
Zoek.exe v5.0.0.1 Updated 13-October-2015
Tool run by Acer on wo 14-10-2015 at 14:52:35,19.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Acer\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

14-10-2015 14:56:24 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\Users\Acer\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Acer\AppData\Local\EmieSiteList deleted successfully
C:\Users\Acer\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WtuSystemSupport deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AVG Web TuneUp deleted
C:\Users\Acer\AppData\Local\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\{FE4634B2-1CE3-415A-B206-2E66F108C17C} deleted
C:\Users\Acer\Downloads\tb_free.exe deleted
C:\Users\Acer\AppData\LocalLow\{AB330A62-09B8-47D8-A6BA-757C2AE28B9D} deleted
C:\Users\Acer\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Acer\AppData\Local\Temp ====
====== Java Cache =====
2015-10-14 12:41:48	4F85459CEC4F78A3987FFFD5B6A816C5	605	----a-w-	C:\Users\Acer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-6a93e5cd
2015-10-14 12:41:49	F496104FD94C4D8A213A14045924E6CC	429	----a-w-	C:\Users\Acer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap
2015-10-14 12:41:49	C9588417B10E1D770E3E5DA1F3510AE5	8425	----a-w-	C:\Users\Acer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-142d33ea
2015-10-14 12:41:58	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Acer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-4f3e53f2
====== C:\Windows\SysWOW64 =====
2015-10-14 12:39:57	C05114B0BDF2470F7F4A1B2128540062	97888	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-14 08:25:29	F811B932E3DBA308014F8C870F752F16	12875776	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-10-14 08:25:28	5CB2886338C82E388F68557E2745200F	1498624	----a-w-	C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 08:25:21	908BBA41A5B57DDB126B85EC14DD58EF	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 08:25:21	0E036A353DB9D8F4F642AC0F9412F09E	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 08:25:21	04BB7AF8E0DAE83982155F0752308666	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 08:25:20	D586CB95B4EADC0525E8929A241898F5	20357632	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-10-14 08:25:20	C89372B642726F1CF3EB479397976DA3	279040	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 08:25:20	C848E013BB85C48C787001E1EA36905F	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 08:25:20	A7028D5D5E3DCF820B3C0AFE0137A87E	130048	----a-w-	C:\Windows\SysWOW64\occache.dll
2015-10-14 08:25:20	9F36964CDB9A920779314395E3911503	504832	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-10-14 08:25:20	098F6097F919EE77EA490E16D11E427A	1311232	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-10-14 08:25:20	060409834CC8FAC3F1231DA3F0648CC5	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 08:25:20	00FBEDF0E74AD8815469A95271C0E562	345688	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 08:25:18	B87A11C95703AB19ACB43993DDA0F1A3	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-10-14 08:25:18	9F4234838400CC3A964AF53DE4410A50	2279936	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-10-14 08:25:18	816B489E2BBFE2479C844AAD486ABB42	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 08:25:18	7E8EABA6A2B10FE11E2381378A57322B	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 08:25:18	73189A2739491ABB556872737C501F8E	663552	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-10-14 08:25:18	12DCE9300FF5B74DC2F7DBAC96B0614E	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 08:25:17	F274AF14C7DB6C52C023BCBDA4197D17	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 08:25:17	BE1263EE0CB8CF942FC35CC86E0C3941	12853760	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-10-14 08:25:17	AFC4F34507B555D1C9C4F049CCA1475F	416256	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 08:25:17	8C9BCE16E894D4FBCE151F4A5FE05F55	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-10-14 08:25:17	584E6632F1F4027AB64DEB0F4139E7D7	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 08:25:17	4A3CA2C73C4D66A90C63E9E532746020	480256	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-10-14 08:25:15	DE53F76D63CA64E172B336BC7CFF6EDA	4527616	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-10-14 08:25:15	CEDBC9DBD9800E0EE81B0840EBC2BAC5	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 08:25:15	A25C9DD040CA9799C2A7E41732D0752A	230400	----a-w-	C:\Windows\SysWOW64\webcheck.dll
2015-10-14 08:25:15	17B66052348D3A3681A9411EDD839E18	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 08:25:14	E401E66CCB2AE219CF41F7F901C410C1	2011136	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-10-14 08:25:14	A7012A7032207D1C16B7236EDF91F4BB	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-10-14 08:25:14	5EE17D52CAF79663211C01C614594620	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-10-14 08:25:00	DDCABBADA6116E8E3472D93FDF56FE66	93696	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-10-14 08:25:00	C4240CA64E6B3523110DE3CAF4066F07	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-10-14 08:25:00	7902FB8C129A6DCAA9E0002BD3600F00	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-10-14 08:25:00	6CE7ACA0022C27A3FAECB600E097F81B	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-10-14 08:25:00	693F6EC2312B8B3F57B7277B069B91A3	174080	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 08:24:50	C19537A50B723E0F7B53D413163B35EE	3936192	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 08:24:50	63FD03CED9739062E9B94F0D1E54A406	3990976	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 08:24:48	CA504606753BD62FA3128D3056320264	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-10-14 08:24:48	9E83A4F6E776F7A3E5F7FB90180FBC0B	1114112	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2015-10-14 08:24:48	22BF275468F714A4F7E6F36449D1DCE2	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 08:24:48	0834E70A068360D85CDC47697A4B7898	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-10-14 08:24:47	C7293C9340BDC8291F6718913F3F7B14	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 08:24:47	C00E4CD3AC3A0D8E339635E06546B77D	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-10-14 08:24:47	8A4ED460B6557EDCA637236073794DFF	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-10-14 08:24:47	6D16D1B9DB2526B985BBB9B27A56B70B	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-10-14 08:24:47	5FC0F48FD38D0AC7FC54EBEFBC3F69C5	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-10-14 08:24:47	4EB6A0445891D56D56BB4580B3906BEA	1311768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-10-14 08:24:47	3FA49981A847AE62259E6AEB585C84B8	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 08:24:47	15192FC6BFCB37AE43A645A9C84AEF2F	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 08:24:46	D9F5F78F8EA5749CA651B71335A96421	5120	----a-w-	C:\Windows\SysWOW64\wow32.dll
2015-10-14 08:24:46	D8269205300BB593C3698BB77178E8D3	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-10-14 08:24:46	C142CBB756205146B88DDB66D00BFE66	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 08:24:46	6848FA8B421A0CEC8990AFE7A615574F	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-10-14 08:24:46	2464CEAC16185B73774662AC625F695D	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-10-14 08:24:46	2421C989BF8485B6A9EBBAC35ACADF1D	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 08:24:46	1ADCC4F94981430FE968EE992353C535	14336	----a-w-	C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 08:24:45	FE7B23203C757148CBCCA0A39EAD3C59	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-10-14 08:24:45	D414A645F6853BB2C8A24B85C1C86581	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-10-14 08:24:45	B421B311420FD650BE3B25EAC217E685	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-10-14 08:24:45	64B92847AA0945992BB49B62D9B0440E	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-10-14 08:24:45	1BE5DF925C30D9D1FAD1212FB215E469	6656	----a-w-	C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 08:24:45	09BA6677E9CCBB1884CD0FB24F6EF584	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-10-14 08:24:26	0D0FF2A38473552DDFF4F21756700F9B	50688	----a-w-	C:\Windows\SysWOW64\appidapi.dll
2015-10-14 08:24:02	CBF3CFC9EE1FD29707D95C63A5E7A78B	19808	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:24:02	C1096DA4634AD3356A10C00B24F53393	22368	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:24:02	B23936CF83DAC4B64660A88711B5234A	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:24:02	9F9FE5F52E9B2AD655C896B849883B1A	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:24:02	9D66FCC681389EC619D4E801F1DDBB2F	17760	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:24:02	94FEB4417CF3E39C8C58A1B73620687E	66400	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:24:02	8E534F49C77D787DB69BABFF931A497A	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:24:02	85CEBA9A21CE5D51B35EF2DE9EBFBAC4	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:24:02	80BEB858D2EEE9CA657647B599E5D844	11616	----a-w-	C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:24:02	73CED8B30963E54D262DAE2559116E46	13664	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:24:02	6C7F782FDBF9AEFFE7663FA1579A610E	17760	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:24:02	4669249FB01EA369C7FD40A530966FA1	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:24:02	408019E57D3D2DA62A9F28389EED0AC1	16224	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:24:02	39F9D0F1B698D53D78C79576C7C60526	14176	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 08:24:02	33E8CCBE05123C8146CD16293B688417	15712	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:24:02	00A0A24BB2E9AADE11494B627EB164C4	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:24:01	5B55E9A1360A6C52CC988DA6804D6CA2	901264	----a-w-	C:\Windows\SysWOW64\ucrtbase.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-10-14 08:25:31	885B08E5EC912D2680F533094B87770D	14176768	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-10-14 08:25:30	0F08BB62CD162883E9A3004BBE7914BD	1866752	----a-w-	C:\Windows\Sysnative\ExplorerFrame.dll
2015-10-14 08:25:21	9AEE2A881FD10E6A463588303D8027AD	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-10-14 08:25:21	80E9DF296F127B3BC965EBC5A2C8F044	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-10-14 08:25:21	3A0773E21355B41176ACAD8BB099D9B3	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-10-14 08:25:20	BF8A5B4E696F4E8F3B2B5E9902467418	720896	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-10-14 08:25:20	9E0D0522908C1106E0D77708CB9926FE	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-10-14 08:25:20	521E1A87D4F750FD9694DBF3AB37B38F	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-10-14 08:25:18	8A2A46DD0C51E5D2D0A2EF2AA289DA4D	1546752	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-10-14 08:25:18	4AEB3F2FB0CC23A18ED997F6C0476819	391784	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-10-14 08:25:18	3295B811A0260C0A5B346ECB73C5FCF0	152064	----a-w-	C:\Windows\Sysnative\occache.dll
2015-10-14 08:25:18	12C1DECE9502828C0A5ADB50AB1673A0	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-10-14 08:25:17	D661A17B4634171C58373699CBD6455B	315392	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-10-14 08:25:17	6E1EEB1CE2F9F3AB14A9E8A6B1E82455	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-10-14 08:25:17	2A898891EB7FBCF0774F0B96AAD05561	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-10-14 08:25:16	F6F91F217D760981017E4AA4F1C7E633	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-10-14 08:25:16	0FA614470B3A78FC5B8F3F3F742B9837	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-10-14 08:25:15	E91FD3ACC10C971CBA991FCD058ABB58	2886656	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-10-14 08:25:15	A865136AC6436533E0A4A3C67F259401	585728	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-10-14 08:25:15	7C3050383491011FEDD40961A37A2D99	2126336	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-10-14 08:25:14	84C63F3D2D488A918A947E06BD1105EF	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-10-14 08:25:13	BC92D9D88959542FBAF1F8CF21F86B38	14458368	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-10-14 08:25:13	88D3F690043A1AA43F33DEC6DDA82178	616960	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-10-14 08:25:13	45A56A2CC2D6A4B649B7DC3B5DF259FF	489984	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-10-14 08:25:12	B0917E6238C1675E48CFE64947DD9FD9	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-10-14 08:25:12	5175A9C2C71D49394424C07CA856B803	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-10-14 08:25:12	4A9FFAC9325EFFDEFD7E8C0830B0ABEC	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-10-14 08:25:12	454669BB12162610D93954BCC942A41C	817664	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-10-14 08:25:12	373B3EFBBF1A2706F8660C4DE4202694	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-10-14 08:25:12	1DE918244ED8AB9D3F2C4B9A1F91A24D	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-10-14 08:25:11	E36C7069B9C56DF9A53DD4FA5DCDDE72	5990912	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-10-14 08:25:11	BD06D875FB79E92DAF724C91DE743AFA	2487808	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-10-14 08:25:10	BEA081F4F2D507D6461B142AB11995B3	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-10-14 08:25:10	58DD42AC31D1F86D303BAAF5955A59BA	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-10-14 08:25:10	0783994A921469A6E97F3117AA0934DD	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-10-14 08:25:09	99BA96F5AC545D857E662A9FC576D919	25851904	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-10-14 08:25:00	ECB1C858D9989C4F19FDCE3B7F8BA1F7	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-10-14 08:25:00	DA4450EE180CBDFB800FB230978BBC58	98816	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-10-14 08:25:00	C64C6AA9F061E89AE6CA1B484AC3F94E	192512	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-10-14 08:25:00	B322CE702FA01DA60876BC5D417B15FE	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-10-14 08:25:00	96983751026F0940CAEEB15901B49FF2	37888	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-10-14 08:25:00	7A2E35CA7131819A8CCE1FA1368D7813	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-10-14 08:25:00	74F288D562E78E1062D4AA2A6C3AB74C	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-10-14 08:25:00	64B432FB351118B222A5342A7A461696	140288	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-10-14 08:25:00	5F1A7C984117F478F7411BDD98411B58	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-10-14 08:25:00	2FFBB9A44A8BA9CBC9589C31E0A36605	3168768	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-10-14 08:25:00	291778E1A36716182AFBC1731B2DFEAB	2607104	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-10-14 08:24:50	3FE5671328B8A655F766D872D12DC373	5569472	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-10-14 08:24:49	6C190505923A971F0474F8BA8DA50789	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-10-14 08:24:49	11C18D613F66CB5CE829B821599ED339	1164800	----a-w-	C:\Windows\Sysnative\kernel32.dll
2015-10-14 08:24:48	F337ACC4CF6B9DFBE46D9A7E54E10756	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-10-14 08:24:48	EE035334B7A58C7F748C3D0394574A35	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-10-14 08:24:48	CD349AD99C801523B55030AC234CC1EF	243712	----a-w-	C:\Windows\Sysnative\wow64.dll
2015-10-14 08:24:48	A06A96A26FE0BE22B08B641362296B68	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2015-10-14 08:24:48	91DDAFAFCEC3E360881FE35AF06B9EE4	1730496	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-10-14 08:24:48	5B9427E47B86AFDA813A8D252713FC35	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-10-14 08:24:48	5401C9D2F4B0A98B60259C621DDF1EB6	338432	----a-w-	C:\Windows\Sysnative\conhost.exe
2015-10-14 08:24:48	4AD1C61152A0199E3D7F9A82C07AC629	215040	----a-w-	C:\Windows\Sysnative\winsrv.dll
2015-10-14 08:24:48	365480590A46ECB0E4BF1DBD7BC69713	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-10-14 08:24:48	338FD40323ADD43B5C94B4A6CB91874B	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-10-14 08:24:47	E9CCB68290F27837A3D7058FEB51F7A8	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-10-14 08:24:47	E43F36D0B4C674FEA2C992564A3E0F28	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-10-14 08:24:47	D2E2A613EBD0C959E72556C3A63A6B4A	112640	----a-w-	C:\Windows\Sysnative\smss.exe
2015-10-14 08:24:47	D2BF3CD0F66139B5F1BA1D35C6613E78	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-10-14 08:24:47	96DE914D834FD7809A1720AF5D913C96	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-10-14 08:24:47	95E4E6C645175731B1DC8084329121AA	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-10-14 08:24:47	8F15F0D6F42A2B8A58EDD1AA55D7FB98	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-10-14 08:24:47	78461527B753B9A6043038AEF25745D3	16384	----a-w-	C:\Windows\Sysnative\ntvdm64.dll
2015-10-14 08:24:47	5424EC756808C1002457033D969115C7	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-10-14 08:24:47	4E10C0CD94FD2E9F04B0AA11C4DB1592	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-10-14 08:24:47	3CF93F8BA5016A86073F7ACE4A225D69	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-10-14 08:24:47	23682AD752DE308760672C84A7E74554	43520	----a-w-	C:\Windows\Sysnative\csrsrv.dll
2015-10-14 08:24:47	06AA22DBBD294BB40F01E23BF826AA9C	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-10-14 08:24:46	FCFE939A325054DFC69E1D8C58751A62	13312	----a-w-	C:\Windows\Sysnative\wow64cpu.dll
2015-10-14 08:24:46	E91002F7EC3A9BF7F62BF1E215A32451	362496	----a-w-	C:\Windows\Sysnative\wow64win.dll
2015-10-14 08:24:46	C0EC18A77CBE5505019AF1BEB6CE824D	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-10-14 08:24:46	8260FD420E49C1E3DD6539BCEA2B376E	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-10-14 08:24:45	DD01EBF9D35E614CAEA1BF4876B07134	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-10-14 08:24:45	B5D2DF46AB955A070F67FF192C52E7BD	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-10-14 08:24:45	7CDA2FE5F02370B5879DF8D35133B0E1	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-10-14 08:24:45	023394934150F7EC547EBCC2107EEA5F	6656	----a-w-	C:\Windows\Sysnative\apisetschema.dll
2015-10-14 08:24:29	87FEDB1FF42C3A10FFE2CE95AB2AF306	616360	----a-w-	C:\Windows\Sysnative\winresume.efi
2015-10-14 08:24:29	541B7C53EDA8F84790A593B13FB32E56	692672	----a-w-	C:\Windows\Sysnative\winload.efi
2015-10-14 08:24:26	B6C85437FDC8EC6464BE359D41BBC3F7	59392	----a-w-	C:\Windows\Sysnative\appidapi.dll
2015-10-14 08:24:26	B17B1E5FB5CE63DA4DB4D49E3683487F	17920	----a-w-	C:\Windows\Sysnative\appidcertstorecheck.exe
2015-10-14 08:24:26	ABC373B9C6275D45F17DB559408FFD1B	32768	----a-w-	C:\Windows\Sysnative\appidsvc.dll
2015-10-14 08:24:26	7503BAD9B2A08B8A95319F7C0CA9F869	63488	----a-w-	C:\Windows\Sysnative\setbcdlocale.dll
2015-10-14 08:24:26	7030F95F994B2F2CCC1C521E342369DB	147456	----a-w-	C:\Windows\Sysnative\appidpolicyconverter.exe
2015-10-14 08:24:02	F97E7878A2B372291B1269D80327BBF6	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 08:24:02	ED14B64C94F543974B7FDC592FA0594B	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 08:24:02	ECCF5973B80D771A79643732017CEA9A	17760	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 08:24:02	E9F6D776545843A9817D8ACF38D06D09	19808	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 08:24:02	CC337898E64D9078CB697AC19F995C7F	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 08:24:02	BBAE7B5436D6D1B0FC967FF67E35415F	16224	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 08:24:02	AF851DFD0D9FECB76FF2B403F3C30F5B	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 08:24:02	761DDD8669A661D57D9CF9C335949C06	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 08:24:02	6631C212F79350458589A5281374B38B	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 08:24:02	653CB5DF3CEC6A4A0E402B33D8AA5C08	63840	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 08:24:02	56556659C691DD043DBE24B0A195D64C	20832	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 08:24:02	53E9526AF1FDCE39F799BFE9217397A8	17760	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 08:24:02	32B2264317EA6200DA5DEEEC7DCB0EEB	11616	----a-w-	C:\Windows\Sysnative\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 08:24:02	2381E189321EAD521FF71E72D08A6B17	984448	----a-w-	C:\Windows\Sysnative\ucrtbase.dll
2015-10-14 08:24:02	1908861649E67CDC20C563C234A89914	15712	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 08:24:02	0F143310FADE4DE116070A3917A79C18	13664	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 08:24:02	090DD0BB2BDDEE3EAAE5B6FF15FAE209	14176	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll
====== C:\Windows\Sysnative\drivers =====
2015-10-14 08:24:49	C6330F7C2E92A00E6773E82F79078AFC	157016	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-10-14 08:24:49	3A8C03156C3E31E70EF84E48CA179B46	97112	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-10-14 08:24:48	ACB6782973BD93760D597FC7BB37E692	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-10-14 08:24:46	8C0376974AA28398FF501E78C04ACB30	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-10-14 08:24:46	262BF7BB7D0E44CFAA9B12A1E0A6EDF1	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-10-14 08:24:26	27DABFB4A6B0140C34DBEC713469592B	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-10-05 09:14:06	D462B199243533D5DA4EA32AD8CFA3C2	314800	----a-w-	C:\Windows\Sysnative\drivers\avgidsdrivera.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-10-14 12:40:22	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-10-14 12:39:32	--------	d-----w-	C:\PROGRA~2\Java
======= C: =====
====== C:\Users\Acer\AppData\Roaming ======
2015-10-14 12:40:09	--------	d-----w-	C:\Users\Acer\AppData\Roaming\Sun
====== C:\Users\Acer ======
2015-10-14 12:40:09	--------	d-----w-	C:\Users\Acer\.oracle_jre_usage
2015-10-14 12:39:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-14 12:26:33	6E6FAC98AF9E39E9131A236F8DAC8C75	584288	----a-w-	C:\Users\Acer\Downloads\JavaSetup8u60.exe
2015-10-13 16:05:21	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Acer\Downloads\RSITx64.exe

====== C: exe-files ==
2015-10-14 12:39:57	BC949C957CEB9FAFDF0F3949CDDF1A72	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-10-14 12:39:57	7080B965215703EA1340C3C4903C7D73	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-10-14 12:39:57	5DC0128E8A2017E82289191820C736A5	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-10-14 12:39:48	E408E46C5DD2D03A7474AA12BAABEFEE	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\klist.exe
2015-10-14 12:39:48	D94C31E9C9C9A1273CC67DC6FFAF9984	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\policytool.exe
2015-10-14 12:39:48	BDFF5086FC1F20E631A070EEF43A7BEC	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\tnameserv.exe
2015-10-14 12:39:48	BC949C957CEB9FAFDF0F3949CDDF1A72	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\java.exe
2015-10-14 12:39:48	B9DE149653ED8B9C5C6CB68131AB66D2	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\jjs.exe
2015-10-14 12:39:48	B804A4E31F4BAD4D5BA05FE684756BA2	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\servertool.exe
2015-10-14 12:39:48	8C6BDB56CD4DEED1AF2790D37B54CFE9	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe
2015-10-14 12:39:48	86CC77A8189758834CF83F7F2FEA5162	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\java-rmi.exe
2015-10-14 12:39:48	7A0DE452F677EF2971C7B75B0267B6ED	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssvagent.exe
2015-10-14 12:39:48	7080B965215703EA1340C3C4903C7D73	274016	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaws.exe
2015-10-14 12:39:48	6A5A2FDB6D09E02A3283C55237DA10F6	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\unpack200.exe
2015-10-14 12:39:48	606A24A64E164B345A79F8F22A5DAC6F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\pack200.exe
2015-10-14 12:39:48	5DC0128E8A2017E82289191820C736A5	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
2015-10-14 12:39:48	5A503CFE5B553A9721A469FCC9CE8562	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmiregistry.exe
2015-10-14 12:39:48	3292748E640429C2682484BD23D43F6B	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmid.exe
2015-10-14 12:39:48	30387BE3E5D04FE969B731441C89D2D8	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\ktab.exe
2015-10-14 12:39:48	262BBCE84B9C8784CC5A5E1975898022	30304	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\jabswitch.exe
2015-10-14 12:39:48	21B5D297A9191E4D833BB39456CEDAD0	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\kinit.exe
2015-10-14 12:39:48	0FCF9F3D9518B90FB58CC950FA33998C	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2launcher.exe
2015-10-14 12:39:48	0F6E0DD1263ACB2A1AC559BB7742B54D	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\keytool.exe
2015-10-14 12:39:48	08427EADE480F21412696582170B1167	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\orbd.exe
2015-10-14 12:26:33	6E6FAC98AF9E39E9131A236F8DAC8C75	584288	----a-w-	C:\Users\Acer\Downloads\JavaSetup8u60.exe
2015-10-14 08:25:28	D8AF0D6A806ADA9660C55DD891E80AF2	224768	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2015-10-14 08:25:27	4FCAED5CA1A9C704DBF172283A283B53	10240	----a-w-	C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
2015-10-14 08:25:21	BC158D4F14B7F51BE0ECD30BE43FB5E4	404712	----a-w-	C:\ProgramData\Adobe\ARM\S\11966\AdobeARMHelper.exe
2015-10-14 08:25:21	9AEE2A881FD10E6A463588303D8027AD	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-10-14 08:25:20	BF8A5B4E696F4E8F3B2B5E9902467418	720896	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-10-14 08:25:20	1A480EC5EFC71B92735BB420E2B92348	221184	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-10-14 08:25:18	7FD2748E2B08B5E9FD6FF73669B2ECBF	818264	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-10-14 08:25:18	2D59CD5D6C1DCB3507431281BDBF935F	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-10-14 08:25:18	03AE49CC0AD731C579E4041921450266	473600	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-10-14 08:25:17	2A898891EB7FBCF0774F0B96AAD05561	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-10-14 08:25:16	E4509963A72F1941B17DA730BB94AD20	491008	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-10-14 08:25:15	5F95E34F57E2E85295510EEEF724012D	815720	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-10-14 08:25:15	17B66052348D3A3681A9411EDD839E18	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 08:25:12	B0917E6238C1675E48CFE64947DD9FD9	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-10-14 08:25:00	96983751026F0940CAEEB15901B49FF2	37888	----a-w-	C:\Windows\System32\wuapp.exe
2015-10-14 08:25:00	7902FB8C129A6DCAA9E0002BD3600F00	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-10-14 08:25:00	64B432FB351118B222A5342A7A461696	140288	----a-w-	C:\Windows\System32\wuauclt.exe
2015-10-14 08:24:50	C19537A50B723E0F7B53D413163B35EE	3936192	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 08:24:50	63FD03CED9739062E9B94F0D1E54A406	3990976	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 08:24:50	3FE5671328B8A655F766D872D12DC373	5569472	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-10-14 08:24:48	5B9427E47B86AFDA813A8D252713FC35	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-10-14 08:24:48	5401C9D2F4B0A98B60259C621DDF1EB6	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-10-14 08:24:47	D2E2A613EBD0C959E72556C3A63A6B4A	112640	----a-w-	C:\Windows\System32\smss.exe
2015-10-14 08:24:47	C00E4CD3AC3A0D8E339635E06546B77D	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-10-14 08:24:47	95E4E6C645175731B1DC8084329121AA	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-10-14 08:24:47	5FC0F48FD38D0AC7FC54EBEFBC3F69C5	25600	----a-w-	C:\Windows\SysWOW64\setup16.exe
2015-10-14 08:24:47	5424EC756808C1002457033D969115C7	31232	----a-w-	C:\Windows\System32\lsass.exe
2015-10-14 08:24:45	B421B311420FD650BE3B25EAC217E685	7680	----a-w-	C:\Windows\SysWOW64\instnm.exe
2015-10-14 08:24:45	09BA6677E9CCBB1884CD0FB24F6EF584	2048	----a-w-	C:\Windows\SysWOW64\user.exe
2015-10-14 08:24:26	B17B1E5FB5CE63DA4DB4D49E3683487F	17920	----a-w-	C:\Windows\System32\appidcertstorecheck.exe
2015-10-14 08:24:26	7030F95F994B2F2CCC1C521E342369DB	147456	----a-w-	C:\Windows\System32\appidpolicyconverter.exe
2015-10-13 16:05:21	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Acer\Downloads\RSITx64.exe
2015-10-12 07:28:44	68BD23A0AD9E934F037A1D8A1929D1E2	1433216	----a-w-	C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
2015-10-12 07:28:42	13297729C696656F990A5DBA53023129	1773696	----a-w-	C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
2015-10-09 06:37:37	E9742B0842A4B8022B13FADB90E18459	25512	----a-w-	C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe
2015-10-09 06:37:37	CD26CD036D55581D5BDA7CC3ABC036FB	24488	----a-w-	C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe
2015-10-09 06:37:37	9CB7848883F867ADDAEFE2219D1018D8	6922416	----a-w-	C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
2015-10-09 06:37:37	2E85608D85C44A7744A8D14D861614C1	71592	----a-w-	C:\Program Files (x86)\AVG\AVG2015\avguirux.exe
2015-10-08 10:35:43	D3F0E4F448CFD98F60D55D01A97939E7	707072	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-10-08 10:35:42	A45BD2EFB89B0870E8D46E36A101FA50	418304	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-10-08 10:35:42	8C1FAC4BA4A1A3F4991763FA01527CB9	523264	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-10-08 10:35:42	7E925A9A931C8AE2B15EC801BE0183D6	388400	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2015-10-08 10:35:42	26A2294858EA67A297D8A4920A0AF71C	360960	----a-w-	C:\Windows\System32\GWX\GWXDetector.exe
2015-10-08 10:35:42	0D400710E06F502D715853A5AF1FF98C	445952	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
=== C: other files ==
2015-10-14 12:39:48	4E221C69F3B103481534D1B6CB6A90DD	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\lib\deploy\ffjcext.zip
2015-10-14 08:24:49	C6330F7C2E92A00E6773E82F79078AFC	157016	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-10-14 08:24:49	3A8C03156C3E31E70EF84E48CA179B46	97112	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-10-14 08:24:48	ACB6782973BD93760D597FC7BB37E692	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-10-14 08:24:46	8C0376974AA28398FF501E78C04ACB30	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-10-14 08:24:46	262BF7BB7D0E44CFAA9B12A1E0A6EDF1	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-10-14 08:24:26	27DABFB4A6B0140C34DBEC713469592B	61440	----a-w-	C:\Windows\System32\drivers\appid.sys
2015-10-12 07:31:50	A27D866DB8AFDFEE5D7E853F6582B523	97581	----a-w-	C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray"
"Google Update"="C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"Reader Library Launcher"="C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"
"EaseUS TB Tray Agent"="C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
"NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray"
"Google Update"="C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Acer\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"PlayMovie"="\"C:\\Program Files (x86)\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\""
"HP Software Update"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""


==== Startup Folders ======================

2015-04-23 09:42:20	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-08-2015 12:31]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000Core.job --a------ C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [28-08-2015 07:40]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000UA.job --a------ C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [28-08-2015 07:40]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000Core" [C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000UA" [C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\Tweaking.com - Windows Repair Tray Icon" [C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe]
"C:\Windows\SysNative\tasks\{544C7FA0-F6C1-4F12-99DC-6C287F11A31D}" ["c:\users\acer\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\{7A8A6320-4F30-456B-9C69-02D1912D95E6}" ["c:\users\acer\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-04-20 15:06:21	--------	d-----w-	C:\PROGRA~3\NCH Software
2015-04-23 09:43:19	--------	d-----w-	C:\PROGRA~3\HP Product Assistant
2015-06-16 11:18:03	--------	d-----w-	C:\PROGRA~3\E1864A66-75E3-486a-BD95-D1B7D99A84A7

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [14-09-2013 14:24]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [14-09-2013 14:24]

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12-10-2015 09:31]

Skype Click to Call - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Chrome Web Store Payments - Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Fix ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://mysearch.avg.com/?cid={89CEBACF-6039-49C8-BED1-1C6150E1564C}&mid=d54615585b7147d08a3dd16f6b919731-79ce8e857e9fd1972f19e443b4e488ba847f1452&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-12 14:03:18&v=4.1.5.143&pid=wtu&sg=&sap=hp"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TEMP.Acer-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=698 folders=96 516173805 bytes)

==== Empty Temp Folders ======================

C:\Users\Acer\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Users\TEMP.Acer-PC\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot