Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by ydg63699 on di 07/06/2016 at 11:35:51,83.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\ydg63699\Downloads\zoek (9).exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

7/06/2016 11:36:24 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\SUPPORTDIR deleted successfully
C:\Users\ydg63699\AppData\Local\ActiveSync deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Adobe Photoshop Elements 8.0  
ArcSoft PhotoStudio 5.5  
BullGuard Internet Security  
Canon MP Navigator EX 2.0  
Canon Utilities Digital Photo Professional  
Canon Utilities EOS Lens Registration Tool  
Canon Utilities EOS Sample Music  
Canon Utilities EOS Utility 2  
Canon Utilities EOS Web Service Registration Tool  
Canon Utilities PhotoStitch  
Canon Utilities Picture Style Editor  
Canon Utilities Solution Menu  
CanoScan LiDE 200 Scanner Driver  
CCleaner  
EPSON-handleidingen  
EPSON Scan  
EPSON XP-720 Series Printer Uninstall  
FastStone Image Viewer 5.5  
Google Chrome  
Google Update Helper  
K-Lite Codec Pack 12.1.5 Standard  
Malwarebytes Anti-Malware versie 2.2.1.1043  
Microsoft Office 2007 Service Pack 3 (SP3)  
Microsoft Office Basic 2007  
Microsoft Office Excel MUI (Dutch) 2007  
Microsoft Office File Validation Add-In  
Microsoft Office Office 64-bit Components 2007  
Microsoft Office Outlook MUI (Dutch) 2007  
Microsoft Office Proof (Dutch) 2007  
Microsoft Office Proof (English) 2007  
Microsoft Office Proof (French) 2007  
Microsoft Office Proof (German) 2007  
Microsoft Office Proofing (Dutch) 2007  
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  
Microsoft Office Shared 64-bit MUI (Dutch) 2007  
Microsoft Office Shared MUI (Dutch) 2007  
Microsoft Office Word MUI (Dutch) 2007  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030  
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030  
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030  
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501  
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501  
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005  
RealDownloader  
RealNetworks - Microsoft Visual C++ 2008 Runtime  
RealNetworks - Microsoft Visual C++ 2010 Runtime  
Realtek High Definition Audio Driver  
RealUpgrade 1.1  
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition   
Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition   
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114895) 32-Bit Edition   
Security Update for Microsoft Office Excel 2007 (KB3114892) 32-Bit Edition   
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   
Security Update for Microsoft Office Outlook 2007 (KB2880510) 32-Bit Edition   
Security Update for Microsoft Office Word 2007 (KB3115116) 32-Bit Edition   
Software Updater  
Update for 2007 Microsoft Office System (KB967642)  
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition  
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3115110) 32-Bit Edition  
Update voor Microsoft Office Excel 2007 Help (KB963678)  
Update voor Microsoft Office Word 2007 Help (KB963665)  
UpdateService  
vc2012_redist  
Video Downloader  

==== Running Processes ======================

C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
C:\Users\ydg63699\Downloads\zoek.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==== Deleting Services ======================


==== Batch Command(s) Run By Tool======================


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


==== Deleting Files \ Folders ======================

C:\PROGRA~2\GreenTree Applications deleted
C:\PROGRA~3\YTD Video Downloader deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\ydg63699\AppData\Local\CrashRpt deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWOW64\LavasoftTcpService.dll deleted
C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini deleted
C:\Users\ydg63699\AppData\Roaming\Mozilla\Firefox\Profiles\rnhbe3.default\searchplugins\yahoo-lavasoft.xml deleted
"C:\WINDOWS\Installer\413c8.msi" deleted

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)
Memory (RAM): 32720 MB
CPU Info: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
CPU Speed: 3601,0 MHz
Sound Card: Luidsprekers (Dell AC511 USB So | 
1 - DELL U2414H (AMD High Defin | 
Display Adapters: AMD Radeon(TM) R9 270 | AMD Radeon(TM) R9 270 | AMD Radeon(TM) R9 270 | AMD Radeon(TM) R9 270 | AMD Radeon(TM) R9 270 | AMD Radeon(TM) R9 270
Monitors: 2x; Generic PnP Monitor | Dell ST2010 | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | Bluetooth Device (Personal Area Network) | Microsoft Wi-Fi Direct Virtual Adapter | Intel(R) Dual Band Wireless-AC 7260 | Microsoft Hosted Network Virtual Adapter
CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRWBD CH30N
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  225,6GB | D:  1862,9GB | F:  5588,9GB
Hard Disks - Free: C:  175,7GB | D:  1344,3GB | F:  4249,0GB
Manufacturer *: Dell Inc.
BIOS Info: AT/AT COMPATIBLE |  | DELL   - 20100118
Time Zone: Centraal-Europa (standaardtijd)
Motherboard *: Dell Inc. 0KWVT8
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Internet Explorer Version: 11.306.10586.0 
Google Chrome version: 50.0.2661.102

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-05-18 16:07:00	7ED438C44B90AF7B01609A942C7E7196	212480	----a-w-	C:\WINDOWS\PCDLIB32.DLL
2016-05-17 07:19:19	DAA6AAD525D12F8985695B882301336F	167	----a-w-	C:\WINDOWS\win.ini
2016-05-17 07:19:19	286A9EDB379DC3423A528B0864A0F111	219	----a-w-	C:\WINDOWS\system.ini
2016-05-17 06:25:29	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\WINDOWS\ativpsrm.bin
2016-05-17 06:25:27	2241B0A9B8D2BDF16DF8257FA808F7F5	67584	--s-a-w-	C:\WINDOWS\bootstat.dat
2016-05-12 22:04:21	2617877C5761B8A696FD0368861EE6E4	4515256	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\ydg63699\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-06-04 21:41:56	F332473F5053F3155226DFE699080400	148008	----a-w-	C:\WINDOWS\SysWOW64\BgGamingMonitor.dll
2016-06-04 21:41:55	A10C2DAA8A4BF3A5694E5543C97D03F0	61720	----a-w-	C:\WINDOWS\SysWOW64\BGLsp.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-06-07 09:37:07	FE77083AB129B2023CF3B465C9625641	453288	------w-	C:\WINDOWS\Sysnative\MpSigStub.exe
2016-06-04 21:41:56	9FD766BAE4D08D099197989B43D1D6FB	169656	----a-w-	C:\WINDOWS\Sysnative\BgGamingMonitor.dll
2016-06-04 21:41:55	E48A2900E7D64569BE4627D03CE69C51	76568	----a-w-	C:\WINDOWS\Sysnative\BGLsp.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-05-20 14:53:23	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-05-20 13:58:19	8B6143C42CD0A28325880C166D695702	42968	----a-w-	C:\WINDOWS\Sysnative\drivers\clwvd7.sys
2016-05-19 08:13:06	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2016-05-19 08:12:56	898415AC0B5F1D2A9A48ABCB68A6DC4B	65408	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2016-05-19 08:12:56	78BFF5425E044086E74E78650A359FBB	27008	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2016-05-19 08:12:56	1239597BAB7EED2BB16D035AF87E65D9	140672	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2016-05-18 14:06:08	FBF4DB6D53585437E41A113300002A2B	55024	------w-	C:\WINDOWS\Sysnative\drivers\PxHlpa64.sys
2016-05-17 06:32:27	FE3422EDDA0E2580DF8D0F8B18DA8552	19501	----a-w-	C:\WINDOWS\Sysnative\drivers\rtwavesmaprocap.dat
2016-05-17 06:32:27	FD6CC699BD9BE090D6E96C06CA960AE4	463760	----a-w-	C:\WINDOWS\Sysnative\drivers\rtwavesmapro.dat
2016-05-17 06:32:27	DE8F1C08787A9C00BCCE541545372ABA	31095	----a-w-	C:\WINDOWS\Sysnative\drivers\rtwavesEFX.dat
2016-05-17 06:32:27	B9A596312DCFE615C48E8495D8B8C850	1019725	----a-w-	C:\WINDOWS\Sysnative\drivers\rtwavesskdy.dat
2016-05-17 06:32:27	B999812ACF16518997420F1A821170B8	10945	----a-w-	C:\WINDOWS\Sysnative\drivers\rtwavesMFX.dat
2016-05-17 06:25:20	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-17 06:25:19	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-05-12 22:04:23	1A490555FD330CA2764D89191177C867	285696	------w-	C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
2016-05-12 22:04:22	19BD8A88AAC580592668B070AC0727D9	2152280	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-05-12 22:04:22	083A727D784009F9CCFB120C7841B7AF	2403680	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2016-05-12 22:04:21	E582DA849A58524E645545FB68B6625D	1152864	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2016-05-12 22:04:21	935823F79CBEDB91637B63D37E3A5A36	148480	------w-	C:\WINDOWS\Sysnative\drivers\dfsc.sys
2016-05-12 22:04:21	0B3B0C1D86050355676640488FA897D3	430944	------w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2016-05-12 22:04:20	EDDB0D726DBECDFC1DBCC6DB464E5A13	146272	------w-	C:\WINDOWS\Sysnative\drivers\appid.sys
2016-05-12 22:04:20	E3C82823B22463BC38AA4F8ADA852624	104960	------w-	C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2016-05-12 22:04:20	AA4CD20708B7E0412A5316D7E2875103	530432	------w-	C:\WINDOWS\Sysnative\drivers\nwifi.sys
2016-05-12 22:04:20	A4411C522D41707D5BCA817A5BB9E30B	114688	------w-	C:\WINDOWS\Sysnative\drivers\bridge.sys
2016-05-12 22:04:20	2BC2E99623119521EEF7910A11D0FDE0	694784	------w-	C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys
2016-05-12 22:04:19	B880BE37452AB1D4AA93845F58EF7960	95072	------w-	C:\WINDOWS\Sysnative\drivers\sdport.sys
2016-05-12 22:04:19	8F2523C9D8F1448FF2156452AF60FA00	87552	------w-	C:\WINDOWS\Sysnative\drivers\filecrypt.sys
2016-05-12 22:04:19	63C3F74DC398A1C1A77E39DFB9C312CA	1089888	----a-w-	C:\WINDOWS\Sysnative\drivers\http.sys
2016-05-12 22:04:19	48D8729FACC784900B831212AE56F824	1996640	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-05-12 22:04:19	3B866F8CB10719A5AF9E410B1B149714	605440	------w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-05-12 22:04:19	357910142E9285B978689B1DB4EFA00A	393568	------w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-05-12 22:04:19	01C01ED15ED56B98088CE1D5A0965E6A	577368	------w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-05-12 22:04:18	F279536122B83FD0D8E158AA753E1B7C	238592	------w-	C:\WINDOWS\Sysnative\drivers\xboxgip.sys
2016-05-12 22:04:18	E7463CE8579A0418A98BE9BE42C647D7	534872	------w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2016-05-12 22:04:18	DA0807D87A62D076C29C4E30F1E84F46	26112	------w-	C:\WINDOWS\Sysnative\drivers\xinputhid.sys
2016-05-12 22:04:18	CFFE69B6C276A3418687109EA8AC9E7D	330072	------w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-05-12 22:04:18	C330883C06E2D4CE4F6982F048265D37	335712	------w-	C:\WINDOWS\Sysnative\drivers\fastfat.sys
2016-05-12 22:04:18	C0752D58193603B6ED762B4027C65E1B	155136	------w-	C:\WINDOWS\Sysnative\drivers\hidclass.sys
2016-05-12 22:04:18	B24408471C1BCB17FC44F5B47EA8DEA3	277856	------w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2016-05-12 22:04:18	AEEF76F938188EBF27DF70C1806877F2	181248	------w-	C:\WINDOWS\Sysnative\drivers\rfcomm.sys
2016-05-12 22:04:18	A289FE26F5D8B5121D84DDEE6241CC26	954368	----a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2016-05-12 22:04:18	A0718F7B48F08347800FB29844A6AF91	112640	------w-	C:\WINDOWS\Sysnative\drivers\bthenum.sys
2016-05-12 22:04:18	9E9D58F5E1702955B2F4D62996F80E8E	378208	------w-	C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2016-05-12 22:04:18	8949F77132A4F8F3BA17C6727099F002	127840	------w-	C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2016-05-12 22:04:18	8359F776CA899E761852F2293B724EAE	185184	------w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2016-05-12 22:04:18	82D3B1F4D80057826AA649D78147DE36	63488	------w-	C:\WINDOWS\Sysnative\drivers\UcmCx.sys
2016-05-12 22:04:18	67B9684B8272D5EBD1CCBB1DBD425EC8	99680	------w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2016-05-12 22:04:18	50DFE05C698E9B0A63D95E3D669A105C	638816	------w-	C:\WINDOWS\Sysnative\drivers\fvevol.sys
2016-05-12 22:04:18	4AAD6547953D373A1EB5B2DF583D868B	67072	------w-	C:\WINDOWS\Sysnative\drivers\usbser.sys
2016-05-12 22:04:18	469441BAE3FF8A16826FC62C51EF5E18	563552	------w-	C:\WINDOWS\Sysnative\drivers\acpi.sys
2016-05-12 22:04:18	3B3BF88BB54CB9A18DE1EF07292B5A3D	245760	------w-	C:\WINDOWS\Sysnative\drivers\BthLEEnum.sys
2016-05-12 22:04:18	2A87EA182EA333D79AA0B03833EA67F2	131424	------w-	C:\WINDOWS\Sysnative\drivers\ufxsynopsys.sys
2016-05-12 22:04:18	28B8E1C6CBCF9FFE2FABFF3160C26ADF	258912	------w-	C:\WINDOWS\Sysnative\drivers\ufx01000.sys
2016-05-12 22:04:18	281439D412441B2A39B63D20EE3E5D88	84992	------w-	C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS
2016-05-12 22:04:18	249A563C48DFD9E42A37587653E003BB	83968	------w-	C:\WINDOWS\Sysnative\drivers\serial.sys
2016-05-12 22:04:18	0731E8F4D8D3B8D3FD98A46A8ABFE0A0	333824	----a-w-	C:\WINDOWS\Sysnative\drivers\portcls.sys
====== C:\WINDOWS\Tasks ======
2016-05-27 11:06:54	5376FE6639EC9D141D296E2BAD67C69E	2786	----a-w-	C:\WINDOWS\Sysnative\Tasks\klcp_update
2016-05-24 12:25:20	FA1613D978806B923514DAEE8B434731	1076	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-24 12:25:20	C1469A0640CCDF5A0699A9D320CDDF43	1080	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-24 12:25:20	1E900BA565EE482220CC3E95C34F945D	4138	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2016-05-24 12:25:20	17C32BD89C1E3E09271033B2D1D664BD	3906	----a-w-	C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2016-05-21 08:29:40	B240FEB22821A1E68ADB2B1F43C4ADA0	2728	----a-w-	C:\WINDOWS\Sysnative\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1068301756-979797124-688642755-1001
2016-05-19 09:05:29	BEA46DE279A56906775F5524186BDFE5	2552	----a-w-	C:\WINDOWS\Sysnative\Tasks\RealDownloader Update Check
2016-05-19 09:05:16	DA469895C8D4C0863E3CCF7423D18CC7	2590	----a-w-	C:\WINDOWS\Sysnative\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1068301756-979797124-688642755-1001
2016-05-19 09:05:16	4A120971E785809DB138C5AAED2BC534	2710	----a-w-	C:\WINDOWS\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1068301756-979797124-688642755-1001
2016-05-18 16:23:32	A7DA46A4148963EF087B6806E5DAE4D8	4132	----a-w-	C:\WINDOWS\Sysnative\Tasks\EPSON XP-720 Series Update {E853536E-37A1-44DE-8A59-988CF3E876E8}
2016-05-18 16:23:32	206D57E9974B6FB658D8ACFEFAA28458	935	----a-w-	C:\WINDOWS\Tasks\EPSON XP-720 Series Update {E853536E-37A1-44DE-8A59-988CF3E876E8}.job
2016-05-18 13:44:12	A630B20D120C519054A283964BAD8C8E	4186	----a-w-	C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{32E53006-B237-40CE-88D2-1D0BC26C4D1F}
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Microsoft
2016-05-17 06:35:15	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\BullGuard
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-06-04 13:20:58	--------	d-----w-	C:\Program Files\SUPERAntiSpyware
2016-05-31 21:00:18	--------	d-----w-	C:\Program Files\trend micro
2016-05-18 16:23:32	--------	d-----w-	C:\Program Files\Common Files\EPSON
2016-05-18 16:06:19	--------	d-----w-	C:\Program Files\Common Files\CANON
2016-05-18 16:05:03	--------	d--h--w-	C:\Program Files\CanonBJ
2016-05-17 20:53:28	--------	d-----w-	C:\Program Files\Microsoft Office
2016-05-17 07:21:22	--------	d-----w-	C:\Program Files\Reference Assemblies
2016-05-17 07:21:22	--------	d-----w-	C:\Program Files\MSBuild
2016-05-17 07:19:19	174	--sha-w-	C:\Program Files\desktop.ini
2016-05-17 07:19:18	--------	d-sh--w-	C:\Program Files\Windows Sidebar
2016-05-17 07:19:18	--------	d-s---w-	C:\Program Files\WindowsPowerShell
2016-05-17 07:19:18	--------	d---a-w-	C:\Program Files\Common Files\microsoft shared
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Windows Portable Devices
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Windows Photo Viewer
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Windows NT
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Windows Multimedia Platform
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Windows Media Player
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Windows Mail
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Windows Journal
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Internet Explorer
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Common Files\System
2016-05-17 07:19:18	--------	d-----w-	C:\Program Files\Common Files\Services
2016-05-17 07:14:30	--------	d-----w-	C:\Program Files\Common Files
2016-05-17 06:35:17	--------	d-----w-	C:\Program Files\Common Files\AV
2016-05-17 06:34:33	--------	d-----w-	C:\Program Files\Common Files\BullGuard Ltd
2016-05-17 06:34:30	--------	d-----w-	C:\Program Files\BullGuard Ltd
2016-05-17 06:32:20	--------	d-----w-	C:\Program Files\Realtek
2016-05-17 06:25:26	--------	d-----w-	C:\Program Files\Common Files\ATI Technologies
2016-05-17 06:25:26	--------	d-----w-	C:\Program Files\AMD
2016-05-17 06:25:07	--------	d--h--w-	C:\Program Files\Uninstall Information
======= C:\PROGRA~2 =====
2016-05-27 11:05:55	--------	d-----w-	C:\PROGRA~2\K-Lite Codec Pack
2016-05-23 09:19:32	--------	d---a-w-	C:\PROGRA~2\COMMON~1\DESIGNER
2016-05-23 09:19:24	--------	d-----w-	C:\PROGRA~2\Microsoft Visual Studio
2016-05-21 10:46:26	--------	d-----w-	C:\PROGRA~2\COMMON~1\xing shared
2016-05-20 13:58:18	--------	d-----w-	C:\PROGRA~2\NSIS Uninstall Information
2016-05-19 19:03:14	--------	d-----w-	C:\PROGRA~2\COMMON~1\Canon_Inc_IC
2016-05-19 09:05:13	--------	d-----w-	C:\PROGRA~2\RealNetworks
2016-05-19 09:05:00	--------	d-----w-	C:\PROGRA~2\Real
2016-05-18 16:12:49	--------	d-----w-	C:\PROGRA~2\EPSON Software
2016-05-18 16:12:44	--------	d-----w-	C:\PROGRA~2\epson
2016-05-18 16:07:00	--------	d--h--w-	C:\PROGRA~2\InstallShield Installation Information
2016-05-18 16:07:00	--------	d-----w-	C:\PROGRA~2\ArcSoft
2016-05-18 16:06:45	--------	d-----w-	C:\PROGRA~2\COMMON~1\InstallShield
2016-05-18 16:04:32	--------	d-----w-	C:\PROGRA~2\Canon
2016-05-18 14:06:10	--------	d-----w-	C:\PROGRA~2\COMMON~1\Macrovision Shared
2016-05-18 14:05:40	--------	d---a-w-	C:\PROGRA~2\COMMON~1\PX Storage Engine
2016-05-18 14:05:40	--------	d-----w-	C:\PROGRA~2\COMMON~1\Sonic Shared
2016-05-18 14:05:18	--------	d---a-w-	C:\PROGRA~2\COMMON~1\Adobe
2016-05-18 14:05:18	--------	d---a-w-	C:\PROGRA~2\Adobe
2016-05-18 10:21:23	--------	d-----w-	C:\PROGRA~2\FastStone Image Viewer
2016-05-17 20:54:58	--------	d-----w-	C:\PROGRA~2\Microsoft Works
2016-05-17 20:53:11	--------	d---a-w-	C:\PROGRA~2\Microsoft Office
2016-05-17 07:21:22	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2016-05-17 07:21:22	--------	d-----w-	C:\PROGRA~2\MSBuild
2016-05-17 07:19:19	174	--sha-w-	C:\PROGRA~2\desktop.ini
2016-05-17 07:19:18	--------	d-sh--w-	C:\PROGRA~2\Windows Sidebar
2016-05-17 07:19:18	--------	d-s---w-	C:\PROGRA~2\WindowsPowerShell
2016-05-17 07:19:18	--------	d---a-w-	C:\PROGRA~2\COMMON~1\Microsoft Shared
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Windows Portable Devices
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Windows Photo Viewer
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Windows NT
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Windows Multimedia Platform
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Windows Media Player
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Windows Mail
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Microsoft.NET
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\Internet Explorer
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\COMMON~1\System
2016-05-17 07:19:18	--------	d-----w-	C:\PROGRA~2\COMMON~1\Services
2016-05-17 07:14:30	--------	d-----w-	C:\PROGRA~2\Common Files
2016-05-17 07:03:20	--------	d-----w-	C:\PROGRA~2\Google
======= C: =====
2016-05-11 09:53:21	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Recovery.txt
====== C:\Users\ydg63699\AppData\Roaming ======
2016-06-01 11:58:21	--------	d-----w-	C:\Users\ydg63699\AppData\Local\ESET
2016-06-01 10:03:48	--------	d-----w-	C:\Users\ydg63699\AppData\Local\ElevatedDiagnostics
2016-05-28 07:17:09	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Western Digital
2016-05-24 12:24:50	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Deployment
2016-05-24 12:24:50	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Apps
2016-05-23 09:19:58	E69AE8AD04E4CF6B8B18D0A28532EE11	868984	----a-w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2016-05-21 20:44:15	--------	d-s---w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\LocalLow
2016-05-20 14:54:51	--------	d-----w-	C:\Users\ydg63699\AppData\Local\CANON_INC
2016-05-20 14:30:10	--------	d-----w-	C:\Users\ydg63699\AppData\Local\AMD
2016-05-20 13:58:31	--------	d-----w-	C:\Users\ydg63699\AppData\Local\CyberLink
2016-05-19 09:05:29	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Real
2016-05-19 08:12:34	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Programs
2016-05-18 19:39:29	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2016-05-18 14:07:58	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Adobe
2016-05-18 09:09:47	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Mozilla
2016-05-17 21:03:27	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2016-05-17 21:03:27	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
2016-05-17 20:58:50	79F1B4CA499357FF969BEF45974D5DF5	47408	----a-w-	C:\Users\ydg63699\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-17 20:53:12	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Microsoft Help
2016-05-17 07:22:41	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft
2016-05-17 07:19:18	--------	d-s---r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-05-17 07:19:18	--------	d-s---r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\LocalLow
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default\AppData\Roaming
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default\AppData\Local
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default User\AppData\Roaming
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default User\AppData\Local
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-17 07:04:05	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2016-05-17 07:03:18	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Google
2016-05-17 06:47:48	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Comms
2016-05-17 06:35:21	--------	d-----w-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BullGuard
2016-05-17 06:31:50	--------	d-----w-	C:\Users\ydg63699\AppData\Local\MicrosoftEdge
2016-05-17 06:29:14	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
2016-05-17 06:28:52	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Publishers
2016-05-17 06:28:43	--------	d-----w-	C:\Users\ydg63699\AppData\Local\VirtualStore
2016-05-17 06:28:43	--------	d-----w-	C:\Users\ydg63699\AppData\Local\TileDataLayer
2016-05-17 06:28:43	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Packages
2016-05-17 06:28:43	--------	d-----r-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-05-17 06:28:43	--------	d-----r-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-05-17 06:28:06	A268D271C72C0A1A37CA5050F7D83A0A	5377	----a-w-	C:\Users\Administrator\AppData\Local\Application.xml
2016-05-17 06:27:48	--------	d-s---r-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-05-17 06:27:48	--------	d-----w-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-17 06:27:48	--------	d-----w-	C:\Users\ydg63699\AppData\Roaming
2016-05-17 06:27:48	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Temp
2016-05-17 06:27:48	--------	d-----w-	C:\Users\ydg63699\AppData\Local\Microsoft
2016-05-17 06:27:48	--------	d-----w-	C:\Users\ydg63699\AppData\Local
2016-05-17 06:27:48	--------	d-----w-	C:\Users\Administrator\AppData\Roaming
2016-05-17 06:27:48	--------	d-----w-	C:\Users\Administrator\AppData\Local\Temp
2016-05-17 06:27:48	--------	d-----w-	C:\Users\Administrator\AppData\Local\Microsoft
2016-05-17 06:27:48	--------	d-----w-	C:\Users\Administrator\AppData\Local
2016-05-17 06:27:48	--------	d-----r-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-17 06:27:48	--------	d-----r-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-17 06:27:48	--------	d-----r-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-17 06:27:48	--------	d-----r-	C:\Users\ydg63699\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-05-17 06:24:57	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local
2016-05-11 20:52:32	--------	d-----w-	C:\Users\ydg63699\AppData\LocalLow
====== C:\Users\ydg63699 ======
2016-06-04 13:20:58	--------	d-----w-	C:\ProgramData\SUPERAntiSpyware.com
2016-05-30 21:04:04	--------	d-----w-	C:\ProgramData\Western Digital
2016-05-27 11:05:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-05-27 11:04:40	8BE8604DE4DF3E29CABC093A83F62926	27225733	----a-w-	C:\Users\ydg63699\Downloads\K-Lite_Codec_Pack_1215_Standard.exe
2016-05-23 14:22:03	--------	d-----w-	C:\ProgramData\CanonIJ
2016-05-23 14:20:30	--------	d--h--w-	C:\ProgramData\CanonIJSolutionMenu
2016-05-23 10:30:27	--------	d--h--w-	C:\ProgramData\CanonIJEGV
2016-05-20 14:53:23	--------	d-----w-	C:\Users\Public\Documents\CyberLink
2016-05-20 14:03:55	--------	d-----w-	C:\Users\Public\CyberLink
2016-05-20 13:57:19	--------	d-----w-	C:\ProgramData\Temp
2016-05-20 13:57:05	--------	d-----w-	C:\ProgramData\install_clap
2016-05-20 13:51:24	--------	d-----w-	C:\ProgramData\CyberLink
2016-05-19 19:02:25	--------	d-----w-	C:\ProgramData\Canon_Inc_IC
2016-05-19 09:05:13	--------	d-----w-	C:\ProgramData\RealNetworks
2016-05-19 09:05:07	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-05-19 09:03:46	--------	d-----w-	C:\ProgramData\Real
2016-05-18 17:00:26	--------	d--h--w-	C:\ProgramData\CanonIJScan
2016-05-18 16:12:49	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-05-18 16:12:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-05-18 16:10:10	--------	d-----w-	C:\ProgramData\Epson
2016-05-18 16:07:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
2016-05-18 16:06:05	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-05-18 16:05:29	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 200 Manual
2016-05-18 16:05:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 200
2016-05-18 14:09:03	--------	d-----w-	C:\ProgramData\FLEXnet
2016-05-18 14:05:18	--------	d---a-w-	C:\ProgramData\Adobe
2016-05-18 10:21:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2016-05-17 20:55:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-17 20:53:11	--------	d-----w-	C:\ProgramData\Microsoft Help
2016-05-17 07:19:19	7220FAD57A4B3D9D9755C51198CC0386	174	--sha-w-	C:\Users\Public\desktop.ini
2016-05-17 07:19:18	--------	d-s---w-	C:\ProgramData\Microsoft
2016-05-17 07:19:18	--------	d--h--w-	C:\Users\Default\AppData
2016-05-17 07:19:18	--------	d--h--r-	C:\Users\Public\Libraries
2016-05-17 07:19:18	--------	d--h--r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData
2016-05-17 07:19:18	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData
2016-05-17 07:19:18	--------	d-----w-	C:\Users\Default\Saved Games
2016-05-17 07:19:18	--------	d-----w-	C:\ProgramData\USOPrivate
2016-05-17 07:19:18	--------	d-----w-	C:\ProgramData\regid.1991-06.com.microsoft
2016-05-17 07:19:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Videos
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Pictures
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Music
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Links
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Favorites
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Downloads
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Documents
2016-05-17 07:19:18	--------	d-----r-	C:\Users\Default\Desktop
2016-05-17 07:19:18	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2016-05-17 07:19:18	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
2016-05-17 07:19:18	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-05-17 07:19:18	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-05-17 07:19:18	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-05-17 06:35:20	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\ProgramData\ntuser.pol
2016-05-17 06:35:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BullGuard
2016-05-17 06:33:38	--------	d-----w-	C:\ProgramData\BullGuard
2016-05-17 06:32:24	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\ProgramData\DP45977C.lfl
2016-05-17 06:30:31	--------	d-----w-	C:\ProgramData\Microsoft OneDrive
2016-05-17 06:28:43	--------	d-----r-	C:\Users\ydg63699\Searches
2016-05-17 06:28:42	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\ydg63699\ntuser.ini
2016-05-17 06:27:48	--------	d--h--w-	C:\Users\ydg63699\AppData
2016-05-17 06:27:48	--------	d--h--w-	C:\Users\Administrator\AppData
2016-05-17 06:25:57	--------	d-----w-	C:\ProgramData\USOShared
2016-05-17 06:24:57	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\debug
2016-05-17 06:24:57	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2016-05-17 06:24:46	--------	d--h--w-	C:\WINDOWS\serviceprofiles\networkservice\AppData
2016-05-17 06:24:46	--------	d--h--w-	C:\WINDOWS\serviceprofiles\Localservice\AppData
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\Saved Games
2016-05-17 06:24:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\Saved Games
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Videos
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Pictures
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Music
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Links
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Favorites
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Downloads
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Documents
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Desktop
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Videos
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Pictures
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Music
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Links
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Favorites
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Downloads
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Documents
2016-05-17 06:24:46	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Desktop
2016-05-11 20:52:41	--------	d-----r-	C:\Users\ydg63699\OneDrive
2016-05-11 20:52:37	--------	d-----w-	C:\Users\ydg63699\3D Objects
2016-05-11 20:52:37	--------	d-----w-	C:\Users\ydg63699\.cache
2016-05-11 20:52:37	--------	d-----r-	C:\Users\ydg63699\Contacts
2016-05-11 20:52:32	--------	d-----w-	C:\Users\ydg63699\Roaming
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Videos
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Saved Games
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Pictures
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Music
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Links
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Favorites
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Downloads
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Documents
2016-05-11 20:52:32	--------	d-----r-	C:\Users\ydg63699\Desktop
2016-05-11 11:04:33	--------	d-----w-	C:\Users\Public\Documents\Downloads

====== C: exe-files ==
2016-06-07 09:42:28	43BDB55D5E3B7FC1A98B7E140E392C2C	136	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$I92XEDP.exe
2016-06-07 09:38:02	F16DF8AA8A25BB032686C3CD3B28D265	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$IT9SXYF.exe
2016-06-07 09:38:02	AB9EC3468C21C0A3F674F30B4115BE88	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$I99BIFT.exe
2016-06-07 09:38:02	8B2FD98323313D63017A5FBEECBAC272	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$I63XB83.exe
2016-06-07 09:38:02	63DAC2B89D760C5DECCACAE02DFB7EBD	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$I17TRPC.exe
2016-06-07 09:38:02	5D5A66F1D37DF490CB4B3E8D4E89ED9F	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$IEBELR9.exe
2016-06-07 09:38:02	5B7DFBF8848FBD445FBAF13C0930C493	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$IZ2EF19.exe
2016-06-07 09:38:02	57E1BA54CA3ECA22EC1CB83DA4CFEF83	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$IIO9Y88.exe
2016-06-07 09:38:02	57170EF6B54A694EA78177C2DE4D71A5	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$I474ZDY.exe
2016-06-07 09:38:02	330FBB5865174152E2A708437EFFDA5C	110	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$I70B1VX.exe
2016-06-07 09:37:07	FE77083AB129B2023CF3B465C9625641	453288	----a-w-	C:\Windows\System32\MpSigStub.exe
2016-06-07 09:35:39	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$R17TRPC.exe
2016-06-07 09:35:33	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$RIO9Y88.exe
2016-06-07 09:35:32	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$RZ2EF19.exe
2016-06-07 09:35:31	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$R63XB83.exe
2016-06-07 09:35:21	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$REBELR9.exe
2016-06-07 09:35:20	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$R99BIFT.exe
2016-06-07 09:34:58	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$R70B1VX.exe
2016-06-07 09:34:58	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$R474ZDY.exe
2016-06-07 09:34:57	7EA0260488F304D68067A50B33A23AC2	1309184	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$RT9SXYF.exe
2016-06-07 09:27:20	8EC326B721C4D1F2191194F6FC24FC95	174	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$IJ8ALP7.exe
2016-06-07 09:25:59	32C76A49BDEA26CDE28CB2E6316D89FF	150	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$IPIJU8D.exe
2016-06-07 09:21:54	F9C11BBCA77D012C3122C0A2A9F2A3BD	86019	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$RJ8ALP7.exe
2016-06-07 08:54:28	D852360BB645BF7A7B867DCE893CBB19	51126160	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$RPIJU8D.exe
2016-06-07 07:31:18	5A8A8851E277577D82EE742BC1AA41C7	6858912	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1068301756-979797124-688642755-1001\$R92XEDP.exe
2016-06-06 07:56:30	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\ydg63699.exe
2016-06-06 07:56:12	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\ydg63699\Downloads\Updater.exe_201606\RSITx64.exe
2016-06-06 07:39:35	5A8A8851E277577D82EE742BC1AA41C7	6858912	----a-w-	C:\Users\ydg63699\Downloads\Updater.exe_201606\esetonlinescanner_enu.exe
2016-06-05 08:16:11	6A50282084AEF862BE90DF9FBF8D1563	1541624	----a-w-	C:\Users\ydg63699\AppData\Local\Google\Chrome\User Data\SwReporter\7.58.0\software_reporter_tool.exe
2016-06-04 21:45:04	89CAC0480C8105BB1F585C3B5E125434	9040072	----a-w-	C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2016-06-04 21:45:04	89CAC0480C8105BB1F585C3B5E125434	9040072	----a-w-	C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\OneDriveSetup.exe
2016-06-04 21:45:01	EBEC2BE509FBB6D922D2F04E4CE40946	493256	----a-w-	C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\OneDriveStandaloneUpdater.exe
2016-06-04 21:45:01	B18567F84F296ADB03E3C3F023C7422D	176840	----a-w-	C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe
2016-06-04 21:45:01	9D8F8170A6432030DAA3CF1864E16DC4	178888	----a-w-	C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileSyncConfig.exe
2016-06-04 21:41:56	E83B6CB3822D9E3E388A30D77D4894CF	403224	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgDirSize.exe
2016-06-04 21:41:56	D9DD6BA784A8D12DB91655933FD8EE58	115480	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgDelayStartup.exe
2016-06-04 21:41:56	8673E040903F0823565E75FB25C20046	105240	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgDelayStartup.exe
2016-06-04 21:41:56	596E91F9985C7F0D296411FE76300920	175384	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgBootMonitor.exe
2016-06-04 21:41:56	1A8B62778E19F5E3F492E60F2D8BDB8B	381720	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgDuplicateSize.exe
2016-06-04 21:41:55	E8D465BFDB28F623A1DE81CCF51E1B6B	1164568	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\ManualUpdate.exe
2016-06-04 21:41:55	C7F4766FDD05D229F85F0A2660BECD1F	2856216	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe
2016-06-04 21:41:55	C35899E1F78E8A0A0C3FE237FC191000	1456408	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
2016-06-04 21:41:55	ACE7CE011E74FB86E657602754662510	211224	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
2016-06-04 21:41:55	75D94F3B08DC3204F45BC6F721757381	310040	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
2016-06-04 21:41:55	75D6D9F402C51C1133FF618FB1084AA0	72472	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgLauncher.exe
2016-06-04 21:41:55	68BA7C4517AD575BBB15B3AAB7FD9845	404248	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BackupShellTransfer.exe
2016-06-04 21:41:55	633D12FB43DEFBA73ED4C77D81BF2A92	173848	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgProbe.exe
2016-06-04 21:41:55	620609A62BC2FEA2926ACCC50EA33EA0	372504	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgLogViewer.exe
2016-06-04 21:41:55	561E0533BF58992C22BAA50AF7D20322	495896	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgScan.exe
2016-06-04 21:41:55	544B80D7CEA6F5460258AB8009FB541E	134424	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\UpdatePatcher.exe
2016-06-04 21:41:55	4DE3F59B2A5F8708C7C5974CC03CCD24	160024	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgNag.exe
2016-06-04 21:41:55	3B453F9C127BEC3793CA32D44442CB47	263960	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BgCertUtil32.exe
2016-06-04 21:41:55	2E52E2B40AC1AF920D827AF934B9D6C9	249624	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgSecErase.exe
2016-06-04 21:41:55	2A9B1BF9EBA213E0D59C388B9E06A5BA	159000	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\BgProbe.exe
2016-06-04 21:41:55	2A3E5F98D88107A17B317A17B47067F7	241944	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Files32\BsMailProxy\BgCertUtil32.exe
2016-06-04 21:41:55	2A3A99E454FD8C89EE3A6421BBAE0C68	352024	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BackupRun.exe
2016-06-04 21:41:55	182CB04D58CEB610F64AEE0275B7D517	290584	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\Instalator.exe
2016-06-04 21:41:55	0EA49C2201D34E7DADCCC4F6D5A58566	78616	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BgRegister.exe
2016-06-04 21:41:55	0A572012904C5ED28AB158E4C1D1D82D	686360	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
2016-06-04 21:41:41	3915ED6262C75645FA55EDC3B8E1DCA7	399128	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
=== C: other files ==
2016-06-06 08:41:22	E4E3980ED9816D67A5DA50A75A6364C2	27929	----atw-	C:\ProgramData\Microsoft\Windows\WER\Temp\WER3241.tmp.zip
2016-06-05 21:19:27	CFED128C82D4B1FABF958EC1D0E7172F	143	----a-w-	C:\Users\ydg63699\AppData\Roaming\BullGuard\TuneUp\RegBk_2016.06.05.23.19.27\_RestoreAll.bat
2016-06-04 21:45:01	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\CollectOneDriveLogs.bat
2016-06-04 21:42:59	A30C3FA40AEA972B9D661BD0B98E0F8F	143	----a-w-	C:\Users\ydg63699\AppData\Roaming\BullGuard\TuneUp\RegBk_2016.06.04.23.42.59\_RestoreAll.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1068301756-979797124-688642755-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINNE.EXE /EPT EPLTarget\P0000000000000000 /M XP-720 Series"

[HKEY_USERS\S-1-5-21-1068301756-979797124-688642755-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]
"Uninstall C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINNE.EXE /EPT EPLTarget\P0000000000000000 /M XP-720 Series"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX5REC"
"CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon"
"BullGuard"="c:\program files\bullguard ltd\bullguard\BullGuard.exe -boot"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\EPSON XP-720 Series Update {E853536E-37A1-44DE-8A59-988CF3E876E8}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNNE.exe [22/11/2013 01:30]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/05/2016 14:25]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/05/2016 14:25]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\EPSON XP-720 Series Update {E853536E-37A1-44DE-8A59-988CF3E876E8}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNNE.EXE]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"]
"C:\WINDOWS\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1068301756-979797124-688642755-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1068301756-979797124-688642755-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\WINDOWS\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1068301756-979797124-688642755-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{32E53006-B237-40CE-88D2-1D0BC26C4D1F}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\BullGuard\BullGuardUpdate2" [C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ydg63699\AppData\Roaming\Mozilla\Firefox\Profiles\rnhbe3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:home");
user_pref("browser.search.defaultenginename", "Yahoo®");
user_pref("browser.search.selectedEngine", "Yahoo®");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"antiphishing@bullguard"="C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================


Google Slides - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Sheets - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - ydg63699\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\antiphishing@bullguard deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully

==== HijackThis Entries ======================

O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKCU\..\Run: [OneDrive] "C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINNE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-720 Series"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ydg63699\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ydg63699\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ydg63699\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ydg63699\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\ydg63699\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\ydg63699\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=42 folders=38 36810171 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\ydg63699\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 07/06/2016 at 11:47:28,23 ======================