Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Marina on za 02/01/2016 at  9:05:56,44.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Marina\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

2/01/2016 9:10:51 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\VideoLAN deleted successfully
C:\Program Files\Soluto deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\firebird deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Marina\AppData\Local\ActiveSync deleted successfully
C:\Users\Marina\AppData\Local\AVG Web TuneUp deleted successfully
C:\Users\Marina\AppData\Local\EmieSiteList deleted successfully
C:\Users\Marina\AppData\Local\EmieUserList deleted successfully
C:\Users\Marina\AppData\Local\NetworkTiles deleted successfully
C:\Users\Marina\AppData\Local\PackageStaging deleted successfully
C:\Users\Marina\AppData\Local\Unity deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-192893622-2068937732-1280758114-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.2.4 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\r0ws2q09.default

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("browser.search.hiddenOneOffs", "Bing,DuckDuckGo,Wikipedia (en),Yahoo");
---- FireFox user.js and prefs.js backups ---- 

prefs_20160201_0924_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\VideoLAN not found
C:\PROGRA~2\Alarm Clock deleted
C:\Program Files (x86)\AVG Web TuneUp deleted
C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\r0ws2q09.default\extensions\superstart@enjoyfreeware.org deleted
C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\r0ws2q09.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} deleted
C:\Program Files (x86)\Demon Hunter deleted
C:\ProgramData\Avg_Update_1215tb deleted
C:\windows\SysNative\Tasks\AVG-Secure-Search-Update_1215tb_RML deleted
C:\windows\SysNative\Tasks\AVG_SYS_TASK_1215tb_DELETE deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEATHE~1 deleted
C:\Program Files\AVG Web TuneUp deleted
C:\PROGRA~2\COMMON~1\AVG Secure Search deleted
C:\PROGRA~3\AlawarEntertainment deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\Avg_Update_0215tb deleted
C:\PROGRA~3\Avg_Update_1014avt deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\MWinManProM deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\PROGRA~3\Trymedia deleted
C:\Users\Marina\AppData\Local\SoftonicAssistant deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\Marina\AppData\LocalLow\Unity deleted
C:\windows\SysNative\tasks\LaunchPreSignup deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\r0ws2q09.default\searchplugins\youtube-video-search.xml deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-12-22 10:01:37	6DB9AFC58AF7489AEF1FF857269CA792	67584	--s-a-w-	C:\Windows\bootstat.dat
====== C:\Users\Marina\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-01-01 09:17:54	4BA25D2CBE1587A841DCFB8C8C4A6EA6	875472	----a-w-	C:\Windows\SysWOW64\msvcr110.dll
2015-12-22 15:39:47	819363A483BB829C443D94CC77119DC9	18678272	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2015-12-22 15:39:43	EDC75B4FF6A66B0AC1A360476D9CBCC9	12125184	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-12-22 15:39:39	083A4C6C21371B011771A350942DEB8F	19339264	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-12-22 15:39:34	9D97A95801784A94F3DC76E0E49B885C	13017600	----a-w-	C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-12-22 15:39:34	7E0CB4ADF324AD6552C36181EB0CBC4D	1118208	----a-w-	C:\Windows\SysWOW64\mfnetsrc.dll
2015-12-22 15:39:33	5B64BFE61393D22D908BB5E2A17B6147	1328128	----a-w-	C:\Windows\SysWOW64\comsvcs.dll
2015-12-22 15:39:32	5E8F545EA2A3BE324D800FD926E5010A	2180136	----a-w-	C:\Windows\SysWOW64\mfcore.dll
2015-12-22 15:39:31	D8E958F0E5929BFEC15238E0E1F94C64	983464	----a-w-	C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-12-22 15:39:30	600A12A37D8F0B98E3497C59505338D1	716928	----a-w-	C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-12-22 15:39:30	532AC1D121972B17BE523A9988A3A0E5	2155008	----a-w-	C:\Windows\SysWOW64\authui.dll
2015-12-22 15:39:29	EB6BAC2C67F848F2C0EFE82AEAC5C67A	1540768	----a-w-	C:\Windows\SysWOW64\ntdll.dll
2015-12-22 15:39:29	302A0BE9FA2874A3E99C0E25C992E7C7	1467392	----a-w-	C:\Windows\SysWOW64\GdiPlus.dll
2015-12-22 15:39:28	D80737E0C4AFE5D4714D14F27A9E6CFB	1706496	----a-w-	C:\Windows\SysWOW64\ActiveSyncProvider.dll
2015-12-22 15:39:28	C4C80541BDE649F44EA1F81F7D4C510A	503296	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-12-22 15:39:28	2029AAF923CE131E5157F6175DE66881	2919320	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-12-22 15:39:27	674333934AEF201C56419742CD86782B	973664	----a-w-	C:\Windows\SysWOW64\LicenseManager.dll
2015-12-22 15:39:26	32BF0F999279961833888317C3FE45D9	2061824	----a-w-	C:\Windows\SysWOW64\MFMediaEngine.dll
2015-12-22 15:39:24	D262A3DA660F5312D059DADB9034392B	2796032	----a-w-	C:\Windows\SysWOW64\Windows.Media.dll
2015-12-22 15:39:24	B8C4EFAA6AAED98E6B5AB57CAFA489B9	1337240	----a-w-	C:\Windows\SysWOW64\user32.dll
2015-12-22 15:39:22	F8C66D9D6AEC233715C8B32DB203EF6D	502112	----a-w-	C:\Windows\SysWOW64\NetSetupEngine.dll
2015-12-22 15:39:22	6D151B11358362786C45F1A4A21576FA	925064	----a-w-	C:\Windows\SysWOW64\mfplat.dll
2015-12-22 15:39:22	110A45F765495043CB8ED918FEFD8D90	572928	----a-w-	C:\Windows\SysWOW64\WpcWebFilter.dll
2015-12-22 15:39:21	FD6EE242ACD2E05AFE920139D12C3053	670928	----a-w-	C:\Windows\SysWOW64\mfds.dll
2015-12-22 15:39:21	8310F69B59EFA4EC47B6B3F535BFC3CB	898184	----a-w-	C:\Windows\SysWOW64\mfsrcsnk.dll
2015-12-22 15:39:21	76B00BE575C4D8CF3D7334240C8DAF90	683008	----a-w-	C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-22 15:39:20	B934E18B1A20A26768F57EDBD6882A38	884256	----a-w-	C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-12-22 15:39:19	C85501FE7EFD33E06A877B8786F396B6	462760	----a-w-	C:\Windows\SysWOW64\mfreadwrite.dll
2015-12-22 15:39:19	A9B375A65A92C45D9723B1BAD8F87D1E	1105920	----a-w-	C:\Windows\SysWOW64\Windows.Media.Audio.dll
2015-12-22 15:39:19	775C32A6DE7E9702CB04B10C69D80457	450904	----a-w-	C:\Windows\SysWOW64\MFCaptureEngine.dll
2015-12-22 15:39:18	0FA8D61A4D4F56063113F9DA4E18848B	289248	----a-w-	C:\Windows\SysWOW64\MFPlay.dll
2015-12-22 15:39:17	D9EF9F5DA78CD085FD23C8EBB6108662	409088	----a-w-	C:\Windows\SysWOW64\StoreAgent.dll
2015-12-22 15:39:16	4237413A7EDD61589081B9450D657036	116720	----a-w-	C:\Windows\SysWOW64\mfps.dll
2015-12-22 15:39:16	337E7D5B768ABDBEA9F17823F76D5F1B	381952	----a-w-	C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2015-12-22 15:39:16	1F48933EFAB68EDD3B456C78E17B89CE	871936	----a-w-	C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2015-12-22 15:39:15	F2061A1835E8844637168800292309BF	84832	----a-w-	C:\Windows\SysWOW64\NetSetupApi.dll
2015-12-22 15:39:15	4CE9BF384DAAE2BF9E49C5B7E2F106F0	270848	----a-w-	C:\Windows\SysWOW64\MSFlacDecoder.dll
2015-12-22 15:39:15	4C421E34FF4A836590401A3E9A5B5DE8	415744	----a-w-	C:\Windows\SysWOW64\catsrvut.dll
2015-12-22 15:39:15	3A24E199AA5A30D6E7C30D01E2BF4C7E	161280	----a-w-	C:\Windows\SysWOW64\InstallAgent.exe
2015-12-22 15:39:15	184F89725539803B64E718BD0F779DC9	569856	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2015-12-22 15:39:12	2DE2DAF437341AECB280DBFE88CBB581	346112	----a-w-	C:\Windows\SysWOW64\MapConfiguration.dll
2015-12-22 15:39:11	FDEEA5397A0D079E1EF8F1B765BC7D04	6297088	----a-w-	C:\Windows\SysWOW64\mos.dll
2015-12-22 15:39:11	192B579E14C116D2B742FEBE85A4D3C1	2756096	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-12-22 15:39:10	F60E1993D8D8FD2E23516C1278B209C1	34304	----a-w-	C:\Windows\SysWOW64\BackgroundTransferHost.exe
2015-12-22 10:04:10	79F423DFFE3DC5C42A74EB6615D01CCC	86528	----a-w-	C:\Windows\SysWOW64\OpenCL.DLL
2015-12-22 10:03:13	42DE22BB4E675AE8DADD9038B26F8EFE	2718208	----a-w-	C:\Windows\SysWOW64\PrintConfig.dll
2015-12-22 09:59:08	79422D76818752C6D935A97C8FFC4EEA	44147	----a-w-	C:\Windows\SysWOW64\license.rtf
2015-12-22 09:55:46	EF22B84131DB17D40D523F649CAD31D2	366224	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2015-12-22 09:55:46	EBB01B0223DBB9660E4FFB35854D69BF	400896	----a-w-	C:\Windows\SysWOW64\winspool.drv
2015-12-22 09:55:46	D0693220928997E1DD513B261AF86308	454056	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2015-12-22 09:55:46	B13BE7A31C732B5773FDF51FB140B614	334336	----a-w-	C:\Windows\SysWOW64\bcastdvr.exe
2015-12-22 09:55:46	AD2E3CC2771EADB0605CC0FAE73EAA45	405048	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2015-12-22 09:55:46	A4CC1E8330E839AA619978E61AEEEAC4	73360	----a-w-	C:\Windows\SysWOW64\remoteaudioendpoint.dll
2015-12-22 09:55:46	9ACCC0C1786391EF1FD1FAF12AE22801	340480	----a-w-	C:\Windows\SysWOW64\PlayToDevice.dll
2015-12-22 09:55:46	86A2DFAAE917E8852363BD716BD8D5CF	334848	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-12-22 09:55:46	75F7D82383D8CF10D5999874993A2EF5	27136	----a-w-	C:\Windows\SysWOW64\bcastdvr.proxy.dll
2015-12-22 09:55:46	4F04FB02D215667B505A060EEE02B5DF	686592	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-12-22 09:55:46	2EECE39CDFFF244B2489FD8ACDC14D7A	517632	----a-w-	C:\Windows\SysWOW64\PlayToManager.dll
2015-12-22 09:55:46	2DA46210CBE5B92C4E79FDD70A6C0ADE	2049024	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-12-22 09:55:46	2AF0E5217FE677C29669E0243F28D64F	70656	----a-w-	C:\Windows\SysWOW64\AppCapture.dll
2015-12-22 09:55:44	F7F009E10E52C760EF48D2AD7E4D892E	29696	----a-w-	C:\Windows\SysWOW64\LaunchWinApp.exe
2015-12-22 09:55:44	F2D9AB28744983980E6BCE08DA077528	21125408	----a-w-	C:\Windows\SysWOW64\shell32.dll
2015-12-22 09:55:44	D6DF0F68136C6148989E927572319F21	431232	----a-w-	C:\Windows\SysWOW64\WWanAPI.dll
2015-12-22 09:55:44	D213E29D66D7182AF58CB525EFC2F409	421888	----a-w-	C:\Windows\SysWOW64\LogonController.dll
2015-12-22 09:55:44	AA220069ABA44FEB2FEA92FF463E89BC	166912	----a-w-	C:\Windows\SysWOW64\UserMgrProxy.dll
2015-12-22 09:55:44	9E57FF10D37B672B8781BAF92DB00A8B	9918976	----a-w-	C:\Windows\SysWOW64\twinui.dll
2015-12-22 09:55:44	5467DAD0BDB397D84052FCCF8686FB9C	60928	----a-w-	C:\Windows\SysWOW64\mssign32.dll
2015-12-22 09:55:44	31DE6A034E8BBA043CB2F4612033C12A	296488	----a-w-	C:\Windows\SysWOW64\policymanager.dll
2015-12-22 09:55:44	1E7B13CDBA9D57D2BF54A7501FB17376	586080	----a-w-	C:\Windows\SysWOW64\wimgapi.dll
2015-12-22 09:55:44	102F3BB5D63225A25817C8E44B85533F	63528	----a-w-	C:\Windows\SysWOW64\wwapi.dll
2015-12-22 09:55:42	FAE7DA27029FDDA27375722B4DC387D7	138240	----a-w-	C:\Windows\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-22 09:55:42	F32770E19F1CB817274BC85824730E48	470528	----a-w-	C:\Windows\SysWOW64\MbaeApi.dll
2015-12-22 09:55:42	F2D2E8091D0929884E6A86AFD9981E2F	2001408	----a-w-	C:\Windows\SysWOW64\twinui.appcore.dll
2015-12-22 09:55:42	EBD19D0E20C113468631504BFE56FB3F	2185840	----a-w-	C:\Windows\SysWOW64\d3d11.dll
2015-12-22 09:55:42	D707B12965D5E8DFBD7C5BF7FB12AF02	24064	----a-w-	C:\Windows\SysWOW64\WordBreakers.dll
2015-12-22 09:55:42	CA260C1A4CFC95D49DBE4DAEDCD65585	58368	----a-w-	C:\Windows\SysWOW64\MosStorage.dll
2015-12-22 09:55:42	C132402FABE387126B5CB0D2D3426671	133632	----a-w-	C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-22 09:55:42	C11AFEBFFDD62BA366D2F146212B415E	110592	----a-w-	C:\Windows\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-22 09:55:42	B0DB58B85CF68C61AFBEFC107807FECF	784896	----a-w-	C:\Windows\SysWOW64\NMAA.dll
2015-12-22 09:55:42	AA0644D24DD488B1E1517189DD3DC00B	48640	----a-w-	C:\Windows\SysWOW64\MosHostClient.dll
2015-12-22 09:55:42	A971D150CD168A1F7BD775674896F02C	711680	----a-w-	C:\Windows\SysWOW64\MapControlCore.dll
2015-12-22 09:55:42	9FE071ED2AAE48A691D234E757297CF3	49152	----a-w-	C:\Windows\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-22 09:55:42	97097223B24F49F5934188FA24D74B46	1944576	----a-w-	C:\Windows\SysWOW64\InputService.dll
2015-12-22 09:55:42	92F331E360CB8DC73FA1158934CA9491	86528	----a-w-	C:\Windows\SysWOW64\MapsBtSvc.dll
2015-12-22 09:55:42	92551AFCC476CBEBBB66B6420C60AB20	5202944	----a-w-	C:\Windows\SysWOW64\BingMaps.dll
2015-12-22 09:55:42	8BAD6657817E0960C7CB6026323828A1	511320	----a-w-	C:\Windows\SysWOW64\mf.dll
2015-12-22 09:55:42	7F64C196D3FA41C0F437A158FDEF7F50	800768	----a-w-	C:\Windows\SysWOW64\JpMapControl.dll
2015-12-22 09:55:42	7CDF1630DCF7C9167E551874D18C3CE0	709120	----a-w-	C:\Windows\SysWOW64\BingOnlineServices.dll
2015-12-22 09:55:42	761E6E736B47DA42D74227A26F658108	100864	----a-w-	C:\Windows\SysWOW64\offlinelsa.dll
2015-12-22 09:55:42	6AE2C3CFEA73E2D01CB1E00DBD1EC4A5	205824	----a-w-	C:\Windows\SysWOW64\NmaDirect.dll
2015-12-22 09:55:42	65E98344070A6C0B66ED476F735B14D3	59904	----a-w-	C:\Windows\SysWOW64\EditBufferTestHook.dll
2015-12-22 09:55:42	57A2AAE6BD896F54767284BAB7C2D183	1859448	----a-w-	C:\Windows\SysWOW64\CoreUIComponents.dll
2015-12-22 09:55:42	53E2029302DA056DE856D4C662663B2B	10240	----a-w-	C:\Windows\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-22 09:55:42	4C85D9A9FD26D3F00BBF5D3F469F1800	241664	----a-w-	C:\Windows\SysWOW64\cryptngc.dll
2015-12-22 09:55:42	451356B814B46BB6582F307E24AA0863	9728	----a-w-	C:\Windows\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-22 09:55:42	3FCEAC0D175851962F9CF797A370A14F	3072	----a-w-	C:\Windows\SysWOW64\MapControlStringsRes.dll
2015-12-22 09:55:42	3B7DA8EC6FC4F16F85934D944A2149CD	791552	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-12-22 09:55:42	3B1D8CE3E56BA82EF02C126226B7C357	948224	----a-w-	C:\Windows\SysWOW64\Unistore.dll
2015-12-22 09:55:42	35383CA7169E12D885B9B553F59E3154	41984	----a-w-	C:\Windows\SysWOW64\XblAuthManagerProxy.dll
2015-12-22 09:55:42	262D880248233D3A96C15F7C7E1BAD21	58368	----a-w-	C:\Windows\SysWOW64\MosResource.dll
2015-12-22 09:55:42	1973BD62F29F443E9BC467FAA9F27159	83456	----a-w-	C:\Windows\SysWOW64\InputLocaleManager.dll
2015-12-22 09:55:42	123BD3D4504BB548A823152EAC57DE00	32040	----a-w-	C:\Windows\SysWOW64\mfpmp.exe
2015-12-22 09:55:41	F0ED21F9D39229B305C363B6ED023170	11776	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-12-22 09:55:41	D51618B0CB2B51F7D9B8DEB38A454126	36352	----a-w-	C:\Windows\SysWOW64\UIAutomationCoreRes.dll
2015-12-22 09:55:41	BEFAC095C4E511243E91B1F916C243A7	704352	----a-w-	C:\Windows\SysWOW64\WWAHost.exe
2015-12-22 09:55:41	BEDE63EB0B3B100A1FBD2996FE3AF0EF	1505280	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-12-22 09:55:41	BC6B60847CDEFFB3DE3AA394366881DF	490496	----a-w-	C:\Windows\SysWOW64\Windows.UI.dll
2015-12-22 09:55:41	ADAF3873B0A29C4AFC0D8B89C3485A94	227840	----a-w-	C:\Windows\SysWOW64\deviceaccess.dll
2015-12-22 09:55:41	AC742BB0B79CD4C535E6A317FD4A18A8	315904	----a-w-	C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-22 09:55:41	A95DDF60D6EC95625C4987750619C5DB	93696	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-12-22 09:55:41	A820BD54E6B4A68C6E4490EA23FA5650	1860096	----a-w-	C:\Windows\SysWOW64\cdp.dll
2015-12-22 09:55:41	9FA5093D91ED3CB6B4CE67A040C5E40A	65536	----a-w-	C:\Windows\SysWOW64\wininetlui.dll
2015-12-22 09:55:41	93050CE746C09F2F6F49A4893FB060ED	647168	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-12-22 09:55:41	90F7CF0E4FFD720EBAC601CABE25D880	2121216	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-12-22 09:55:41	8E93F5481D1A608D90104F24DD610B76	540752	----a-w-	C:\Windows\SysWOW64\fontdrvhost.exe
2015-12-22 09:55:41	8E2CB7E297C2631CB063319377ED7AD0	303104	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-12-22 09:55:41	89F3F69C9996D5BCC879C664BF74A4E2	675064	----a-w-	C:\Windows\SysWOW64\dcomp.dll
2015-12-22 09:55:41	847B31F89A3009D5D851479224B7579A	2680320	----a-w-	C:\Windows\SysWOW64\msftedit.dll
2015-12-22 09:55:41	6BBB4172DDF348821C3C4B7FE844077B	1443328	----a-w-	C:\Windows\SysWOW64\SRHInproc.dll
2015-12-22 09:55:41	588E4109C8A78BC211AC1D5756652A67	1139200	----a-w-	C:\Windows\SysWOW64\UIAutomationCore.dll
2015-12-22 09:55:41	54F47C0CD2DE99A7B8C7583CF6C22D92	3072	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-12-22 09:55:41	52838DDB3B20C7330A30D89509A93B55	1268736	----a-w-	C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-22 09:55:41	382AA3E205808FBF0458A143B0F4ACFF	45568	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-12-22 09:55:41	2C5A8D334EFB14914B1618247CD0DAAF	37376	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-12-22 09:55:41	23A968565D51FEC30EADFBC70BE35117	793600	----a-w-	C:\Windows\SysWOW64\SRH.dll
2015-12-22 09:53:59	5E252F791641F7193E91D6F4D5BAF44F	1870848	----a-w-	C:\Windows\SysWOW64\MLS2.dll
2015-12-22 09:53:58	4C6D3C641CDB009FD5069BFF01939038	7965696	----a-w-	C:\Windows\SysWOW64\NlsLexicons0024.dll
2015-12-22 09:53:58	17331B90C47277CD19D6A9DD25A4C575	131072	----a-w-	C:\Windows\SysWOW64\NlsData0024.dll
2015-12-22 09:50:57	F432E0E5B0958F4982D40EB622FBD7FC	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2015-12-22 09:50:57	BF9CAA33ADD4C21C118148B5CFC5494B	778936	----a-w-	C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-12-22 09:50:57	6F391E9286733CC6B34FC0FAB23B8DF3	103120	----a-w-	C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-12-22 15:39:52	E761095ADFC48739CA54A3B58242AF0D	24601600	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-12-22 15:39:50	78CF1420E5E88B1664F92F07386D19A8	22393856	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2015-12-22 15:39:44	EE5BD4F67199E1C5142F3C731035D18C	13381120	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-12-22 15:39:40	35A6E2624696F77A8660529E9C5B7B9A	16984064	----a-w-	C:\Windows\Sysnative\Windows.UI.Xaml.dll
2015-12-22 15:39:36	9DA2D5EB73F6F61BB32B63B59DF2BB0C	1299504	----a-w-	C:\Windows\Sysnative\mfnetsrc.dll
2015-12-22 15:39:35	FAD9326ED152667E57B5B2EDBD9973F8	2544256	----a-w-	C:\Windows\Sysnative\mfcore.dll
2015-12-22 15:39:35	CD2CC65DDF46F065BCC975C2BC89DD11	1648640	----a-w-	C:\Windows\Sysnative\comsvcs.dll
2015-12-22 15:39:35	A44FB85192EE0DD3F7D6518B63044F4E	2598400	----a-w-	C:\Windows\Sysnative\NetworkMobileSettings.dll
2015-12-22 15:39:34	486C22DD70BE538B1C164AE38E130009	2352128	----a-w-	C:\Windows\Sysnative\authui.dll
2015-12-22 15:39:33	95F53D812EF80A2819E9C1539A629B5F	823264	----a-w-	C:\Windows\Sysnative\mfmpeg2srcsnk.dll
2015-12-22 15:39:33	45B88D0BBAB3EAA10883097C14C33678	1281376	----a-w-	C:\Windows\Sysnative\LicenseManager.dll
2015-12-22 15:39:32	184F5C80753CD7F6400AAA4087288B97	2582016	----a-w-	C:\Windows\Sysnative\MFMediaEngine.dll
2015-12-22 15:39:31	8F6118120D9A11A1CFD8822850826064	1155944	----a-w-	C:\Windows\Sysnative\mfasfsrcsnk.dll
2015-12-22 15:39:31	78065D08A6D5886ACF9B6BA7E34A554C	3593216	----a-w-	C:\Windows\Sysnative\win32kfull.sys
2015-12-22 15:39:31	69B4974176206D7276B733B30BCE442E	1717248	----a-w-	C:\Windows\Sysnative\GdiPlus.dll
2015-12-22 15:39:30	63976F057A5A9FD426DC84FB97CF3446	3671888	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-12-22 15:39:29	A2469A19FC330A400E2BED8003331BB8	604672	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-12-22 15:39:29	42B6285314851A693F68F7A7B79FD1B9	1393664	----a-w-	C:\Windows\Sysnative\win32kbase.sys
2015-12-22 15:39:28	549A1696E594E6939C210972B4AD9747	824320	----a-w-	C:\Windows\Sysnative\WpcWebFilter.dll
2015-12-22 15:39:27	E81DF157F4F225928EAE2B1E82863BF6	1817160	----a-w-	C:\Windows\Sysnative\ntdll.dll
2015-12-22 15:39:27	43091BCAB6446E01AEB9DFFB2538B2F9	1995776	----a-w-	C:\Windows\Sysnative\ActiveSyncProvider.dll
2015-12-22 15:39:26	93D891995D253D4B6BCFABEE5C73454B	3428864	----a-w-	C:\Windows\Sysnative\Windows.Media.dll
2015-12-22 15:39:25	C4DF460B84DB6A0D4C18375DE1117DD0	696160	----a-w-	C:\Windows\Sysnative\NetSetupEngine.dll
2015-12-22 15:39:25	686E73A0F24F56A25A78D8EFE8E4B937	1318912	----a-w-	C:\Windows\Sysnative\wifinetworkmanager.dll
2015-12-22 15:39:24	DD97EF0AE9224B8C1161736E033C03F1	1399224	----a-w-	C:\Windows\Sysnative\user32.dll
2015-12-22 15:39:23	C08AA0383BCEE881C319F23A5189AB8D	794888	----a-w-	C:\Windows\Sysnative\mfds.dll
2015-12-22 15:39:23	9D9A25E3E658EAC6FA9BC1BC23168516	1092456	----a-w-	C:\Windows\Sysnative\mfplat.dll
2015-12-22 15:39:23	4588022BF3C34392C0C2AFDC3634C0CF	1065080	----a-w-	C:\Windows\Sysnative\mfmp4srcsnk.dll
2015-12-22 15:39:23	0F09B99EF80BB0D914538FC17A305A4F	1131520	----a-w-	C:\Windows\Sysnative\Windows.Media.Audio.dll
2015-12-22 15:39:22	CCB125BB7072FEAFC68A56749FD2DFD7	1020096	----a-w-	C:\Windows\Sysnative\mfsrcsnk.dll
2015-12-22 15:39:22	01AE64981A7C7AE4F84799931D8DAAD1	900608	----a-w-	C:\Windows\Sysnative\Windows.Networking.BackgroundTransfer.dll
2015-12-22 15:39:21	C8AEE94042CFDF6383C153AFD284AEF1	497152	----a-w-	C:\Windows\Sysnative\mfmkvsrcsnk.dll
2015-12-22 15:39:21	18CE63A5B5EB84FF7F9F575C8FE53F44	931328	----a-w-	C:\Windows\Sysnative\MSMPEG2ENC.DLL
2015-12-22 15:39:20	F3B1BFB19C6A47DE7706A9CF1A177028	526856	----a-w-	C:\Windows\Sysnative\mfreadwrite.dll
2015-12-22 15:39:20	7DD3B4B77A787E06A6B3DC9AE7B451E0	292352	----a-w-	C:\Windows\Sysnative\provengine.dll
2015-12-22 15:39:20	7014B74B0F62698EC891A19A781689D5	337840	----a-w-	C:\Windows\Sysnative\MFPlay.dll
2015-12-22 15:39:20	69E727F94BEA64E66C284F3C482F33E6	1035776	----a-w-	C:\Windows\Sysnative\XboxNetApiSvc.dll
2015-12-22 15:39:20	39E07EE74F50C39C1EB315152F03199C	607232	----a-w-	C:\Windows\Sysnative\wcmsvc.dll
2015-12-22 15:39:20	2AE2C153D33AB0D2B89E0920EC2ACF69	498448	----a-w-	C:\Windows\Sysnative\MFCaptureEngine.dll
2015-12-22 15:39:19	32D57C79EA65D0D6A923BF1C26A0EC0A	558080	----a-w-	C:\Windows\Sysnative\MBMediaManager.dll
2015-12-22 15:39:18	A2A0FD3DA492A903E6AEC6C2B946F26F	245848	----a-w-	C:\Windows\Sysnative\mfps.dll
2015-12-22 15:39:18	63A71E0B8BEF5FC3A5C9669B5C771A1C	286208	----a-w-	C:\Windows\Sysnative\provhandlers.dll
2015-12-22 15:39:18	6100515B0A4A9DE9EB83E632F873D1F7	323072	----a-w-	C:\Windows\Sysnative\MSFlacDecoder.dll
2015-12-22 15:39:18	57C2033773055CEE5963EBCB999337F8	210432	----a-w-	C:\Windows\Sysnative\wcmcsp.dll
2015-12-22 15:39:18	0A9C90159378EAF0F45AF2275156EF0D	264544	----a-w-	C:\Windows\Sysnative\ContentDeliveryManager.Utilities.dll
2015-12-22 15:39:17	3B36AFC1B127B13A82752A3F02CE9D8C	543232	----a-w-	C:\Windows\Sysnative\StoreAgent.dll
2015-12-22 15:39:17	2B91178DE30EF92DD383486485B0C97D	523776	----a-w-	C:\Windows\Sysnative\catsrvut.dll
2015-12-22 15:39:16	BFFC187B1FFA022F59D652A6A4CA130F	199168	----a-w-	C:\Windows\Sysnative\InstallAgent.exe
2015-12-22 15:39:16	95B9A9F4D41A54FD421CF6F7323B87FF	126464	----a-w-	C:\Windows\Sysnative\dialserver.dll
2015-12-22 15:39:16	6D0F04544716C90220B58008B4422B97	459776	----a-w-	C:\Windows\Sysnative\MapConfiguration.dll
2015-12-22 15:39:16	38F068BA3D5CE3C53A025E1F9381CC54	115040	----a-w-	C:\Windows\Sysnative\NetSetupApi.dll
2015-12-22 15:39:15	D6B9D1A83BDDF6912309A9C7C4024E10	133120	----a-w-	C:\Windows\Sysnative\flvprophandler.dll
2015-12-22 15:39:15	D1BB4122E41E04E2D8D57702396AE031	412512	----a-w-	C:\Windows\Sysnative\wifitask.exe
2015-12-22 15:39:15	8F53FEB251B01D2582931B8AC642C28A	387072	----a-w-	C:\Windows\Sysnative\qdvd.dll
2015-12-22 15:39:15	14CE7BCE9C6A442BD4B93AB3CB8765BF	375296	----a-w-	C:\Windows\Sysnative\MDEServer.exe
2015-12-22 15:39:14	FDB262D0B2C0790385B894AA4B2C0A6C	182784	----a-w-	C:\Windows\Sysnative\shutdownux.dll
2015-12-22 15:39:14	B1305CDD98D5FC49863279D4B51DB510	618496	----a-w-	C:\Windows\Sysnative\StorSvc.dll
2015-12-22 15:39:14	7A9FF15EF71DAC09420C4997D3FA7E48	850432	----a-w-	C:\Windows\Sysnative\MapsStore.dll
2015-12-22 15:39:14	55A629331D5EB924A1926C18E5028243	764928	----a-w-	C:\Windows\Sysnative\fveapi.dll
2015-12-22 15:39:14	54051585F9E1A644C3ED024B639C0E32	231936	----a-w-	C:\Windows\Sysnative\KnobsCore.dll
2015-12-22 15:39:14	1C671129864880F66678D3B80316074E	56320	----a-w-	C:\Windows\Sysnative\provtool.exe
2015-12-22 15:39:14	156963089DF9C18AF330E08BFE41884D	165376	----a-w-	C:\Windows\Sysnative\provdatastore.dll
2015-12-22 15:39:14	01C759FD50DFD46E30CC56B2B672B1A7	203776	----a-w-	C:\Windows\Sysnative\NetSetupSvc.dll
2015-12-22 15:39:13	E853D5823793FE6E5FB0351F256DC1F2	223232	----a-w-	C:\Windows\Sysnative\fveapibase.dll
2015-12-22 15:39:13	A0C330AAF06A36A13171A28FE4B582A2	92160	----a-w-	C:\Windows\Sysnative\policymanagerprecheck.dll
2015-12-22 15:39:13	88B38A7435DFA9B7E8F94F5D5FE999D2	66560	----a-w-	C:\Windows\Sysnative\moshost.dll
2015-12-22 15:39:13	67C1D042FA62E2294973FD0CD1F1BC36	192000	----a-w-	C:\Windows\Sysnative\provisioningcsp.dll
2015-12-22 15:39:13	25DA92A03FFF1A620A950ED6209CDC8F	77312	----a-w-	C:\Windows\Sysnative\ProvPluginEng.dll
2015-12-22 15:39:13	0053C878CDBA8F8D55339547EC2E99E8	269824	----a-w-	C:\Windows\Sysnative\moshostcore.dll
2015-12-22 15:39:12	EFA47480BEB0968E3A18479593B2E60C	18944	----a-w-	C:\Windows\Sysnative\wshrm.dll
2015-12-22 15:39:12	735C408ADE2017B8D2F6A8D2C2DB7016	7979008	----a-w-	C:\Windows\Sysnative\mos.dll
2015-12-22 15:39:12	5B7B6AF7E94E972DCE4BF892ABD466B6	115200	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-12-22 15:39:11	7950D23F5542F6F8A9D41F046C01067F	2756096	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-12-22 15:39:10	C6F9333F6C5F326B075CBC062E33793D	7680	----a-w-	C:\Windows\Sysnative\readingviewresources.dll
2015-12-22 15:39:10	9E55D606C3CE9A37FB2FE5A419AE9CE6	30208	----a-w-	C:\Windows\Sysnative\StorageUsage.dll
2015-12-22 15:39:10	9AEEB769F72EF13134BC21BA1465CCE3	134656	----a-w-	C:\Windows\Sysnative\wificonnapi.dll
2015-12-22 15:39:10	8C86CB7C7725B196773451DE66602199	75776	----a-w-	C:\Windows\Sysnative\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-22 15:39:10	1CC123FE215B7FFBA4B7889FD13B32D5	36864	----a-w-	C:\Windows\Sysnative\BackgroundTransferHost.exe
2015-12-22 15:28:25	6FB144600FAE112D455DC5792091B42A	301728	------w-	C:\Windows\Sysnative\MpSigStub.exe
2015-12-22 10:04:10	90BB0FDC95B7C5FA87B54C0E9CB45845	82432	----a-w-	C:\Windows\Sysnative\OpenCL.DLL
2015-12-22 10:04:01	5C5A797761421CF9B72087F3BC8A5259	180	----a-w-	C:\Windows\Sysnative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-22 10:04:01	1373F6562D5E4C715D5D3583E350093E	200	----a-w-	C:\Windows\Sysnative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-12-22 10:00:10	66EE5B17C141FB6053BA4FC9B7C0B5B6	217368	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
2015-12-22 09:59:08	79422D76818752C6D935A97C8FFC4EEA	44147	----a-w-	C:\Windows\Sysnative\license.rtf
2015-12-22 09:55:46	FAC1E762CB49992381691B00D2069B3E	1063424	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2015-12-22 09:55:46	F5DC166DC9D533651B83B83CD70FD14C	88392	----a-w-	C:\Windows\Sysnative\remoteaudioendpoint.dll
2015-12-22 09:55:46	EF94C4BB5DDCEB9F0A092122582CF4E5	516544	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2015-12-22 09:55:46	BBEC134DA91F61E6D91CDB47D8724E86	382464	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-12-22 09:55:46	BB2DD53E90A958FDB1254839F30329D5	803840	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-12-22 09:55:46	B9A74283BD46350F2A32962C1B16225A	369912	----a-w-	C:\Windows\Sysnative\audiodg.exe
2015-12-22 09:55:46	B83CCF1BEECF4BCDE71FC431BAB9A790	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-12-22 09:55:46	89E74EC4422905377D45D58FD2832D02	408128	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2015-12-22 09:55:46	890BF20BDF500E4E84720EA84448EDDF	275456	----a-w-	C:\Windows\Sysnative\AudioEndpointBuilder.dll
2015-12-22 09:55:46	81785D31BEB7C741BB23BE0CB98E691F	536768	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2015-12-22 09:55:46	5F8178A9C45D9C69819C63AFC5988C33	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-12-22 09:55:46	4EB351CB5A23E0F7AB2B7137374EFB85	870400	----a-w-	C:\Windows\Sysnative\wpncore.dll
2015-12-22 09:55:46	4A657E5F9D4BE53028B643889E786296	2126848	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-12-22 09:55:46	36208F250EE9B93B87AD6384237373A9	110032	----a-w-	C:\Windows\Sysnative\EncDump.dll
2015-12-22 09:55:46	2D1682BEC4615A154079383E25BB0DF2	220672	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-12-22 09:55:46	04EDF539ED97A3BFBD7464CED7ADBB7A	783360	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-12-22 09:55:44	FCB7D0215CA010400777A2144432FBDC	630632	----a-w-	C:\Windows\Sysnative\fontdrvhost.exe
2015-12-22 09:55:44	DA81241A3493CD3B7EEF3AFD6BBE38B6	92352	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-12-22 09:55:44	B8F17AB618578B9024D949DE8308B95A	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-12-22 09:55:44	9BF34692BC6933BAB7627EC173EB1E8A	45568	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-12-22 09:55:44	95AF774B7D20C3006DC0AC9AEDF48655	674816	----a-w-	C:\Windows\Sysnative\Windows.UI.dll
2015-12-22 09:55:44	877512145CB9B3F6EBD5424DE15C14F8	365568	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-12-22 09:55:44	6D64E74EF63AD36912C89EA80449A299	118272	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-12-22 09:55:44	6ABAC83AD594B0390C470F9C1C017382	3072	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-12-22 09:55:44	44699ED0B4D39D109D1BAEEF0DB66A9E	22572632	----a-w-	C:\Windows\Sysnative\shell32.dll
2015-12-22 09:55:44	445E792DB399A2DA611B1F3C9DC6070D	11545088	----a-w-	C:\Windows\Sysnative\twinui.dll
2015-12-22 09:55:44	233BA5B1A277D0A42E432E9A9F43EF7A	37376	----a-w-	C:\Windows\Sysnative\LaunchWinApp.exe
2015-12-22 09:55:43	FE808DE33D79F2ACB8757EE544615626	414720	----a-w-	C:\Windows\Sysnative\bcastdvr.exe
2015-12-22 09:55:43	FBEFDA259F6254B6590956753421D387	89600	----a-w-	C:\Windows\Sysnative\NFCProvisioningPlugin.dll
2015-12-22 09:55:43	F7AE2EB8D2FA095AD9DED30CCE10BC13	957440	----a-w-	C:\Windows\Sysnative\SRH.dll
2015-12-22 09:55:43	F40D409308162E071561049ACADF753C	80600	----a-w-	C:\Windows\Sysnative\wwapi.dll
2015-12-22 09:55:43	EACD8F5C17AC39E43E1FCD85674F4B0D	1713664	----a-w-	C:\Windows\Sysnative\SRHInproc.dll
2015-12-22 09:55:43	E8C7F673B75210D3F35142361923C945	157184	----a-w-	C:\Windows\Sysnative\dmcertinst.exe
2015-12-22 09:55:43	E104F46B2E0C4F760382CF95E248E0AD	43520	----a-w-	C:\Windows\Sysnative\bcastdvr.proxy.dll
2015-12-22 09:55:43	DD723E3E44BBD7A1B94D8914B7E72549	623616	----a-w-	C:\Windows\Sysnative\PhoneProviders.dll
2015-12-22 09:55:43	D7ED1ADDC1D19A9D6A1C583A938F4AF4	465920	----a-w-	C:\Windows\Sysnative\wwanconn.dll
2015-12-22 09:55:43	D33E93BE685C6B9C72E063EA41F9BAEF	538632	----a-w-	C:\Windows\Sysnative\WWanAPI.dll
2015-12-22 09:55:43	D0E812616609B1E6E3317FF46B9177C8	44032	----a-w-	C:\Windows\Sysnative\wsplib.dll
2015-12-22 09:55:43	CA902510DAF327CCFA59BCBFC00B3BAE	912384	----a-w-	C:\Windows\Sysnative\usermgr.dll
2015-12-22 09:55:43	B46D8BBF27B186B0AE7C57C88A1A6D93	6572032	----a-w-	C:\Windows\Sysnative\wwanmm.dll
2015-12-22 09:55:43	AB4C1A9F37C0B8467AC923ED4AD727D6	2647552	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-12-22 09:55:43	A6E666BC673DD38C3ECDB53FD83138E7	3993600	----a-w-	C:\Windows\Sysnative\SettingsHandlers_nt.dll
2015-12-22 09:55:43	9FCC3D4817CCA5BCEF1FB4B14E523EBC	78336	----a-w-	C:\Windows\Sysnative\BarcodeProvisioningPlugin.dll
2015-12-22 09:55:43	9976E10E1FC313755C9F8632F96072F7	52224	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-12-22 09:55:43	8A0BAD6F9EEFB0FCD1629F6366394380	1814528	----a-w-	C:\Windows\Sysnative\pnidui.dll
2015-12-22 09:55:43	8938F957903BBA18ED242AE4DBF419FD	73728	----a-w-	C:\Windows\Sysnative\wwancfg.dll
2015-12-22 09:55:43	87A8DD15B7DEAC51916358250E5BC7C5	122368	----a-w-	C:\Windows\Sysnative\KnobsCsp.dll
2015-12-22 09:55:43	83365A5A2632275C7B005B7A4995DCE1	416768	----a-w-	C:\Windows\Sysnative\dmenrollengine.dll
2015-12-22 09:55:43	7CDB2034A13C7009CFF479C170E21C90	55808	----a-w-	C:\Windows\Sysnative\rilproxy.dll
2015-12-22 09:55:43	7B106C453D6EF1A32F8669AD503E21BB	517632	----a-w-	C:\Windows\Sysnative\winspool.drv
2015-12-22 09:55:43	781EFD88C2BD9A95CA6961E16AFF7332	168960	----a-w-	C:\Windows\Sysnative\mdmmigrator.dll
2015-12-22 09:55:43	71B94A84934AA3DA61378C4121523FEA	86528	----a-w-	C:\Windows\Sysnative\AppCapture.dll
2015-12-22 09:55:43	716E299C1058C9F2030F31BC7270A210	52224	----a-w-	C:\Windows\Sysnative\Wwanpref.dll
2015-12-22 09:55:43	6F5EB489BC3368DC11CF3AA605D943BB	638464	----a-w-	C:\Windows\Sysnative\enterprisecsps.dll
2015-12-22 09:55:43	6D7BC576DEC9750D5F8AED361E687384	704000	----a-w-	C:\Windows\Sysnative\CellularAPI.dll
2015-12-22 09:55:43	6D04648D2E3F42A295B6D080A948E9BA	163328	----a-w-	C:\Windows\Sysnative\provops.dll
2015-12-22 09:55:43	65267BF5DDCC86AB6DE29AFF488497AA	248832	----a-w-	C:\Windows\Sysnative\UserMgrProxy.dll
2015-12-22 09:55:43	623DAEC255FDCF586F161CF6BF788627	795840	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-12-22 09:55:43	559E4E19F481FBB9AF622E23772533CC	52736	----a-w-	C:\Windows\Sysnative\RemovableMediaProvisioningPlugin.dll
2015-12-22 09:55:43	4C1138686002741A423AF26AC247490D	7476576	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-12-22 09:55:43	46BF56CC45F3EBE9DCF04EA702F79FF7	64000	----a-w-	C:\Windows\Sysnative\ihvrilproxy.dll
2015-12-22 09:55:43	447413C46C687CF730051DD8B4EA12F6	75264	----a-w-	C:\Windows\Sysnative\wwanprotdim.dll
2015-12-22 09:55:43	3690FAA19C6D3C68C033D0E5CB3BDB03	28160	----a-w-	C:\Windows\Sysnative\Windows.Management.Provisioning.ProxyStub.dll
2015-12-22 09:55:43	334A9D347CC52E7581DC21FA7CDBB261	515584	----a-w-	C:\Windows\Sysnative\LogonController.dll
2015-12-22 09:55:43	301A917544D10E9F28A946BA0E84C407	160768	----a-w-	C:\Windows\Sysnative\enrollmentapi.dll
2015-12-22 09:55:43	2DA8708EB1FCB83375A450D401A1ED09	74240	----a-w-	C:\Windows\Sysnative\mssign32.dll
2015-12-22 09:55:43	2D7E3C2913AAE063774795E6790BCC48	1212928	----a-w-	C:\Windows\Sysnative\wwansvc.dll
2015-12-22 09:55:43	2AB2C72D88CE2BC73E6F708D0B1A9657	440160	----a-w-	C:\Windows\Sysnative\services.exe
2015-12-22 09:55:43	28B52034DB907EA14BF8DFB399BC1A94	1734656	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-12-22 09:55:43	24206CBE7165E296D598FF98590C4D59	69632	----a-w-	C:\Windows\Sysnative\wininetlui.dll
2015-12-22 09:55:43	1083375C70D529AA1C8224E13D9E6F40	334736	----a-w-	C:\Windows\Sysnative\policymanager.dll
2015-12-22 09:55:42	F5AF729AD65041D74FED75E02DA4A4DC	138240	----a-w-	C:\Windows\Sysnative\ETWCoreUIComponentsResources.dll
2015-12-22 09:55:42	F0B772D90082371CE0DDE4286EF0AE16	7199232	----a-w-	C:\Windows\Sysnative\BingMaps.dll
2015-12-22 09:55:42	EBDDBFCAA0E8BF346F5DC13BC364B39E	110592	----a-w-	C:\Windows\Sysnative\Microsoft-Windows-MapControls.dll
2015-12-22 09:55:42	E0FBBE85A7DC215F97F7B81236CE2674	60928	----a-w-	C:\Windows\Sysnative\XblAuthTokenBrokerExt.dll
2015-12-22 09:55:42	DC59D9253F50A2D329945CBDBE3B8B7A	32256	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-12-22 09:55:42	D0C4A5B386F585B2BE7620D3CEFD7CE8	119808	----a-w-	C:\Windows\Sysnative\MapsBtSvc.dll
2015-12-22 09:55:42	C46FC25D2742C6426F6581A4C59331D9	35656	----a-w-	C:\Windows\Sysnative\mfpmp.exe
2015-12-22 09:55:42	C2D78B6667E0341802C4F38E9C02F93D	2280448	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-12-22 09:55:42	BF1A001A4EBD005CB412E322F20DB0D7	75264	----a-w-	C:\Windows\Sysnative\EditBufferTestHook.dll
2015-12-22 09:55:42	BA45A9F29AB13A0E66BAABF9D7C30B70	523616	----a-w-	C:\Windows\Sysnative\wimserv.exe
2015-12-22 09:55:42	B7D367ABFC188C1AC27C6C961694B5B4	1056256	----a-w-	C:\Windows\Sysnative\JpMapControl.dll
2015-12-22 09:55:42	ABC346A1CD915DEE6231BB4A7F0B96EC	204800	----a-w-	C:\Windows\Sysnative\Microsoft-Windows-AppModelExecEvents.dll
2015-12-22 09:55:42	A74C62AE99A015CD6275F0D8D8843886	342016	----a-w-	C:\Windows\Sysnative\SensorService.dll
2015-12-22 09:55:42	9F171CF4EDEB38DB4CA906ABD535DC44	13312	----a-w-	C:\Windows\Sysnative\MapsBtSvcProxy.dll
2015-12-22 09:55:42	9C6D0A1464410A25389C9D004DE48D36	175616	----a-w-	C:\Windows\Sysnative\Windows.UI.Core.TextInput.dll
2015-12-22 09:55:42	9920C9AD4528A4396D19BC03AA2D0882	58408	----a-w-	C:\Windows\Sysnative\SensorsNativeApi.dll
2015-12-22 09:55:42	960E3DB158FC9D262EE33D928AEDA3F5	320000	----a-w-	C:\Windows\Sysnative\cryptngc.dll
2015-12-22 09:55:42	8C8161E40F42E437161972E8866025D5	3355136	----a-w-	C:\Windows\Sysnative\msftedit.dll
2015-12-22 09:55:42	8BACF65C95DA69173FA80F644502F9BC	26408	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-12-22 09:55:42	8AA095B5A4826840B348D0A94969CE1A	1268736	----a-w-	C:\Windows\Sysnative\Windows.UI.Xaml.Resources.dll
2015-12-22 09:55:42	8AA095B5A4826840B348D0A94969CE1A	1268736	----a-w-	C:\Windows\Sysnative\Windows.UI.Xaml.Resources(27).dll
2015-12-22 09:55:42	87E291D9CC3ECE9AA56ABFD8063C4050	1223168	----a-w-	C:\Windows\Sysnative\Unistore.dll
2015-12-22 09:55:42	85031015C1F1B9A7DAA002DAAEE341AA	2444288	----a-w-	C:\Windows\Sysnative\twinui.appcore.dll
2015-12-22 09:55:42	849275D7BF36660743973B8E28542E45	51680	----a-w-	C:\Windows\Sysnative\SensorsUtilsV2.dll
2015-12-22 09:55:42	8456D2DBEAC8F06712FE8AC2AB5A1AE2	969728	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-12-22 09:55:42	839F7EC52C8E6888C4E9120E68652438	589312	----a-w-	C:\Windows\Sysnative\MbaeApi.dll
2015-12-22 09:55:42	836DC2848B800FC890E8FCF96F5E639B	458752	----a-w-	C:\Windows\Sysnative\PlayToDevice.dll
2015-12-22 09:55:42	8109C3D1CFDC7AE78605D8F3EA4EAA20	586208	----a-w-	C:\Windows\Sysnative\mf.dll
2015-12-22 09:55:42	80EEB2E91EE933EFB1384D9866BD997F	64000	----a-w-	C:\Windows\Sysnative\MosHostClient.dll
2015-12-22 09:55:42	80BF2990E01E774D64F6E13F30661942	162304	----a-w-	C:\Windows\Sysnative\tetheringservice.dll
2015-12-22 09:55:42	7DC5115A32BA087DCED8CF76352A79DC	108544	----a-w-	C:\Windows\Sysnative\InputLocaleManager.dll
2015-12-22 09:55:42	79EE5C9F9DF073C315D035A1785B502F	3072	----a-w-	C:\Windows\Sysnative\MapControlStringsRes.dll
2015-12-22 09:55:42	79BD0E63A9E54ED8AFFD19F43B5B83F2	264192	----a-w-	C:\Windows\Sysnative\NmaDirect.dll
2015-12-22 09:55:42	7538F05A7C07DB69F6E82B67CAA67286	92160	----a-w-	C:\Windows\Sysnative\SensorsNativeApi.V2.dll
2015-12-22 09:55:42	7443938BC4B8DCE1D8E6C51BC3F9DBFE	948224	----a-w-	C:\Windows\Sysnative\XblAuthManager.dll
2015-12-22 09:55:42	6D7B4647F5FB25CE88E2555A9DFF1D2E	70656	----a-w-	C:\Windows\Sysnative\XblAuthManagerProxy.dll
2015-12-22 09:55:42	66312F4AFEFB1AE0B80051F8A5E5B26B	698208	----a-w-	C:\Windows\Sysnative\wimgapi.dll
2015-12-22 09:55:42	589A33EE394273A4F1338EBF705A1CEF	1387008	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-12-22 09:55:42	5358F9A3A5C55ED1395BBFFCFA65F551	28672	----a-w-	C:\Windows\Sysnative\mapsupdatetask.dll
2015-12-22 09:55:42	4E5B496EBD95AEE005F54EA49EECAAC6	72704	----a-w-	C:\Windows\Sysnative\MosStorage.dll
2015-12-22 09:55:42	4B4970CB5FF1D25B444F95A18ED8AF22	114688	----a-w-	C:\Windows\Sysnative\offlinelsa.dll
2015-12-22 09:55:42	4AAD96366A51B26F50113A6393CB5587	42496	----a-w-	C:\Windows\Sysnative\mapstoasttask.dll
2015-12-22 09:55:42	46668562A5BDD2D2F383CAD6D35DCB15	89088	----a-w-	C:\Windows\Sysnative\MapsCSP.dll
2015-12-22 09:55:42	43B6BF7F95CF7D60599740EF2BF0DDD8	938496	----a-w-	C:\Windows\Sysnative\MapControlCore.dll
2015-12-22 09:55:42	3DF7BD7E0E0CFCF8D8856B639FD46C3C	30720	----a-w-	C:\Windows\Sysnative\tetheringconfigsp.dll
2015-12-22 09:55:42	3C9066503DE3E45CB98C8584DE19C186	28160	----a-w-	C:\Windows\Sysnative\nativemap.dll
2015-12-22 09:55:42	3A1FCBE9103770CF17F81EBD9809FE1B	697856	----a-w-	C:\Windows\Sysnative\PlayToManager.dll
2015-12-22 09:55:42	35F9920E5B9757E2047C024063C9A279	988160	----a-w-	C:\Windows\Sysnative\NMAA.dll
2015-12-22 09:55:42	340B841A05087B581B3F321853996960	2624512	----a-w-	C:\Windows\Sysnative\InputService.dll
2015-12-22 09:55:42	33F4AE1E913D7F865D0CFA716BDC9032	10240	----a-w-	C:\Windows\Sysnative\Microsoft-Windows-MosTrace.dll
2015-12-22 09:55:42	294BD6D65CE93F7B709DBB38F96759DA	2653816	----a-w-	C:\Windows\Sysnative\CoreUIComponents.dll
2015-12-22 09:55:42	25C9F417FA6FE9073392BD34630A89B4	17408	----a-w-	C:\Windows\Sysnative\IcsEntitlementHost.exe
2015-12-22 09:55:42	25086E02B6C3F34BC4646C134C3E1769	1042432	----a-w-	C:\Windows\Sysnative\BingOnlineServices.dll
2015-12-22 09:55:42	23B32FD7B58007D0407B8A4191AB76BB	28672	----a-w-	C:\Windows\Sysnative\WordBreakers.dll
2015-12-22 09:55:42	2031A1DA09AFF8A8BADFFF73511AF306	58368	----a-w-	C:\Windows\Sysnative\MosResource.dll
2015-12-22 09:55:42	1A9A77ACDAC29C39F50D2A492FD0DB16	87040	----a-w-	C:\Windows\Sysnative\tzautoupdate.dll
2015-12-22 09:55:42	183B210A411E23AC9C5374AEE5645312	36352	----a-w-	C:\Windows\Sysnative\UIAutomationCoreRes.dll
2015-12-22 09:55:42	121C4B3ED671715017C8A37A8F816F06	809312	----a-w-	C:\Windows\Sysnative\WWAHost.exe
2015-12-22 09:55:42	10B6962619F3965030395019E352B7B4	870400	----a-w-	C:\Windows\Sysnative\modernexecserver.dll
2015-12-22 09:55:42	10020730E0E51555A58C20D361F233A9	2772584	----a-w-	C:\Windows\Sysnative\d3d11.dll
2015-12-22 09:55:42	0DC4BEB16161362B4E46D117204D8566	2843136	----a-w-	C:\Windows\Sysnative\cdp.dll
2015-12-22 09:55:42	08F0E6B466F44EA24CA1601F3196E43E	9728	----a-w-	C:\Windows\Sysnative\Microsoft-Windows-MosHost.dll
2015-12-22 09:55:42	03EB1EBAB72BB8322C30D070C346EA33	1395200	----a-w-	C:\Windows\Sysnative\UIAutomationCore.dll
2015-12-22 09:55:42	0161DABC5CDB2BE6D0B91BEB5386B47D	52736	----a-w-	C:\Windows\Sysnative\tetheringclient.dll
2015-12-22 09:55:41	AD37B56D53795944240011FF4EEBBD30	911648	----a-w-	C:\Windows\Sysnative\dcomp.dll
2015-12-22 09:55:41	82EDCF9C603F3FA09AAAACA82D34E74E	450560	----a-w-	C:\Windows\Sysnative\Windows.Internal.Bluetooth.dll
2015-12-22 09:55:41	5E7C875662B05B28E899F0C59B549645	286720	----a-w-	C:\Windows\Sysnative\deviceaccess.dll
2015-12-22 09:55:41	48A7AEF3554919C0CBDFECBB25DF1B09	162304	----a-w-	C:\Windows\Sysnative\DeviceCensus.exe
2015-12-22 09:53:58	DE404CDDEE67437E939DA5A1EAC1CD44	1909760	----a-w-	C:\Windows\Sysnative\MLS2.dll
2015-12-22 09:53:58	8E43FE989396939C9C7B0D90CFB81C00	174592	----a-w-	C:\Windows\Sysnative\NlsData0024.dll
2015-12-22 09:53:58	5D97C471955F353A85F18F4E99A208A4	7965696	----a-w-	C:\Windows\Sysnative\NlsLexicons0024.dll
2015-12-22 09:50:51	E91942A0D00C6AA014B2EA33EE0ED0A3	35480	----a-w-	C:\Windows\Sysnative\TsWpfWrp.exe
2015-12-22 09:50:51	E2296A6174894682DF8F0FF29FDDCC82	1166520	----a-w-	C:\Windows\Sysnative\PresentationNative_v0300.dll
2015-12-22 09:50:51	C5FEF4B4A7FB961ECDB0AB07DBCF379E	124624	----a-w-	C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll
====== C:\Windows\Sysnative\drivers =====
2015-12-22 15:39:36	EFEFC245B884B1BE0401931398DCD707	2152800	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
2015-12-22 15:39:20	DBBACE77DDE8CCFD85B37B114965C385	147968	----a-w-	C:\Windows\Sysnative\drivers\rmcast.sys
2015-12-22 10:04:48	63070E80CEFC2A3D4110EEFE39FEE190	6786	----a-w-	C:\Windows\Sysnative\drivers\rtwavesEFX.dat
2015-12-22 10:04:48	2BCDBF9CED1585AC3EA1028C638F67C4	2626	----a-w-	C:\Windows\Sysnative\drivers\rtwavesMFX.dat
2015-12-22 10:04:44	E863B3174FBE592556281AB617817423	319042	----a-w-	C:\Windows\Sysnative\drivers\RTWAVES40.dat
2015-12-22 10:04:20	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_DptfDevDram_01011.Wdf
2015-12-22 10:04:19	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_DptfDevPch_01011.Wdf
2015-12-22 10:04:18	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_DptfDevProc_01011.Wdf
2015-12-22 10:04:14	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-22 10:02:45	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_DptfManager_01011.Wdf
2015-12-22 09:55:46	91D3F2A6253EF83EFBD7903028F58C4D	118624	----a-w-	C:\Windows\Sysnative\drivers\tdx.sys
2015-12-22 09:55:46	70148EFA9A562E7185B75BBE7D376BF7	578912	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2015-12-22 09:55:42	EF536C54AB9281FDC4E83B07279FCFC4	35680	----a-w-	C:\Windows\Sysnative\drivers\wimmount.sys
2015-12-22 09:55:42	80977779A19947939D680A4899E829EC	604928	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
2015-12-22 09:55:42	7D8B9214692C4D0F1646215D9984E19A	161632	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-12-22 09:55:41	DE6D7DC78D956928F59F7415A0F41E13	95072	----a-w-	C:\Windows\Sysnative\drivers\sdstor.sys
2015-12-22 09:55:41	C24C27FDF93B85A4EFCF25F830253AA2	117248	----a-w-	C:\Windows\Sysnative\drivers\capimg.sys
====== C:\Windows\Tasks ======
2015-12-19 18:14:41	--------	d-----w-	C:\Windows\Sysnative\Tasks\Cinnamon
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-01-01 11:23:14	--------	d-----w-	C:\Program Files\trend micro
2015-12-22 10:04:26	--------	d-----w-	C:\Program Files\Realtek
2015-12-22 10:04:22	--------	d--h--w-	C:\Program Files\Uninstall Information
2015-12-22 10:03:23	--------	d-----w-	C:\Program Files\Intel
2015-12-22 09:51:29	--------	d-----w-	C:\Program Files\Reference Assemblies
2015-12-22 09:51:29	--------	d-----w-	C:\Program Files\MSBuild
2015-12-10 18:04:38	--------	d-----w-	C:\Program Files\Common Files\AVG Secure Search
======= C:\PROGRA~2 =====
2015-12-22 10:04:55	--------	d-----w-	C:\PROGRA~2\Realtek
2015-12-22 10:04:32	--------	d-----w-	C:\PROGRA~2\ASUS
2015-12-22 10:03:09	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel
2015-12-22 09:51:30	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2015-12-22 09:51:30	--------	d-----w-	C:\PROGRA~2\MSBuild
2015-12-20 18:02:58	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2015-12-05 18:44:18	--------	d-----w-	C:\PROGRA~2\7 Gates - The Path to Zamolzes
======= C: =====
====== C:\Users\Marina\AppData\Roaming ======
2016-01-01 08:13:51	--------	d-----w-	C:\Users\TEMP.MARINAD\AppData\Local\TileDataLayer
2016-01-01 08:13:32	--------	d-----w-	C:\Users\TEMP.MARINAD\AppData\Local
2015-12-23 12:57:02	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\DataSharing
2015-12-22 10:29:16	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages
2015-12-22 10:19:29	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog
2015-12-22 10:19:10	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg
2015-12-22 10:18:07	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg
2015-12-22 10:07:53	--------	d-s---r-	C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-12-22 10:07:53	--------	d-----w-	C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-12-22 10:07:53	--------	d-----w-	C:\Users\Marina\AppData\Roaming
2015-12-22 10:07:53	--------	d-----w-	C:\Users\Marina\AppData\Local\Temp
2015-12-22 10:07:53	--------	d-----w-	C:\Users\Marina\AppData\Local\Microsoft
2015-12-22 10:07:53	--------	d-----w-	C:\Users\Marina\AppData\Local
2015-12-22 10:07:53	--------	d-----r-	C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-12-22 10:07:53	--------	d-----r-	C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-12-22 10:07:53	--------	d-----r-	C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-12-22 10:07:53	--------	d-----r-	C:\Users\Marina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-12-22 10:04:24	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2015-12-22 10:00:54	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache
2015-12-22 10:00:29	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-12-22 10:00:22	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Roaming
2015-12-22 10:00:22	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-12-22 10:00:22	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft
2015-12-22 10:00:22	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local
2015-12-22 09:53:16	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft
2015-12-22 09:53:16	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming
====== C:\Users\Marina ======
2016-01-01 11:22:21	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Marina\Desktop\RSITx64.exe
2016-01-01 09:27:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-01-01 09:17:18	--------	d-----w-	C:\ProgramData\Logs
2016-01-01 08:13:32	--------	d--h--w-	C:\Users\TEMP.MARINAD\AppData
2015-12-31 19:26:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2015-12-26 08:13:19	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Demon Hunter
2015-12-22 10:55:31	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Marina\ntuser.ini
2015-12-22 10:07:53	--------	d--h--w-	C:\Users\Marina\AppData
2015-12-22 10:04:45	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\ProgramData\DP45977C.lfl
2015-12-22 10:04:21	--------	d-----w-	C:\ProgramData\SetupTPDriver
2015-12-22 10:01:00	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\winhttp
2015-12-22 10:00:29	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\Saved Games
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Videos
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Pictures
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Music
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Links
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Favorites
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Downloads
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Documents
2015-12-22 10:00:29	--------	d-----r-	C:\Windows\serviceprofiles\Localservice\Desktop
2015-12-22 10:00:23	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\Saved Games
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Videos
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Pictures
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Music
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Links
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Favorites
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Downloads
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Documents
2015-12-22 10:00:23	--------	d-----r-	C:\Windows\serviceprofiles\networkservice\Desktop
2015-12-22 10:00:22	--------	d--h--w-	C:\Windows\serviceprofiles\networkservice\AppData
2015-12-20 18:02:10	FCFD17D962EC1DDCD7CB388DA69DD0FD	249568	----a-w-	C:\Users\Marina\Downloads\Firefox Setup Stub 43.0.1.exe
2015-12-19 18:14:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinnamon Software
2015-12-19 18:14:03	0B19B6BC3A07F6675B1DFC1949276A47	2364520	----a-w-	C:\Users\Marina\Downloads\AlarmClockSetup.exe
2015-12-19 17:24:17	86D35246E86DB560391EFF613A8C3EE5	2364520	----a-w-	C:\Users\Marina\Downloads\DesktopClockSetup (1).exe
2015-12-19 17:11:39	86D35246E86DB560391EFF613A8C3EE5	2364520	----a-w-	C:\Users\Marina\Downloads\DesktopClockSetup.exe

====== C: exe-files ==
2016-01-01 11:23:14	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Marina.exe
2016-01-01 09:24:56	F3EF4F73D33DE2DB7DE63D1F385D8830	3141544	----a-w-	C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
2016-01-01 09:24:56	B1B196EAD3B14E6E1C508DEF1A65CED3	797096	----a-w-	C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe
2016-01-01 09:20:48	E28E1F14CA20BC1493F042910382AE16	120	----a-w-	C:\$Recycle.Bin\S-1-5-21-192893622-2068937732-1280758114-1001\$IZW3SCS.exe
2016-01-01 09:16:25	88D9D64E3E52D5256913F778C6E75134	130	----a-w-	C:\$Recycle.Bin\S-1-5-21-192893622-2068937732-1280758114-1001\$IHYUQ3T.exe
2016-01-01 09:13:06	7317CD4FC601C62774B484CE7427C198	5444000	----a-w-	C:\$Recycle.Bin\S-1-5-21-192893622-2068937732-1280758114-1001\$RZW3SCS.exe
2016-01-01 09:00:50	3F6E581DEA165C768336FBECDF9B10CE	3901768	----a-w-	C:\$Recycle.Bin\S-1-5-21-192893622-2068937732-1280758114-1001\$RHYUQ3T.exe
2015-12-28 11:51:10	D2876ECB72B629E461DF9B6D4B5FA0AF	15268552	----a-w-	C:\Users\Marina\AppData\Local\Microsoft\Windows\INetCache\IE\J4IWB2UG\gup5setup[1].exe
2015-12-27 08:11:55	DED6FBCE672BB965CDF422D1135AC954	1196233	----a-w-	C:\Program Files (x86)\Playrix Entertainment\Living Legends Frozen Beauty\unins000.exe
2015-12-27 08:11:55	ADDA824DF2A8EA5F0C8D13D1DB1B819D	6613504	----a-w-	C:\Program Files (x86)\Playrix Entertainment\Living Legends Frozen Beauty\LivingLegends_FrozenBeauty.exe
2015-12-26 10:39:41	4EB3B97E65862B45893C908A416EA0C1	3374592	----a-w-	C:\Users\Marina\AppData\Local\Packages\Microsoft.MicrosoftJigsaw_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Jigsaw\57c4ea4ce3f18513c5b7b19b0fbfa5b0\Jigsaw.ni.exe
=== C: other files ==
2016-01-01 08:32:08	5BEDF856552D9333046FE24CB303F469	989188	----a-w-	C:\Users\Marina\OneDrive\febe Marina\FEBE 2016 01-01 09.32.03\AdblockPlus{2.7}.xpi
2016-01-01 08:32:04	A032B981657A4BA033E9C33E76734BD6	1339796	----a-w-	C:\Users\Marina\OneDrive\febe Marina\FEBE 2016 01-01 09.32.03\FEBE{8.8.1}.xpi
2016-01-01 08:32:04	95EDD50D132BA4487DF3A709419A37FF	121673	----a-w-	C:\Users\Marina\OneDrive\febe Marina\FEBE 2016 01-01 09.32.03\SuperStart{7.4.0.1-signed}.xpi
2015-12-27 08:18:35	6766DBE4A73E11D70DC3634D80EB32F5	150	----a-w-	C:\$Recycle.Bin\S-1-5-21-192893622-2068937732-1280758114-1001\$INDQMBO.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-192893622-2068937732-1280758114-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Blue Jet Button"="C:\Program Files (x86)\Blue Jet Button\bjb.exe"
"GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun"
"POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min"
"OneDrive"="C:\Users\Marina\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"MyPhoneExplorer"="C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe autorun"
"BingSvc"="C:\Users\Marina\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"GoogleChromeAutoLaunch_97B3868208EAEC6153686BA79EFCF192"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Blue Jet Button"="C:\Program Files (x86)\Blue Jet Button\bjb.exe"
"GUDelayStartup"="C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun"
"POP Peeper"="C:\Program Files (x86)\POP Peeper\POPPeeper.exe -min"
"OneDrive"="C:\Users\Marina\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"MyPhoneExplorer"="C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe autorun"
"BingSvc"="C:\Users\Marina\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"GoogleChromeAutoLaunch_97B3868208EAEC6153686BA79EFCF192"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DptfPolicyLpmServiceHelper"="C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe"
"Show missed alarms"=""C:\Program Files\Alarm Clock\Alarm.exe"  -d120000"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [22/12/2015 08:53]
C:\Windows\tasks\GlaryInitialize 5.job --a-------- C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [30/03/2015 07:06]
C:\Windows\tasks\GlaryOneClickOptimizer 5.job --a-------- C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe [30/03/2015 07:06]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/10/2015 16:11]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AnVir Task Manager" [C:\Program Files (x86)\AnVir Task Manager Free\anvir.exe]
"C:\Windows\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe]
"C:\Windows\SysNative\tasks\ASUS Splendid ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\Windows\SysNative\tasks\ATK Package 36D18D69AFC3" ["C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe"]
"C:\Windows\SysNative\tasks\GlaryInitialize 5" [C:\Program Files (x86)\Glary Utilities 5\Initialize.exe]
"C:\Windows\SysNative\tasks\GlaryOneClickOptimizer 5" [C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GU5SkipUAC" [C:\Program Files (x86)\Glary Utilities 5\Integrator.exe]
"C:\Windows\SysNative\tasks\RegOrganizerQuickLaunch" [C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe]
"C:\Windows\SysNative\tasks\RtHDVBg" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"]
"C:\Windows\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{36A1292A-0DF5-4462-881D-47AD14E84710}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 10 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 11 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 12 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\HET IS 15 UUR" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 16 u" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 17 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 18 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 19 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 2 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 20 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 21 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 22 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is 23 uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het is een uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\het uur" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\patick nee huis" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\Patrick verlof en Marina" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\PILLETJE" ["C:\Program Files\Alarm Clock\Alarm.exe"]
"C:\Windows\SysNative\tasks\Cinnamon\Talking Alarm Clock\Tanden poetsen" ["C:\Program Files\Alarm Clock\Alarm.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"deskCutv2@gmail.com"="C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\gpw1cwh5.default\extensions\deskCutv2@gmail.com" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"MFVersion"="MF39.0 (x86 nl)" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\r0ws2q09.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Marina\AppData\Roaming\Mozilla\Firefox\Profiles\r0ws2q09.default
5DF56521E8985BFD8F21A3D97A4D4574	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll -	Shockwave Flash


==== Chromium Look ======================

Google Slides - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Cast - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd
Videostream for Google Chromecast™ - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
Google Search - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Motitags - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimekcmjahalpgniahhigkfichaihfkp
Chrome Web Store Payments - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
TelevisionFanatic - Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh

==== Chromium Fix ======================

C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_motitags.dl.myway.com_0.localstorage deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_motitags.dl.myway.com_0.localstorage-journal deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_televisionfanatic.dl.myway.com_0.localstorage deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_televisionfanatic.dl.myway.com_0.localstorage-journal deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_motitags.dl.tb.ask.com_0.localstorage deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_motitags.dl.tb.ask.com_0.localstorage-journal deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_televisionfanatic.dl.tb.ask.com_0.localstorage deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_televisionfanatic.dl.tb.ask.com_0.localstorage-journal deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimekcmjahalpgniahhigkfichaihfkp deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jimekcmjahalpgniahhigkfichaihfkp_0.localstorage deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jimekcmjahalpgniahhigkfichaihfkp_0.localstorage-journal deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgplhcfmaadpnkmnkhgadmaekeldbnh deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ppgplhcfmaadpnkmnkhgadmaekeldbnh_0.localstorage deleted successfully
C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ppgplhcfmaadpnkmnkhgadmaekeldbnh_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130957876734223751&GUID=FB8A1988-F9BD-45C1-A7AE-53E60449CE1B"
"Default_Page_URL"="http://www.istartsurf.com/?type=hp&ts=1438266640&z=e68e322a084aca173a50a12gbz8cdb5oaq3q4w0b0o&from=tugs&uid=ST750LM022XHN-M750MBB_S330J9CF712546"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130957876734223751&GUID=FB8A1988-F9BD-45C1-A7AE-53E60449CE1B"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
HKCU\SearchScopes "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
HKCU\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-192893622-2068937732-1280758114-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-192893622-2068937732-1280758114-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-192893622-2068937732-1280758114-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\defsearchp@gmail.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\deskCutv2@gmail.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marina\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Marina\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Marina\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Marina\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Marina\AppData\Local\Mozilla\Firefox\Profiles\r0ws2q09.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Marina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=929 folders=344 1425311898 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Marina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 02/01/2016 at  9:41:42,08 ======================