
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Siebrand on 26/08/2015 at 18:25:49.10.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Siebrand\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

26/08/2015 18:28:31 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Siebrand\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Siebrand\AppData\Local\EmieSiteList deleted successfully
C:\Users\Siebrand\AppData\Local\EmieUserList deleted successfully
C:\Users\Siebrand\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IHProtect Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.1.6 deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 
"vProt"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\bestadblocker deleted
C:\PROGRA~2\SalePlus deleted
C:\PROGRA~2\SSaalePluusa deleted
C:\PROGRA~2\Window Expander For YouTube deleted
C:\Program Files (x86)\XTab deleted
C:\ProgramData\{737dc3d2-b3c2-9562-737d-dc3d2b3c0f4a} deleted
C:\PROGRA~3\fncniphoonfhoojeenleodpjgbdpihgk deleted
C:\windows\SysNative\Tasks\Bidaily Synchronize Task deleted
C:\PROGRA~3\18321114187950385096 deleted
C:\Users\Siebrand\AppData\Local\AVG Web TuneUp deleted
C:\Users\Siebrand\SupTab deleted
C:\Program Files\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\IHProtectUpDate deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Siebrand\AppData\LocalLow\AVG Web TuneUp deleted
"C:\WINDOWS\tasks\Bidaily Synchronize Task.job" deleted
"C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe" deleted
"C:\Program Files (x86)\AVG Web TuneUp\icudt.dll" deleted
"C:\Program Files (x86)\AVG Web TuneUp\libcef.dll" deleted
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp\avgcefrend.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp\icudt.dll" deleted
"C:\PROGRA~2\AVG Web TuneUp\libcef.dll" deleted
"C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted
"C:\Program Files (x86)\AVG Web TuneUp\locales\en-US.pak" deleted
"C:\PROGRA~2\AVG Web TuneUp\locales\en-US.pak" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.1.6\avgdttbx.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.1.6\log4cplusU.dll" deleted
"C:\Program Files (x86)\AVG Web TuneUp" deleted
"C:\PROGRA~2\AVG Web TuneUp" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\Program Files (x86)\AVG Web TuneUp\locales" deleted
"C:\PROGRA~2\AVG Web TuneUp\locales" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.1.6" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.1.6" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-08-20 22:57:07	F1CBCB7FA6F3B309639AA2D4EF74469C	4532304	----a-w-	C:\WINDOWS\explorer.exe
2015-08-12 18:17:57	986BC1A9E29A9E35C1D10D874616ACBB	215040	----a-w-	C:\WINDOWS\notepad.exe
====== C:\Users\Siebrand\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-08-20 22:57:17	A99C1929E71DDFD4258909BC735D0FD0	19323392	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-20 22:57:15	534D1504533D7B96D74F562DB232C264	13024768	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-20 22:57:12	5115AEECE3C854A51EDCB53225E0F8AB	18805760	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-20 22:57:03	B3F90790F991A5A21113B58EE50FA696	4048808	----a-w-	C:\WINDOWS\SysWOW64\explorer.exe
2015-08-20 22:57:02	7446169BFAC42215DF9DADD52EBC2316	2151208	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-20 22:57:02	72262CB79DA833B4DCBFBCDD7C752B1A	1964544	----a-w-	C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-20 22:57:02	08ACE959D9152831EC3E48ABD3DF24C6	2880032	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-20 22:57:00	2319148AD45E426D290DECEB71CB84FE	1916928	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-20 22:56:59	ACA6C8CC89A43F3BABF276662716023D	2748416	----a-w-	C:\WINDOWS\SysWOW64\tquery.dll
2015-08-20 22:56:58	C38851FD023BAE3AE54D4A8DCC28914A	586752	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-20 22:56:58	A1B3D0C660DCD7C1D901DAE9A5F1710C	1593856	----a-w-	C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-20 22:56:57	D3F6EEB4FFCFB1A2EC86CCF08BF35A4D	5454848	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-20 22:56:56	51DDB23BEB935F57C49166DCFEE10206	243800	----a-w-	C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-20 22:56:55	F8EC9D17DB30C1D8B3B7CBFF31161452	918320	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-20 22:56:55	8228A523B9FF392936554EE5F223F05B	1823232	----a-w-	C:\WINDOWS\SysWOW64\InputService.dll
2015-08-20 22:56:54	D5B87565371F8BE13765F236ED366095	454000	----a-w-	C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-20 22:56:54	C5C9A28C664F16EF252FFC26AE6F7FCD	1112064	----a-w-	C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-20 22:56:51	E0BAA615AFD8783F7A3B02517118403F	448512	----a-w-	C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-20 22:56:51	404A006C387E4F19B4DAB664144B8520	671232	----a-w-	C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-20 22:56:49	A409DD1928743E5E7D3A796381B9BEAB	159744	----a-w-	C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-20 22:56:48	45C650F31088C2820304CFA4A3D4F5FA	845664	----a-w-	C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-20 22:56:47	A88D4E2F968E444C40709082C579FEA3	311808	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-20 22:56:46	9DFC5E350801E27392CE4E817C4CF990	372224	----a-w-	C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-20 22:56:46	951D71B5D602745997A6DCBA33FC5358	280576	----a-w-	C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-20 22:56:45	E8192A23618BCEDE02446F491CB70BDB	42496	----a-w-	C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-20 22:56:45	95A776B86DC5268EB06679351B5D2F7D	131584	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-20 22:56:44	435EE3E7A2EB0274E5C976A0B3773CA7	162304	----a-w-	C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-20 22:56:44	011A8CA5E2B3399EB0D893587B830C6B	420352	----a-w-	C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-12 18:18:40	35E89DA499A3A12E5ACB4A195BF289EC	6878256	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 18:18:17	2014B86D0FC0C2AAAACBD3E6CAEFDA8C	20857848	----a-w-	C:\WINDOWS\SysWOW64\shell32.dll
2015-08-12 18:18:16	FFB18D34D8B9851A6E355BE1910DC201	11262464	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 18:18:06	1A52C84D2D831E73DEADE40EB6407FED	1162240	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 18:18:06	03A5DCD1D5046AA09295CF97B94389E9	898560	----a-w-	C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 18:18:04	50A3C0D8655F5ACFE4320FB207A098F1	1985024	----a-w-	C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 18:18:03	BE91839AB726C995AFF389AA298F9332	494592	----a-w-	C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 18:18:03	B956B3ED0F23D368F64DD2BAA7D79C83	644128	----a-w-	C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 18:18:02	0450D47983B8F40B6628AF029F830B34	195072	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 18:18:01	51BA217CB0424E93C2353F0ACC9B3360	303104	----a-w-	C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 18:18:00	981229E718319A9A01F7E740A8D855FD	700256	----a-w-	C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 18:18:00	5036F8014556AAAA662A672F3D58F04C	261632	----a-w-	C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 18:17:59	9B6BB176E3FD34FEC781053AF5B139B6	539728	----a-w-	C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-12 18:17:59	7AF34E43DE496A316DD096AEBDE2492A	268800	----a-w-	C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 18:17:59	62C4E525EE16D6224D746A8488CD657E	752640	----a-w-	C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-12 18:17:57	1C33723A070D41AF85309681EEF63B58	1533496	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 18:17:56	9AA440F8F580C573D0F2732DA6ECB87A	207872	----a-w-	C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 18:17:43	40ABA8C4ACE20FA236C97725FD27D1C4	311808	----a-w-	C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-12 18:17:41	48F3E13B0A221DDEB4FCEDC0B5EE65EC	217088	----a-w-	C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 18:17:40	14B2B40AF5DAE0AD8057341F54FEF9EC	81920	----a-w-	C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-08-26 16:16:06	D03360DAE084E65BA8651B0658AF289C	16148	----a-w-	C:\WINDOWS\Sysnative\LAPTOPSIEBRAND_Siebrand_HistoryPrediction.bin
2015-08-20 22:57:29	45DCF48E0DFF6E0CFF89D3DDD6ACC567	24593408	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2015-08-20 22:57:26	2F4814B7776BCA279AA15A172FC50FAD	21875200	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2015-08-20 22:57:24	E425EF1812C8DB0EE3843CD32156A6FE	16706560	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2015-08-20 22:57:09	9ED18AA0A7F4DEC9779CE9059FE6D057	3527168	----a-w-	C:\WINDOWS\Sysnative\tquery.dll
2015-08-20 22:57:08	D1650F6BDDF820399421C2952675731A	2558976	----a-w-	C:\WINDOWS\Sysnative\mssrch.dll
2015-08-20 22:57:06	E05DCB3D08C95D0A02872F6CF99289D2	2416640	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2015-08-20 22:57:06	7775813F334A07EDC0C569CC0E180254	2224640	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2015-08-20 22:57:05	B9EB77A3CDC1B88D616B8EDCF2B2F380	7523328	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2015-08-20 22:57:04	802E5A0B96C1E9FCC0CBFD75F04CE7DF	2093056	----a-w-	C:\WINDOWS\Sysnative\wlidsvc.dll
2015-08-20 22:57:04	58395E37ED838B93A56F1D089C2F53CF	1643872	----a-w-	C:\WINDOWS\Sysnative\diagtrack.dll
2015-08-20 22:57:01	9C8E36A3581BA65775F4C7773F8EE48A	3622256	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2015-08-20 22:57:00	FBFD88423E5DCB87E711C4F7CB4FB24D	778752	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
2015-08-20 22:57:00	A70A997B88EAEE0E898DA5773045AFF1	2446336	----a-w-	C:\WINDOWS\Sysnative\InputService.dll
2015-08-20 22:56:59	589E946CAEC63987E4469E5C3270F50D	1890304	----a-w-	C:\WINDOWS\Sysnative\dwmcore.dll
2015-08-20 22:56:59	16018214C82C4AA1F58A037FC4601A04	996352	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2015-08-20 22:56:58	346437C06343AD9F49F37196494E0C8D	2178560	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2015-08-20 22:56:57	B02EA3A2E6BEDAB9C954AAC6BD887874	292856	----a-w-	C:\WINDOWS\Sysnative\LockAppHost.exe
2015-08-20 22:56:57	989EC133AD360CE71F85974B03143D97	1178112	----a-w-	C:\WINDOWS\Sysnative\wwansvc.dll
2015-08-20 22:56:57	0E44F76619A9C77AFBFFA037B686AE5C	1795072	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2015-08-20 22:56:56	AF7D73AF34062757BFF95CFE33C50507	3588096	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2015-08-20 22:56:55	5CBC31844EDC2197D735097CB16A96DB	1334784	----a-w-	C:\WINDOWS\Sysnative\UIAutomationCore.dll
2015-08-20 22:56:55	0D54B6F4DFFC23E1B73C35A98DA14F49	554744	----a-w-	C:\WINDOWS\Sysnative\directmanipulation.dll
2015-08-20 22:56:55	0BC61871B9B1446C0B28CB5526DC171C	893440	----a-w-	C:\WINDOWS\Sysnative\MbaeApiPublic.dll
2015-08-20 22:56:54	E283DE7B5BB438BE4CCD393DA582A5D2	404480	----a-w-	C:\WINDOWS\Sysnative\diagtrack_wininternal.dll
2015-08-20 22:56:54	BB87BF4D17EBB3C05236FDAA048EBE07	593920	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2015-08-20 22:56:54	B7200F60B3E4B0916F4A931BBC75049C	563200	----a-w-	C:\WINDOWS\Sysnative\MbaeApi.dll
2015-08-20 22:56:54	2C7B2FD825A8AF0A1338D86B5AFA4343	413184	----a-w-	C:\WINDOWS\Sysnative\diagtrack_win.dll
2015-08-20 22:56:53	78FEDDED673167515E77B9BD35B13B3D	137216	----a-w-	C:\WINDOWS\Sysnative\LocationPermissions.dll
2015-08-20 22:56:53	5E8D09216315B063FD4AEAB9508F0776	1087296	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2015-08-20 22:56:52	EC2C108176F80A8D18618A6D0BA306BA	186368	----a-w-	C:\WINDOWS\Sysnative\cloudAP.dll
2015-08-20 22:56:52	CFFE537A11AE6C825F36240B96689886	993104	----a-w-	C:\WINDOWS\Sysnative\ReAgent.dll
2015-08-20 22:56:52	9CD0ED32E28B9123DBB8B20AE62A68A4	235008	----a-w-	C:\WINDOWS\Sysnative\UserMgrProxy.dll
2015-08-20 22:56:52	0E585006B82E0566AE521641D827F852	235520	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_Notifications.dll
2015-08-20 22:56:51	F777FE6BA9C62A4D90BC7017C8FED35F	336384	----a-w-	C:\WINDOWS\Sysnative\SearchProtocolHost.exe
2015-08-20 22:56:51	7143FF944C20AB5C6D4485A0469F2797	115712	----a-w-	C:\WINDOWS\Sysnative\MbaeParserTask.exe
2015-08-20 22:56:51	501AEED29B30B32BB50416C1E04380E6	148992	----a-w-	C:\WINDOWS\Sysnative\tetheringservice.dll
2015-08-20 22:56:50	C96420A6DE22D19E40506DA8397D8108	8021840	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2015-08-20 22:56:49	EF4EBEF8171480690853D853448DC078	342016	----a-w-	C:\WINDOWS\Sysnative\LocationGeofences.dll
2015-08-20 22:56:48	D5B31B2F14848015C211F1D674A82F3A	1106432	----a-w-	C:\WINDOWS\Sysnative\sysmain.dll
2015-08-20 22:56:48	B2C2DB1FD34658D087AB065DD027C8F3	274432	----a-w-	C:\WINDOWS\Sysnative\syncutil.dll
2015-08-20 22:56:48	901350B41D1262A95B5D907BD95A4145	642560	----a-w-	C:\WINDOWS\Sysnative\rdbui.dll
2015-08-20 22:56:48	577E9A5CCFF75F4EBE5D3F84BE3E3F8D	483328	----a-w-	C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll
2015-08-20 22:56:47	5D8B52B89A79503282E1C6E20464721A	414208	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2015-08-20 22:56:47	14B7BC31B956DEB1B1E2F76B5BE41E0F	2462648	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2015-08-20 22:56:46	8C7CCD8D67C1E4A3E5A5EEED3320AC08	32768	----a-w-	C:\WINDOWS\Sysnative\wuautoappupdate.dll
2015-08-20 22:56:46	513A8EF909DFCDD872E60A0EA03FEAAB	52224	----a-w-	C:\WINDOWS\Sysnative\tetheringclient.dll
2015-08-20 22:56:46	126DAFB266654F489B6692B6D5678B90	621056	----a-w-	C:\WINDOWS\Sysnative\enterprisecsps.dll
2015-08-20 22:56:45	F5839DD5FD73019B046ED7FD87AE6C71	123392	----a-w-	C:\WINDOWS\Sysnative\mssprxy.dll
2015-08-20 22:56:45	124DC4FC14EEA95B8E05F139A57D5B91	553472	----a-w-	C:\WINDOWS\Sysnative\GamePanel.exe
2015-08-12 18:18:39	C397F52BD6B482E6E33B065267680A87	8613200	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Protection.PlayReady.dll
2015-08-12 18:18:20	73D5E740C6A95EC210A8D7E6E6608FB8	22322624	----a-w-	C:\WINDOWS\Sysnative\shell32.dll
2015-08-12 18:18:18	68FA913A24F94C5D908959CC58EF1E87	12503552	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2015-08-12 18:18:14	3B1885355D9B776FF04A109044A4F906	3780096	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2015-08-12 18:18:07	F1404C842382FEF4F46FEABF2CBC1FFD	1212416	----a-w-	C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll
2015-08-12 18:18:06	69B076C9D3B75647EE1807E168F20F78	2415104	----a-w-	C:\WINDOWS\Sysnative\DWrite.dll
2015-08-12 18:18:05	BB59336AFCFE1EBBBC3BDE0FE68667A6	583128	----a-w-	C:\WINDOWS\Sysnative\mf.dll
2015-08-12 18:18:05	5269F5C2B0F21725103FAB113B4CAF7F	1601536	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Speech.dll
2015-08-12 18:18:05	3DB6BAA19408895C9E0BB55084DD94F3	595456	----a-w-	C:\WINDOWS\Sysnative\LogonController.dll
2015-08-12 18:18:05	2EA574C3DCFCD47502946B85B342AA0C	1008640	----a-w-	C:\WINDOWS\Sysnative\schedsvc.dll
2015-08-12 18:18:04	C197284A9D565A38497733AF2BDFA111	1679360	----a-w-	C:\WINDOWS\Sysnative\FntCache.dll
2015-08-12 18:18:03	377B0D82DBAED2C8260A41DD6E54F2D1	783112	----a-w-	C:\WINDOWS\Sysnative\mfsvr.dll
2015-08-12 18:18:02	FC98CE6073D93E6038C7D6A28993B9EC	365056	----a-w-	C:\WINDOWS\Sysnative\atmfd.dll
2015-08-12 18:18:02	AD5EACF5ED458DD452C7CB4162C777D3	247808	----a-w-	C:\WINDOWS\Sysnative\facecredentialprovider.dll
2015-08-12 18:18:02	3FB396E72353F0907C7672FDF17535EF	1383424	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2015-08-12 18:18:02	359B9747F3D573EF3B14537AB6DAA745	273920	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll
2015-08-12 18:18:01	E4FEBAC5221A92C25734A9769B66A97D	310784	----a-w-	C:\WINDOWS\Sysnative\ActionCenter.dll
2015-08-12 18:18:01	A1EFFF8EA50BE57AC38264541F1B88FD	801632	----a-w-	C:\WINDOWS\Sysnative\WWAHost.exe
2015-08-12 18:18:01	919663D05E791FBC7A5766E150435279	120832	----a-w-	C:\WINDOWS\Sysnative\NetworkStatus.dll
2015-08-12 18:18:00	F3994884BE4F1019B4EC34F85A3397E7	171520	----a-w-	C:\WINDOWS\Sysnative\WinBioDataModel.dll
2015-08-12 18:18:00	AD742465B0808BFA5680E9AA776CC4CF	1274880	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2015-08-12 18:18:00	55CC9E5EA8F5700270FED0B8C72657DB	608936	----a-w-	C:\WINDOWS\Sysnative\fontdrvhost.exe
2015-08-12 18:18:00	256439DB8B3376FDEF76CB211936C709	162304	----a-w-	C:\WINDOWS\Sysnative\SubscriptionMgr.dll
2015-08-12 18:17:59	E22030052530D1A6825C47B997EC0DD3	814080	----a-w-	C:\WINDOWS\Sysnative\msctfuimanager.dll
2015-08-12 18:17:59	20436EF4CDBBC0B87464EE42D9D31C99	306688	----a-w-	C:\WINDOWS\Sysnative\NotificationObjFactory.dll
2015-08-12 18:17:58	FBFC4EAC38BEC9515BBAC57D1F2288E6	573440	----a-w-	C:\WINDOWS\Sysnative\Windows.Cortana.Desktop.dll
2015-08-12 18:17:58	62821B34C9D94E7E58FD2D71F426F5C0	78848	----a-w-	C:\WINDOWS\Sysnative\VPNv2CSP.dll
2015-08-12 18:17:58	17455BCDC07F2C12C560625DF0094FEA	317440	----a-w-	C:\WINDOWS\Sysnative\configmanager2.dll
2015-08-12 18:17:57	986BC1A9E29A9E35C1D10D874616ACBB	215040	----a-w-	C:\WINDOWS\Sysnative\notepad.exe
2015-08-12 18:17:57	52F96A08076479231FFFB908073B1654	1822280	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2015-08-12 18:17:56	2E4FA4D0461BB78EC23E12404BED604E	179712	----a-w-	C:\WINDOWS\Sysnative\coredpus.dll
2015-08-12 18:17:52	17A344D0A065883ABE6A9239093E7CA9	594472	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Shell.Broker.dll
2015-08-12 18:17:47	D8BBDC20C9A4D7788557E7CCB65D954A	243248	----a-w-	C:\WINDOWS\Sysnative\mfps.dll
2015-08-12 18:17:43	B18470F8E5F68E586E4DA6716D2ECDB4	384000	----a-w-	C:\WINDOWS\Sysnative\LockAppBroker.dll
2015-08-12 18:17:43	54D78B8A26900F3E08191ABF0AD499A2	193536	----a-w-	C:\WINDOWS\Sysnative\SharedStartModelShim.dll
2015-08-12 18:17:42	8CCD8CE6D255188E30410989D6A0C29C	911360	----a-w-	C:\WINDOWS\Sysnative\SharedStartModel.dll
2015-08-12 18:17:42	757E4DEB80CDC431C91319EAF2F222B7	1290752	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2015-08-12 18:17:41	BABB3A14002CE205616C9A10373AE040	253952	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_UserAccount.dll
2015-08-12 18:17:41	79431E9EEAE85C3E579D28265D2E3F21	503808	----a-w-	C:\WINDOWS\Sysnative\tileobjserver.dll
2015-08-12 18:17:41	54490FB29B76473909C936E007297D9E	282112	----a-w-	C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2015-08-12 18:17:40	52ABEA8D9AF917CDFF22931595BDC64F	122880	----a-w-	C:\WINDOWS\Sysnative\VEDataLayerHelpers.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-08-20 22:56:51	AE7B7E1E95BFB9340B1956C98CA52C81	80720	----a-w-	C:\WINDOWS\Sysnative\drivers\stornvme.sys
2015-08-20 22:56:46	7680537006A420D7488E5057A8149F86	442208	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2015-08-12 18:18:08	310334DAF2C455744703E2D582942DF3	1983840	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2015-08-12 18:18:01	024E17D876211501EEC41503A797BDCE	505696	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2015-08-12 18:18:00	DAF957B25A35757E9D814611FAE8FE3B	237392	----a-w-	C:\WINDOWS\Sysnative\drivers\rdyboost.sys
2015-08-12 18:18:00	9B2039C5673EEBF1D4E34ABC0AFB88C7	685568	----a-w-	C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys
2015-08-12 18:17:59	D5EC9413527B286CFEEB0294C53ABB95	102752	----a-w-	C:\WINDOWS\Sysnative\drivers\mountmgr.sys
2015-08-12 18:17:59	7E51F2AD1D729F5CDBB6BE21CB58FEB7	516960	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2015-08-12 18:17:58	78CA1FF6FE37EEFAFF99DD1C956AF60A	200528	----a-w-	C:\WINDOWS\Sysnative\drivers\wof.sys
2015-08-12 18:17:53	388F2A3C771B8BEE76FD1AAF9614D08E	52264	----a-w-	C:\WINDOWS\Sysnative\drivers\wpcfltr.sys
2015-08-12 18:17:52	988588C16A53C2581488C15FF18934BF	46432	----a-w-	C:\WINDOWS\Sysnative\drivers\msgpiowin32.sys
2015-08-12 18:17:47	E1652E25178FB1D48A10DBF377F3A63D	393568	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2015-08-07 13:44:28	466EC5659C02ED53DBD47DC1BC2B8086	2116448	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2015-08-07 13:43:59	14B46248612DF1B1A695040FFFBCFAFC	155136	----a-w-	C:\WINDOWS\Sysnative\drivers\tunnel.sys
2015-08-07 13:43:56	647E2A425AD43637EAA01096A58B7089	65536	----a-w-	C:\WINDOWS\Sysnative\drivers\bthhfenum.sys
2015-08-03 03:17:43	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_ETD_01009.Wdf
2015-08-03 03:17:14	028DE72382B615EED1E67C674645F605	477784	----a-w-	C:\WINDOWS\Sysnative\drivers\ETD.sys
2015-08-02 22:53:26	D43EAFF4887321A07D9F9A9DD7225E07	1168736	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2015-08-02 22:53:17	F038EAF73AAB72A4A89185A5A7B9FD75	61280	----a-w-	C:\WINDOWS\Sysnative\drivers\dam.sys
2015-08-02 22:53:17	DE3EDAF609D00EA2E54986E6459796A6	46080	----a-w-	C:\WINDOWS\Sysnative\drivers\UcmUcsi.sys
2015-08-02 22:53:17	B87D3D07FE6F15328C6860D542F0E2BD	565088	----a-w-	C:\WINDOWS\Sysnative\drivers\acpi.sys
2015-08-02 22:53:17	3B64DA873CEA5BEC42570BFF1054A014	601344	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2015-08-02 22:53:17	2C72E029C153D25325CA182A669E4ADE	934752	----a-w-	C:\WINDOWS\Sysnative\drivers\refsv1.sys
2015-08-02 22:53:17	2834089EA4E550FF3B96E61FB4AA34ED	325984	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2015-08-02 22:53:17	1F72E1A7E1858B7B3FF81522FCEBDE95	67072	----a-w-	C:\WINDOWS\Sysnative\drivers\usbser.sys
2015-08-02 22:53:17	15FE07A404C8A0CD306661433027FFE4	498016	----a-w-	C:\WINDOWS\Sysnative\drivers\usbhub.sys
2015-07-28 09:28:30	9BD46423250EE6D39A2647B7BB89BFC3	100776	----a-w-	C:\WINDOWS\Sysnative\drivers\AsusTP.sys
2015-07-28 09:01:38	39B8968350B71EEF6A0E0F9C6C2D61FD	245680	----a-w-	C:\WINDOWS\Sysnative\drivers\avgmfx64.sys
====== C:\WINDOWS\Tasks ======
2015-08-10 10:21:58	2D4599678A36E8CEA60ADF754F0E8A8B	3628	----a-w-	C:\WINDOWS\Sysnative\Tasks\ASUS Smart Gesture Launcher
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-08-24 17:08:53	--------	d-----w-	C:\Program Files\trend micro
2015-08-14 18:58:06	--------	d-----w-	C:\Program Files\WinRAR
2015-08-07 16:22:12	--------	d-----w-	C:\Program Files\Windows Live
2015-08-03 03:17:33	--------	d-----w-	C:\Program Files\Elantech
2015-08-02 22:48:04	--------	d-----w-	C:\Program Files\Reference Assemblies
2015-08-02 22:48:04	--------	d-----w-	C:\Program Files\MSBuild
2015-08-02 22:03:20	--------	d-----w-	C:\Program Files\VIA
======= C:\PROGRA~2 =====
2015-08-07 16:22:30	--------	d-----w-	C:\PROGRA~2\Microsoft SQL Server Compact Edition
2015-08-07 16:22:07	--------	d-----w-	C:\PROGRA~2\Windows Live
2015-08-02 22:48:04	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2015-08-02 22:48:04	--------	d-----w-	C:\PROGRA~2\MSBuild
2015-08-02 22:03:48	--------	d-----w-	C:\PROGRA~2\ASUS
======= C: =====
====== C:\Users\Siebrand\AppData\Roaming ======
2015-08-14 18:58:40	--------	d-----w-	C:\Users\Siebrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 18:29:57	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg
2015-08-07 13:32:40	--------	d-s---w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow
2015-08-03 04:13:55	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles
2015-08-03 04:11:40	--------	d-----w-	C:\Users\Siebrand\AppData\Local\MicrosoftEdge
2015-08-03 03:21:01	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2015-08-03 03:10:45	--------	d-----w-	C:\Users\Siebrand\AppData\Local\Publishers
2015-08-03 03:10:05	--------	d-----w-	C:\Users\Siebrand\AppData\Local\Comms
2015-08-03 03:08:58	--------	d-----w-	C:\Users\Siebrand\AppData\Local\TileDataLayer
2015-08-02 22:27:27	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
2015-08-02 22:17:03	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg2015
2015-08-02 22:15:57	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg2015
2015-08-02 22:14:22	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2015-08-02 22:14:22	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-02 22:07:10	--------	d-s---r-	C:\Users\Siebrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-02 22:07:10	--------	d-----w-	C:\Users\Siebrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-02 22:07:10	--------	d-----w-	C:\Users\Siebrand\AppData\Roaming
2015-08-02 22:07:10	--------	d-----w-	C:\Users\Siebrand\AppData\Local\Temp
2015-08-02 22:07:10	--------	d-----w-	C:\Users\Siebrand\AppData\Local\Microsoft
2015-08-02 22:07:10	--------	d-----w-	C:\Users\Siebrand\AppData\Local
2015-08-02 22:07:10	--------	d-----r-	C:\Users\Siebrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-02 22:07:10	--------	d-----r-	C:\Users\Siebrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-02 22:07:10	--------	d-----r-	C:\Users\Siebrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-02 22:07:10	--------	d-----r-	C:\Users\Siebrand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-08-02 22:03:37	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
====== C:\Users\Siebrand ======
2015-08-24 17:45:29	61C130F9682548EABB4EF1AAA04B62F3	19648448	----a-w-	C:\Users\Siebrand\Downloads\MediaCreationToolx64.exe
2015-08-24 17:07:18	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Siebrand\Desktop\RSITx64.exe
2015-08-15 20:00:41	5ED61FA7952C0B2273BC6CCF2A8A4E36	6896660	----a-r-	C:\Users\Siebrand\Downloads\setup-pcstreams16.exe
2015-08-15 18:37:16	48AAFF59C6C0042A86B8966905526E55	119392	----a-w-	C:\Users\Siebrand\Downloads\ProduKey.exe
2015-08-14 18:58:41	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-14 18:56:22	78205A34CFB7933ACE2B1B3C59C35569	2323656	----a-w-	C:\Users\Siebrand\Downloads\winrar-x64-520nl.exe
2015-08-11 14:56:45	--------	d-----w-	C:\ProgramData\ASUS Smart Gesture
2015-08-07 16:22:41	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-03 03:08:30	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Siebrand\ntuser.ini
2015-08-02 22:23:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-08-02 22:07:10	--------	d--h--w-	C:\Users\Siebrand\AppData
2015-08-02 22:03:28	--------	d-----w-	C:\ProgramData\SetupTPDriver

====== C: exe-files ==
2015-08-24 17:45:29	61C130F9682548EABB4EF1AAA04B62F3	19648448	----a-w-	C:\Users\Siebrand\Downloads\MediaCreationToolx64.exe
2015-08-24 17:08:53	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Siebrand.exe
2015-08-24 17:07:18	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Siebrand\Desktop\RSITx64.exe
2015-08-21 23:25:44	E2AB465A4F48E9E64FE028374249B881	981584	----a-w-	C:\Program Files (x86)\Google\Update\Install\{0166B09D-A266-472B-BBF2-067912456B06}\44.0.2403.157_44.0.2403.155_chrome_updater.exe
2015-08-21 23:25:44	E2AB465A4F48E9E64FE028374249B881	981584	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.157\44.0.2403.157_44.0.2403.155_chrome_updater.exe
2015-08-20 22:57:19	AF3FB315B89940B009505BAEF103E1B1	6257520	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2015-08-20 22:57:07	F1CBCB7FA6F3B309639AA2D4EF74469C	4532304	----a-w-	C:\Windows\explorer.exe
2015-08-20 22:56:57	B02EA3A2E6BEDAB9C954AAC6BD887874	292856	----a-w-	C:\Windows\System32\LockAppHost.exe
2015-08-20 22:56:51	F777FE6BA9C62A4D90BC7017C8FED35F	336384	----a-w-	C:\Windows\System32\SearchProtocolHost.exe
2015-08-20 22:56:51	7143FF944C20AB5C6D4485A0469F2797	115712	----a-w-	C:\Windows\System32\MbaeParserTask.exe
2015-08-20 22:56:50	C96420A6DE22D19E40506DA8397D8108	8021840	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-08-20 22:56:45	124DC4FC14EEA95B8E05F139A57D5B91	553472	----a-w-	C:\Windows\System32\GamePanel.exe
2015-08-20 10:14:59	B1798BC27E40983B12FEFD0D85C05B3F	873800	----a-w-	C:\Users\Siebrand\AppData\Local\Google\Chrome\User Data\SwReporter\4.28.1\software_reporter_tool.exe
=== C: other files ==
2015-08-20 22:56:56	AF7D73AF34062757BFF95CFE33C50507	3588096	----a-w-	C:\Windows\System32\win32kfull.sys
2015-08-20 22:56:51	AE7B7E1E95BFB9340B1956C98CA52C81	80720	----a-w-	C:\Windows\System32\drivers\stornvme.sys
2015-08-20 22:56:46	7680537006A420D7488E5057A8149F86	442208	----a-w-	C:\Windows\System32\drivers\storport.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-688253611-67200311-1367995398-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2C7350T105XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.6.112\AsusWSPanel.exe /S"
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2C7350T105XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"
"Persistence"="C:\WINDOWS\system32\igfxpers.exe"
"AuditSHD"="C:\windows\system32\oobe\auditshd.exe"
"ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\ASUS InstantOn Config" [C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe]
"C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Touchpad Launcher (x64)" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\WINDOWS\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Update Checker" [C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{A267A249-4EA6-4A3A-9C14-2D992554167D}" [C:\WINDOWS\system32\msfeedssync.exe]

==== Chromium Look ======================

Google Chrome Version: 44.0.2403.157


Google Slides - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Window Expander For YouTube - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpaakpeehepibjpdmoocdaonognfiog
Google Wallet - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Siebrand\AppData\Local\Google\Chrome\User Data\Default\Preferences
}},"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}},"http://webcamtoy.com:80,*":{"last_used":{"media-stream-camera":1431621009.000831}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"default_content_settings":{},"exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-zhlQeVKgkj0/AAAAAAAAAAI/AAAAAAAAA9I/iS-jqiQ1UPI/s256-c/photo.jpg","gaia_info_update_time":"13084987960359165","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"savefile":{"default_directory":"D:\\Videos","type":1},"selectfile":{"last_directory":"C:\\Users\\Siebrand\\Pictures"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13074557061456732"},"signin":{"signedin_time":"13073932964719992"},"sync":{"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAm5KdIJ5cJUy5xr9BEohcpAAAAAACAAAAAAAQZgAAAAEAACAAAABWroUODDdWZrnnI3TY7i8UxKaa/C+yoKIYHJJBMRe9NgAAAAAOgAAAAAIAACAAAADEWuxTomK7+4XY1vDya16LkOZou11Yydv/Dkh6/JgeC0AAAACH8p/Y/mZrTAPyz4Xmmxa+7Ivb9Kz9Y3FbYIy6eH//EyPObvQT4EsJw00/dGP0Aq6vkdYX4G8T0rX1/dHn9juqQAAAALAl5YrLf6DNK4PUXF0ipvLn+RGHubbX3z1hAfPoK5zCjVJydF3iJbNh+wOMMQr7hZctdwd6WTVaet+GxpKxJno=","extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"first_sync_time":"13073932964747713","has_setup_completed":true,"history_delete_directives":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAm5KdIJ5cJUy5xr9BEohcpAAAAAACAAAAAAAQZgAAAAEAACAAAACVb/yWrFCU3qJoNOay43CU7V25ZVvwBLuqUjIhS/TWtwAAAAAOgAAAAAIAACAAAABtN3Qq6H1zp45wf1D0Qa+xiQh+z99R0iP0lk9DX0yCe1AAAADN71gCf9jeV0y010iR4DfibkhMsEjBzu0b4e7Hn5ko8rG0vwV6UUwHUbHwhCunYle7W0xhIrVT6nyWSM0J9TYFTx+79IdQSw5Apo8IuUYQoEAAAADbf7xk4pXZCEjOvlu7rwe7RQabM8/I9Stk3EK/8T+C4gaau16yalbzcCuqIc7FG8HfdbyFZLYHIyjsY07RfT87","last_synced_time":"13084988925537387","managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"memory_warning_count":0,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_sync1GNUhueb8hldy6f5uUbTRg==","sessions":true,"shutdown_cleanly":true,"suppress_start":false,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"show_on_first_run_allowed":false},"translate_accepted_count":{"de":0,"en":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"de":1,"en":2},"translate_last_denied_time":1429452594752.853,"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}}
671AD3B2ABFDCB6C75B168AD10493F8D68DF28C407"}},"super_mac":"6EF583AE3AAD10C4D305BCB6A7BABAB6A53069DA4B0558E05CE1E21F0810279C"},"session":{"restore_on_startup":5,"startup_urls":["http://www.google.com/","http://www.mystartsearch.com/?type=hp&ts=1430083184&from=wpc&uid=HitachiXHTS545050A7E380_TE85113Q2GT0NR2GT0NRX","http://www.mystartsearch.com/?type=hppp&ts=1430083444&from=wpc&uid=HitachiXHTS545050A7E380_TE85113Q2GT0NR2GT0NRX"]},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\Siebrand\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpaakpeehepibjpdmoocdaonognfiog deleted successfully
C:\Users\Siebrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkpaakpeehepibjpdmoocdaonognfiog_0.localstorage deleted successfully
C:\Users\Siebrand\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fkpaakpeehepibjpdmoocdaonognfiog_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
"Search Page"="http://www.mystartsearch.com/web/?type=dspp&ts=1430083444&from=wpc&uid=HitachiXHTS545050A7E380_TE85113Q2GT0NR2GT0NRX&q={searchTerms}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{e94b610} deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Siebrand\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Siebrand\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Siebrand\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Siebrand\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Siebrand\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1164 folders=192 715045141 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Siebrand\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 26/08/2015 at 19:37:59.35 ======================