Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Elize on zo 14-08-2016 at 22:07:09,14.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Elize\Downloads\zoek(1).exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2016-08-14-161121.log	12622 bytes
C:\zoek-results2016-08-14-163846.log	23007 bytes
C:\zoek-results2016-08-14-171801.log	553 bytes

==== Empty Folders Check ======================

C:\Users\Elize\AppData\Local\ActiveSync deleted successfully
C:\Users\Elize\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AVG Web TuneUp not found
C:\ProgramData\Essentware not found
C:\ProgramData\AVG Web TuneUp not found
C:\WINDOWS\wininit.ini deleted
C:\windows\SysNative\tasks\ByteFence deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Elize\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2016-08-12 20:53:47	A37F57E7D0C221456DB827B06B7AFC10	12585984	----a-w-	C:\WINDOWS\SysWOW64\wmp.dll
2016-08-12 20:53:42	0043DC9E479AADB7581A0C214C12981C	34088	----a-w-	C:\WINDOWS\SysWOW64\wldp.dll
2016-08-12 20:53:41	F4B7E20FF3CB74AE9D980FA3F0B8B210	84832	----a-w-	C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-12 20:53:41	393B5F91D15E12837F8B64E626691444	4078080	----a-w-	C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-12 20:53:41	1AF2375F21C2CBE38BC63CB482D2006C	501592	----a-w-	C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-12 20:53:40	6A85D494B213A6D0DD225D1E4A5575CB	2180096	----a-w-	C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-12 20:53:39	4A660D57D0607569460DD0D38DF6BECC	51128	----a-w-	C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-12 20:53:37	2DF357BB5F7F38511A061DCD5249AFBF	48640	----a-w-	C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-12 20:53:36	5E6CDE8BF64ED54240C56C7D79749835	48128	----a-w-	C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-12 20:53:29	D9BEB680598B0F91D2F8160616534555	2921368	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-12 20:53:29	8C751452AED953068107928102CF0DB3	6743040	----a-w-	C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-12 20:53:29	34FAB1BF0E226F861C7CE31EED76CF2E	703840	----a-w-	C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-12 20:53:27	5BCC73C347DBE5DCDF12F6968742CD48	219136	----a-w-	C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-12 20:53:26	5B3F9B063B6C2BCBC787DE648E03A2F9	91648	----a-w-	C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-12 20:53:26	58721A724ACF9EB64FFC73CEA2E5AD18	434688	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-12 20:53:25	4F4D63356F15B14FB4B7DBDD380C7EAD	792064	----a-w-	C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-12 20:53:24	DF671DD017F4CA34A6132C4A4F51478B	705536	----a-w-	C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-12 20:53:24	810EEE24B05B19F8688AE1A63E4C763B	80896	----a-w-	C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-12 20:53:24	64686775DDFEB380810D7EAF65B091BD	51712	----a-w-	C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-12 20:53:23	56C9D34DEA76A89175F7088354949612	957608	----a-w-	C:\WINDOWS\SysWOW64\ole32.dll
2016-08-12 20:53:22	CB84F62C5267E1D8D5754787B984DB36	13018112	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-12 20:53:19	E648A70AAFA36321ABF93038831E06D7	178688	----a-w-	C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-12 20:53:14	C1272B9E6A81130CED8A35435F40B114	21123320	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2016-08-12 20:53:08	9091FD746F787DD88BC6984C4B3AC538	1467392	----a-w-	C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-12 20:53:06	AA551F342B77497149EA7E6C42836084	2501120	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2016-08-12 20:53:05	B2A55F01906660ADD91299A2584B8473	18677760	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-12 20:53:03	9754A48B3C6C24F458B8745FD474B718	1708032	----a-w-	C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-12 20:53:03	39FE6CAF16ED024603401AF9A0C468EB	3663360	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-12 20:53:02	1350A4FFEB34D501E2D029A17D24D5DE	19351040	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-12 20:53:00	CB52438601FC0C3781C82D17891B8FD0	5660672	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-12 20:52:58	278C808F4A7CCAD30D64CAA85AB3DFEF	12133376	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-12 20:52:42	AE17FADA552633E0C42EB0AD2DAEB5CA	255168	----a-w-	C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-12 20:52:42	A75E17C4E41705FDAACB8BEB4EA8C57E	5323776	----a-w-	C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-12 20:52:41	B46AD783A5B6323D98CDCF1CB4B3ECB4	1502208	----a-w-	C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-12 20:52:40	7AE957004F39BCFC36C3F1F9D359A414	687616	----a-w-	C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-12 20:52:39	C70AB2A6F3194C11A4EC5E626764AF3A	2050048	----a-w-	C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-12 20:52:39	624C59AA9DD73DED86A2A23FE25C7A1B	286208	----a-w-	C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-12 20:52:39	1962CE5B946E523D218B1C9BDE927147	1526272	----a-w-	C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-12 20:52:38	9D6A4CDEC72C48E8D4A2F4A107C0C152	465760	----a-w-	C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-12 20:52:38	58A1678722856F13021A1A0A77FB8604	92160	----a-w-	C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-12 20:52:37	E7424977748B9CDCFE6C0BDDA5651292	400896	----a-w-	C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-12 20:52:37	17AF53CC930792A791A48B2AA8E17EBB	335872	----a-w-	C:\WINDOWS\SysWOW64\iedkcs32.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-08-12 20:53:48	CA9636181E7AB74A2482D22145CA2D65	84480	----a-w-	C:\WINDOWS\Sysnative\rdpudd.dll
2016-08-12 20:53:48	9419D31C232C0BB3EAA8CD11519A96E3	4171264	----a-w-	C:\WINDOWS\Sysnative\rdpcorets.dll
2016-08-12 20:53:46	9508F06AC3C00680F0C76EEBDA42260D	808288	----a-w-	C:\WINDOWS\Sysnative\WWAHost.exe
2016-08-12 20:53:45	011E683E228B1A6B9F6C4A1CD96FB95E	6974464	----a-w-	C:\WINDOWS\Sysnative\Windows.Data.Pdf.dll
2016-08-12 20:53:44	EFC92FC5E9CEA5E3C21A00C1E6B37976	14252544	----a-w-	C:\WINDOWS\Sysnative\wmp.dll
2016-08-12 20:53:43	4E4D0693092F72EF41872A785B6ABD87	5123072	----a-w-	C:\WINDOWS\Sysnative\dbgeng.dll
2016-08-12 20:53:41	5A54AE9F1538CC766725EC9778B643A5	58880	----a-w-	C:\WINDOWS\Sysnative\MusNotificationUx.exe
2016-08-12 20:53:40	B31C35FD2F5FD7EC6C59679593B91216	189952	----a-w-	C:\WINDOWS\Sysnative\MusNotification.exe
2016-08-12 20:53:40	5777F39D6C7442A856CDDC40E3A53727	566112	----a-w-	C:\WINDOWS\Sysnative\SettingSyncHost.exe
2016-08-12 20:53:39	C0B52E87C74E9C9F6BDF678987DF6835	1388032	----a-w-	C:\WINDOWS\Sysnative\lsasrv.dll
2016-08-12 20:53:39	5252AE36A3175861E1DAC322BF9A8DC9	247296	----a-w-	C:\WINDOWS\Sysnative\wevtutil.exe
2016-08-12 20:53:38	F7EB9C110D64DD627AEA36C055132ED7	515072	----a-w-	C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll
2016-08-12 20:53:35	C0A74EF101625756989F90162A6665D1	218624	----a-w-	C:\WINDOWS\Sysnative\cdd.dll
2016-08-12 20:53:35	6AD9CFA5567F79AD3508FA48065F0117	44544	----a-w-	C:\WINDOWS\Sysnative\musdialoghandlers.dll
2016-08-12 20:53:35	643A3DBB11ECF3169922BF628BEC3B98	115040	----a-w-	C:\WINDOWS\Sysnative\NetSetupApi.dll
2016-08-12 20:53:35	5C7C3479B1AC8C059B81DD0A28FA6DA4	1387520	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2016-08-12 20:53:34	D8CAB1807EA429C2C647FBC33C30CC88	211456	----a-w-	C:\WINDOWS\Sysnative\NetSetupSvc.dll
2016-08-12 20:53:34	5F5F86A3B85785A51DD37E26A0D87B41	1997824	----a-w-	C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
2016-08-12 20:53:34	0932BEEE3B37E0CDE94E39D3F90B00F0	693600	----a-w-	C:\WINDOWS\Sysnative\NetSetupEngine.dll
2016-08-12 20:53:33	BF6C588423B2F856015AE8F61D93D01F	379392	----a-w-	C:\WINDOWS\Sysnative\usocore.dll
2016-08-12 20:53:33	92F7552D4189CAA297D94CB3999B3309	3589120	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2016-08-12 20:53:32	DE8218E572F2E1B62C2806D3E19C60BF	16985088	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2016-08-12 20:53:32	9A4FA67BAC171581BC3A8B397F17A6B2	47616	----a-w-	C:\WINDOWS\Sysnative\TpmTasks.dll
2016-08-12 20:53:30	5D7E0F09F1763FDC1E8B1F0F806C993F	7536640	----a-w-	C:\WINDOWS\Sysnative\mstscax.dll
2016-08-12 20:53:27	F72B2B6066DDA315E94DCF9C3DF027A7	200192	----a-w-	C:\WINDOWS\Sysnative\WUDFPlatform.dll
2016-08-12 20:53:27	602060E8FD837EC184B10B32795D62AB	198144	----a-w-	C:\WINDOWS\Sysnative\winsrv.dll
2016-08-12 20:53:26	A17D939E89831694963802A729191D1F	1213440	----a-w-	C:\WINDOWS\Sysnative\wwansvc.dll
2016-08-12 20:53:26	81AF2D59BCD0F784748D0D85E23B2ADC	1500160	----a-w-	C:\WINDOWS\Sysnative\RecoveryDrive.exe
2016-08-12 20:53:25	CEB4C80F53DD880ED626A66E67EF6464	1717760	----a-w-	C:\WINDOWS\Sysnative\GdiPlus.dll
2016-08-12 20:53:22	ED99282EABDAE41696B42E3BC9581026	1540224	----a-w-	C:\WINDOWS\Sysnative\sppobjs.dll
2016-08-12 20:53:22	496F741F5EA0A938742C60441288AB62	26408	----a-w-	C:\WINDOWS\Sysnative\wuauclt.exe
2016-08-12 20:53:22	12D19C047E87E2951F29D9B0688CF2A8	692136	----a-w-	C:\WINDOWS\Sysnative\sppwinob.dll
2016-08-12 20:53:21	BFB3F9076F9B6CBC540012842177DD63	2280960	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2016-08-12 20:53:21	518492A1B8E10E7D544F9E83120DF61D	1732096	----a-w-	C:\WINDOWS\Sysnative\urlmon.dll
2016-08-12 20:53:21	312C36630E019D8D0E8BF9D314291C7E	3025920	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2016-08-12 20:53:20	42FE5F8652308F9982130292A8CC2700	3675512	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2016-08-12 20:53:19	D3938A0F10D2A4123F3C2AF61E27ABD5	848896	----a-w-	C:\WINDOWS\Sysnative\wuapi.dll
2016-08-12 20:53:19	0D33A5A89A72736F540E96C8F0412377	63488	----a-w-	C:\WINDOWS\Sysnative\wshbth.dll
2016-08-12 20:53:19	0C62C32702621557AB2B97CEDB02CD8E	104448	----a-w-	C:\WINDOWS\Sysnative\BluetoothApis.dll
2016-08-12 20:53:18	0914E0B3AFF87F80605F097B675D6782	7469408	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2016-08-12 20:53:13	C277E33EA329821F6BCA443812B4E8D6	64000	----a-w-	C:\WINDOWS\Sysnative\Windows.StateRepositoryClient.dll
2016-08-12 20:53:13	B3A0F11506D6CE8C7D1B346AABE617B8	59904	----a-w-	C:\WINDOWS\Sysnative\Windows.StateRepositoryBroker.dll
2016-08-12 20:53:12	FF048B3BA431DCEBB79CDE396D7FCB86	50368	----a-w-	C:\WINDOWS\Sysnative\CompatTelRunner.exe
2016-08-12 20:53:12	DB98838EA2799AA094D7693A016B1633	2067968	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2016-08-12 20:53:12	C65CA4C573AAE28CE068BBCE978860BB	92352	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2016-08-12 20:53:12	99435AD1BC9E7E7CEA528868E5B1F9B2	2746368	----a-w-	C:\WINDOWS\Sysnative\Windows.StateRepository.dll
2016-08-12 20:53:12	736BC0930DF22D535C9667D78F8DEB71	2175488	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2016-08-12 20:53:11	EAB476E252CE866727624B5224A054E4	506880	----a-w-	C:\WINDOWS\Sysnative\tileobjserver.dll
2016-08-12 20:53:11	DB8AF29D208C6496147BEA36D1B4CC27	285184	----a-w-	C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2016-08-12 20:53:11	9017B26672F5BD70501A9BA37990453F	1505984	----a-w-	C:\WINDOWS\Sysnative\appraiser.dll
2016-08-12 20:53:10	E9375CFB103F4D4A54EAB185F67E379B	123392	----a-w-	C:\WINDOWS\Sysnative\tdlrecover.exe
2016-08-12 20:53:10	C114604250CDC68E99F2F8A1AE3BEC4D	303216	----a-w-	C:\WINDOWS\Sysnative\LockAppHost.exe
2016-08-12 20:53:10	28898A890CEE2BFD763A12FB54E8E618	110080	----a-w-	C:\WINDOWS\Sysnative\IdCtrls.dll
2016-08-12 20:53:09	30C17CDD5108ED26EC983883348C7965	37744	----a-w-	C:\WINDOWS\Sysnative\wldp.dll
2016-08-12 20:53:07	5AB0796C22D7DBAF629A08C22494C5CE	127488	----a-w-	C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll
2016-08-12 20:52:59	A5A462B5948BC9BAF6C1CA6C2BB35D79	4895232	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2016-08-12 20:52:56	757357D0D97DCBB68FDF8F8C9EA41E51	7833088	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2016-08-12 20:52:55	7C86F530A60EB5F70691124A7231172A	764928	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2016-08-12 20:52:54	EB68DCC48742D6DDAF1B6DAA808B2BEF	13390336	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2016-08-12 20:52:52	FD9C5FB457450D925E08454927CD9219	22384128	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2016-08-12 20:52:51	B0ADC6DEDD9EC1EEC686926484D8DD1B	381952	----a-w-	C:\WINDOWS\Sysnative\wuuhext.dll
2016-08-12 20:52:49	0CCC61F60F7B447F9F77CE55FD9F4690	24613888	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2016-08-12 20:52:48	C034C41CAD5A0C805CE8BDCB4E75231A	1322760	----a-w-	C:\WINDOWS\Sysnative\ole32.dll
2016-08-12 20:52:47	9789FF6230BBE2D57F460E87E922D613	22561256	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2016-08-12 20:52:47	7BEA06396A13383998CD09E38C1AC53B	412160	----a-w-	C:\WINDOWS\Sysnative\MusUpdateHandlers.dll
2016-08-12 20:52:41	DFD15944C2D56FF462EE33BC9AF71BE0	1752576	----a-w-	C:\WINDOWS\Sysnative\ieapfltr.dll
2016-08-12 20:52:40	5FE44212DD34A190819E49591AD142BE	784384	----a-w-	C:\WINDOWS\Sysnative\msfeeds.dll
2016-08-12 20:52:40	4056766C783514E2786F13CCA59A8787	2127360	----a-w-	C:\WINDOWS\Sysnative\inetcpl.cpl
2016-08-12 20:52:39	EEF099B4F1DA73009565C1E70E76C587	529920	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2016-08-12 20:52:39	B687CA2B2FB902BF00B1127D61A84C00	359936	----a-w-	C:\WINDOWS\Sysnative\SensorsApi.dll
2016-08-12 20:52:38	CEEC73833A4C6B31E2F376A3FD4DA73E	91136	----a-w-	C:\WINDOWS\Sysnative\bthserv.dll
2016-08-12 20:52:38	89A9AA26EDF4CC2DA3820208CEA61CBB	58408	----a-w-	C:\WINDOWS\Sysnative\SensorsNativeApi.dll
2016-08-12 20:52:38	0A66FDBDE5FECC0BDF22D0CF59C66C78	970752	----a-w-	C:\WINDOWS\Sysnative\kerberos.dll
2016-08-12 20:52:37	CA6F4D06FC3931775FA1F726CE01704E	383488	----a-w-	C:\WINDOWS\Sysnative\iedkcs32.dll
2016-08-12 20:52:37	693C7B05D9E1D5B3BBC242A5569639AB	221696	----a-w-	C:\WINDOWS\Sysnative\ie4uinit.exe
2016-08-12 20:52:37	3A96F324681545F135320A9E91793972	339968	----a-w-	C:\WINDOWS\Sysnative\SensorService.dll
====== C:\WINDOWS\Sysnative\drivers =====
2016-08-12 20:53:48	FA7EE4E3DCF4C1159D4E78147D8F1A7B	84992	----a-w-	C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS
2016-08-12 20:53:45	2442F8CED09E5E4A8F1AA04C5DB22771	954368	----a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2016-08-12 20:53:42	C2138FE291C8235C3A26CD04EE629163	161632	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2016-08-12 20:53:42	570BA8E8E1E3064A7D92F862B7F59B60	604928	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-08-12 20:53:40	72CC1F3397B4438C8B8830F004075038	112640	----a-w-	C:\WINDOWS\Sysnative\drivers\bthenum.sys
2016-08-12 20:53:38	5DCB6746E9880DED87EC2A239ED64EB4	181248	----a-w-	C:\WINDOWS\Sysnative\drivers\rfcomm.sys
2016-08-12 20:53:38	0A23A12396CE5AE78E13F8E2ADF9AE35	128512	----a-w-	C:\WINDOWS\Sysnative\drivers\bthpan.sys
2016-08-12 20:53:35	E5EF652F8C880EC48A4E827698416338	1988448	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-08-12 20:53:28	E61E8025B3FC30906B9BFF0E1602B1E8	576864	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-08-12 20:53:24	97269D0CF0C275A7DF5BFCA6692CC8B8	393056	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-08-12 20:53:24	34DDBE73E42A4EDED7BEFF66F270C1A4	99680	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2016-08-12 20:53:20	3F89E96BDA0A24A3D2DBB7CE1E625589	331616	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-08-12 20:53:19	FAEBE339AB36831B77DC8F3B81DEDF75	465248	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2016-08-12 20:52:38	1BB74617AE07539EC7C31C93F98644C7	422744	----a-w-	C:\WINDOWS\Sysnative\drivers\rdbss.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2016-08-13 10:15:39	--------	d-----w-	C:\PROGRA~2\trend micro
2016-08-13 10:12:44	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2016-08-04 21:07:22	--------	d-----w-	C:\PROGRA~2\Google
======= C: =====
====== C:\Users\Elize\AppData\Roaming ======
2016-08-14 20:02:21	--------	d-----w-	C:\Users\Elize\AppData\Local\Temp
2016-08-12 21:41:02	--------	d-----w-	C:\Users\Elize\AppData\Local\Essentware
2016-08-12 21:29:13	--------	d-----w-	C:\Users\Elize\AppData\Local\CEF
2016-08-04 21:07:20	--------	d-----w-	C:\Users\Elize\AppData\Local\Google
====== C:\Users\Elize ======
2016-08-13 10:35:20	DAAB3BCC6FA56354DECC22F4B9104F7F	339991	----a-w-	C:\Users\Elize\Desktop\RSIT-1.06.exe
2016-08-13 10:34:49	DAAB3BCC6FA56354DECC22F4B9104F7F	339991	----a-w-	C:\Users\Elize\Downloads\RSIT-1.06(1).exe
2016-08-13 10:15:13	DAAB3BCC6FA56354DECC22F4B9104F7F	339991	----a-w-	C:\Users\Elize\Downloads\RSIT-1.06.exe
2016-08-13 10:11:00	85314BD9E56C05372CB2CFA5BF7CAF1C	242216	----a-w-	C:\Users\Elize\Downloads\Firefox Setup Stub 48.0.exe
2016-08-12 21:51:52	--------	d-----w-	C:\ProgramData\panda_url_filtering
2016-08-12 21:48:35	71CF4B286F3D39327298DF3B66C8904C	2342176	----a-w-	C:\Users\Elize\Downloads\PANDAFREEAV.exe
2016-08-12 21:38:33	350D904C80D7B735967995520FF80294	1430744	----a-w-	C:\Users\Elize\Downloads\PCKeeper Installer.exe
2016-08-12 21:26:45	E94B33328F987FD7A6E73624A19B72E7	6253640	----a-w-	C:\Users\Elize\Downloads\avast_free_antivirus_setup_online.exe
2016-08-12 20:44:02	F06FB41BFD2EF13A49447E4492C76CC7	603824	----a-w-	C:\Users\Elize\Downloads\ReimageRepair.exe
2016-08-04 21:07:13	C162162A47D610D2D2D9DB21E984B40C	987728	----a-w-	C:\Users\Elize\Downloads\ChromeSetup.exe

====== C: exe-files ==
2016-08-14 20:02:04	03C893380DAF90499F15339580C2FC03	257192	----a-w-	C:\Windows\temp\DPTF\esif_assist_64.exe
2016-08-13 10:35:20	DAAB3BCC6FA56354DECC22F4B9104F7F	339991	----a-w-	C:\Users\Elize\Desktop\RSIT-1.06.exe
2016-08-13 10:34:49	DAAB3BCC6FA56354DECC22F4B9104F7F	339991	----a-w-	C:\Users\Elize\Downloads\RSIT-1.06(1).exe
2016-08-13 10:15:40	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files (x86)\trend micro\Elize.exe
2016-08-13 10:15:13	DAAB3BCC6FA56354DECC22F4B9104F7F	339991	----a-w-	C:\Users\Elize\Downloads\RSIT-1.06.exe
2016-08-13 10:12:45	A1F659CA9FDA35A61101BED2BE8CD170	88670	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2016-08-13 10:12:44	C01441BA6F99890B7FF6CD0260B7750A	146888	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2016-08-13 10:11:49	946E8C3705E54367A10DB76B0E3B19BA	1554424	----a-w-	C:\Users\Elize\AppData\Local\Google\Chrome\User Data\SwReporter\8.62.4\software_reporter_tool.exe
2016-08-13 10:11:00	85314BD9E56C05372CB2CFA5BF7CAF1C	242216	----a-w-	C:\Users\Elize\Downloads\Firefox Setup Stub 48.0.exe
2016-08-12 21:48:35	71CF4B286F3D39327298DF3B66C8904C	2342176	----a-w-	C:\Users\Elize\Downloads\PANDAFREEAV.exe
2016-08-12 21:38:33	350D904C80D7B735967995520FF80294	1430744	----a-w-	C:\Users\Elize\Downloads\PCKeeper Installer.exe
2016-08-12 21:26:45	E94B33328F987FD7A6E73624A19B72E7	6253640	----a-w-	C:\Users\Elize\Downloads\avast_free_antivirus_setup_online.exe
2016-08-12 20:53:46	9508F06AC3C00680F0C76EEBDA42260D	808288	----a-w-	C:\Windows\System32\WWAHost.exe
2016-08-12 20:53:41	5A54AE9F1538CC766725EC9778B643A5	58880	----a-w-	C:\Windows\System32\MusNotificationUx.exe
2016-08-12 20:53:40	B31C35FD2F5FD7EC6C59679593B91216	189952	----a-w-	C:\Windows\System32\MusNotification.exe
2016-08-12 20:53:40	5777F39D6C7442A856CDDC40E3A53727	566112	----a-w-	C:\Windows\System32\SettingSyncHost.exe
2016-08-12 20:53:39	5252AE36A3175861E1DAC322BF9A8DC9	247296	----a-w-	C:\Windows\System32\wevtutil.exe
2016-08-12 20:53:29	34FAB1BF0E226F861C7CE31EED76CF2E	703840	----a-w-	C:\Windows\SysWOW64\WWAHost.exe
2016-08-12 20:53:26	81AF2D59BCD0F784748D0D85E23B2ADC	1500160	----a-w-	C:\Windows\System32\RecoveryDrive.exe
2016-08-12 20:53:26	5B3F9B063B6C2BCBC787DE648E03A2F9	91648	----a-w-	C:\Windows\SysWOW64\tdlrecover.exe
2016-08-12 20:53:22	496F741F5EA0A938742C60441288AB62	26408	----a-w-	C:\Windows\System32\wuauclt.exe
2016-08-12 20:53:19	E648A70AAFA36321ABF93038831E06D7	178688	----a-w-	C:\Windows\SysWOW64\wevtutil.exe
2016-08-12 20:53:18	0914E0B3AFF87F80605F097B675D6782	7469408	----a-w-	C:\Windows\System32\ntoskrnl.exe
2016-08-12 20:53:16	2EA29A50765B19DA239EB99D65F96521	816320	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-08-12 20:53:15	EB57370DB06A6A5DD73AB761D7B40B09	820416	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2016-08-12 20:53:12	FF048B3BA431DCEBB79CDE396D7FCB86	50368	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2016-08-12 20:53:11	6790DACFC7CE39F92278DE78875E9812	2143744	----a-w-	C:\Program Files\Windows Journal\Journal.exe
2016-08-12 20:53:10	E9375CFB103F4D4A54EAB185F67E379B	123392	----a-w-	C:\Windows\System32\tdlrecover.exe
2016-08-12 20:53:10	C114604250CDC68E99F2F8A1AE3BEC4D	303216	----a-w-	C:\Windows\System32\LockAppHost.exe
2016-08-12 20:52:44	72F2D5CACB99A8BB800E67C858EA35BA	7344496	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2016-08-12 20:52:42	AE17FADA552633E0C42EB0AD2DAEB5CA	255168	----a-w-	C:\Windows\SysWOW64\LockAppHost.exe
2016-08-12 20:52:38	9D6A4CDEC72C48E8D4A2F4A107C0C152	465760	----a-w-	C:\Windows\SysWOW64\SettingSyncHost.exe
2016-08-12 20:52:37	693C7B05D9E1D5B3BBC242A5569639AB	221696	----a-w-	C:\Windows\System32\ie4uinit.exe
2016-08-12 20:44:02	F06FB41BFD2EF13A49447E4492C76CC7	603824	----a-w-	C:\Users\Elize\Downloads\ReimageRepair.exe
=== C: other files ==
2016-08-13 10:25:05	814AA02E02A54770CF06226A2AC68F50	2027433	----a-w-	C:\Users\Elize\AppData\Roaming\Mozilla\Firefox\Profiles\x27adgab.default\features\{169805af-09c3-428a-8af1-bbfee91331ca}\loop@mozilla.org.xpi
2016-08-13 10:25:05	42910AD54D5C1E030808FE0871BF87B1	781661	----a-w-	C:\Users\Elize\AppData\Roaming\Mozilla\Firefox\Profiles\x27adgab.default\features\{169805af-09c3-428a-8af1-bbfee91331ca}\firefox@getpocket.com.xpi
2016-08-13 10:25:05	21D3AEE8E1C0F87AAC15B3AFA26C1FB8	6351	----a-w-	C:\Users\Elize\AppData\Roaming\Mozilla\Firefox\Profiles\x27adgab.default\features\{169805af-09c3-428a-8af1-bbfee91331ca}\e10srollout@mozilla.org.xpi
2016-08-12 21:51:53	4A8697BB94C97EC09415E22199F2904D	188	----a-w-	C:\ProgramData\panda_url_filtering\white.zip
2016-08-12 20:53:48	FA7EE4E3DCF4C1159D4E78147D8F1A7B	84992	----a-w-	C:\Windows\System32\drivers\BTHUSB.SYS
2016-08-12 20:53:45	2442F8CED09E5E4A8F1AA04C5DB22771	954368	----a-w-	C:\Windows\System32\drivers\bthport.sys
2016-08-12 20:53:42	C2138FE291C8235C3A26CD04EE629163	161632	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-08-12 20:53:42	570BA8E8E1E3064A7D92F862B7F59B60	604928	----a-w-	C:\Windows\System32\drivers\cng.sys
2016-08-12 20:53:40	72CC1F3397B4438C8B8830F004075038	112640	----a-w-	C:\Windows\System32\drivers\bthenum.sys
2016-08-12 20:53:38	5DCB6746E9880DED87EC2A239ED64EB4	181248	----a-w-	C:\Windows\System32\drivers\rfcomm.sys
2016-08-12 20:53:38	0A23A12396CE5AE78E13F8E2ADF9AE35	128512	----a-w-	C:\Windows\System32\drivers\bthpan.sys
2016-08-12 20:53:35	E5EF652F8C880EC48A4E827698416338	1988448	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2016-08-12 20:53:35	5C7C3479B1AC8C059B81DD0A28FA6DA4	1387520	----a-w-	C:\Windows\System32\win32kbase.sys
2016-08-12 20:53:33	92F7552D4189CAA297D94CB3999B3309	3589120	----a-w-	C:\Windows\System32\win32kfull.sys
2016-08-12 20:53:28	E61E8025B3FC30906B9BFF0E1602B1E8	576864	----a-w-	C:\Windows\System32\drivers\dxgmms2.sys
2016-08-12 20:53:24	97269D0CF0C275A7DF5BFCA6692CC8B8	393056	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
2016-08-12 20:53:24	34DDBE73E42A4EDED7BEFF66F270C1A4	99680	----a-w-	C:\Windows\System32\drivers\pdc.sys
2016-08-12 20:53:20	3F89E96BDA0A24A3D2DBB7CE1E625589	331616	----a-w-	C:\Windows\System32\drivers\pci.sys
2016-08-12 20:53:19	FAEBE339AB36831B77DC8F3B81DEDF75	465248	----a-w-	C:\Windows\System32\drivers\storport.sys
2016-08-12 20:52:38	1BB74617AE07539EC7C31C93F98644C7	422744	----a-w-	C:\Windows\System32\drivers\rdbss.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vProt"="C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\DNSWAXHAW" [dnswaxhaw.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{9AA64710-A759-4530-836B-39EEACEBB680}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\{B5DFC585-B7DB-28B8-C4AF-F4502595F640}" [C:\Windows\system32\regsvr32.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Elize\AppData\Roaming\Mozilla\Firefox\Profiles\x27adgab.default
user_pref("browser.startup.homepage", "www.google.nl");