
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Acer on vr 15-07-2016 at 11:02:39,76.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Acer\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

15-7-2016 11:12:18 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Wondershare deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\UpdatusUser\AppData\LocalLow deleted successfully
C:\Users\Acer\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Acer\AppData\Local\EmieSiteList deleted successfully
C:\Users\Acer\AppData\Local\EmieUserList deleted successfully
C:\Users\Acer\AppData\Local\NetworkTiles deleted successfully
C:\Users\Acer\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Acer\AppData\Local\x2ITM1cg7f deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"Wondershare Helper Compact.exe"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Wondershare not found
C:\Program Files\McAfee not found
C:\Users\Acer\AppData\Local\Wondershare deleted
C:\Program Files (x86)\Common Files\Wondershare deleted
C:\ProgramData\AVAST Software deleted
C:\ProgramData\McAfee deleted
C:\PROGRA~2\SecureW2 deleted
C:\PROGRA~2\pandasecuritytb deleted
C:\Program Files\FileViewPro deleted
C:\PROGRA~3\Wondershare Video Converter Ultimate deleted
C:\Users\Acer\AppData\Local\node-webkit deleted
C:\Users\Acer\AppData\Local\FileViewPro deleted
C:\Users\Acer\AppData\Local\TempDIR deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Acer\AppData\LocalLow\pandasecuritytb deleted
C:\WINDOWS\ava23BF.tmp deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\bar8y2fa.default\pandasecuritytb deleted
"C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\bar8y2fa.default\searchplugins\McSiteAdvisor.xml" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-07-14 07:19:25	1550F64C237E1E1046B7C4302AB595D7	4532304	----a-w-	C:\WINDOWS\explorer.exe
====== C:\Users\Acer\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-07-14 07:26:06	8551BA9CE55E0F32BB62CBDC5FC27DB2	97344	----a-w-	C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-07-14 07:22:17	F5AE6B8CB88BBC5D280F42A19DEEB86B	373248	----a-w-	C:\WINDOWS\SysWOW64\schannel.dll
2016-07-14 07:22:14	5D6E92A0B449D6FA0F387F1E40F8B001	37376	----a-w-	C:\WINDOWS\SysWOW64\atmlib.dll
2016-07-14 07:22:10	D2EC4ADEB3C5FA555521A3DF43D2EA31	1515936	----a-w-	C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-14 07:21:58	AFF3DB8E69E5328C2CB1E46FD01D5E71	249976	----a-w-	C:\WINDOWS\SysWOW64\WMASF.DLL
2016-07-14 07:21:55	67DC84EB151EBA8D8C153BB70F47E117	20861984	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-07-14 07:21:54	3FA004526C25479D77138FA343A2C2E6	650240	----a-w-	C:\WINDOWS\SysWOW64\jscript.dll
2016-07-14 07:21:54	22B668B454B3E6FF8134F21224D2E5EB	502784	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-14 07:21:53	E34506337C00CE97503F2A9032794717	161792	----a-w-	C:\WINDOWS\SysWOW64\msorcl32.dll
2016-07-14 07:21:53	CC95CEDD2D58C58FB95E867C5E783B2F	3579392	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-14 07:21:52	F4260D8ECA416A30F0369B0356D3111B	5454848	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-14 07:21:49	F2BB07C861A342F700AD57B109225A89	19336704	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-14 07:21:46	D6A56BA69CCCA5DD662B9407BE28B88B	291328	----a-w-	C:\WINDOWS\SysWOW64\polstore.dll
2016-07-14 07:21:45	26FE802EC2C880C641F3F73ED1F8B72F	502272	----a-w-	C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-07-14 07:21:44	E378757205B391BEB83DCB7B47F06E02	18799104	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-14 07:21:40	1E3A6A20E2A0D45A118F228368861FAF	11268096	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-14 07:21:40	13909B042F9108BDB579EDD047E30BDC	100352	----a-w-	C:\WINDOWS\SysWOW64\hlink.dll
2016-07-14 07:21:37	8CD0A43D5C1F9A2792121BA16C713305	5160960	----a-w-	C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-14 07:21:32	568F365EDFF9999A98B080282384A853	4737536	----a-w-	C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-14 07:21:29	7977F5310324E40746FD90BC306793D5	78848	----a-w-	C:\WINDOWS\SysWOW64\asycfilt.dll
2016-07-14 07:21:29	2AB0D2CB00F9F088705F492F7683907D	563200	----a-w-	C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-14 07:21:29	1A50D9319BB902036257836B284A9751	206336	----a-w-	C:\WINDOWS\SysWOW64\pku2u.dll
2016-07-14 07:21:28	8D59581B205692ABC762603D7770E7E4	1541632	----a-w-	C:\WINDOWS\SysWOW64\quartz.dll
2016-07-14 07:21:28	683BACDA104CABCCB8852CA24A03A964	573440	----a-w-	C:\WINDOWS\SysWOW64\qedit.dll
2016-07-14 07:21:28	49DD05CFD9044DD4D303F9341A3F6C02	768000	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2016-07-14 07:21:28	3D54FB1B83B28386F8242EDF10EE40C6	252928	----a-w-	C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-14 07:21:17	7763184B73CB778EE9601555A7C42901	235008	----a-w-	C:\WINDOWS\SysWOW64\ksproxy.ax
2016-07-14 07:21:17	1F2B7B7F2D95EDEB3C3FD6F3AA45FBEA	2587136	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2016-07-14 07:21:16	968018878981CA96AFFC68792062718B	12589056	----a-w-	C:\WINDOWS\SysWOW64\wmp.dll
2016-07-14 07:21:16	6245CD949CA56526B0F804C9912A9B7D	223744	----a-w-	C:\WINDOWS\SysWOW64\ExSMime.dll
2016-07-14 07:21:09	6A59054B30BBBEF05521921E895D16A4	188032	----a-w-	C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-07-14 07:21:09	66014F80D37AFEF646DA614D68407AB2	305776	----a-w-	C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-07-14 07:21:08	75D499303F9334780DDC00EEB15AFA99	368776	----a-w-	C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-07-14 07:21:08	5BDB3DD749FD6EE9B51FA452AD896545	695752	----a-w-	C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-07-14 07:21:07	B0409CEF7BBF488D3F07FBC36DAE34FF	2459096	----a-w-	C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-07-14 07:21:05	8ECB2BEB4318BF7C6B376269B4BF538B	1531888	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-14 07:21:04	09D1A14ECA1493C3D6DD296C2D4A61B2	2882136	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-14 07:21:03	E50B61A950637E976C76B44250667314	104960	----a-w-	C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-07-14 07:21:02	FA240A6CA214E45D32589C12F6BDD198	9889280	----a-w-	C:\WINDOWS\SysWOW64\twinui.dll
2016-07-14 07:21:02	4274FC71E6B7A5114446C90680C13E44	202240	----a-w-	C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-07-14 07:20:58	C9C42E25DCCACA302E751ECC98B52316	2042368	----a-w-	C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-14 07:20:56	8C6749B503C753318306FBF68361A775	1535032	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2016-07-14 07:20:56	52CDEDEAEC8665FF081EF2A841A77887	1522632	----a-w-	C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-14 07:20:55	0FCF32C0E00FEDC7ED27BB13FE1AC669	1495040	----a-w-	C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-14 07:20:54	C662282B95220AD700D9B93A39702A25	409088	----a-w-	C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-07-14 07:20:53	98CC3506DFADE0A3C9353E953F0891BD	747008	----a-w-	C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-07-14 07:20:53	7A471C2688C5D864A049C4F2074413E7	107952	----a-w-	C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-07-14 07:20:53	1B9D79C58A2087A7C855559AAAF4BAEF	72808	----a-w-	C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-07-14 07:20:52	A2C1C4DA38A9F0D059E289960CE4B397	2188472	----a-w-	C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-07-14 07:20:52	2813D33FD11FF4E6666A394011D83B3B	2162064	----a-w-	C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-07-14 07:20:50	B5C43CA3057E2E3733F8FC8EBB3A7309	1387008	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-14 07:20:50	1F50CB1CB2E77E57EDDD7E3702E8C548	88576	----a-w-	C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-14 07:20:49	6E64487FA9D1C12B9F4B7CC026AB35E4	1811360	----a-w-	C:\WINDOWS\SysWOW64\combase.dll
2016-07-14 07:20:49	116B8A572897CC6B233B195E4733182C	952968	----a-w-	C:\WINDOWS\SysWOW64\ole32.dll
2016-07-14 07:20:42	BE152AA70B19D10253946DBC3A75547C	882208	----a-w-	C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-07-14 07:20:42	9F6A8D14CD6FD0AFA80857EF2C3B9793	1180696	----a-w-	C:\WINDOWS\SysWOW64\msctf.dll
2016-07-14 07:20:41	AF6B6B1B8D4E2FADD4321330A89A5476	1365584	----a-w-	C:\WINDOWS\SysWOW64\gdi32.dll
2016-07-14 07:20:38	13FA2626268E7F522B9750CDCB7039D2	696192	----a-w-	C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-07-14 07:20:37	8E853D8DDA2BBD4F3A8B7096085E765B	1070080	----a-w-	C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-07-14 07:20:33	AF8DE6C42658B05EE8301A4F09367DD0	5118024	----a-w-	C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-14 07:20:32	71C33FA1180F55803CC312BE73835AEE	1106872	----a-w-	C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-14 07:20:32	4595DE3C22C4B313A21AFB2C0E21688E	714808	----a-w-	C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-07-14 07:20:28	4BAFAEEFDF9577A1B37EB6F14898F702	890880	----a-w-	C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-07-14 07:20:27	35FEF33A9C5F162C1534FF645F275B39	60928	----a-w-	C:\WINDOWS\SysWOW64\samlib.dll
2016-07-14 07:20:26	CD08AC88BF5133AB5376A519C1F14643	871936	----a-w-	C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-07-14 07:20:24	4E47E6E8A0D223A85BF174F2D28C125C	545400	----a-w-	C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-07-14 07:20:24	2B64CEC2C622BD50546692F8352E2795	316256	----a-w-	C:\WINDOWS\SysWOW64\atmfd.dll
2016-07-14 07:20:23	6EF1F91D387CF337E347722738AA6894	497896	----a-w-	C:\WINDOWS\SysWOW64\advapi32.dll
2016-07-14 07:20:22	DB5CA5EDC2BE901451DD7C240F69721B	404992	----a-w-	C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-07-14 07:20:21	08CFEE57F2AD201CC9FF3FDE12702669	3680256	----a-w-	C:\WINDOWS\SysWOW64\msi.dll
2016-07-14 07:20:16	A99EE78ACD9BE40C2A4D3097E382643C	82096	----a-w-	C:\WINDOWS\SysWOW64\devenum.dll
2016-07-14 07:20:15	D824250A3BBD7B6FE2D54FDCC3A02C39	57344	----a-w-	C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-07-14 07:20:15	719BA50A3EC9120DF91CF2890703681D	78176	----a-w-	C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-07-14 07:20:15	4DF0352252AB85979EFC52EB59F20788	282624	----a-w-	C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-07-14 07:20:14	C7FDF3CA6985EFB6D6EC824C66FCA0A5	468832	----a-w-	C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-07-14 07:20:12	D76FCD01564AF5E75DFE4F3C0EA4D4A6	393728	----a-w-	C:\WINDOWS\SysWOW64\werui.dll
2016-07-14 07:20:12	A818674D5F9B67BA4BA9B67434AAAF3B	635312	----a-w-	C:\WINDOWS\SysWOW64\evr.dll
2016-07-14 07:20:10	8F5F153AB87CDC482746AD59CC90550F	1767000	----a-w-	C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-14 07:20:09	78C5657DEE058300494BCC7DF7494171	809336	----a-w-	C:\WINDOWS\SysWOW64\WinTypes.dll
2016-07-14 07:20:09	26D2BAB976F9C02FFFFE8D38F09FDAF1	679936	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-14 07:20:08	F8B3CD1518434D30099D6CCAF3C0A2AD	133120	----a-w-	C:\WINDOWS\SysWOW64\AppxSip.dll
2016-07-14 07:20:08	94A05FF450CF79A03288839B11C2F491	842240	----a-w-	C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-07-14 07:20:07	1C7A9A4A8B375916FBF83A55D2327E12	502504	----a-w-	C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-07-14 07:20:04	5DEB6066C1F5D2F07002BF59BA57E2A0	556032	----a-w-	C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-07-14 07:20:04	149AB80CE10C9A718182E18DA555397F	1594368	----a-w-	C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-14 07:20:02	EB010C82D907969FC3A396EE16DB1A44	2152744	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2016-07-14 07:20:02	CC3CDF714B78257E6CF2ED45A1EA1CD9	208688	----a-w-	C:\WINDOWS\SysWOW64\mftranscode.dll
2016-07-14 07:19:49	248521A186986B67107808EB4F3E01E7	232896	----a-w-	C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-07-14 07:19:48	866FB205AEC79A556B7DCC5A76E0FBF7	574464	----a-w-	C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-07-14 07:19:48	36CA3F7C6F369AE1AF662C59482C3FEA	365128	----a-w-	C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-07-14 07:19:47	68705CD034801E2F37B12F41928EDC59	372368	----a-w-	C:\WINDOWS\SysWOW64\ws2_32.dll
2016-07-14 07:19:47	350FBC3F50A95657D6A0A69FF2CCD9B5	306528	----a-w-	C:\WINDOWS\SysWOW64\mswsock.dll
2016-07-14 07:19:44	EA753664747643C4C43412CA873BF00D	309248	----a-w-	C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-14 07:19:38	8DEB4DFEE4C759BB7CD85D610B7ADB38	201216	----a-w-	C:\WINDOWS\SysWOW64\cemapi.dll
2016-07-14 07:19:36	0BABABB1C3E6264D731244C7B9E1B255	4047288	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2016-07-14 07:19:35	699BF36097FF598521CCCD353245D7EE	229352	----a-w-	C:\WINDOWS\SysWOW64\sqmapi.dll
2016-07-14 07:19:29	40258BC35D16DFCDC0D7B7E04C75EDFD	278424	----a-w-	C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-07-14 07:19:29	0C5FE5EB83BD4C4F3ACF7A08821FC0D5	277400	----a-w-	C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-07-14 07:19:27	E345DB7BA95DA55D567290C1A2F1210E	183904	----a-w-	C:\WINDOWS\SysWOW64\rsaenh.dll
2016-07-14 07:19:22	3F7F518C5D276F17965AE737DE847C43	658536	----a-w-	C:\WINDOWS\SysWOW64\mfds.dll
2016-07-14 07:19:22	0FD95883F8D02787C23F56FC914E30E5	667648	----a-w-	C:\WINDOWS\SysWOW64\winhttp.dll
2016-07-14 07:19:21	1BC26B866A9820E324BE4BCF8E935B9F	700256	----a-w-	C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-14 07:19:19	1DDF051E3108465A9DAA93772F6A7DA3	504320	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-14 07:19:17	FEB5ECF1846398328CEE17D9637D4B43	123392	----a-w-	C:\WINDOWS\SysWOW64\rasman.dll
2016-07-14 07:19:16	FB2DD511304A7A015260BD0C86D51E31	168448	----a-w-	C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-07-14 07:19:16	BBBF47BDA126E54FA0363C477EC8D31E	916800	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-14 07:19:14	C2A5E323EAD57EAC0BB91E665FCE3D7E	150528	----a-w-	C:\WINDOWS\SysWOW64\VCardParser.dll
2016-07-14 07:19:13	DAF8197B2944323EFDF15ED32A055D72	2445128	----a-w-	C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-07-14 07:19:12	F2A08BAE593A8270767ABA6BAADC634E	100712	----a-w-	C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-07-14 07:19:11	C494112CBAA165233807B4F6B3ED2EDB	118272	----a-w-	C:\WINDOWS\SysWOW64\mtxoci.dll
2016-07-14 07:19:11	AA1590D5A6710EDEEFD196C2CDEB9FA8	579584	----a-w-	C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-07-14 07:19:09	970F05568081438EFBD83670E360FC8E	112632	----a-w-	C:\WINDOWS\SysWOW64\gpapi.dll
2016-07-14 07:19:05	3CABA2E1C6B0F3906F03C97A42359896	645144	----a-w-	C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-14 07:19:04	3BAD13EE0D5C042FB94D18D582B2876C	678400	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2016-07-14 07:19:02	BC3AAA8470071EA42E7573D678EB3E6D	928256	----a-w-	C:\WINDOWS\SysWOW64\Unistore.dll
2016-07-14 07:19:02	A937D01A8598F3A7BEE46FD5DDA2EDEE	97096	----a-w-	C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-07-14 07:19:01	CA2723B4B81E4E3D05561CB7325C98C2	69232	----a-w-	C:\WINDOWS\SysWOW64\netapi32.dll
2016-07-14 07:19:01	BFCD8F229492F33E5B4D35FFB8CA93B1	43520	----a-w-	C:\WINDOWS\SysWOW64\browcli.dll
2016-07-14 07:19:00	9A90D9E82D00B6426A5A3DC4F2A6D2F2	464384	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-07-14 07:18:59	DE6582C31D640ECB663BE5E4FC26740F	529456	----a-w-	C:\WINDOWS\SysWOW64\wer.dll
2016-07-14 07:18:59	CD8238168E231D00CE73257EDC397878	55808	----a-w-	C:\WINDOWS\SysWOW64\wkscli.dll
2016-07-14 07:18:59	ADA12FE2E56C44B9261766FF550851E3	73360	----a-w-	C:\WINDOWS\SysWOW64\srvcli.dll
2016-07-14 07:18:58	4999A0891B2A5634179E431373B4360B	91648	----a-w-	C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-07-14 07:18:56	C2D0FDC090C7BCDF55A67823F48ED4A3	55808	----a-w-	C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-07-14 07:18:56	0132FDD001AEF6707E920ED83A23E89A	18944	----a-w-	C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-07-14 07:18:54	8C7EE4EC3324072A4C19DEE4EEB4EACA	705520	----a-w-	C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-07-14 07:18:53	988A874D3B8B71896F1ACB4D1C03A736	56320	----a-w-	C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-07-14 07:18:52	A30C0B7E8B00485D6C388859D70951E5	37888	----a-w-	C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-07-14 07:18:51	C0F48F83DC4535D1627992092E21B431	311808	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-07-14 07:18:51	9F917CE1D8DE2B8A00FFA516BE1FBE4B	295936	----a-w-	C:\WINDOWS\SysWOW64\ieproxy.dll
2016-07-14 07:18:48	EB988275F95921C14EB3AE1C22DBFA9F	181088	----a-w-	C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-07-14 07:18:47	55AE24F5BD65BE6B200C71CE1ED5175E	37888	----a-w-	C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-07-14 07:18:46	12E6F604E01E7FD9924FFE06633F329B	29696	----a-w-	C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-07-14 07:18:45	F00A88F3EB94D5B242994FC9D107B104	625152	----a-w-	C:\WINDOWS\SysWOW64\ContactApis.dll
2016-07-14 07:18:43	BCC930B259A6EE4C4EF9CA6C99A8AFD3	557568	----a-w-	C:\WINDOWS\SysWOW64\ChatApis.dll
2016-07-14 07:18:42	2AD24AC2466E059CEA4A1FA6FD289E7E	203776	----a-w-	C:\WINDOWS\SysWOW64\vaultcli.dll
2016-07-14 07:18:41	EFCBA793DF8E9E96528CC8586F7A885C	33280	----a-w-	C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-07-14 07:18:41	A29A906461934A97081EF4EF5C61BAE3	52224	----a-w-	C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-07-14 07:18:37	329A4AE43F089C63E80C07B38F9CB4EB	525312	----a-w-	C:\WINDOWS\SysWOW64\EmailApis.dll
2016-07-14 07:18:33	D0BDD1228CF240F013229D97753E2BC1	163328	----a-w-	C:\WINDOWS\SysWOW64\fwbase.dll
2016-07-14 07:18:33	202A005B44B0E420D02E280F1AADFE71	116728	----a-w-	C:\WINDOWS\SysWOW64\mfps.dll
2016-07-14 07:18:32	345A25187E51B4090D3E421E79AF8A17	172032	----a-w-	C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-07-14 07:18:31	88CB0D11C278E8B0E95338819155C1F8	141152	----a-w-	C:\WINDOWS\SysWOW64\wermgr.exe
2016-07-14 07:18:26	03F1A692E954C666E060179AA21B8671	163840	----a-w-	C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-07-14 07:18:22	888559543B1E0BEAB4F32DC292238306	195584	----a-w-	C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-07-14 07:18:22	4CE9ECAD43EDF5C14755FA5A3FCC8C56	365056	----a-w-	C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-07-14 07:18:21	83CB142B473D05A1E03C751D3B1C0935	52736	----a-w-	C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-07-14 07:18:21	3A87019F772CE782CCD97024B60B5F20	195584	----a-w-	C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-07-14 07:18:21	2EBE5467EF072F24D45FD39C7AC109FA	131072	----a-w-	C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-07-14 07:18:17	FC051BDA44A331EDF9EF4640058228D6	19456	----a-w-	C:\WINDOWS\SysWOW64\wfapigp.dll
2016-07-14 07:18:17	2612D8C0CC6919E29D9239C7D1E96B30	159744	----a-w-	C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-07-13 18:10:09	955DC56DC263DBF2B433829192D88CD9	828408	----a-w-	C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-13 18:10:09	26144B5C2B08E127298A71BF79D10B48	176632	----a-w-	C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-07-15 08:09:31	49A27368C0859ED4494D45B6BB97D2A2	16148	----a-w-	C:\WINDOWS\Sysnative\V3-571G_Acer_HistoryPrediction.bin
2016-07-14 07:22:16	DBB78AF2FE1B2FF285F2824D3C88CB41	455168	----a-w-	C:\WINDOWS\Sysnative\schannel.dll
2016-07-14 07:22:16	CC9B3E3F072C399CC260C9509CB6F9E3	332288	----a-w-	C:\WINDOWS\Sysnative\polstore.dll
2016-07-14 07:22:15	C31B915656A89E738569A128B994A9F7	4791296	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-07-14 07:22:15	3960D71B602A49D16E6399D0E65CC57B	737792	----a-w-	C:\WINDOWS\Sysnative\StructuredQuery.dll
2016-07-14 07:22:14	732E6047741D56DEB021EBC5874F5730	79360	----a-w-	C:\WINDOWS\Sysnative\rdpudd.dll
2016-07-14 07:22:12	A1E2CA8225D016F041C7F0AA5488FD76	3584000	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2016-07-14 07:22:10	CBCEC143B1911D714AC5FBFF06D9E774	366592	----a-w-	C:\WINDOWS\Sysnative\wuuhext.dll
2016-07-14 07:22:09	5C4A1CECF6375C97E9A11F41CE5544A6	21861888	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2016-07-14 07:22:08	57FDEE1AB37C05D65B650269C030F9B8	7523840	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2016-07-14 07:22:07	D680D93235051A28A2BE3FF5DC25B035	45568	----a-w-	C:\WINDOWS\Sysnative\atmlib.dll
2016-07-14 07:22:06	64CC4016C1D24122285D78617EC7077C	8016728	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-07-14 07:22:05	AAE9088EA04B1BA4B9738B49058E6BC4	1780352	----a-w-	C:\WINDOWS\Sysnative\WindowsCodecs.dll
2016-07-14 07:22:05	9BD6EB8742119D31F6FFB9B76A34B50D	2238464	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-07-14 07:22:01	F80F5C088F1B74887E2168182CB63631	24604160	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-07-14 07:21:59	BFA2F2397B77E3CF6E1E821159B4AF23	140536	----a-w-	C:\WINDOWS\Sysnative\AuthHost.exe
2016-07-14 07:21:59	9AD8FCCC95B68BC3129AA2318CE55717	680448	----a-w-	C:\WINDOWS\Sysnative\rasmans.dll
2016-07-14 07:21:59	45450EB7B44C2DCC9F698FDC9FFE93BC	299600	----a-w-	C:\WINDOWS\Sysnative\WMASF.DLL
2016-07-14 07:21:57	B8731FD9EBCC021260E887BBB131B8E8	22326760	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-07-14 07:21:42	702F35D9C55C2542167D095E5E04DA4C	109056	----a-w-	C:\WINDOWS\Sysnative\hlink.dll
2016-07-14 07:21:41	11FBF7F70FCCE2059079756E3BEC6627	12511232	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-07-14 07:21:37	8937092B6C55947590B975FF59E4AB1D	6788096	----a-w-	C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-07-14 07:21:34	1E3F1D2EDDBC4A84326D52253FAF061E	3467784	----a-w-	C:\WINDOWS\Sysnative\WSService.dll
2016-07-14 07:21:32	438471EF9089F6BEF611A4FD39A353A9	5510656	----a-w-	C:\WINDOWS\Sysnative\d2d1.dll
2016-07-14 07:21:28	6BC1082657F0DE26EE9F489621E3EDE6	253952	----a-w-	C:\WINDOWS\Sysnative\pku2u.dll
2016-07-14 07:21:28	1312EEBA391FDAAF9F8F8E56C5FF5CB8	91648	----a-w-	C:\WINDOWS\Sysnative\asycfilt.dll
2016-07-14 07:21:27	C974AFD04F02EADDE7C1928B3B42AA91	1672192	----a-w-	C:\WINDOWS\Sysnative\quartz.dll
2016-07-14 07:21:27	103CBAC0689FA88081E421E8203BA2F0	305664	----a-w-	C:\WINDOWS\Sysnative\ksproxy.ax
2016-07-14 07:21:26	69AC1B59A11F3FDBDBEB5B9B09D7E05B	379392	----a-w-	C:\WINDOWS\Sysnative\qdvd.dll
2016-07-14 07:21:25	2430B1820D4E03796F672E3D47B88E64	3793408	----a-w-	C:\WINDOWS\Sysnative\rdpcorets.dll
2016-07-14 07:21:24	BD8EB61AEC4ADA3FF162A692749DF797	291328	----a-w-	C:\WINDOWS\Sysnative\dxtrans.dll
2016-07-14 07:21:24	870F1D282F0F8E7D9A56533A87D0551E	779928	----a-w-	C:\WINDOWS\Sysnative\evr.dll
2016-07-14 07:21:24	0A92F6A3D99634FA633A64FE425308C3	166400	----a-w-	C:\WINDOWS\Sysnative\inetpp.dll
2016-07-14 07:21:23	773AE5AB1A388B2D5D135E09117BB96D	841728	----a-w-	C:\WINDOWS\Sysnative\win32spl.dll
2016-07-14 07:21:23	5349620E4495815D4AB48D49CFEE464F	392192	----a-w-	C:\WINDOWS\Sysnative\IPSECSVC.DLL
2016-07-14 07:21:22	B539D98D907A8F94DC3B7BB37B014008	678912	----a-w-	C:\WINDOWS\Sysnative\qedit.dll
2016-07-14 07:21:22	6B1386D55FC4A64D3E6F8B3567B94780	274944	----a-w-	C:\WINDOWS\Sysnative\ExSMime.dll
2016-07-14 07:21:21	998C480F53599D5E0A61824326E4C494	950272	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2016-07-14 07:21:20	D92419E76525B8D1C9655CA44F8F2C4C	14241792	----a-w-	C:\WINDOWS\Sysnative\wmp.dll
2016-07-14 07:21:17	D56268A343A9447F9545B06381F2CDEF	3119616	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2016-07-14 07:21:11	693104B1B9CD1DB198293C3DD83DC4A9	255488	----a-w-	C:\WINDOWS\Sysnative\deviceaccess.dll
2016-07-14 07:21:10	E6AAA1D03A335E9FD0DAC571D34A11B2	11557888	----a-w-	C:\WINDOWS\Sysnative\twinui.dll
2016-07-14 07:21:09	BC54645E84C80EC0B873C0C41A3B4E39	2543784	----a-w-	C:\WINDOWS\Sysnative\d3d10warp.dll
2016-07-14 07:21:09	50410D6D47B1C0A9BC4A4B1EE4E0027F	83704	----a-w-	C:\WINDOWS\Sysnative\mfvdsp.dll
2016-07-14 07:21:08	0DE4840EB6125C69E46EB9CA908B6D29	345080	----a-w-	C:\WINDOWS\Sysnative\WMVSDECD.DLL
2016-07-14 07:21:07	FF12AE856ADD9B0AC9F1A5DF323E9130	787720	----a-w-	C:\WINDOWS\Sysnative\WMADMOD.DLL
2016-07-14 07:21:07	F7FC6CB37CBF7C3547B2F8D8D3A1ACCD	377592	----a-w-	C:\WINDOWS\Sysnative\MP4SDECD.DLL
2016-07-14 07:21:06	846FF503D852A7B15FC02A46098EB31D	205072	----a-w-	C:\WINDOWS\Sysnative\COLORCNV.DLL
2016-07-14 07:21:06	32EFE0A14B4323786ACE4E8950210367	2641928	----a-w-	C:\WINDOWS\Sysnative\WMVDECOD.DLL
2016-07-14 07:21:04	14627B8C27BBD16474846D289AFBD216	65024	----a-w-	C:\WINDOWS\Sysnative\basesrv.dll
2016-07-14 07:21:03	57F9A202E71A581683F609CC5D2B20AD	1951872	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2016-07-14 07:21:03	4E0BC82165B091A58F2FBA27505EEF5B	3626952	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-07-14 07:20:59	D952D556E91D9632E78D86486A852480	2601160	----a-w-	C:\WINDOWS\Sysnative\combase.dll
2016-07-14 07:20:58	5E93FD4C43D38B272CA245B54A4E6B39	2119680	----a-w-	C:\WINDOWS\Sysnative\inetcpl.cpl
2016-07-14 07:20:57	3C6F193A4C7D7F1539565E0BFA087EA1	1823760	----a-w-	C:\WINDOWS\Sysnative\crypt32.dll
2016-07-14 07:20:57	1220E010F1ECE4CD5E4F60D169281F59	78336	----a-w-	C:\WINDOWS\Sysnative\cryptsvc.dll
2016-07-14 07:20:56	B3CF4107AC1A6C9FF336829E30DF38DD	1824872	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2016-07-14 07:20:55	57F3B8971098CA28D0281B8D36442688	225792	----a-w-	C:\WINDOWS\Sysnative\wsqmcons.exe
2016-07-14 07:20:55	36B0E335801062202C14021E0369C320	400384	----a-w-	C:\WINDOWS\Sysnative\sharemediacpl.dll
2016-07-14 07:20:54	F70197C9E902336B223A8F43AB627BD7	115704	----a-w-	C:\WINDOWS\Sysnative\VIDRESZR.DLL
2016-07-14 07:20:54	E77CE646453D5CB5032FC2C716B77178	1844736	----a-w-	C:\WINDOWS\Sysnative\WMPDMC.exe
2016-07-14 07:20:54	9FE8EF9A4FAE92B1296D4D1AD8A2C6E6	447488	----a-w-	C:\WINDOWS\Sysnative\WMVSENCD.DLL
2016-07-14 07:20:54	903FC05DFE2EA0432113E251DE3A3E51	634368	----a-w-	C:\WINDOWS\Sysnative\WMVXENCD.DLL
2016-07-14 07:20:53	DD5339D7A02E27CC108897AF56F1BA95	1991120	----a-w-	C:\WINDOWS\Sysnative\WMVENCOD.DLL
2016-07-14 07:20:50	02AC6BE05F672DF2A5AFAA571C6FB3DB	1606656	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-07-14 07:20:46	2F6386CEFB178B29CFAD2C308F1F9139	6488312	----a-w-	C:\WINDOWS\Sysnative\windows.storage.dll
2016-07-14 07:20:42	9F2AB116293D0799BA44E27A810C26F0	1063504	----a-w-	C:\WINDOWS\Sysnative\msmpeg2adec.dll
2016-07-14 07:20:42	759D0783E28D36F5F1940D8B034F4116	1420392	----a-w-	C:\WINDOWS\Sysnative\msctf.dll
2016-07-14 07:20:41	FA78CF03CB18E8EAB07D1B9470508AA7	1270104	----a-w-	C:\WINDOWS\Sysnative\mfnetsrc.dll
2016-07-14 07:20:41	3A04CB24453E831CF75C209933DED057	862056	----a-w-	C:\WINDOWS\Sysnative\mfnetcore.dll
2016-07-14 07:20:40	FBDBE4A13976F57163B1F746DF9460EB	1591304	----a-w-	C:\WINDOWS\Sysnative\gdi32.dll
2016-07-14 07:20:38	C62218BAE56459EE10145625762CEF1C	751992	----a-w-	C:\WINDOWS\Sysnative\WMADMOE.DLL
2016-07-14 07:20:37	E42DE587D8453E20796A149303DE4691	1255936	----a-w-	C:\WINDOWS\Sysnative\WMSPDMOE.DLL
2016-07-14 07:20:36	41C9339B5185BA90A282A15732D87076	1314496	----a-w-	C:\WINDOWS\Sysnative\ole32.dll
2016-07-14 07:20:35	92C15AC3119BD5A270D4721D94962E87	205312	----a-w-	C:\WINDOWS\Sysnative\aepic.dll
2016-07-14 07:20:35	6CE30E4CF454E6A8330DC3C5CAE6C560	1150816	----a-w-	C:\WINDOWS\Sysnative\aeinv.dll
2016-07-14 07:20:35	0C4FCA0D923FCA5C2FC2152ECF41FFBE	607744	----a-w-	C:\WINDOWS\Sysnative\AppxApplicabilityEngine.dll
2016-07-14 07:20:34	B685A9D05B5ECC3BEB664C7C460BC85C	1336832	----a-w-	C:\WINDOWS\Sysnative\gpsvc.dll
2016-07-14 07:20:34	379858A39301800A1C41B0EE46E0FA1D	1119744	----a-w-	C:\WINDOWS\Sysnative\localspl.dll
2016-07-14 07:20:27	91D53074A6774D983B771FF3914CEC03	95232	----a-w-	C:\WINDOWS\Sysnative\samlib.dll
2016-07-14 07:20:27	705DC0E4337CFDC6CCC035B2C5F9AF94	1009664	----a-w-	C:\WINDOWS\Sysnative\WMSPDMOD.DLL
2016-07-14 07:20:26	FCAEBF10DBBBF61BA0C5FF4A36580007	850432	----a-w-	C:\WINDOWS\Sysnative\samsrv.dll
2016-07-14 07:20:26	02786761624CE45D67A480D992C459AC	931328	----a-w-	C:\WINDOWS\Sysnative\MSMPEG2ENC.DLL
2016-07-14 07:20:24	D877CE1C83D65C7B56A43A23279578DD	1248896	----a-w-	C:\WINDOWS\Sysnative\WinTypes.dll
2016-07-14 07:20:23	EE329CCF9C1E1CF6096E3935943CB3A5	667856	----a-w-	C:\WINDOWS\Sysnative\advapi32.dll
2016-07-14 07:20:22	F90129379A9D912CCF4EADC50F546C8B	463872	----a-w-	C:\WINDOWS\Sysnative\MFWMAAEC.DLL
2016-07-14 07:20:21	B7C3EEEA0B167F1FE66C9D52622951EE	827392	----a-w-	C:\WINDOWS\Sysnative\jscript.dll
2016-07-14 07:20:21	7128D19C04882CEEABB5F48ACD05B159	2824248	----a-w-	C:\WINDOWS\Sysnative\msmpeg2vdec.dll
2016-07-14 07:20:19	7ABDA53F1703B517DB855920A4810F94	2495768	----a-w-	C:\WINDOWS\Sysnative\CoreUIComponents.dll
2016-07-14 07:20:18	FA25EF1F646C9C09688772CFF1989BC7	3363328	----a-w-	C:\WINDOWS\Sysnative\msi.dll
2016-07-14 07:20:18	AEE285AC6117625361E6D5F06A58A830	723648	----a-w-	C:\WINDOWS\Sysnative\generaltel.dll
2016-07-14 07:20:18	1391AE72F205B9C2B25E2F83045D57B4	572928	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2016-07-14 07:20:17	7E1C768A7D7EA97AAE840D58973DEA66	678912	----a-w-	C:\WINDOWS\Sysnative\scapi.dll
2016-07-14 07:20:17	66E24C1352CADC804806AC027F4857C9	609976	----a-w-	C:\WINDOWS\Sysnative\d3d10level9.dll
2016-07-14 07:20:16	FA6733A9E51E30CE5354F4236927BB6E	915456	----a-w-	C:\WINDOWS\Sysnative\configurationclient.dll
2016-07-14 07:20:16	CCC25D8DC3177759B541752D3C163460	233992	----a-w-	C:\WINDOWS\Sysnative\mftranscode.dll
2016-07-14 07:20:16	628100F7F1F717D6C115051A389CE37E	90912	----a-w-	C:\WINDOWS\Sysnative\devenum.dll
2016-07-14 07:20:15	65656FF781BDC10127AB223CDC0AC69F	2463704	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2016-07-14 07:20:14	9A831E54F13276B91351F4242958E891	396288	----a-w-	C:\WINDOWS\Sysnative\NetSetupShim.dll
2016-07-14 07:20:14	8ABD21248C907CCD2D62C3E6AE4F3243	103776	----a-w-	C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-07-14 07:20:14	5DD2384039592047EE1E2EAEF0526B16	660320	----a-w-	C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-07-14 07:20:14	2AAC3E5D0383DBD45A15181F4FA4D4DD	75264	----a-w-	C:\WINDOWS\Sysnative\NetCfgNotifyObjectHost.exe
2016-07-14 07:20:13	E19E3A6178DF73857050BF0392D52497	775168	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2016-07-14 07:20:11	5629C5C03B4AC4F775107871B81BD566	291840	----a-w-	C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll
2016-07-14 07:20:11	4AC4CB97674AB132ACB8309C0615452B	772448	----a-w-	C:\WINDOWS\Sysnative\invagent.dll
2016-07-14 07:20:11	24DC010449BA068214B60693D472BBE1	450560	----a-w-	C:\WINDOWS\Sysnative\werui.dll
2016-07-14 07:20:09	374A1DDB723DD50042A6024DD51AAEA7	613120	----a-w-	C:\WINDOWS\Sysnative\fontdrvhost.exe
2016-07-14 07:20:08	B1FB27F4C061B8029DB91CE3BD596BA7	931840	----a-w-	C:\WINDOWS\Sysnative\AppxPackaging.dll
2016-07-14 07:20:08	4B107ADD53F027196F8B904FB2B2CACB	158208	----a-w-	C:\WINDOWS\Sysnative\AppxSip.dll
2016-07-14 07:20:05	F4A7AAFCFABBFCB05F9082929A1C0D03	624640	----a-w-	C:\WINDOWS\Sysnative\aadtb.dll
2016-07-14 07:20:05	3FB43B2662B2D963DB135B5F04F614E5	379232	----a-w-	C:\WINDOWS\Sysnative\atmfd.dll
2016-07-14 07:20:04	AF32A0D3E5A07AA50F4012C419E63757	539136	----a-w-	C:\WINDOWS\Sysnative\mfh264enc.dll
2016-07-14 07:20:03	9C0547B502CFB4F750B883EC4425B30C	441696	----a-w-	C:\WINDOWS\Sysnative\devinv.dll
2016-07-14 07:20:01	1C9D7CB4DA7F4157CD6D296A4B26D60C	1290240	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2016-07-14 07:19:50	3AB3AD8F9EC036565F6B7811B30A1B89	1794560	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2016-07-14 07:19:49	BA77A5B7C3602D0A8DC96CC5ED4AD665	249464	----a-w-	C:\WINDOWS\Sysnative\RESAMPLEDMO.DLL
2016-07-14 07:19:49	8DCEE9C98348CD3B2EA18DD06ADDFA7E	363872	----a-w-	C:\WINDOWS\Sysnative\mswsock.dll
2016-07-14 07:19:48	F87871013AA4B5101212B044E487846F	421536	----a-w-	C:\WINDOWS\Sysnative\ws2_32.dll
2016-07-14 07:19:48	857E9716C303CE66CE30D1E08187020E	1871872	----a-w-	C:\WINDOWS\Sysnative\msxml3.dll
2016-07-14 07:19:46	F2F1E2B5E253A91BD0A623A674A48CD2	31232	----a-w-	C:\WINDOWS\Sysnative\seclogon.dll
2016-07-14 07:19:45	7CCC88CF797AF1A4A399ECB83C6A90A3	1416192	----a-w-	C:\WINDOWS\Sysnative\lsasrv.dll
2016-07-14 07:19:44	7E2E8CA6D37A7628567AD030D355231A	348160	----a-w-	C:\WINDOWS\Sysnative\ntprint.dll
2016-07-14 07:19:42	F5A258AF8E8887155C803687B52A7C4C	1012736	----a-w-	C:\WINDOWS\Sysnative\schedsvc.dll
2016-07-14 07:19:42	23CC3AFEE1B4F144A20DFBA2BC5A8B54	272752	----a-w-	C:\WINDOWS\Sysnative\sqmapi.dll
2016-07-14 07:19:41	8D1D1AB5A7946A8A24F2A2B3978FA248	190976	----a-w-	C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-07-14 07:19:41	49DEA270791060BE18EE4A92D7D0C2D9	319488	----a-w-	C:\WINDOWS\Sysnative\NetworkBindingEngineMigPlugin.dll
2016-07-14 07:19:39	E79736305D17F4DECB52209EAEA4D617	432360	----a-w-	C:\WINDOWS\Sysnative\bcryptprimitives.dll
2016-07-14 07:19:38	77A84192DEF629EA4932AC26B467DC16	244736	----a-w-	C:\WINDOWS\Sysnative\cemapi.dll
2016-07-14 07:19:38	200FDCDEB70F7C007374887D2A393098	771072	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2016-07-14 07:19:32	AEB8DAB1630E05FBA1ADBB47701AE336	1423872	----a-w-	C:\WINDOWS\Sysnative\UserDataService.dll
2016-07-14 07:19:32	9015CBC489B5648D60BED762545C1ED1	1381376	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2016-07-14 07:19:32	7B3913C4A31CA31DC52B27CFBD664F18	66560	----a-w-	C:\WINDOWS\Sysnative\UserDataPlatformHelperUtil.dll
2016-07-14 07:19:31	C981E989681D3D9793052046DA40E7D1	1299032	----a-w-	C:\WINDOWS\Sysnative\winload.efi
2016-07-14 07:19:30	8CF862EF8EDC7EFE2447171C4885274F	1521664	----a-w-	C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
2016-07-14 07:19:30	3943D77D015FDDFD27119D8072046404	70656	----a-w-	C:\WINDOWS\Sysnative\POSyncServices.dll
2016-07-14 07:19:29	A2FD4588F579F8671E4AB1064633CB46	712704	----a-w-	C:\WINDOWS\Sysnative\usermgr.dll
2016-07-14 07:19:29	0291A553B39D1CE0D108CF2388006B33	42496	----a-w-	C:\WINDOWS\Sysnative\usermgrcli.dll
2016-07-14 07:19:28	7D1F133F567A5E143724381FEA6259B3	602624	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2016-07-14 07:19:27	E19B29DCA6AF0D29E180769FEDD408DD	250520	----a-w-	C:\WINDOWS\Sysnative\MPG4DECD.DLL
2016-07-14 07:19:27	76432D2E5504D33B4D2B1F837A057ED4	251544	----a-w-	C:\WINDOWS\Sysnative\MP43DECD.DLL
2016-07-14 07:19:27	396C0F5929E5F7F57F0F69365A92058F	203496	----a-w-	C:\WINDOWS\Sysnative\rsaenh.dll
2016-07-14 07:19:26	69D5CEA45BE5915E03A353311C49AD67	914944	----a-w-	C:\WINDOWS\Sysnative\SharedStartModel.dll
2016-07-14 07:19:25	49CD82AC0814925A090F99E0F2D09759	1127024	----a-w-	C:\WINDOWS\Sysnative\winload.exe
2016-07-14 07:19:24	F9551AFC9609C5F775D48E81EE734323	214528	----a-w-	C:\WINDOWS\Sysnative\Windows.Devices.Scanners.dll
2016-07-14 07:19:24	B3DF06FB336015D10F8465CC1A757588	237056	----a-w-	C:\WINDOWS\Sysnative\NetworkDesktopSettings.dll
2016-07-14 07:19:23	EF8B69CC37433F039D60E6BD0E560013	1085632	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-07-14 07:19:23	E6B774E0428598E812BC325DDF23535B	195072	----a-w-	C:\WINDOWS\Sysnative\VCardParser.dll
2016-07-14 07:19:21	B9916FF45730799D2B786DB2044E0CF3	856064	----a-w-	C:\WINDOWS\Sysnative\winhttp.dll
2016-07-14 07:19:21	57C749B734472EF84F60F3D0673A9A5A	781984	----a-w-	C:\WINDOWS\Sysnative\mfds.dll
2016-07-14 07:19:20	D92B51B5CBF35C17E6FD784315747CE3	1022664	----a-w-	C:\WINDOWS\Sysnative\winresume.efi
2016-07-14 07:19:19	1FCB20B3A80FE573971343A5B64051A3	1016832	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2016-07-14 07:19:18	B3F02109F06C958F968BF21A05D22EFB	595016	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll
2016-07-14 07:19:18	1DA1C322DE9F32389E4A074FDEA40484	1085776	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2016-07-14 07:19:17	1AA2F04762F406D278F01C987FAB64A1	141312	----a-w-	C:\WINDOWS\Sysnative\rasman.dll
2016-07-14 07:19:16	B6E5858C57014B0FA4A94F154BBDCC52	784136	----a-w-	C:\WINDOWS\Sysnative\mfsvr.dll
2016-07-14 07:19:16	3920F89CDD19D7DDD5583380F9554F60	685568	----a-w-	C:\WINDOWS\Sysnative\AppointmentApis.dll
2016-07-14 07:19:15	8D01EEB0E90157CE0DF1CBCBF321EA84	1199368	----a-w-	C:\WINDOWS\Sysnative\rpcrt4.dll
2016-07-14 07:19:15	424CF2BB621F44A126427E957BC14F03	983904	----a-w-	C:\WINDOWS\Sysnative\SecConfig.efi
2016-07-14 07:19:15	28257B48DCBE3A193FFC41CF59CE293F	1643872	----a-w-	C:\WINDOWS\Sysnative\diagtrack.dll
2016-07-14 07:19:14	8D7373D3C95C70C543F1C7C668A9A2D4	861512	----a-w-	C:\WINDOWS\Sysnative\winresume.exe
2016-07-14 07:19:12	DA61908DEEA93778F734F7CACD56D374	784384	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2016-07-14 07:19:12	CF2D0CD826F0BBC8F1150122720D2A9C	119800	----a-w-	C:\WINDOWS\Sysnative\MP3DMOD.DLL
2016-07-14 07:19:10	EE7B967B2CE297931F8A0BDB14267098	135168	----a-w-	C:\WINDOWS\Sysnative\AuthBroker.dll
2016-07-14 07:19:10	B88731761FF66380303BEE550C5ED5B9	133120	----a-w-	C:\WINDOWS\Sysnative\browser.dll
2016-07-14 07:19:10	965D6D4ACC757452894B49FA0A9BD56F	147456	----a-w-	C:\WINDOWS\Sysnative\mtxoci.dll
2016-07-14 07:19:08	DA32F9BFA7851AD4247353EA03755DE6	578560	----a-w-	C:\WINDOWS\Sysnative\winlogon.exe
2016-07-14 07:19:08	B21DEA1F5F1636B82B0DAED7D04222F6	1205248	----a-w-	C:\WINDOWS\Sysnative\Unistore.dll
2016-07-14 07:19:08	4C2BDDBE427F57888E1E578C4725FA03	627712	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.dll
2016-07-14 07:19:08	3B6E15E6801C6833B956613B7B37576E	131208	----a-w-	C:\WINDOWS\Sysnative\gpapi.dll
2016-07-14 07:19:07	CBF24B61F6F00F24DE56A7CF79842F30	114688	----a-w-	C:\WINDOWS\Sysnative\FontProvider.dll
2016-07-14 07:19:07	B8F7B0370BEF1C2816FDF12A5F6845C8	672768	----a-w-	C:\WINDOWS\Sysnative\ieproxy.dll
2016-07-14 07:19:03	FFF7869AE0E9C3D8956C80F717FEE539	354816	----a-w-	C:\WINDOWS\Sysnative\usocore.dll
2016-07-14 07:19:03	A9A7953D8C64E9FE50836E867922A2B7	801632	----a-w-	C:\WINDOWS\Sysnative\WWAHost.exe
2016-07-14 07:19:02	7790D02463936EFC00370910879A3372	113144	----a-w-	C:\WINDOWS\Sysnative\ncryptsslp.dll
2016-07-14 07:19:01	449E1F3E2F2A9FC3AD3E48ECEBD44356	58368	----a-w-	C:\WINDOWS\Sysnative\browcli.dll
2016-07-14 07:19:00	BAE350E3839F4BDE079300801084BF35	78040	----a-w-	C:\WINDOWS\Sysnative\wkscli.dll
2016-07-14 07:19:00	9419334469802B6ED101C05A32235D00	110584	----a-w-	C:\WINDOWS\Sysnative\srvcli.dll
2016-07-14 07:19:00	8C72D88015CFB3F9D4CB467E866128A4	80128	----a-w-	C:\WINDOWS\Sysnative\netapi32.dll
2016-07-14 07:18:58	82613A9699C9B340729624A0D2F5D462	115712	----a-w-	C:\WINDOWS\Sysnative\UserDataTimeUtil.dll
2016-07-14 07:18:58	65793E086D388BF244FAB9AB3D90BD1F	630160	----a-w-	C:\WINDOWS\Sysnative\wer.dll
2016-07-14 07:18:57	282BF6B5AB1F4A24AFAAB8FED0FD7731	658568	----a-w-	C:\WINDOWS\Sysnative\ClipSVC.dll
2016-07-14 07:18:56	38A519B37BAD270D0C65AE3AF7A083F2	1817064	----a-w-	C:\WINDOWS\Sysnative\WMALFXGFXDSP.dll
2016-07-14 07:18:55	B0C606013446EB3A965DBE9F4D3DDE5D	573952	----a-w-	C:\WINDOWS\Sysnative\Windows.Cortana.Desktop.dll
2016-07-14 07:18:55	6B6F2175AEF803328398EDA1673F8AF3	104448	----a-w-	C:\WINDOWS\Sysnative\CloudDomainJoinDataModelServer.dll
2016-07-14 07:18:55	0E0EF158A2BDA52A741A6314EA12556B	74752	----a-w-	C:\WINDOWS\Sysnative\wpninprc.dll
2016-07-14 07:18:54	E741BAB2495213C8B832A94F111051F6	243200	----a-w-	C:\WINDOWS\Sysnative\updatehandlers.dll
2016-07-14 07:18:53	C2FE52099132128982B5022095445846	414208	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2016-07-14 07:18:52	379EC57F69771118C71FA7C8085EF605	194048	----a-w-	C:\WINDOWS\Sysnative\SharedStartModelShim.dll
2016-07-14 07:18:51	38C48E3E32EEFAC837C78EBFE3C813A6	45056	----a-w-	C:\WINDOWS\Sysnative\UserDataLanguageUtil.dll
2016-07-14 07:18:48	D47469EAF6182ACC0DAEA2171A8D52EF	45056	----a-w-	C:\WINDOWS\Sysnative\UserDataTypeHelperUtil.dll
2016-07-14 07:18:47	EE2242D3E75F2CA0A5F3A7A7F0F4E684	334848	----a-w-	C:\WINDOWS\Sysnative\MusUpdateHandlers.dll
2016-07-14 07:18:47	AE0FF7641B8E6E8097D04624E8BA6529	181760	----a-w-	C:\WINDOWS\Sysnative\shutdownux.dll
2016-07-14 07:18:47	749EE0008489244EB05C3283A105EFF8	856576	----a-w-	C:\WINDOWS\Sysnative\MPSSVC.dll
2016-07-14 07:18:46	9413E122F23B8E1939D7CF23B8C41D60	86528	----a-w-	C:\WINDOWS\Sysnative\FwRemoteSvr.dll
2016-07-14 07:18:46	6F125E31835E6624E8FD9DB6521E2491	151552	----a-w-	C:\WINDOWS\Sysnative\MusNotification.exe
2016-07-14 07:18:46	54EFDB0177C5D20D1AA491989DC0D86B	511488	----a-w-	C:\WINDOWS\Sysnative\FirewallAPI.dll
2016-07-14 07:18:46	03995D643D7F17888FAB5D481EB61BE9	34816	----a-w-	C:\WINDOWS\Sysnative\ztrace_maps.dll
2016-07-14 07:18:45	AEC04D942D21B2EBB62B1FD7A7355023	280576	----a-w-	C:\WINDOWS\Sysnative\vaultcli.dll
2016-07-14 07:18:45	8117C4B8E6178BFA8E4839C08D577742	185344	----a-w-	C:\WINDOWS\Sysnative\psmsrv.dll
2016-07-14 07:18:44	D348983828D21D3D05711812A2811DCF	243248	----a-w-	C:\WINDOWS\Sysnative\mfps.dll
2016-07-14 07:18:43	9AE2296DE971798F81E4BCBD3B045C54	246272	----a-w-	C:\WINDOWS\Sysnative\PackageStateRoaming.dll
2016-07-14 07:18:42	DA225CBACDA6E7483DED6FE097EADBA7	720896	----a-w-	C:\WINDOWS\Sysnative\EmailApis.dll
2016-07-14 07:18:42	613A7A0081CB14936EA8CE556F5F67DE	33280	----a-w-	C:\WINDOWS\Sysnative\wups2.dll
2016-07-14 07:18:41	D9C4829C8EF857722136353648055F1D	163840	----a-w-	C:\WINDOWS\Sysnative\CallHistoryClient.dll
2016-07-14 07:18:40	E085E515DB24EFBAAF2D4661BE82DF9C	78848	----a-w-	C:\WINDOWS\Sysnative\browserbroker.dll
2016-07-14 07:18:40	639BA3697C650AA7A6204B277B0869EB	23552	----a-w-	C:\WINDOWS\Sysnative\ExtrasXmlParser.dll
2016-07-14 07:18:40	0E4433A8BA3A57BDDBDFCD5096749650	856576	----a-w-	C:\WINDOWS\Sysnative\ContactApis.dll
2016-07-14 07:18:39	B69FFED170359422CD53EDB3A17D353E	322048	----a-w-	C:\WINDOWS\Sysnative\vaultsvc.dll
2016-07-14 07:18:39	998CE50A928C6E229B36DE08FF0F7398	208736	----a-w-	C:\WINDOWS\Sysnative\AppxAllUserStore.dll
2016-07-14 07:18:39	4B2AAC9E21786C169D928B25CBC79720	752640	----a-w-	C:\WINDOWS\Sysnative\ChatApis.dll
2016-07-14 07:18:39	49B542B435E960BC26DE61596D2ABAED	81920	----a-w-	C:\WINDOWS\Sysnative\AppxSysprep.dll
2016-07-14 07:18:32	DD613F1BD0559E50B8022C429D638DE8	2180608	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-07-14 07:18:30	E9E21A2DE35591A8AAAE471D5FA2D658	26464	----a-w-	C:\WINDOWS\Sysnative\browser_broker.exe
2016-07-14 07:18:30	C99611817C253A386229DC8EB5DF7508	146784	----a-w-	C:\WINDOWS\Sysnative\wermgr.exe
2016-07-14 07:18:30	B0BACDC36CF5D615E8DB4FF8DC269F1E	288256	----a-w-	C:\WINDOWS\Sysnative\PimIndexMaintenance.dll
2016-07-14 07:18:27	DFB51BACC499072111FB5678CE7DA1C0	223232	----a-w-	C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll
2016-07-14 07:18:27	5AB790DC0AA9D616BB8C28E18226FFE9	68608	----a-w-	C:\WINDOWS\Sysnative\PimIndexMaintenanceClient.dll
2016-07-14 07:18:27	41BCFF788B4C2508139ECE118B250FC2	257024	----a-w-	C:\WINDOWS\Sysnative\UserDataAccountApis.dll
2016-07-14 07:18:23	F5A1D597A0B0147485D0047296A4817B	694784	----a-w-	C:\WINDOWS\Sysnative\jscript9diag.dll
2016-07-14 07:18:23	5E649D3A3A6F72B1EF062E023308D08E	145408	----a-w-	C:\WINDOWS\Sysnative\dssvc.dll
2016-07-14 07:18:23	2B20139CAD45B21A64E95B4EC70D7443	196096	----a-w-	C:\WINDOWS\Sysnative\fwpolicyiomgr.dll
2016-07-14 07:18:22	796F2E05D1500D7005064AE84F0AE329	47616	----a-w-	C:\WINDOWS\Sysnative\wups.dll
2016-07-14 07:18:21	777ACAD331D4B61E1CBCFCAEAC57A609	25600	----a-w-	C:\WINDOWS\Sysnative\wfapigp.dll
2016-07-14 07:18:18	0A2D0D9A0329B9C46F5D793DB51A15C7	1234944	----a-w-	C:\WINDOWS\Sysnative\aitstatic.exe
2016-07-14 07:18:17	E7E798690361EFA3D0C4F321A1C36B2F	183296	----a-w-	C:\WINDOWS\Sysnative\fwbase.dll
2016-07-14 07:18:16	A117F0406DAA8ABDEF0E393E084DDA3E	88064	----a-w-	C:\WINDOWS\Sysnative\ngckeyenum.dll
2016-07-14 07:18:16	44406AB6CDCA5BD1195273F07F656D9A	324096	----a-w-	C:\WINDOWS\Sysnative\profsvc.dll
2016-07-14 07:18:16	2B4D03A121996467E53AF02F028FD017	235008	----a-w-	C:\WINDOWS\Sysnative\UserMgrProxy.dll
2016-07-14 07:08:22	82446D358A9FB51CB9DA32A5C901D7A0	21040	----a-w-	C:\WINDOWS\Sysnative\sdnclean64.exe
====== C:\WINDOWS\Sysnative\drivers =====
2016-07-14 07:22:14	E94821F71F63033F78D8A6284A820890	114688	----a-w-	C:\WINDOWS\Sysnative\drivers\bridge.sys
2016-07-14 07:22:14	4E764502F3B12114F6ADBFC8B25BCA63	410624	----a-w-	C:\WINDOWS\Sysnative\drivers\srv.sys
2016-07-14 07:22:13	F6947A25DFE8AEFCF4931A3A5BAB9BDF	240128	----a-w-	C:\WINDOWS\Sysnative\drivers\srvnet.sys
2016-07-14 07:22:13	55D5C5B0B9F9B65BD452136A384E6EAC	138240	----a-w-	C:\WINDOWS\Sysnative\drivers\dfsc.sys
2016-07-14 07:22:13	1BD49789354B1CFE28D96DC232071A02	272896	----a-w-	C:\WINDOWS\Sysnative\drivers\netbt.sys
2016-07-14 07:22:12	F7101D3B4E00800E6CEE69F9795B7B62	633184	----a-w-	C:\WINDOWS\Sysnative\drivers\fvevol.sys
2016-07-14 07:22:11	3EB26D5963844FFAE63A93024D502BAE	127840	----a-w-	C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2016-07-14 07:22:11	10C7E03E6DF231F26136C5C7BADEF3FC	238080	----a-w-	C:\WINDOWS\Sysnative\drivers\BthLEEnum.sys
2016-07-14 07:20:56	997B78F8E312450C6CF31FA58EDDC84F	83968	----a-w-	C:\WINDOWS\Sysnative\drivers\serial.sys
2016-07-14 07:20:32	870DB31C41E4D04BCDDFC297F64D63D7	1010016	----a-w-	C:\WINDOWS\Sysnative\drivers\http.sys
2016-07-14 07:20:11	613BEC7CD64D07BBFF96BB83255158AD	672256	----a-w-	C:\WINDOWS\Sysnative\drivers\srv2.sys
2016-07-14 07:20:10	6E99FB1F0F10CC9BDA27CA1626C0E4AD	1981280	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-07-14 07:20:06	8E3F4C3A8EA2E787E6089618675501D0	143872	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxdav.sys
2016-07-14 07:20:05	07B4CBB580AAA1DD1838F2344925D7C0	2430304	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2016-07-14 07:19:03	2521520142F7853E39028AE6BD66E072	104960	----a-w-	C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2016-07-14 07:18:58	B580CD1FAA762E0C1C95C43BF0E58FD7	327520	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-07-14 07:18:51	A85D2E507558ADBCD4668E3D842409D2	331616	----a-w-	C:\WINDOWS\Sysnative\drivers\fastfat.sys
2016-07-14 07:18:48	A6CABD34D41D8191FC1B3A289CB5A6F0	442208	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2016-07-14 07:18:45	D5843BBFF4D649CE2BF5EDC4F64D9B59	158048	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2016-07-14 07:18:44	2FE2D0E1E4D33C6E70F9DBA93952DE7F	601344	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-07-14 07:18:38	224A508EDBD7B493E581B0462EC91E52	2115936	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-07-14 07:18:23	6D12FF8801832846542FD2B078B6E05F	67072	----a-w-	C:\WINDOWS\Sysnative\drivers\usbser.sys
2016-07-13 18:57:22	F803473CD0E5D36D02EB58109F1294CD	62080	----a-w-	C:\WINDOWS\Sysnative\drivers\PSKMAD.sys
2016-07-13 18:56:22	BCBF4937BDF98D593A96E4C8E9F2151E	174000	----a-w-	C:\WINDOWS\Sysnative\drivers\PSINAflt.sys
2016-07-13 18:56:21	4675949361165C5B835749F38F4FB06D	146864	----a-w-	C:\WINDOWS\Sysnative\drivers\PSINProt.sys
2016-07-13 18:56:21	0EE39D9EEDA47F8D705FF936B66FC9A1	117168	----a-w-	C:\WINDOWS\Sysnative\drivers\PSINReg.sys
2016-07-13 18:55:50	5E1049CF1C2388246D065AFB31E8B7AC	133552	----a-w-	C:\WINDOWS\Sysnative\drivers\PSINProc.sys
2016-07-13 18:55:45	8CFBB07135F309852D4D2F36280325CB	129456	----a-w-	C:\WINDOWS\Sysnative\drivers\PSINFile.sys
2016-07-13 18:55:44	BD0C23FDF7CEF744FF60128D471E236C	207280	----a-w-	C:\WINDOWS\Sysnative\drivers\PSINKNC.sys
====== C:\WINDOWS\Tasks ======
2016-07-14 17:47:08	FF4398D6727FC93B465CD153888B4FD3	4180	----a-w-	C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{038522AD-C376-417C-B98E-31BCF294A621}
2016-07-14 07:08:53	--------	d-----w-	C:\WINDOWS\Sysnative\Tasks\Safer-Networking
2016-07-14 06:46:21	3B0E5C51EFDDF83B7DD3C0FB0831DF39	2392	----a-w-	C:\WINDOWS\Sysnative\Tasks\DeviceDetector
2016-07-14 06:46:20	D63B02E61055BF42F1A64FD03BAA73BA	2040	----a-w-	C:\WINDOWS\Sysnative\Tasks\Synaptics TouchPad Enhancements
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-07-14 07:12:04	--------	d-----w-	C:\Program Files\Common Files\AV
======= C:\PROGRA~2 =====
2016-07-14 07:45:40	--------	d-----w-	C:\PROGRA~2\FinalWire
2016-07-14 07:26:47	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2016-07-14 07:25:04	--------	d-----w-	C:\PROGRA~2\Java
2016-07-14 07:03:02	--------	d-----w-	C:\PROGRA~2\CrystalDiskInfo
======= C: =====
====== C:\Users\Acer\AppData\Roaming ======
2016-07-14 17:53:26	--------	d-----w-	C:\Users\Acer\AppData\Local\ESET
2016-07-14 07:10:27	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Programs
2016-07-13 19:20:16	--------	d-----w-	C:\Users\Acer\AppData\Local\ClassicShell
2016-07-12 17:40:18	--------	d-----w-	C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
====== C:\Users\Acer ======
2016-07-15 08:46:25	5A8A8851E277577D82EE742BC1AA41C7	6858912	----a-w-	C:\Users\Acer\Downloads\esetonlinescanner_enu (2).exe
2016-07-15 08:46:06	5A8A8851E277577D82EE742BC1AA41C7	6858912	----a-w-	C:\Users\Acer\Downloads\esetonlinescanner_enu (1).exe
2016-07-14 18:51:55	5A8A8851E277577D82EE742BC1AA41C7	6858912	----a-w-	C:\Users\Acer\Downloads\esetonlinescanner_enu(1).exe
2016-07-14 17:53:07	5A8A8851E277577D82EE742BC1AA41C7	6858912	----a-w-	C:\Users\Acer\Downloads\esetonlinescanner_enu.exe
2016-07-14 17:24:56	B17ADD5A59438E177B4504A22825BC8D	1575640	----a-w-	C:\Users\Acer\Downloads\mappreporter(2).exe
2016-07-14 17:01:34	1002DA6C50028327CEB85ACC1C51D8C2	1575640	----a-w-	C:\Users\Acer\Downloads\mappreporter (1).exe
2016-07-14 07:45:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2016-07-14 07:43:57	4919315A22842B0D417DFC3BC3C6681E	16374624	----a-w-	C:\Users\Acer\Desktop\aida64extreme575.exe
2016-07-14 07:34:47	B17ADD5A59438E177B4504A22825BC8D	1575640	----a-w-	C:\Users\Acer\Downloads\mappreporter(1).exe
2016-07-14 07:33:41	1002DA6C50028327CEB85ACC1C51D8C2	1575640	----a-w-	C:\Users\Acer\Downloads\mappreporter.exe
2016-07-14 07:29:40	1002DA6C50028327CEB85ACC1C51D8C2	1575640	----a-w-	C:\Users\Acer\Desktop\mappreporter.exe
2016-07-14 07:26:33	--------	d-----w-	C:\Users\Acer\.oracle_jre_usage
2016-07-14 07:26:06	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-14 07:25:13	--------	d-----w-	C:\ProgramData\Oracle
2016-07-14 07:23:09	6686097DAFA6479EFC78082A36E6E068	738368	----a-w-	C:\Users\Acer\Downloads\jxpiinstall.exe
2016-07-14 07:14:52	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Acer\Desktop\RSITx64.exe
2016-07-14 07:04:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-07-14 06:51:35	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\ProgramData\ntuser.pol
2016-07-13 20:52:03	7793999D940065E8F827841BC5B8098A	4291320	----a-w-	C:\Users\Acer\Downloads\spywareblastersetup55.exe
2016-07-13 19:39:39	5BF662CEC9C3A5C377F1502CC4073F9C	7991656	----a-w-	C:\Users\Acer\Downloads\ccsetup519.exe
2016-07-13 19:20:16	--------	d-----w-	C:\ProgramData\ClassicShell
2016-07-13 19:19:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2016-07-13 19:11:26	525C36F380DE7276839BD2AD4C8420BD	6972688	----a-w-	C:\Users\Acer\Downloads\ClassicShellSetup_4_2_5c.exe
2016-07-13 18:57:28	--------	d-----w-	C:\ProgramData\panda_url_filtering
2016-07-13 18:55:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus

====== C: exe-files ==
2016-07-15 10:06:07	627D2B9F445D77D64096BB087646C431	173760	----a-w-	C:\$WINDOWS.~BT\DUDownload\Setup\setupplatform.exe
2016-07-14 07:22:00	48282A0CB216879D521C861E3641E454	2143744	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2016-07-14 07:21:26	D4A27EA24394535B73C0A6236B75AFBD	1473536	----a-w-	C:\Program Files\Windows Media Player\wmpnetwk.exe
2016-07-14 07:19:46	3F43DD479AE51971A0E03CC2E4A73FAE	493056	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-07-14 07:05:06	453F30B4FBE677D75D6D9EE89A0527CF	158	----a-w-	C:\$Recycle.Bin\S-1-5-21-2710336257-2014284333-629257816-1002\$IKOMV3S.exe
2016-07-14 06:55:27	80E9FD805EAE222FE17DE7CF7566E7C1	245673064	----a-w-	C:\$Recycle.Bin\S-1-5-21-2710336257-2014284333-629257816-1002\$RKOMV3S.exe
2016-07-13 21:17:37	D05F3B07CD900B397A7C870285389115	158	----a-w-	C:\$Recycle.Bin\S-1-5-21-2710336257-2014284333-629257816-1002\$IOGE5HT.exe
2016-07-13 21:15:52	10BF0C0EEE1CCE859F30648FC4E4D1F0	184	----a-w-	C:\$Recycle.Bin\S-1-5-21-2710336257-2014284333-629257816-1002\$I3BI4IP.exe
2016-07-13 19:40:40	5BF662CEC9C3A5C377F1502CC4073F9C	7991656	----a-w-	C:\Downloads en Antispyware programmas 17-10-2014\ccsetup519.exe
2016-07-13 19:12:46	525C36F380DE7276839BD2AD4C8420BD	6972688	----a-w-	C:\Downloads en Antispyware programmas 17-10-2014\ClassicShellSetup_4_2_5c.exe
2016-07-13 18:29:50	5F580180A182E2D97DBE1A5DADA3DE3D	67147168	----a-w-	C:\Downloads en Antispyware programmas 17-10-2014\FREEAV.exe
2016-07-12 17:42:02	F6541F3D7FAF912F52AAE4398757084E	2854640	----a-w-	C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
2016-07-12 17:42:02	C2503B1B4F739E3EDA6954A64E58D5B5	6154504	----a-w-	C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
2016-07-12 17:42:01	B4146989F503516551069FC9E82A1CF2	358616	----a-w-	C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe
2016-07-12 17:42:01	64327F3E0BA663BAF2F9DF3BEE215520	263896	----a-w-	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
2016-07-12 17:42:01	00F5A47E08998CC953D5A54594B0656B	1161024	----a-w-	C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe
2016-07-12 17:42:00	015BF5FFF559B32EA2F372546A0BB942	2053848	----a-w-	C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe
2016-07-10 11:10:53	7827F15069006A96F50194181C1741D7	24093392	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\lync.exe
2016-07-10 11:10:52	24B04A57BDCB6BDF70EE19A30293598C	6748352	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconv.exe
2016-07-10 11:10:46	7410A930D4574B4F579C0F8761672C7B	1554216	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ocpubmgr.exe
2016-07-10 11:10:35	967D3291020C4A0F851D293D2358020C	48840	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe
2016-07-10 11:10:34	614893BEA7349154E4C1CC93260855C9	19134152	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
2016-07-10 11:10:32	53F7C6AF0C60D2B6A1461EB2BBB7DB42	21954240	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2016-07-10 11:10:30	8D05A9E7BAF03C4C4C5B5A33E563D2B0	7988520	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe
2016-07-10 11:10:21	92BF903577B991CF7F17AD6E499DBDA0	5840680	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe
2016-07-10 11:10:17	35564CC28099C4366EC8C66A7E39941E	883928	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2016-07-10 11:10:11	2570024D006A7D9C2BF16D8CF74E0971	920264	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe
2016-07-10 11:10:03	4FE749AA3DE599824C1BA55291BEA409	1772744	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
2016-07-10 11:09:59	18BC936A4CFFF9C055544E08FE020AD6	8844544	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\groove.exe
2016-07-10 11:09:52	BF76634FD51BF084C968DDCD70E9B03B	25740480	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excel.exe
2016-07-10 11:09:48	EE08372C3ED80F7F91E586929F8A2750	163008	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\cnfnot32.exe
2016-07-10 11:09:46	250B64523957837E97884078146FB985	42696	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\appsharinghookcontroller.exe
2016-07-10 11:09:27	E9D2EED3F9059DA3D670224CF7033C9C	578920	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2710336257-2014284333-629257816-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2710336257-2014284333-629257816-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"="C:\Users\Acer\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"OneDrive"="C:\Users\Acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

[HKEY_USERS\S-1-5-21-2710336257-2014284333-629257816-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RadioController"="C:\Program Files (x86)\RadioController\RfBtnHelper.exe Start_Run"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray"
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"="C:\Users\Acer\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"OneDrive"="C:\Users\Acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe -autorun"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll, C:\\WINDOWS\\system32\\nvinitx.dll"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2710336257-2014284333-629257816-1002Core.job --a-------- C:\Users\Acer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [16-06-2015 10:10]
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-2710336257-2014284333-629257816-1002UA.job --a-------- C:\Users\Acer\AppData\Local\Dropbox\Update\DropboxUpdate.exe [16-06-2015 10:10]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31-08-2015 11:30]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31-08-2015 11:30]
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [12-09-2015 09:25]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-V3-571G-Acer" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe]
"C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{038522AD-C376-417C-B98E-31BCF294A621}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\bar8y2fa.default
user_pref("browser.startup.homepage", "www.google.com");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn" [05-02-2015 22:23]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\bar8y2fa.default
- Panda Security Toolbar - %ProfilePath%\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\bar8y2fa.default
88C9284589B5AEEF93AAF8016BA1290D	- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -	Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Acer\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Acer\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\UpdatusUser\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]

Google Docs - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Rapport - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
YouTube - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Docs Offline - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\SearchScopes\{E8061DAA-9544-4551-83C9-8A63BD052740} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes\{E8061DAA-9544-4551-83C9-8A63BD052740} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes\{E8061DAA-9544-4551-83C9-8A63BD052740} - No_Url_Value

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2710336257-2014284333-629257816-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Acer\AppData\Local\Mozilla\Firefox\Profiles\bar8y2fa.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=989 folders=119 209423706 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Acer\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 15-07-2016 at 13:46:01,62 ======================