
Zoek.exe v5.0.0.1 Updated 20-December-2015
Tool run by Gebruiker on ma 21-12-2015 at 18:38:08,33.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

21-12-2015 18:40:16 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Setup Support for Opera deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\Users\Gebruiker\AppData\Local\ActiveSync deleted successfully
C:\Users\Gebruiker\AppData\Local\NetworkTiles deleted successfully
C:\Users\Gebruiker\AppData\Local\PackageStaging deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1346806955-255715920-2199554747-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Fammum deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\pjzodz50.default

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"\":{\"d\":\"C:\\\\Users\\\\Gebruiker\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\
---- Lines yoursearch removed from prefs.js ----
user_pref("browser.search.searchengine.alias", "yoursearching");
user_pref("browser.search.searchengine.iconURL", "http://yoursearching.com/favicon.ico");
user_pref("browser.search.searchengine.name", "yoursearching");
user_pref("browser.search.searchengine.url", "http://yoursearching.com/web?type=ds&ts=1450607839&z=b7b672c41de77e5b31ea3edgazcw6e1qbeem5b7c1e&from=fac
---- Lines searchengine removed from prefs.js ----
user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "face");
user_pref("browser.search.searchengine.uid", "WDCXWD10JPVX-22JC3T0_WD-WXB1A258E0H28E0H2");
---- FireFox user.js and prefs.js backups ---- 

prefs_21-12-2015_1856_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Setup Support for Opera not found
C:\Users\Gebruiker\AppData\Roaming\RicifhJuwgyyl not found
C:\ProgramData\xec deleted
C:\windows\SysNative\Tasks\Form Touch deleted
C:\windows\SysNative\Tasks\Form Touch2 deleted
C:\windows\SysNative\Tasks\Software Update Application deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\{311B5C7D-9853-428B-932D-68E04EBDAE47} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Gebruiker\AppData\LocalLow\Company deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Gebruiker\Desktop\Continue Last version Installation.lnk deleted
"C:\Users\Gebruiker\AppData\Roaming\BYAIAMUF" deleted
"C:\Users\Gebruiker\AppData\Roaming\oIpMdzUQorwi6Mje6e" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-12-20 10:37:19	17765CF8B4144BCF88A9D8B5086D4B4D	376	----a-w-	C:\WINDOWS\SysWOW64\data.bin
2015-12-19 12:44:38	083A4C6C21371B011771A350942DEB8F	19339264	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-19 12:44:34	9D97A95801784A94F3DC76E0E49B885C	13017600	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-19 12:44:28	32BF0F999279961833888317C3FE45D9	2061824	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-19 12:44:27	5E8F545EA2A3BE324D800FD926E5010A	2180136	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-19 12:44:25	674333934AEF201C56419742CD86782B	973664	----a-w-	C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-19 12:44:24	D80737E0C4AFE5D4714D14F27A9E6CFB	1706496	----a-w-	C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-19 12:44:24	2029AAF923CE131E5157F6175DE66881	2919320	----a-w-	C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-19 12:44:23	7E0CB4ADF324AD6552C36181EB0CBC4D	1118208	----a-w-	C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-19 12:44:22	D8E958F0E5929BFEC15238E0E1F94C64	983464	----a-w-	C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-19 12:44:22	600A12A37D8F0B98E3497C59505338D1	716928	----a-w-	C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-19 12:44:19	D262A3DA660F5312D059DADB9034392B	2796032	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-19 12:44:19	337E7D5B768ABDBEA9F17823F76D5F1B	381952	----a-w-	C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-19 12:44:18	F8C66D9D6AEC233715C8B32DB203EF6D	502112	----a-w-	C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-19 12:44:18	8310F69B59EFA4EC47B6B3F535BFC3CB	898184	----a-w-	C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-19 12:44:18	6D151B11358362786C45F1A4A21576FA	925064	----a-w-	C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-19 12:44:18	110A45F765495043CB8ED918FEFD8D90	572928	----a-w-	C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-19 12:44:17	FD6EE242ACD2E05AFE920139D12C3053	670928	----a-w-	C:\WINDOWS\SysWOW64\mfds.dll
2015-12-19 12:44:17	B934E18B1A20A26768F57EDBD6882A38	884256	----a-w-	C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-19 12:44:17	76B00BE575C4D8CF3D7334240C8DAF90	683008	----a-w-	C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-19 12:44:17	3A24E199AA5A30D6E7C30D01E2BF4C7E	161280	----a-w-	C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-19 12:44:16	C85501FE7EFD33E06A877B8786F396B6	462760	----a-w-	C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-19 12:44:16	A9B375A65A92C45D9723B1BAD8F87D1E	1105920	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-19 12:44:16	775C32A6DE7E9702CB04B10C69D80457	450904	----a-w-	C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-19 12:44:16	0FA8D61A4D4F56063113F9DA4E18848B	289248	----a-w-	C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-19 12:44:15	D9EF9F5DA78CD085FD23C8EBB6108662	409088	----a-w-	C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-19 12:44:15	4237413A7EDD61589081B9450D657036	116720	----a-w-	C:\WINDOWS\SysWOW64\mfps.dll
2015-12-19 12:44:15	1F48933EFAB68EDD3B456C78E17B89CE	871936	----a-w-	C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-19 12:44:14	F2061A1835E8844637168800292309BF	84832	----a-w-	C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-19 12:44:14	4CE9BF384DAAE2BF9E49C5B7E2F106F0	270848	----a-w-	C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-19 12:44:14	184F89725539803B64E718BD0F779DC9	569856	----a-w-	C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-19 12:44:13	2DE2DAF437341AECB280DBFE88CBB581	346112	----a-w-	C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-19 12:44:12	FDEEA5397A0D079E1EF8F1B765BC7D04	6297088	----a-w-	C:\WINDOWS\SysWOW64\mos.dll
2015-12-19 12:44:11	F60E1993D8D8FD2E23516C1278B209C1	34304	----a-w-	C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-08 23:02:18	819363A483BB829C443D94CC77119DC9	18678272	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-08 23:02:16	EDC75B4FF6A66B0AC1A360476D9CBCC9	12125184	----a-w-	C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-08 23:02:10	192B579E14C116D2B742FEBE85A4D3C1	2756096	----a-w-	C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-08 23:02:09	EB6BAC2C67F848F2C0EFE82AEAC5C67A	1540768	----a-w-	C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-08 23:02:09	C4C80541BDE649F44EA1F81F7D4C510A	503296	----a-w-	C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-08 23:02:08	B8C4EFAA6AAED98E6B5AB57CAFA489B9	1337240	----a-w-	C:\WINDOWS\SysWOW64\user32.dll
2015-12-08 23:02:08	5B64BFE61393D22D908BB5E2A17B6147	1328128	----a-w-	C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-08 23:02:08	532AC1D121972B17BE523A9988A3A0E5	2155008	----a-w-	C:\WINDOWS\SysWOW64\authui.dll
2015-12-08 23:02:07	4C421E34FF4A836590401A3E9A5B5DE8	415744	----a-w-	C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-08 23:02:07	302A0BE9FA2874A3E99C0E25C992E7C7	1467392	----a-w-	C:\WINDOWS\SysWOW64\GdiPlus.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-12-19 12:44:36	E761095ADFC48739CA54A3B58242AF0D	24601600	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2015-12-19 12:44:34	35A6E2624696F77A8660529E9C5B7B9A	16984064	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2015-12-19 12:44:28	FAD9326ED152667E57B5B2EDBD9973F8	2544256	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2015-12-19 12:44:28	184F5C80753CD7F6400AAA4087288B97	2582016	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2015-12-19 12:44:26	A44FB85192EE0DD3F7D6518B63044F4E	2598400	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2015-12-19 12:44:26	45B88D0BBAB3EAA10883097C14C33678	1281376	----a-w-	C:\WINDOWS\Sysnative\LicenseManager.dll
2015-12-19 12:44:25	43091BCAB6446E01AEB9DFFB2538B2F9	1995776	----a-w-	C:\WINDOWS\Sysnative\ActiveSyncProvider.dll
2015-12-19 12:44:24	9DA2D5EB73F6F61BB32B63B59DF2BB0C	1299504	----a-w-	C:\WINDOWS\Sysnative\mfnetsrc.dll
2015-12-19 12:44:24	63976F057A5A9FD426DC84FB97CF3446	3671888	----a-w-	C:\WINDOWS\Sysnative\iertutil.dll
2015-12-19 12:44:23	95F53D812EF80A2819E9C1539A629B5F	823264	----a-w-	C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll
2015-12-19 12:44:23	8F6118120D9A11A1CFD8822850826064	1155944	----a-w-	C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
2015-12-19 12:44:22	549A1696E594E6939C210972B4AD9747	824320	----a-w-	C:\WINDOWS\Sysnative\WpcWebFilter.dll
2015-12-19 12:44:21	C4DF460B84DB6A0D4C18375DE1117DD0	696160	----a-w-	C:\WINDOWS\Sysnative\NetSetupEngine.dll
2015-12-19 12:44:21	93D891995D253D4B6BCFABEE5C73454B	3428864	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.dll
2015-12-19 12:44:20	C8AEE94042CFDF6383C153AFD284AEF1	497152	----a-w-	C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll
2015-12-19 12:44:20	686E73A0F24F56A25A78D8EFE8E4B937	1318912	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2015-12-19 12:44:20	32D57C79EA65D0D6A923BF1C26A0EC0A	558080	----a-w-	C:\WINDOWS\Sysnative\MBMediaManager.dll
2015-12-19 12:44:19	CCB125BB7072FEAFC68A56749FD2DFD7	1020096	----a-w-	C:\WINDOWS\Sysnative\mfsrcsnk.dll
2015-12-19 12:44:19	C08AA0383BCEE881C319F23A5189AB8D	794888	----a-w-	C:\WINDOWS\Sysnative\mfds.dll
2015-12-19 12:44:19	9D9A25E3E658EAC6FA9BC1BC23168516	1092456	----a-w-	C:\WINDOWS\Sysnative\mfplat.dll
2015-12-19 12:44:19	4588022BF3C34392C0C2AFDC3634C0CF	1065080	----a-w-	C:\WINDOWS\Sysnative\mfmp4srcsnk.dll
2015-12-19 12:44:19	0F09B99EF80BB0D914538FC17A305A4F	1131520	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Audio.dll
2015-12-19 12:44:18	BFFC187B1FFA022F59D652A6A4CA130F	199168	----a-w-	C:\WINDOWS\Sysnative\InstallAgent.exe
2015-12-19 12:44:18	57C2033773055CEE5963EBCB999337F8	210432	----a-w-	C:\WINDOWS\Sysnative\wcmcsp.dll
2015-12-19 12:44:18	01AE64981A7C7AE4F84799931D8DAAD1	900608	----a-w-	C:\WINDOWS\Sysnative\Windows.Networking.BackgroundTransfer.dll
2015-12-19 12:44:17	F3B1BFB19C6A47DE7706A9CF1A177028	526856	----a-w-	C:\WINDOWS\Sysnative\mfreadwrite.dll
2015-12-19 12:44:17	7DD3B4B77A787E06A6B3DC9AE7B451E0	292352	----a-w-	C:\WINDOWS\Sysnative\provengine.dll
2015-12-19 12:44:17	7014B74B0F62698EC891A19A781689D5	337840	----a-w-	C:\WINDOWS\Sysnative\MFPlay.dll
2015-12-19 12:44:17	39E07EE74F50C39C1EB315152F03199C	607232	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2015-12-19 12:44:17	2AE2C153D33AB0D2B89E0920EC2ACF69	498448	----a-w-	C:\WINDOWS\Sysnative\MFCaptureEngine.dll
2015-12-19 12:44:17	18CE63A5B5EB84FF7F9F575C8FE53F44	931328	----a-w-	C:\WINDOWS\Sysnative\MSMPEG2ENC.DLL
2015-12-19 12:44:16	A2A0FD3DA492A903E6AEC6C2B946F26F	245848	----a-w-	C:\WINDOWS\Sysnative\mfps.dll
2015-12-19 12:44:16	6D0F04544716C90220B58008B4422B97	459776	----a-w-	C:\WINDOWS\Sysnative\MapConfiguration.dll
2015-12-19 12:44:16	69E727F94BEA64E66C284F3C482F33E6	1035776	----a-w-	C:\WINDOWS\Sysnative\XboxNetApiSvc.dll
2015-12-19 12:44:16	63A71E0B8BEF5FC3A5C9669B5C771A1C	286208	----a-w-	C:\WINDOWS\Sysnative\provhandlers.dll
2015-12-19 12:44:16	0A9C90159378EAF0F45AF2275156EF0D	264544	----a-w-	C:\WINDOWS\Sysnative\ContentDeliveryManager.Utilities.dll
2015-12-19 12:44:15	95B9A9F4D41A54FD421CF6F7323B87FF	126464	----a-w-	C:\WINDOWS\Sysnative\dialserver.dll
2015-12-19 12:44:15	6100515B0A4A9DE9EB83E632F873D1F7	323072	----a-w-	C:\WINDOWS\Sysnative\MSFlacDecoder.dll
2015-12-19 12:44:15	3B36AFC1B127B13A82752A3F02CE9D8C	543232	----a-w-	C:\WINDOWS\Sysnative\StoreAgent.dll
2015-12-19 12:44:15	38F068BA3D5CE3C53A025E1F9381CC54	115040	----a-w-	C:\WINDOWS\Sysnative\NetSetupApi.dll
2015-12-19 12:44:14	D6B9D1A83BDDF6912309A9C7C4024E10	133120	----a-w-	C:\WINDOWS\Sysnative\flvprophandler.dll
2015-12-19 12:44:14	D1BB4122E41E04E2D8D57702396AE031	412512	----a-w-	C:\WINDOWS\Sysnative\wifitask.exe
2015-12-19 12:44:14	8F53FEB251B01D2582931B8AC642C28A	387072	----a-w-	C:\WINDOWS\Sysnative\qdvd.dll
2015-12-19 12:44:14	7A9FF15EF71DAC09420C4997D3FA7E48	850432	----a-w-	C:\WINDOWS\Sysnative\MapsStore.dll
2015-12-19 12:44:14	54051585F9E1A644C3ED024B639C0E32	231936	----a-w-	C:\WINDOWS\Sysnative\KnobsCore.dll
2015-12-19 12:44:14	1C671129864880F66678D3B80316074E	56320	----a-w-	C:\WINDOWS\Sysnative\provtool.exe
2015-12-19 12:44:14	156963089DF9C18AF330E08BFE41884D	165376	----a-w-	C:\WINDOWS\Sysnative\provdatastore.dll
2015-12-19 12:44:14	14CE7BCE9C6A442BD4B93AB3CB8765BF	375296	----a-w-	C:\WINDOWS\Sysnative\MDEServer.exe
2015-12-19 12:44:13	E853D5823793FE6E5FB0351F256DC1F2	223232	----a-w-	C:\WINDOWS\Sysnative\fveapibase.dll
2015-12-19 12:44:13	B1305CDD98D5FC49863279D4B51DB510	618496	----a-w-	C:\WINDOWS\Sysnative\StorSvc.dll
2015-12-19 12:44:13	A0C330AAF06A36A13171A28FE4B582A2	92160	----a-w-	C:\WINDOWS\Sysnative\policymanagerprecheck.dll
2015-12-19 12:44:13	88B38A7435DFA9B7E8F94F5D5FE999D2	66560	----a-w-	C:\WINDOWS\Sysnative\moshost.dll
2015-12-19 12:44:13	78065D08A6D5886ACF9B6BA7E34A554C	3593216	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2015-12-19 12:44:13	67C1D042FA62E2294973FD0CD1F1BC36	192000	----a-w-	C:\WINDOWS\Sysnative\provisioningcsp.dll
2015-12-19 12:44:13	55A629331D5EB924A1926C18E5028243	764928	----a-w-	C:\WINDOWS\Sysnative\fveapi.dll
2015-12-19 12:44:13	25DA92A03FFF1A620A950ED6209CDC8F	77312	----a-w-	C:\WINDOWS\Sysnative\ProvPluginEng.dll
2015-12-19 12:44:13	01C759FD50DFD46E30CC56B2B672B1A7	203776	----a-w-	C:\WINDOWS\Sysnative\NetSetupSvc.dll
2015-12-19 12:44:13	0053C878CDBA8F8D55339547EC2E99E8	269824	----a-w-	C:\WINDOWS\Sysnative\moshostcore.dll
2015-12-19 12:44:12	735C408ADE2017B8D2F6A8D2C2DB7016	7979008	----a-w-	C:\WINDOWS\Sysnative\mos.dll
2015-12-19 12:44:11	9E55D606C3CE9A37FB2FE5A419AE9CE6	30208	----a-w-	C:\WINDOWS\Sysnative\StorageUsage.dll
2015-12-19 12:44:11	9AEEB769F72EF13134BC21BA1465CCE3	134656	----a-w-	C:\WINDOWS\Sysnative\wificonnapi.dll
2015-12-19 12:44:11	8C86CB7C7725B196773451DE66602199	75776	----a-w-	C:\WINDOWS\Sysnative\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-19 12:44:11	1CC123FE215B7FFBA4B7889FD13B32D5	36864	----a-w-	C:\WINDOWS\Sysnative\BackgroundTransferHost.exe
2015-12-08 23:02:14	EE5BD4F67199E1C5142F3C731035D18C	13381120	----a-w-	C:\WINDOWS\Sysnative\ieframe.dll
2015-12-08 23:02:14	C6F9333F6C5F326B075CBC062E33793D	7680	----a-w-	C:\WINDOWS\Sysnative\readingviewresources.dll
2015-12-08 23:02:14	5B7B6AF7E94E972DCE4BF892ABD466B6	115200	----a-w-	C:\WINDOWS\Sysnative\win32k.sys
2015-12-08 23:02:13	78CF1420E5E88B1664F92F07386D19A8	22393856	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2015-12-08 23:02:11	42B6285314851A693F68F7A7B79FD1B9	1393664	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2015-12-08 23:02:09	E81DF157F4F225928EAE2B1E82863BF6	1817160	----a-w-	C:\WINDOWS\Sysnative\ntdll.dll
2015-12-08 23:02:09	DD97EF0AE9224B8C1161736E033C03F1	1399224	----a-w-	C:\WINDOWS\Sysnative\user32.dll
2015-12-08 23:02:09	CD2CC65DDF46F065BCC975C2BC89DD11	1648640	----a-w-	C:\WINDOWS\Sysnative\comsvcs.dll
2015-12-08 23:02:09	A2469A19FC330A400E2BED8003331BB8	604672	----a-w-	C:\WINDOWS\Sysnative\vbscript.dll
2015-12-08 23:02:09	7950D23F5542F6F8A9D41F046C01067F	2756096	----a-w-	C:\WINDOWS\Sysnative\mshtml.tlb
2015-12-08 23:02:08	69B4974176206D7276B733B30BCE442E	1717248	----a-w-	C:\WINDOWS\Sysnative\GdiPlus.dll
2015-12-08 23:02:08	486C22DD70BE538B1C164AE38E130009	2352128	----a-w-	C:\WINDOWS\Sysnative\authui.dll
2015-12-08 23:02:07	FDB262D0B2C0790385B894AA4B2C0A6C	182784	----a-w-	C:\WINDOWS\Sysnative\shutdownux.dll
2015-12-08 23:02:07	EFA47480BEB0968E3A18479593B2E60C	18944	----a-w-	C:\WINDOWS\Sysnative\wshrm.dll
2015-12-08 23:02:07	2B91178DE30EF92DD383486485B0C97D	523776	----a-w-	C:\WINDOWS\Sysnative\catsrvut.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-12-20 22:26:02	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2015-12-20 22:26:02	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2015-12-20 22:26:02	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2015-12-20 19:50:24	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2015-12-08 23:02:09	EFEFC245B884B1BE0401931398DCD707	2152800	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2015-12-08 23:02:07	DBBACE77DDE8CCFD85B37B114965C385	147968	----a-w-	C:\WINDOWS\Sysnative\drivers\rmcast.sys
2015-12-03 09:42:30	80977779A19947939D680A4899E829EC	604928	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2015-12-03 09:42:25	DE6D7DC78D956928F59F7415A0F41E13	95072	----a-w-	C:\WINDOWS\Sysnative\drivers\sdstor.sys
2015-12-03 09:42:20	7D8B9214692C4D0F1646215D9984E19A	161632	----a-w-	C:\WINDOWS\Sysnative\drivers\ksecpkg.sys
2015-12-03 09:42:18	EF536C54AB9281FDC4E83B07279FCFC4	35680	----a-w-	C:\WINDOWS\Sysnative\drivers\wimmount.sys
2015-12-03 09:42:15	C24C27FDF93B85A4EFCF25F830253AA2	117248	----a-w-	C:\WINDOWS\Sysnative\drivers\capimg.sys
====== C:\WINDOWS\Tasks ======
2015-12-20 20:27:37	83CAEB403FF66EC27B10463A60470568	3304	----a-w-	C:\WINDOWS\Sysnative\Tasks\{FAC9A8B4-5142-48DD-81B2-22C7986852ED}
2015-12-17 18:01:14	C9689D21648A2DA34911D598FDF6109D	3410	----a-w-	C:\WINDOWS\Sysnative\Tasks\Inuna
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-12-20 20:05:28	--------	d-----w-	C:\Program Files\trend micro
2015-12-20 10:29:54	--------	d-----w-	C:\Program Files\WajNetEn
======= C:\PROGRA~2 =====
2015-12-21 15:28:43	--------	d-----w-	C:\PROGRA~2\trend micro
======= C: =====
2015-12-21 11:51:33	6930728F6D4A99D57CCC4CD7962EC56F	29073	----a-w-	C:\malware scan 21-12-2015.txt
====== C:\Users\Gebruiker\AppData\Roaming ======
2015-12-20 10:25:42	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Mozilla
2015-12-17 18:01:20	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Tempfolder
2015-12-15 08:50:56	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\clear.fi
2015-12-15 08:50:38	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Acer
2015-12-07 15:41:16	5DF3A1CC47B7FF00F3487E2B76CCD141	73592	----a-w-	C:\Users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-03 08:11:30	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Chromium
2015-11-26 10:12:01	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Logo Form
2015-11-22 10:04:39	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Total Video
====== C:\Users\Gebruiker ======
2015-12-21 15:27:29	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Downloads\RSITx64 (1).exe
2015-12-21 15:27:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Downloads\RSITx64.exe
2015-12-21 15:27:08	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Gebruiker\Downloads\RSIT (3).exe
2015-12-21 12:36:37	1D749FC1137C46737F14EDD47219FDA3	1740288	----a-w-	C:\Users\Gebruiker\Desktop\adwcleaner_5.025.exe
2015-12-21 11:15:32	--------	d-----w-	C:\ProgramData\G DATA
2015-12-20 10:01:50	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\Gebruiker\OneDrive\mbam-setup-2.2.0.1024.exe
2015-12-14 13:51:41	--------	d-----r-	C:\Users\Gebruiker\3D Objects
2015-12-09 13:27:11	--------	d--h--w-	C:\ProgramData\CanonIJScan

====== C: exe-files ==
2015-12-21 15:28:43	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files (x86)\trend micro\Gebruiker.exe
2015-12-21 15:27:40	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Gebruiker.exe
2015-12-21 15:27:29	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Downloads\RSITx64 (1).exe
2015-12-21 15:27:10	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Downloads\RSITx64.exe
2015-12-21 15:27:08	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Gebruiker\Downloads\RSIT (3).exe
2015-12-21 12:36:51	C7D6815ED0C90D55800A03AF391B07CC	126	----a-w-	C:\$Recycle.Bin\S-1-5-21-1346806955-255715920-2199554747-1001\$IZ2FIWB.exe
2015-12-21 12:36:37	1D749FC1137C46737F14EDD47219FDA3	1740288	----a-w-	C:\Users\Gebruiker\Desktop\adwcleaner_5.025.exe
2015-12-21 12:31:11	406F5257D2DAE486EC03005A84913E76	923096	----a-w-	C:\$Recycle.Bin\S-1-5-21-1346806955-255715920-2199554747-1001\$RZ2FIWB.exe
2015-12-20 19:58:25	7447B5283A054CBB544C690279B16F69	906415	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\ICReinstall_5E6A.tmp.exe
2015-12-20 19:57:47	7447B5283A054CBB544C690279B16F69	906415	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\5E6A.tmp.exe
2015-12-20 19:56:15	26B4F7BE1736091F047E0B8543B5FE72	63488	----a-w-	C:\Windows\Temp\F71A.tmp.exe
2015-12-20 19:56:14	437B93F1756AAE4A6A0936B9990CFFE9	526567	----a-w-	C:\Windows\Temp\F39F.tmp.exe
2015-12-20 18:46:47	BE286D1717B6622CF344FB30B4893CA9	155296	----a-w-	C:\Avenger\SSFK.exe
2015-12-20 18:46:27	7447B5283A054CBB544C690279B16F69	906415	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\A56A.tmp.exe
2015-12-20 17:17:19	6B5E9D97913D71EDA839B62DB05EDDE5	290072	----a-w-	C:\Windows\Temp\~nsu.tmp\Au_.exe
2015-12-20 16:56:32	76881631E28646539AD128AEFD76BA58	344232	----a-w-	C:\Avenger\ProtectWindowsManager.exe
2015-12-20 10:44:16	416B8FB0FA45A2E035D9789CE75DD381	1613824	----a-w-	C:\Users\Gebruiker\AppData\Local\Packages\Buienradar.Buienradar_qjqtr8zyk494e\AC\Microsoft\CLR_v4.0\NativeImages\Buienradar.Windows\0f7343b394cd33b60b14d57fc0b90f9c\Buienradar.Windows.ni.exe
2015-12-20 10:38:45	D5887F3219A8FF5769698D302AF85BC0	344232	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\xbo78\tmp\wpm_v20.0.0.2508.exe
2015-12-20 10:38:45	07022BCFE2726B95BE8B8B984E0E24BA	376832	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\xbo78\tmp\UninstallManager.exe
2015-12-20 10:38:39	2A5F246B97D00F77B78D15F72923839B	61981	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\VK42KJ6J\Validate[1].exe
2015-12-20 10:38:17	94A92062E4164CBA959F97F0F7CC96E0	233265	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\VK42KJ6J\VuuPC_VO2_8907[1].exe
2015-12-20 10:38:02	0E925A1BBB62D614979112D1ECDC98DC	1756160	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\0BS9JD6Z\tB1VdjT0[1].exe
2015-12-20 10:37:51	FCD3A822B668A6991EBDB04FFD3B162D	56401	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\QVY0J1Z0\policyname[1].exe
2015-12-20 10:37:38	A3078153A7A53BFC0A7A0B8FD20D757A	3030016	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\QVY0J1Z0\FinalInstaller_dotnet4[1].exe
2015-12-20 10:37:35	0CCF900044E0E4EDF36E89008E2C6AA7	254464	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\VK42KJ6J\setup_362[1].exe
2015-12-20 10:37:20	5ED99AC4FDEB3CB14F7F5DA6178650C3	6647776	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\84J8KBSS\setup_gmsd_nl[1].exe
2015-12-20 10:37:09	7447B5283A054CBB544C690279B16F69	906415	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\9136.tmp.exe
2015-12-20 10:37:08	66D7438A36E5BBBD4CA634A96FC5C1B8	1632256	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\QVY0J1Z0\JAUxybU1u[1].exe
2015-12-20 10:36:44	53DAEF6725BB795989E2B20A71A1241C	230836	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\VK42KJ6J\SearchUpdater[1].exe
2015-12-20 10:36:31	EDDEC3E7CAD93B0F3B84F63B3193E4D6	759544	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\84J8KBSS\SmartWebInstaller[1].exe
2015-12-20 10:36:07	900C797AB605BAC6BA0DE7E9ABA3E7D7	127888	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\QVY0J1Z0\TBdZbBoKA[1].exe
2015-12-20 10:35:56	2A4BA435E05F5A6E6223F87C1C8B8F1D	43176	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\VK42KJ6J\cmmdWriter[1].exe
2015-12-20 10:28:35	726FD345F7A5B7433156AD1E70ED40DA	11264	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\0BS9JD6Z\setup_38a77a[1].exe
2015-12-20 10:28:13	EC1C569982F427ABA32E928B23344296	4614360	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\84J8KBSS\rcpsetup_17970[1].exe
2015-12-20 10:23:56	FCFD17D962EC1DDCD7CB388DA69DD0FD	249568	----a-w-	C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE\0BS9JD6Z\Firefox Setup Stub 43.0.1.exe
2015-12-20 10:01:50	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\Gebruiker\OneDrive\mbam-setup-2.2.0.1024.exe
2015-12-19 12:48:12	4E95AB8BEB2C8FD53B348EF4AD5121C5	149184	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\4F9C44B9-478B-49C8-8AF3-9239E88498E2\DismHost.exe
2015-12-19 12:44:36	9F4602D70BAAE3BC8F352428280EED1A	9371480	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
2015-12-19 12:44:32	D0C33795F36FDA5E6ABA96534AE40682	7319408	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2015-12-19 12:44:18	BFFC187B1FFA022F59D652A6A4CA130F	199168	----a-w-	C:\Windows\System32\InstallAgent.exe
2015-12-19 12:44:17	3A24E199AA5A30D6E7C30D01E2BF4C7E	161280	----a-w-	C:\Windows\SysWOW64\InstallAgent.exe
2015-12-19 12:44:15	687A06910237E430194D677BDAA47E96	219136	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
2015-12-19 12:44:14	D1BB4122E41E04E2D8D57702396AE031	412512	----a-w-	C:\Windows\System32\wifitask.exe
2015-12-19 12:44:14	791B8A108F9A7CC72E5DF83A9992557D	2095968	----a-w-	C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2015-12-19 12:44:14	1C671129864880F66678D3B80316074E	56320	----a-w-	C:\Windows\System32\provtool.exe
2015-12-19 12:44:14	14CE7BCE9C6A442BD4B93AB3CB8765BF	375296	----a-w-	C:\Windows\System32\MDEServer.exe
2015-12-19 12:44:13	2E75E8FC1E833E2BB55D4272E3674B8D	104448	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
2015-12-19 12:44:12	A311E40B856ACCE11AD177AD40574385	356864	----a-w-	C:\Windows\SystemApps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.exe
2015-12-19 12:44:11	F60E1993D8D8FD2E23516C1278B209C1	34304	----a-w-	C:\Windows\SysWOW64\BackgroundTransferHost.exe
2015-12-19 12:44:11	1CC123FE215B7FFBA4B7889FD13B32D5	36864	----a-w-	C:\Windows\System32\BackgroundTransferHost.exe
2015-12-17 19:51:40	4E16309B79AA11E417C204523E2C0DA0	2828288	----a-w-	C:\Program Files\WajNetEn\5b34184659ad267c02dbe9bb9e0345c5.exe
2015-12-17 18:01:54	7447B5283A054CBB544C690279B16F69	906415	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\23B2.tmp.exe
2015-12-17 17:10:52	66FEFD6A97CCA4AFE2A70CC50B612A92	19528	----a-w-	C:\ProgramData\Acer\updater2\Download\48182894\B\HTTP2GA.exe
2015-12-17 17:10:52	3130EFCFDBAD695A1C635DC2566DE162	14752	----a-w-	C:\ProgramData\Acer\updater2\Download\48182894\B\FirefoxHelper.exe
2015-12-17 17:10:25	66FEFD6A97CCA4AFE2A70CC50B612A92	19528	----a-w-	C:\ProgramData\Acer\updater2\Download\48182894\D\HTTP2GA.exe
2015-12-17 16:10:57	05ADBEE062ED214A7E832B3DB82D9421	87733	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\UninstallModule.exe
2015-12-17 15:45:52	244D21CD479E194DA2717ED5A61A8821	134528	----a-w-	C:\Windows\Temp\bobca\Muaodhor.exe
2015-12-17 10:17:53	CA9BF8A9C77A7F6351ABEA3926650EF8	2569944	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\clear.fi_media\abMediaSetup.exe
2015-12-17 10:17:15	7447B5283A054CBB544C690279B16F69	906415	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\B451.tmp.exe
2015-12-15 08:49:41	B88228D5FEF4B6DC019D69D4471F23EC	5073240	----a-w-	C:\Windows\Temp\clear.fi_media_AOP\vcredist_x86.exe
2015-12-15 08:49:41	3B9F867AE06263F09BE656C08F18BABF	11658064	----a-w-	C:\Windows\Temp\clear.fi_media_AOP\AcerOpenPlatformSetup.exe
=== C: other files ==
2015-12-20 22:26:02	CFBC6C6D8A492697CABD1D353EE64933	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-12-20 22:26:02	42B3F5C9FBC9B3F0E0BA6B5D7FC8E849	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-12-20 22:26:02	08DECFCB9BA97786165A69AB1015BC30	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-12-20 19:50:24	78488AF2AB2111D67B3C4044707A519B	192216	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-12-20 18:54:40	C604B5CFC9DEAAA32691FC2798B86936	14040	----a-w-	C:\Avenger\{84ae9a67-ced0-4a65-a1ef-fd57cbc5c0e8}Gw64.sys
2015-12-20 17:39:04	F6B685306C89EE40A4B687A1F0758DCA	218650	----a-w-	C:\Program Files (x86)\Opera\34.0.2036.41\resources\standard_themes\default_theme.zip
2015-12-20 17:39:04	B9E7A356DBFD03D6EC62607A3F7A267B	53056	----a-w-	C:\Program Files (x86)\Opera\34.0.2036.41\resources\standard_themes\reine.zip
2015-12-20 17:39:04	9BB699BFD48DC443711F1BE8077B5677	289	----a-w-	C:\Program Files (x86)\Opera\34.0.2036.41\resources\standard_themes\grey.zip
2015-12-20 17:39:04	8B86C14C2676D3611194F6E932A0C71A	299162	----a-w-	C:\Program Files (x86)\Opera\34.0.2036.41\resources\standard_themes\landscape_photo.zip
2015-12-20 17:39:04	57BD727A9E6668CEA21EA9A52CA65767	243193	----a-w-	C:\Program Files (x86)\Opera\34.0.2036.41\resources\standard_themes\darkbreeze.zip
2015-12-19 12:44:13	78065D08A6D5886ACF9B6BA7E34A554C	3593216	----a-w-	C:\Windows\System32\win32kfull.sys
2015-12-17 18:22:01	C604B5CFC9DEAAA32691FC2798B86936	14040	----a-w-	C:\Avenger\{55e37f1b-f94a-4899-be82-a947933c81bc}Gw64.sys
2015-12-17 18:01:16	C604B5CFC9DEAAA32691FC2798B86936	14040	----a-w-	C:\Avenger\bsdriver.sys
2015-12-17 17:10:52	C3A964C5525266E0970D6AA0E65AAE86	635	----a-w-	C:\ProgramData\Acer\updater2\Download\48182894\B\FpInstall.bat
2015-12-17 17:10:25	9766F7E8EB25D0FC02502A661E2DAAAE	274	----a-w-	C:\ProgramData\Acer\updater2\Download\48182894\D\FpCheck.bat
2015-12-17 13:07:16	C604B5CFC9DEAAA32691FC2798B86936	14040	----a-w-	C:\Avenger\cherimoya.sys
2015-12-17 10:17:55	148E66754FBC5C395B07CFC24881C0F8	838	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\clear.fi_media_AOP\unpinmedia.vbs
2015-12-15 08:49:38	BDA15239EFF5FDD3C8D176CB60CD9ADE	549	----a-w-	C:\Windows\Temp\clear.fi_media_AOP\pinmedia.vbs
2015-12-15 08:49:38	148E66754FBC5C395B07CFC24881C0F8	838	----a-w-	C:\Windows\Temp\clear.fi_media_AOP\unpinmedia.vbs

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1346806955-255715920-2199554747-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"BingSvc"="C:\Users\Gebruiker\AppData\Local\Microsoft\BingSvc\BingSvc.exe"

[HKEY_USERS\S-1-5-21-1346806955-255715920-2199554747-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"abDocsDllLoader"="C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe"
"Adobe Photo Downloader"="C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\apdproxy.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"BingSvc"="C:\Users\Gebruiker\AppData\Local\Microsoft\BingSvc\BingSvc.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\ACC" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe]
"C:\WINDOWS\SysNative\tasks\ACCAgent" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe]
"C:\WINDOWS\SysNative\tasks\ACCBackgroundApplication" [C:\Program Files (x86)\Acer\Care Center\ACCStd.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\BacKGroundAgent" [C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe]
"C:\WINDOWS\SysNative\tasks\Hotkey Utility" ["C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"]
"C:\WINDOWS\SysNative\tasks\Inuna" [C:\PROGRA~1\SHOPPE~1\Delsyva.bat]
"C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"]
"C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"]
"C:\WINDOWS\SysNative\tasks\PinItAutoUpdate" ["C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe"]
"C:\WINDOWS\SysNative\tasks\UbtFrameworkService" ["C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1618C92A-0AC4-429D-A2CE-B2942405FD0C}" [C:\WINDOWS\system32\msfeedssync.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\pjzodz50.default
user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser//?type=hp&ts=1450607839&z=b7b672c41de77e5b31ea3edgazcw6e1qbeem5b7c1e&from=face&uid=WDCXWD10JPVX-22JC3T0_WD-WXB1A258E0H28E0H2");

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[]

internetquickaccess - Gebruiker\AppData\Local\Chromium\User Data\Default\Extensions\ddlhogjgfofpgmkognopimmilcldcepb
SiteAdvisor - Gebruiker\AppData\Local\Chromium\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

==== Chromium Fix ======================

C:\Users\Gebruiker\AppData\Local\Chromium\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} - http://nl.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
HKLM\SearchScopes\{E9794A6F-F62C-4FB4-84AB-821DDA82FFD3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{E9794A6F-F62C-4FB4-84AB-821DDA82FFD3} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={sear
HKCU\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} - No_Url_Value
HKCU\SearchScopes\{E9794A6F-F62C-4FB4-84AB-821DDA82FFD3} - No_Url_Value

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\pjzodz50.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Gebruiker\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Gebruiker\AppData\Local\Chromium\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5491 folders=101 376481965 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 21-12-2015 at 19:36:12,43 ======================