C69B5CA9B786AD91E3E7F962A0EE	848896	----a-w-	C:\WINDOWS\Sysnative\samsrv.dll
2016-05-26 07:44:52	72229D3836EA9697F5E13AAEA85F8688	204048	----a-w-	C:\WINDOWS\Sysnative\rsaenh.dll
2016-05-26 07:44:51	E706406D61508D207F6B41CA4AD30891	127488	----a-w-	C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll
2016-05-26 07:44:48	EDF39F56DDF4116DCC8779A65EF8D6C5	58208	----a-w-	C:\WINDOWS\Sysnative\dwminit.dll
2016-05-26 07:44:48	7CEC266216126BC9A0E1072E1A7E5702	279040	----a-w-	C:\WINDOWS\Sysnative\ListSvc.dll
2016-05-26 07:44:47	C1FCA0AED814F1E814700833EF8E0616	179712	----a-w-	C:\WINDOWS\Sysnative\BrowserSettingSync.dll
2016-05-26 07:44:45	D906EFF6ADB6704071C903E62867AC23	696672	----a-w-	C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-05-26 07:44:45	5E903356FCDC2C7011E5341A1C2D48E9	192000	----a-w-	C:\WINDOWS\Sysnative\provisioningcsp.dll
2016-05-26 07:44:43	5DBA65D48CB7B17E241BB7430745C2E0	59392	----a-w-	C:\WINDOWS\Sysnative\hmkd.dll
2016-05-26 07:44:42	DCC42EF91745E4AB13602B9A4D86DDC4	115040	----a-w-	C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-05-26 07:44:42	C417C35D0B714320708A1C18673ACE6C	104448	----a-w-	C:\WINDOWS\Sysnative\BluetoothApis.dll
2016-05-26 07:44:41	D0F9C288251907FD44B96837DBDF0A50	320000	----a-w-	C:\WINDOWS\Sysnative\cryptngc.dll
2016-05-26 07:44:41	A2953084546B1F46B5CCC7FC57A72C1B	314880	----a-w-	C:\WINDOWS\Sysnative\RDXTaskFactory.dll
2016-05-26 07:44:39	0BFEB4862FC2422DAC67EE95C278ECE0	111616	----a-w-	C:\WINDOWS\Sysnative\updatepolicy.dll
2016-05-26 07:44:37	33931A5F8E8B4446C547B020409D66C4	436736	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2016-05-26 07:44:33	AB1738C51C1C1F41A885467E7BB0D37B	285696	----a-w-	C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2016-05-26 07:44:32	ED309332DA910BE791F40F09F6FC50B5	38400	----a-w-	C:\WINDOWS\Sysnative\ByteCodeGenerator.exe
2016-05-26 07:44:31	09098FB07B47765865492C53B66E29E5	764928	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2016-05-26 07:44:30	315CFB6974B5111E3E62E9A512C92B25	151040	----a-w-	C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll
2016-05-26 07:44:27	7DDC2D8133CC1CA646134CC450C02C15	28672	----a-w-	C:\WINDOWS\Sysnative\mapsupdatetask.dll
2016-05-26 07:44:25	DE1C434F0F89C37687D34FB8A8E77B46	120320	----a-w-	C:\WINDOWS\Sysnative\MapsBtSvc.dll
2016-05-26 07:44:25	77DE2FC672F423C2DFCF2A12DB74197C	89088	----a-w-	C:\WINDOWS\Sysnative\MapsCSP.dll
2016-05-26 07:44:24	FE3A72E9BC5515509517D9BF41144252	414720	----a-w-	C:\WINDOWS\Sysnative\bcastdvr.exe
2016-05-26 07:44:23	1AF7E0BA5D1AEA3DEF1CF05B070803FA	89600	----a-w-	C:\WINDOWS\Sysnative\NFCProvisioningPlugin.dll
2016-05-26 07:44:20	BD3F339FE542C30BB4A88F34A597728C	134656	----a-w-	C:\WINDOWS\Sysnative\wificonnapi.dll
2016-05-26 07:44:18	F70CB98E5669D44CBFA6F3EBF534977F	86528	----a-w-	C:\WINDOWS\Sysnative\AppCapture.dll
2016-05-26 07:44:18	9C6EE1DE9CF7B77FF550A737816EB6DB	207360	----a-w-	C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-05-26 07:44:12	9B034D049D1C6EC9BED55D2F27D86ED9	2186	----a-w-	C:\WINDOWS\Sysnative\AppxProvisioning.xml
2016-05-22 16:39:29	FD4C613364F59BAAC59A2C4F5F0EE52B	195016	----a-w-	C:\WINDOWS\Sysnative\httproxy.dll
2016-05-22 16:39:29	73D9B14B7C8621500675F8123043C864	155912	----a-w-	C:\WINDOWS\Sysnative\bdpop3p.dll
2016-05-22 16:39:28	44CF1CE6512CA6B54083156DF7DE3359	1061776	----a-w-	C:\WINDOWS\Sysnative\bdsmtpp.dll
2016-05-22 16:39:27	0A13D6818BCBF860EDCEC1ED1E7B9698	122928	----a-w-	C:\WINDOWS\Sysnative\OEMbdpredir.dll
2016-05-22 16:39:26	E32E201688F60CBEF10439F568F94DF5	156936	----a-w-	C:\WINDOWS\Sysnative\bdfwcore.dll
2016-05-22 16:39:26	5A60405B7D88A6B6DF933DCCE778DD99	96160	----a-w-	C:\WINDOWS\Sysnative\bdpredir.dll
2016-05-22 16:39:25	8AB8CC8200DF2148BEA11FD7F520EA3A	209984	----a-w-	C:\WINDOWS\Sysnative\BdFirewallSDK.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-05-26 07:46:20	48D8729FACC784900B831212AE56F824	1996640	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-05-26 07:45:45	01C01ED15ED56B98088CE1D5A0965E6A	577368	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-05-26 07:45:37	A289FE26F5D8B5121D84DDEE6241CC26	954368	----a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2016-05-26 07:45:32	E7463CE8579A0418A98BE9BE42C647D7	534872	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2016-05-26 07:45:20	357910142E9285B978689B1DB4EFA00A	393568	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-05-26 07:45:18	CFFE69B6C276A3418687109EA8AC9E7D	330072	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-05-26 07:45:18	B880BE37452AB1D4AA93845F58EF7960	95072	----a-w-	C:\WINDOWS\Sysnative\drivers\sdport.sys
2016-05-26 07:44:51	C330883C06E2D4CE4F6982F048265D37	335712	----a-w-	C:\WINDOWS\Sysnative\drivers\fastfat.sys
2016-05-26 07:44:49	50DFE05C698E9B0A63D95E3D669A105C	638816	----a-w-	C:\WINDOWS\Sysnative\drivers\fvevol.sys
2016-05-26 07:44:47	C0752D58193603B6ED762B4027C65E1B	155136	----a-w-	C:\WINDOWS\Sysnative\drivers\hidclass.sys
2016-05-26 07:44:46	82D3B1F4D80057826AA649D78147DE36	63488	----a-w-	C:\WINDOWS\Sysnative\drivers\UcmCx.sys
2016-05-26 07:44:46	2A87EA182EA333D79AA0B03833EA67F2	131424	----a-w-	C:\WINDOWS\Sysnative\drivers\ufxsynopsys.sys
2016-05-26 07:44:44	8F2523C9D8F1448FF2156452AF60FA00	87552	----a-w-	C:\WINDOWS\Sysnative\drivers\filecrypt.sys
2016-05-26 07:44:44	67B9684B8272D5EBD1CCBB1DBD425EC8	99680	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2016-05-26 07:44:40	4AAD6547953D373A1EB5B2DF583D868B	67072	----a-w-	C:\WINDOWS\Sysnative\drivers\usbser.sys
2016-05-26 07:44:18	281439D412441B2A39B63D20EE3E5D88	84992	----a-w-	C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS
2016-05-22 17:04:19	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2016-05-22 17:02:19	1239597BAB7EED2BB16D035AF87E65D9	140672	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2016-05-22 17:02:18	898415AC0B5F1D2A9A48ABCB68A6DC4B	65408	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2016-05-22 17:02:18	78BFF5425E044086E74E78650A359FBB	27008	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2016-05-22 16:33:58	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf
2016-05-22 10:57:29	799F70FF787F4F68E7EA02FEABAC9FAB	307352	----a-w-	C:\WINDOWS\Sysnative\drivers\tmcomm.sys
====== C:\WINDOWS\Tasks ======
2016-05-22 20:52:12	27C8417AECDD51943228402CCD15EA89	3388	----a-w-	C:\WINDOWS\Sysnative\Tasks\AcerCloud
2016-05-22 16:44:55	8B2A7093A1967B8E42D1428205F4B379	4136	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2016-05-22 16:44:55	78DC862F11A8BF4B5CCA830A0413A7FA	1078	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-22 16:44:54	E7869A4D367833FDA4BDF1F5CC5FF22A	3904	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2016-05-22 16:44:54	9BAC9B25CA8C40DB234D024FE3006067	1074	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-05-26 20:21:08	--------	d-----w-	C:\Program Files\trend micro
2016-05-22 16:28:57	--------	d-----w-	C:\Program Files\Lavasoft
2016-05-22 16:26:19	--------	d-----w-	C:\Program Files\Common Files\Lavasoft
======= C:\PROGRA~2 =====
2016-05-22 16:43:57	--------	d-----w-	C:\PROGRA~2\Google
2016-05-22 11:45:33	--------	d---a-w-	C:\PROGRA~2\COMMON~1\DESIGNER
======= C: =====
2016-05-22 16:25:11	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\upgradeOOBE.tag
====== C:\Users\Rita Vanrunxt\AppData\Roaming ======
2016-05-27 12:04:08	--------	d-----w-	C:\Users\Rita Vanrunxt\AppData\Local\CrashDumps
2016-05-27 11:52:27	--------	d-----w-	C:\Users\Rita Vanrunxt\AppData\Local\NetworkTiles
2016-05-26 23:46:23	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps
2016-05-22 17:01:13	--------	d-----w-	C:\Users\Rita Vanrunxt\AppData\Local\Programs
2016-05-22 16:41:57	--------	d-----w-	C:\Users\Rita Vanrunxt\AppData\Local\Google
2016-05-22 12:26:40	91C82A2819C29008DBF31F1F8B0612AD	10	----a-w-	C:\Users\Rita Vanrunxt\AppData\Local\sponge.last.runtime.cache
2016-05-22 10:56:36	48105DBE91A10F621DCFDA74CAAAC421	36	----a-w-	C:\Users\Rita Vanrunxt\AppData\Local\housecall.guid.cache
====== C:\Users\Rita Vanrunxt ======
2016-05-26 21:21:25	A55203B3BEA501A9E8FBF2B66B838E62	3678272	----a-w-	C:\Users\Rita Vanrunxt\Downloads\adwcleaner_5.118.exe
2016-05-26 20:20:23	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Rita Vanrunxt\Downloads\RSITx64.exe
2016-05-22 17:05:36	--------	d-----w-	C:\ProgramData\BitDefender
2016-05-22 16:59:18	52F4695C53B02ADA7D648F95F2E2F8B4	22851472	----a-w-	C:\Users\Rita Vanrunxt\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-22 16:40:47	0BB0166EA9C322EB4F6BA9B164E1F8B0	987728	----a-w-	C:\Users\Rita Vanrunxt\Downloads\ChromeSetup.exe
2016-05-22 16:36:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-05-22 16:21:17	--------	d-----w-	C:\ProgramData\Lavasoft
2016-05-22 16:20:44	713406DF110AE284332D93FB7F46D3CC	2085168	----a-w-	C:\Users\Rita Vanrunxt\Downloads\Adaware_Installer.exe
2016-05-22 11:08:58	--------	d-----w-	C:\ProgramData\Trend Micro
2016-05-22 10:55:17	450D81FFD96190AEAA05DBA0F8F11E18	2526736	----a-w-	C:\Users\Rita Vanrunxt\Downloads\HousecallLauncher64.exe

====== C: exe-files ==
2016-05-26 20:21:15	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Rita Vanrunxt.exe
2016-05-26 07:44:44	E004E3D268827C6F2E500411D95DF85E	493056	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-05-22 19:34:47	54D932590CEAB260ADC4FF79797B21D9	92824	----atw-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe
2016-05-22 19:34:46	E8B364111F317A60DF073826E628FF6F	92824	----atw-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe
2016-05-22 19:34:45	108CB30A5B4C5247E414A3086458FCFC	92824	----atw-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateBroker.exe
2016-05-22 19:34:03	5AB2C2DBC3108A2F7275A2F232FA8036	987040	----a-w-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateSetup.exe
2016-05-22 19:32:38	13FF5C375BD0C702EA1252E79592692F	135832	----atw-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe
2016-05-22 19:32:37	A425CDCEB9D26E9A5ABAFA259799D447	312472	----atw-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
2016-05-22 19:32:34	56FE3C885B0901601549E23E7A435984	250008	----atw-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
2016-05-22 19:32:29	50FCC5C822A6B4FC6F377EE9F9F37C7B	152216	----atw-	C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdate.exe
2016-05-22 19:31:25	5AB2C2DBC3108A2F7275A2F232FA8036	987040	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe
2016-05-22 16:44:21	750446ED76A5D13E902174DDDDA1A62B	154440	----atw-	C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
=== C: other files ==
2016-05-22 16:20:52	6941E1CD20EF1D4810DB887F2B1394B2	55839712	----a-w-	C:\Users\Rita Vanrunxt\AppData\Local\clear.fi\Media.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2147468576-2107826501-631194564-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_USERS\S-1-5-21-2147468576-2107826501-631194564-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
"Uninstall C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"AdAwareTray"="C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Startup Folders ======================

2016-05-22 10:45:09	1686	--sha-w-	C:\Users\Rita Vanrunxt\AppData\Roaming\Microsoft\LastFlashConfig.wfc

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\EPSON XP-215 217 Series Invitation {D4385C52-CABB-40EE-8804-5702C8582BFF}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.exe [03/12/2014 02:48]
C:\WINDOWS\tasks\EPSON XP-215 217 Series Update {D4385C52-CABB-40EE-8804-5702C8582BFF}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.exe [03/12/2014 02:48]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/05/2016 18:43]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/05/2016 18:43]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\abDocsDllLoader" [C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe]
"C:\WINDOWS\SysNative\tasks\ACCAgent" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe]
"C:\WINDOWS\SysNative\tasks\ACCBackgroundApplication" [C:\Program Files (x86)\Acer\Care Center\ACCStd.exe]
"C:\WINDOWS\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe]
"C:\WINDOWS\SysNative\tasks\BacKGroundAgent" [C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe]
"C:\WINDOWS\SysNative\tasks\EPSON XP-215 217 Series Invitation {D4385C52-CABB-40EE-8804-5702C8582BFF}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE]
"C:\WINDOWS\SysNative\tasks\EPSON XP-215 217 Series Update {D4385C52-CABB-40EE-8804-5702C8582BFF}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"]
"C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe"]
"C:\WINDOWS\SysNative\tasks\Quick Access" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"]
"C:\WINDOWS\SysNative\tasks\Quick Access Quick Launcher" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"]
"C:\WINDOWS\SysNative\tasks\UbtFrameworkService" ["C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe"]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2016-02-15 12:56:25	--------	d-----w-	C:\PROGRA~3\EPSON
2016-02-15 13:05:00	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2016-02-27 12:54:38	--------	d-sh--we	C:\PROGRA~3\Application Data
2016-02-27 12:56:05	--------	d-----w-	C:\PROGRA~3\USOShared
2016-04-06 11:25:44	--------	d-----w-	C:\PROGRA~3\Kaspersky Lab
2016-05-22 11:08:58	--------	d-----w-	C:\PROGRA~3\Trend Micro
2016-05-22 16:21:17	--------	d-----w-	C:\PROGRA~3\Lavasoft
2016-05-22 17:02:18	--------	d-----w-	C:\PROGRA~3\Malwarebytes
2016-05-22 17:05:36	--------	d-----w-	C:\PROGRA~3\BitDefender

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox" [26/05/2016 10:35]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eahebamiopdhefndnmappcihfajigkka - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka[]

Google Slides - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Kaspersky Protection - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka
Google Sheets - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://acer13.msn.com/?pc=ACJB"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://acer13.msn.com/?pc=ACJB"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EF8E2E05B8F112F4EBF99F51D2E35A1B deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02F6486B12843E11F869800002C0A966 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{50E2E8FE-1F8B-4F21-BE9F-F9152D3EA5B1} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6846F20-4821-11E3-8F96-0800200C9A66} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EF8E2E05B8F112F4EBF99F51D2E35A1B deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\02F6486B12843E11F869800002C0A966 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ritatjevanrunxt\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Rita Vanrunxt\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\ritatjevanrunxt\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Rita Vanrunxt\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5783 folders=126 411118814 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\RITAVA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 27/05/2016 at 14:43:55,25 ======================