Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Spirit on zo 20-03-2016 at  9:57:02,63.
Microsoft Windows 10 Pro 10.0.10586  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Spirit\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

20-3-2016 09:59:17 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully
C:\PROGRA~2\Comms deleted successfully
C:\PROGRA~2\SoftwareDistribution deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Spirit\AppData\Local\ActiveSync deleted successfully
C:\Users\Spirit\AppData\Local\EmieSiteList deleted successfully
C:\Users\Spirit\AppData\Local\NetworkTiles deleted successfully
C:\Users\Spirit\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_USERS\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_USERS\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4} deleted successfully
HKEY_USERS\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E66592B-8E7C-4A14-88A5-8BF21032F651} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YahooAUService deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Spirit\AppData\Roaming\Mozilla\Firefox\Profiles\rvtg7qt6.default-1456565733779

user.js not found
---- Lines mindspark removed from prefs.js ----
user_pref("extensions.toolbar.mindspark._9pMembers_.lastActivePing", "1456993223006");
user_pref("extensions.toolbar.mindspark.hp.enabled", false);
user_pref("extensions.toolbar.mindspark.lastInstalled", "onlinemapfinder@mindspark.com");
---- Lines searches removed from prefs.js ----
user_pref("browser.urlbar.suggest.searches", true);
---- FireFox user.js and prefs.js backups ---- 

prefs_20-03-2016_1026_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] 

==== Deleting Files \ Folders ======================

C:\WINDOWS\system32\SleepStudy deleted
C:\PROGRA~2\Yahoo! Companion deleted
C:\Program Files\WinZip Driver Updater deleted
C:\PROGRA~2\Yahoo! deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Spirit\AppData\LocalLow\Yahoo! deleted
C:\Users\Spirit\AppData\LocalLow\Yahoo! Companion deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\User deleted
C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted
C:\WINDOWS\system32\drivers\DrvAgent32.sys deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-03-12 17:10:29	FCBCED2A237DCD7EF86CED551B731742	4064320	----a-w-	C:\WINDOWS\explorer.exe
2016-03-12 08:19:07	09CE1A932DDB8D986992DF6A908D7D49	67584	--s-a-w-	C:\WINDOWS\bootstat.dat
====== C:\Users\Spirit\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2016-03-13 08:05:43	C23A52581FEA6CD49A49160BFA794BF7	6952088	----a-w-	C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2016-03-13 08:05:40	00CE414BA74B576960B559C8C2674106	19339776	----a-w-	C:\WINDOWS\System32\mshtml.dll
2016-03-13 08:05:34	D641F5B6C115C334FD990827979028F3	18677760	----a-w-	C:\WINDOWS\System32\edgehtml.dll
2016-03-13 08:05:26	0C60922D59461C8D1B0A2AA3CF493438	21124344	----a-w-	C:\WINDOWS\System32\shell32.dll
2016-03-13 08:05:24	76B9CA3DF18D9E116051652EB4CD2FF2	9919488	----a-w-	C:\WINDOWS\System32\twinui.dll
2016-03-13 08:05:19	C97B5BEADC79FFC5DAF1C9011CAE796B	5242496	----a-w-	C:\WINDOWS\System32\windows.storage.dll
2016-03-13 08:05:18	780795062541AF34415CCCE4072FBBB8	12586496	----a-w-	C:\WINDOWS\System32\wmp.dll
2016-03-13 08:05:15	7BB6C35792323E4761AC6624E2D42397	12125696	----a-w-	C:\WINDOWS\System32\ieframe.dll
2016-03-13 08:05:13	B32BB2A3CCB0C2035C52141137838C1D	2885680	----a-w-	C:\WINDOWS\System32\WSService.dll
2016-03-13 08:05:12	05B81C404A34101E1DC17C0D9A67EA32	5321728	----a-w-	C:\WINDOWS\System32\Windows.Data.Pdf.dll
2016-03-13 08:05:10	7F0A9630C78E3783680CC9620C4E09C0	6740992	----a-w-	C:\WINDOWS\System32\mstscax.dll
2016-03-13 08:05:09	5394606D3EB8546B73BFB38B4AC90655	5797216	----a-w-	C:\WINDOWS\System32\ntoskrnl.exe
2016-03-13 08:05:05	AA20E6BCDC5A617F4333EE5EEE3CC79E	5661696	----a-w-	C:\WINDOWS\System32\Chakra.dll
2016-03-13 08:05:03	22269B90E92BECDEB3D67EBE1DDB378E	3666432	----a-w-	C:\WINDOWS\System32\jscript9.dll
2016-03-13 08:05:00	44F1D7984F8B7739EF7EF50DEC6B41B9	2229760	----a-w-	C:\WINDOWS\System32\wininet.dll
2016-03-13 08:05:00	2532BDA181C075B1D41B8BA225F119A6	1895936	----a-w-	C:\WINDOWS\System32\wuaueng.dll
2016-03-13 08:04:59	0C39C1CC2ABC5D88D586EA0D86E79EEE	2793472	----a-w-	C:\WINDOWS\System32\Windows.Media.dll
2016-03-13 08:04:58	5D676C1C350EA4976B888804444932CE	2061312	----a-w-	C:\WINDOWS\System32\MFMediaEngine.dll
2016-03-13 08:04:57	B65549A1CDB2C827AD022A3F35994FCF	2180136	----a-w-	C:\WINDOWS\System32\mfcore.dll
2016-03-13 08:04:57	162CB5DE3BAB5A029E658180A2E0673A	2919320	----a-w-	C:\WINDOWS\System32\iertutil.dll
2016-03-13 08:04:56	A58E3DA2B598A042A5CC871C43F0CD9A	2977280	----a-w-	C:\WINDOWS\System32\win32kfull.sys
2016-03-13 08:04:55	C9B1E5A2FE0C7BF75B8B751311331EB4	2604032	----a-w-	C:\WINDOWS\System32\CertEnroll.dll
2016-03-13 08:04:54	CE9B87CDE4D7BCEA229D676720E28C6B	1859960	----a-w-	C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-13 08:04:54	6DFDAD2B0EA3385069276DF547F4CAC8	2186864	----a-w-	C:\WINDOWS\System32\d3d11.dll
2016-03-13 08:04:53	1ECA3CCBC61038D780FC179C9CB5F0CA	1944576	----a-w-	C:\WINDOWS\System32\InputService.dll
2016-03-13 08:04:52	E7CF2A9A2BDAEAAB040630417B139FE9	1887744	----a-w-	C:\WINDOWS\System32\AppXDeploymentServer.dll
2016-03-13 08:04:52	BB75696B474EC03D3109226FD1D7625B	1524224	----a-w-	C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2016-03-13 08:04:51	5A98CF000F5202776E4A58438AB2E070	4412928	----a-w-	C:\WINDOWS\System32\ExplorerFrame.dll
2016-03-13 08:04:51	2BECAD7E55AB723F361254477270ED2F	1707520	----a-w-	C:\WINDOWS\System32\ActiveSyncProvider.dll
2016-03-13 08:04:50	F1109C488A877D56D53CA5EDB4CD5FCB	1184256	----a-w-	C:\WINDOWS\System32\UserDataService.dll
2016-03-13 08:04:50	4CEC45E77C5949256DFC7FC4995D1FF9	813056	----a-w-	C:\WINDOWS\System32\dosvc.dll
2016-03-13 08:04:49	CF342DCC0B8053DCABA7C5D30BE4B5C3	1500672	----a-w-	C:\WINDOWS\System32\urlmon.dll
2016-03-13 08:04:49	9ADFB90D8FA8F0594CBF962A6C0516AD	1075200	----a-w-	C:\WINDOWS\System32\Windows.UI.Shell.dll
2016-03-13 08:04:48	A90777E5B4C9D3B422700B0414794498	827392	----a-w-	C:\WINDOWS\System32\audiosrv.dll
2016-03-13 08:04:47	C117F577BB0CC6545EA181FBB3FACE99	980352	----a-w-	C:\WINDOWS\System32\mfasfsrcsnk.dll
2016-03-13 08:04:47	49CF99392314B7CAD65DE8A05ABFE30D	882720	----a-w-	C:\WINDOWS\System32\mfmp4srcsnk.dll
2016-03-13 08:04:46	EFAFAA2F86622F22ADBFEF583AB10F42	810496	----a-w-	C:\WINDOWS\System32\schedsvc.dll
2016-03-13 08:04:46	594B272EA8C34067CD74AAE90EFFBE88	1626624	----a-w-	C:\WINDOWS\System32\dwmcore.dll
2016-03-13 08:04:45	B8FCDBBDB40FB64940D98A6B986B43AD	959840	----a-w-	C:\WINDOWS\System32\aeinv.dll
2016-03-13 08:04:45	AF209F751EB761084CEFE2CF10E1CE8D	895080	----a-w-	C:\WINDOWS\System32\mfsrcsnk.dll
2016-03-13 08:04:44	940E4B285833A201EF5D1C0ADABE9DAD	1561392	----a-w-	C:\WINDOWS\System32\KernelBase.dll
2016-03-13 08:04:44	22BF976C2B9E74378AE5A0616ADCEB4B	722432	----a-w-	C:\WINDOWS\System32\XblGameSave.dll
2016-03-13 08:04:43	FC90756CB632C0E4AC0D6A60AF2DF9AD	585216	----a-w-	C:\WINDOWS\System32\Windows.AccountsControl.dll
2016-03-13 08:04:43	888D41F5EFD6995491326C0DEEA2124A	713824	----a-w-	C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2016-03-13 08:04:43	851DFF609CBAC6C5D9ED6F118364B251	1174368	----a-w-	C:\WINDOWS\System32\diagtrack.dll
2016-03-13 08:04:43	30DEC02A4BD2AAED5B2D2766234374A8	1154048	----a-w-	C:\WINDOWS\System32\win32kbase.sys
2016-03-13 08:04:42	C8F351BE29CEA63BC5EE5A175576B7F3	1105920	----a-w-	C:\WINDOWS\System32\Windows.Media.Audio.dll
2016-03-13 08:04:42	B5BE0892D4E1F93D0D931AE5973EFA6B	1028608	----a-w-	C:\WINDOWS\System32\wifinetworkmanager.dll
2016-03-13 08:04:42	7FFBA2ECF1A4880B80D45210A8F560A4	1541792	----a-w-	C:\WINDOWS\System32\ntdll.dll
2016-03-13 08:04:41	D58F759E18CDC165F86815B62BC1BBBD	599904	----a-w-	C:\WINDOWS\System32\invagent.dll
2016-03-13 08:04:41	CB483D33C75D14A263D25C507BC0F2E0	951808	----a-w-	C:\WINDOWS\System32\wwansvc.dll
2016-03-13 08:04:41	C012CE3AB0120D01C75EDBB869AC463E	523752	----a-w-	C:\WINDOWS\System32\dxgi.dll
2016-03-13 08:04:41	A43688711B5DA91ED9FC159BB8F8AF14	646656	----a-w-	C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2016-03-13 08:04:41	4B9DE8EAA2E16C34E018749F325BAEFF	949248	----a-w-	C:\WINDOWS\System32\Unistore.dll
2016-03-13 08:04:40	E43400F37F8F0FA9281FEB64E3D7F72B	754176	----a-w-	C:\WINDOWS\System32\SettingSyncCore.dll
2016-03-13 08:04:40	DB6C9645A16676FDE0D730CB05D8F6E1	1443328	----a-w-	C:\WINDOWS\System32\SRHInproc.dll
2016-03-13 08:04:40	A8EF9AEDACF24908E12E910BF3977DC9	703840	----a-w-	C:\WINDOWS\System32\WWAHost.exe
2016-03-13 08:04:40	913BFC1B0AD67CCF6847FCDE20CFE59F	922624	----a-w-	C:\WINDOWS\System32\localspl.dll
2016-03-13 08:04:39	EB5DBA11B7C79B28A759AF12F03A17BB	769536	----a-w-	C:\WINDOWS\System32\ContactApis.dll
2016-03-13 08:04:39	B014F98BEE810D5BF9F8C1C75F0EAD92	489984	----a-w-	C:\WINDOWS\System32\Windows.UI.dll
2016-03-13 08:04:39	AD1B282BDE4A19D7CE2D405409DBB8D0	1497088	----a-w-	C:\WINDOWS\System32\WMPDMC.exe
2016-03-13 08:04:39	ACF42FDA029E85653C0725BCCAD72EED	433504	----a-w-	C:\WINDOWS\System32\devinv.dll
2016-03-13 08:04:38	B7C45AC8BF19CB65A1B28EC927C87457	405568	----a-w-	C:\WINDOWS\System32\AudioSes.dll
2016-03-13 08:04:38	B4D08BA21927B9A49248E84F3F3ABA12	498176	----a-w-	C:\WINDOWS\System32\ngcsvc.dll
2016-03-13 08:04:38	B073C14F8B76DF8652415488C22F10A1	670928	----a-w-	C:\WINDOWS\System32\mfds.dll
2016-03-13 08:04:37	952D6065F133D9525B399E6274CFE027	793600	----a-w-	C:\WINDOWS\System32\SRH.dll
2016-03-13 08:04:37	8BD7A79F9A8FF011B89A61C8AC796988	502112	----a-w-	C:\WINDOWS\System32\NetSetupEngine.dll
2016-03-13 08:04:37	24FAED61DB564A56DF741E9CC7A80411	739328	----a-w-	C:\WINDOWS\System32\SharedStartModel.dll
2016-03-13 08:04:36	CA57FE09C1255009C9AC1462B7D7264D	957608	----a-w-	C:\WINDOWS\System32\ole32.dll
2016-03-13 08:04:36	C0C0A04A28B003BCFDFADF8B6A67C116	694272	----a-w-	C:\WINDOWS\System32\uDWM.dll
2016-03-13 08:04:36	620737C11CD32E03299E0B60BC896230	552960	----a-w-	C:\WINDOWS\System32\AppointmentApis.dll
2016-03-13 08:04:35	E3C2853C8F2EED113646F07D62D08C9E	503296	----a-w-	C:\WINDOWS\System32\SettingSync.dll
2016-03-13 08:04:35	3249EA75874EE3DD3FCBA141656DF210	713728	----a-w-	C:\WINDOWS\System32\netlogon.dll
2016-03-13 08:04:34	F4FEA4F417B887D1A993972BE554DBD9	411136	----a-w-	C:\WINDOWS\System32\SmsRouterSvc.dll
2016-03-13 08:04:34	F40196C743D54C56C7C2CCDD6FDE262E	572272	----a-w-	C:\WINDOWS\System32\taskschd.dll
2016-03-13 08:04:34	A5533D65919C16A7CE31F5DBD8684B8F	464896	----a-w-	C:\WINDOWS\System32\enterprisecsps.dll
2016-03-13 08:04:34	3E0D07A4A7C9177B6E7127D82987D5A0	510880	----a-w-	C:\WINDOWS\System32\ClipSVC.dll
2016-03-13 08:04:34	353ADB5A26C0B4C18C434F1CF875F1F6	538112	----a-w-	C:\WINDOWS\System32\XblAuthManager.dll
2016-03-13 08:04:33	FABAF2C5E74BA9ADC07D28BB03F5C32A	349696	----a-w-	C:\WINDOWS\System32\NetSetupShim.dll
2016-03-13 08:04:33	BB32CF3B32C9E98F12653D26BFCD4210	639168	----a-w-	C:\WINDOWS\System32\generaltel.dll
2016-03-13 08:04:33	8C2E49ACD2A820A3FA7C598B811F3803	450912	----a-w-	C:\WINDOWS\System32\MFCaptureEngine.dll
2016-03-13 08:04:33	38AD0A0696A09DA9AE58F0DBB49B592E	1051584	----a-w-	C:\WINDOWS\System32\winload.efi
2016-03-13 08:04:32	D9F3EF3985ED40EA9F6BDC7A87DFB227	926568	----a-w-	C:\WINDOWS\System32\winload.exe
2016-03-13 08:04:32	A19A2DDCC69FF16B5FB68AD4F02B564A	480256	----a-w-	C:\WINDOWS\System32\MCRecvSrc.dll
2016-03-13 08:04:32	9A4B24D31182EB59A9BEB783D3CAE82D	453632	----a-w-	C:\WINDOWS\System32\bisrv.dll
2016-03-13 08:04:32	399AB94943D1143350D68EA0999FA3E3	875992	----a-w-	C:\WINDOWS\System32\winresume.efi
2016-03-13 08:04:31	BF7DE3AC9B7DD44D96790B9498D6C047	266240	----a-w-	C:\WINDOWS\System32\vaultsvc.dll
2016-03-13 08:04:31	1FB70661A7800B7639FE125E197AED90	484864	----a-w-	C:\WINDOWS\System32\wcmsvc.dll
2016-03-13 08:04:30	F49B5BEBF8E9D865522DCF9A6933E095	771120	----a-w-	C:\WINDOWS\System32\winresume.exe
2016-03-13 08:04:30	9B60985A87BA2FED9F57DA30F191098E	315904	----a-w-	C:\WINDOWS\System32\Windows.Internal.Bluetooth.dll
2016-03-13 08:04:30	463DA1563BB9C1849527967BA80C1810	287712	----a-w-	C:\WINDOWS\System32\Windows.Media.MediaControl.dll
2016-03-13 08:04:29	EC21FC40C74206DAB19F1A8F9132EFAB	890368	----a-w-	C:\WINDOWS\System32\AppxPackaging.dll
2016-03-13 08:04:29	38EE252AD45EB7D6834F718B9487D3F9	538736	----a-w-	C:\WINDOWS\System32\wer.dll
2016-03-13 08:04:29	1CCB5BDF11C6A948C98B78E07509BD60	297072	----a-w-	C:\WINDOWS\System32\audiodg.exe
2016-03-13 08:04:29	0CDCD193CA336239F987E234DE8E574E	1931776	----a-w-	C:\WINDOWS\System32\wlansvc.dll
2016-03-13 08:04:28	A86E3225265CFBC04490937A3ED10D98	856928	----a-w-	C:\WINDOWS\System32\SecConfig.efi
2016-03-13 08:04:28	A6D5E5306FF3D5E0EC0A563850328D88	525824	----a-w-	C:\WINDOWS\System32\configurationclient.dll
2016-03-13 08:04:28	964DE3052B6A869EFBC86930DD51E8BD	379392	----a-w-	C:\WINDOWS\System32\mfmkvsrcsnk.dll
2016-03-13 08:04:28	48BE314F4EF202C74787F3ED52615B67	291328	----a-w-	C:\WINDOWS\System32\wuuhext.dll
2016-03-13 08:04:28	27F915BC264C3581D0246B08649A30A7	247296	----a-w-	C:\WINDOWS\System32\usbmon.dll
2016-03-13 08:04:27	C406A5FDC8A1ECF2A9632F302B7D0EC3	294752	----a-w-	C:\WINDOWS\System32\msv1_0.dll
2016-03-13 08:04:27	8D8386E8666F1D65D9FF083BCFEEE19F	168448	----a-w-	C:\WINDOWS\System32\QuickActionsDataModel.dll
2016-03-13 08:04:27	3045D8D74E91547075BB16233D9BAF39	299008	----a-w-	C:\WINDOWS\System32\MDEServer.exe
2016-03-13 08:04:27	1654928B4F9D2825F253937E5DCCB70B	433664	----a-w-	C:\WINDOWS\System32\MBMediaManager.dll
2016-03-13 08:04:26	DD9D490165EF04D4150FAE621978A522	396288	----a-w-	C:\WINDOWS\System32\ipnathlp.dll
2016-03-13 08:04:26	856AD15FD2D187EA8435564A135C85C0	228352	----a-w-	C:\WINDOWS\System32\deviceaccess.dll
2016-03-13 08:04:25	A7583A49B0F4A91E5B2E154C3582DF82	420928	----a-w-	C:\WINDOWS\System32\msvproc.dll
2016-03-13 08:04:25	5E52791BC584EA399812DAD599AC1210	356352	----a-w-	C:\WINDOWS\System32\sharemediacpl.dll
2016-03-13 08:04:25	5C89E4A8A0911F7DA03970F9225D440F	689152	----a-w-	C:\WINDOWS\System32\modernexecserver.dll
2016-03-13 08:04:24	42248856CC8A2AE6642B5D1B170EAB35	450560	----a-w-	C:\WINDOWS\System32\SyncController.dll
2016-03-13 08:04:24	049C9CDC8745368AE58654B782B5AE65	674304	----a-w-	C:\WINDOWS\System32\MPSSVC.dll
2016-03-13 08:04:23	96048AFCC035AB28366D030495F84841	118784	----a-w-	C:\WINDOWS\System32\TimeBrokerServer.dll
2016-03-13 08:04:23	65D0043F608A12AF75ED37A65AFB906B	342528	----a-w-	C:\WINDOWS\System32\AppXDeploymentClient.dll
2016-03-13 08:04:23	512C6DFFDFE2A4E00D6B7141897ED075	497664	----a-w-	C:\WINDOWS\System32\StorSvc.dll
2016-03-13 08:04:22	DCB356E8C3561A4D6CF128FFD3B9BB83	509952	----a-w-	C:\WINDOWS\System32\spoolsv.exe
2016-03-13 08:04:22	C0E1D77BBC473F7DAAABEE75FB59F43D	278016	----a-w-	C:\WINDOWS\System32\wifiprofilessettinghandler.dll
2016-03-13 08:04:22	BB41A98A1D9F7771240A0F6C3E2E0CD6	238080	----a-w-	C:\WINDOWS\System32\AudioEndpointBuilder.dll
2016-03-13 08:04:21	D1817C1F148C21EC4403186D731DF042	540752	----a-w-	C:\WINDOWS\System32\fontdrvhost.exe
2016-03-13 08:04:21	C86784A6F08E733BE19D62C82182FA7D	266752	----a-w-	C:\WINDOWS\System32\MSFlacDecoder.dll
2016-03-13 08:04:21	AC42505CBCEE5825BB2695C34E43B1D0	184832	----a-w-	C:\WINDOWS\System32\PackageStateRoaming.dll
2016-03-13 08:04:21	7FC23BF3BB1F20CD69FA42F269448284	447488	----a-w-	C:\WINDOWS\System32\PsmServiceExtHost.dll
2016-03-13 08:04:21	550ECFF3C3808065169BFEA6C2B7837C	400896	----a-w-	C:\WINDOWS\System32\winspool.drv
2016-03-13 08:04:21	053E2D136DB8A4743E4C40D5D979834B	200704	----a-w-	C:\WINDOWS\System32\DisplayManager.dll
2016-03-13 08:04:20	4591BC3EC5FD8336642F8B94EABD4D4F	187744	----a-w-	C:\WINDOWS\System32\AppxAllUserStore.dll
2016-03-13 08:04:19	A34EDEA5F401143A0190642EABA28518	709688	----a-w-	C:\WINDOWS\System32\mfsvr.dll
2016-03-13 08:04:19	5BA891B2B007E7D07F7B964E1D296CA6	121856	----a-w-	C:\WINDOWS\System32\DeviceCensus.exe
2016-03-13 08:04:19	4D2E3D6BC01E7A5E9C6F9AFDBFAF98BB	220064	----a-w-	C:\WINDOWS\System32\sqmapi.dll
2016-03-13 08:04:19	100E983F59F3BF3A3F8BFA327CF9B438	157184	----a-w-	C:\WINDOWS\System32\WiFiDisplay.dll
2016-03-13 08:04:18	F108FF49C683146A2577A09B9433FF03	140288	----a-w-	C:\WINDOWS\System32\NetSetupSvc.dll
2016-03-13 08:04:18	395F9E50709FAE503C339047207E46CF	540160	----a-w-	C:\WINDOWS\System32\ChatApis.dll
2016-03-13 08:04:17	CF193B3CE8BC7A7E20D49087E415FD39	75776	----a-w-	C:\WINDOWS\System32\DeviceEnroller.exe
2016-03-13 08:04:17	74A959DDBDC667493FAD05582E29C698	106496	----a-w-	C:\WINDOWS\System32\flvprophandler.dll
2016-03-13 08:04:17	6DA0B412C0DD9DDB5382527488A5AD2E	237056	----a-w-	C:\WINDOWS\System32\thumbcache.dll
2016-03-13 08:04:17	3BFCD46B7D67D0B137BD54C2BE644C4A	161280	----a-w-	C:\WINDOWS\System32\InstallAgent.exe
2016-03-13 08:04:17	160CC95D34D62B6A72F9E4E3EE52EBCC	369664	----a-w-	C:\WINDOWS\System32\FirewallAPI.dll
2016-03-13 08:04:16	E6700CCDE38370E9D0D981564D5B20C0	221696	----a-w-	C:\WINDOWS\System32\vaultcli.dll
2016-03-13 08:04:16	DD73501C379ABF585DC7CC1765BE8E2E	303104	----a-w-	C:\WINDOWS\System32\atmfd.dll
2016-03-13 08:04:16	CF6F9E20820096890A8F8AB8A7F0C3A4	114176	----a-w-	C:\WINDOWS\System32\AuthBroker.dll
2016-03-13 08:04:16	ADAB83ED7FE2AB674765A05E77EA2758	69632	----a-w-	C:\WINDOWS\System32\MDMAppInstaller.exe
2016-03-13 08:04:16	5A212173FC0622865F409B16ED77C9DF	98304	----a-w-	C:\WINDOWS\System32\AppointmentActivation.dll
2016-03-13 08:04:15	ABCEFF292FF3BC3685AD415294406CFA	204800	----a-w-	C:\WINDOWS\System32\accountaccessor.dll
2016-03-13 08:04:15	2C84609F09FD003FA955567D395EEA8A	575488	----a-w-	C:\WINDOWS\System32\EmailApis.dll
2016-03-13 08:04:14	5907306B8998EF1355A10B905DC32496	143360	----a-w-	C:\WINDOWS\System32\psmsrv.dll
2016-03-13 08:04:14	56315A6A6598E701BB0A5F506DA6143E	200704	----a-w-	C:\WINDOWS\System32\cemapi.dll
2016-03-13 08:04:13	B315EB17077EF082A79922D4EA47DBF4	163328	----a-w-	C:\WINDOWS\System32\fwbase.dll
2016-03-13 08:04:12	3547D79A60007624BFEBAFCAE158E992	169984	----a-w-	C:\WINDOWS\System32\PhoneCallHistoryApis.dll
2016-03-13 08:04:12	06D1DDFFDEBC4B7C3EA7E345D95ECB83	60416	----a-w-	C:\WINDOWS\System32\SMSRouter.dll
2016-03-13 08:04:11	CEA40BE42E7DA27BE43BF934A22968F4	366224	----a-w-	C:\WINDOWS\System32\AUDIOKSE.dll
2016-03-13 08:04:10	FF511E1BE3DD5F9C6F3E923BF363443B	306840	----a-w-	C:\WINDOWS\System32\wlanapi.dll
2016-03-13 08:04:10	1A1CEDD70714197E66D4056C2FDD78BF	62976	----a-w-	C:\WINDOWS\System32\provpackageapidll.dll
2016-03-13 08:04:09	DEB136CC5E72FFD6362E513DDA8C9890	57344	----a-w-	C:\WINDOWS\System32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-13 08:04:09	8CE4D365EF60DA0A098757371DD43752	88576	----a-w-	C:\WINDOWS\System32\olepro32.dll
2016-03-13 08:04:09	7C9FD4578034548E927AC29F9B83AB14	202752	----a-w-	C:\WINDOWS\System32\PimIndexMaintenance.dll
2016-03-13 08:04:09	05B15BD9C92BE52F35A2295B22C5D892	168448	----a-w-	C:\WINDOWS\System32\Windows.Devices.Scanners.dll
2016-03-13 08:04:08	7A2A3BAAA05C8124D95B2915E904F900	141664	----a-w-	C:\WINDOWS\System32\wermgr.exe
2016-03-13 08:04:08	38CD3876C1270CCBC4812664D426A66B	118304	----a-w-	C:\WINDOWS\System32\AuthHost.exe
2016-03-13 08:04:07	DA532AD6F0CB70720478681BBFD59EDB	354656	----a-w-	C:\WINDOWS\System32\halmacpi.dll
2016-03-13 08:04:07	DA532AD6F0CB70720478681BBFD59EDB	354656	----a-w-	C:\WINDOWS\System32\hal.dll
2016-03-13 08:04:07	43AE8C9F7D031AB3DBEADA4C17D8C682	150528	----a-w-	C:\WINDOWS\System32\VCardParser.dll
2016-03-13 08:04:06	97E96ABEBCB6CF556406781C47C5282A	78848	----a-w-	C:\WINDOWS\System32\asycfilt.dll
2016-03-13 08:04:06	7F87F8D3AED8821F278539FFC1E8B5E9	81408	----a-w-	C:\WINDOWS\System32\ngckeyenum.dll
2016-03-13 08:04:06	3B1F2F6F89F3F4ED75C5FADDB2E7CFE1	56320	----a-w-	C:\WINDOWS\System32\POSyncServices.dll
2016-03-13 08:04:06	15E75D27F0C67A7A21D5A514601F0E5A	135168	----a-w-	C:\WINDOWS\System32\AppxSip.dll
2016-03-13 08:04:06	01062058BCD4DA49B777F1945E642EB6	202752	----a-w-	C:\WINDOWS\System32\wsqmcons.exe
2016-03-13 08:04:05	259517866C369BCC5990292BCB57E709	223744	----a-w-	C:\WINDOWS\System32\ExSMime.dll
2016-03-13 08:04:04	F9E16D5E25A534DFD6DD68BF3B18C41B	99328	----a-w-	C:\WINDOWS\System32\srpapi.dll
2016-03-13 08:04:04	242708810A22D373904539EDF39FFAD1	196608	----a-w-	C:\WINDOWS\System32\UserDataAccountApis.dll
2016-03-13 08:04:03	EBD26D676238C0B3938AFF925043576F	394752	----a-w-	C:\WINDOWS\System32\werui.dll
2016-03-13 08:04:03	E34395496B11CF5C8C5B6D2E438BFA43	18944	----a-w-	C:\WINDOWS\System32\ExtrasXmlParser.dll
2016-03-13 08:04:03	C1E84E9B6202FA119C5A49643A63606D	337920	----a-w-	C:\WINDOWS\System32\wlanmsm.dll
2016-03-13 08:04:03	A9B97C6B2962E5552C7D377B58B536BF	116224	----a-w-	C:\WINDOWS\System32\dssvc.dll
2016-03-13 08:04:03	089EBBF5C95BE759FBEBEEA6D2AF1F5D	238592	----a-w-	C:\WINDOWS\System32\domgmt.dll
2016-03-13 08:04:02	F8EA24EF1E372F760C2A0634A2E8BAC6	444416	----a-w-	C:\WINDOWS\System32\scapi.dll
2016-03-13 08:04:02	D8DA5B9D54225B46242011154C9E417A	133632	----a-w-	C:\WINDOWS\System32\Windows.UI.Core.TextInput.dll
2016-03-13 08:04:02	96A1D4215D80E6497F7DAC2ECB443788	76800	----a-w-	C:\WINDOWS\System32\wpninprc.dll
2016-03-13 08:04:02	93B7ED5F44D9C3FB0A74C059E1B9E68B	89088	----a-w-	C:\WINDOWS\System32\UserDataTimeUtil.dll
2016-03-13 08:04:01	75B5C1588D3703F44004D3EB2BD358AD	129024	----a-w-	C:\WINDOWS\System32\CallHistoryClient.dll
2016-03-13 08:04:01	64B0C2833EB2501DAE37C0A9700BF48F	45568	----a-w-	C:\WINDOWS\System32\jsproxy.dll
2016-03-13 08:04:01	2C9F7FD398206956D48C5DF02A9EEBE5	149504	----a-w-	C:\WINDOWS\System32\storewuauth.dll
2016-03-13 08:04:01	1B2DDD12CDCA87A005F4C6AD084C1313	24576	----a-w-	C:\WINDOWS\System32\seclogon.dll
2016-03-13 08:04:01	1AEBF2230422716D8CE1BEBCBAE961D3	48128	----a-w-	C:\WINDOWS\System32\PimIndexMaintenanceClient.dll
2016-03-13 08:04:00	EF5CF68A2932CB5779C759F458731B8D	39424	----a-w-	C:\WINDOWS\System32\wfdprov.dll
2016-03-13 08:04:00	CA2EA5401563387162E61444AE15AF59	53248	----a-w-	C:\WINDOWS\System32\profext.dll
2016-03-13 08:04:00	4E2C3D75AC29767E1B3CC68084FB648C	20480	----a-w-	C:\WINDOWS\System32\wlansvcpal.dll
2016-03-13 08:04:00	39E7BAB659A6AB4419A908E578BE7029	56320	----a-w-	C:\WINDOWS\System32\UserDataPlatformHelperUtil.dll
2016-03-13 08:04:00	01DEECED3AA3E94C00A396AED9EB2BC0	70656	----a-w-	C:\WINDOWS\System32\AppxSysprep.dll
2016-03-13 08:03:59	392434472351B2DA0499AEC962E988CE	37888	----a-w-	C:\WINDOWS\System32\UserDataLanguageUtil.dll
2016-03-13 08:03:58	F7447D7EDE2E9F4FEC87143F5CC021F5	65536	----a-w-	C:\WINDOWS\System32\wininetlui.dll
2016-03-13 08:03:58	31657EDEEA6039E71C708BDA61AB62D5	37888	----a-w-	C:\WINDOWS\System32\UserDataTypeHelperUtil.dll
2016-03-13 08:03:58	271CFCC18C33465D3DF5792C6AFE0519	137728	----a-w-	C:\WINDOWS\System32\dafBth.dll
2016-03-13 08:03:57	F839EDFF1B0CAEDAA3DBDE414582EB1B	70656	----a-w-	C:\WINDOWS\System32\AppCapture.dll
2016-03-13 08:03:57	9DEB4C56FAAB147839BF68B6C28A38FC	164864	----a-w-	C:\WINDOWS\System32\fwpolicyiomgr.dll
2016-03-13 08:03:57	9DB69A637142A6C72DF22706CF2F6F7B	31744	----a-w-	C:\WINDOWS\System32\TimeBrokerClient.dll
2016-03-13 08:03:57	94B7A8571D2AF0101348A7AD4B8DF584	20992	----a-w-	C:\WINDOWS\System32\irmon.dll
2016-03-13 08:03:57	88D538838692B2D66514301CCB37B4E7	83456	----a-w-	C:\WINDOWS\System32\InputLocaleManager.dll
2016-03-13 08:03:57	862F5B7CDDB6376EDC2C40ABA62B7E8C	395264	----a-w-	C:\WINDOWS\System32\wlansec.dll
2016-03-13 08:03:57	7734BD0E9C8ED7DC48F559A67D0A79F4	20480	----a-w-	C:\WINDOWS\System32\wfapigp.dll
2016-03-13 08:03:56	B6A8D5921E4665DD521B0F597C9F3E55	23552	----a-w-	C:\WINDOWS\System32\WiFiConfigSP.dll
2016-03-13 08:03:56	978D6640C869D7FA4FCDD877E4A5C2C7	93696	----a-w-	C:\WINDOWS\System32\fontsub.dll
2016-03-13 08:03:56	6FA3485DB4DE58EE9E73597CAC493AB4	37376	----a-w-	C:\WINDOWS\System32\atmlib.dll
2016-03-13 08:03:56	197948552BE23DACBEF10ECC8168FD11	29696	----a-w-	C:\WINDOWS\System32\LaunchWinApp.exe
2016-03-13 08:03:56	18AC201536C30367EC5A7BC8DB069AE6	334336	----a-w-	C:\WINDOWS\System32\bcastdvr.exe
2016-03-12 17:16:41	25AC3BCB8AF11A13CA663249CF49D6BC	36746	----a-w-	C:\WINDOWS\System32\license.rtf
2016-03-12 17:10:36	F70E740860B62BB2AFF19095933D8D1B	398848	----a-w-	C:\WINDOWS\System32\srcore.dll
2016-03-12 17:10:36	F2061A1835E8844637168800292309BF	84832	----a-w-	C:\WINDOWS\System32\NetSetupApi.dll
2016-03-12 17:10:36	EF3D963CD01DBBBAA7394BB1A638A1BB	116728	----a-w-	C:\WINDOWS\System32\mfps.dll
2016-03-12 17:10:36	DDC479FA1A36285BFC1EF25B547403C3	273408	----a-w-	C:\WINDOWS\System32\SensorsApi.dll
2016-03-12 17:10:36	D0693220928997E1DD513B261AF86308	454056	----a-w-	C:\WINDOWS\System32\AudioEng.dll
2016-03-12 17:10:36	C85501FE7EFD33E06A877B8786F396B6	462760	----a-w-	C:\WINDOWS\System32\mfreadwrite.dll
2016-03-12 17:10:36	B44BC5CC78CF476028D1939A7712BD93	652312	----a-w-	C:\WINDOWS\System32\evr.dll
2016-03-12 17:10:36	AD0450E2D2241FE93BB3B93BEFEC7D48	614912	----a-w-	C:\WINDOWS\System32\fveapi.dll
2016-03-12 17:10:36	A5262EAC7484855AF901D3815239CCB4	7680	----a-w-	C:\WINDOWS\System32\readingviewresources.dll
2016-03-12 17:10:36	A4CC1E8330E839AA619978E61AEEEAC4	73360	----a-w-	C:\WINDOWS\System32\remoteaudioendpoint.dll
2016-03-12 17:10:36	93050CE746C09F2F6F49A4893FB060ED	647168	----a-w-	C:\WINDOWS\System32\jscript.dll
2016-03-12 17:10:36	8A26A15B852AF385469AD62865CCAE7F	2050048	----a-w-	C:\WINDOWS\System32\inetcpl.cpl
2016-03-12 17:10:36	7BA4B67BDA4222B55FA700E31B63F32D	208176	----a-w-	C:\WINDOWS\System32\mftranscode.dll
2016-03-12 17:10:36	708D0744D65977AE69230A30063C7AFA	192512	----a-w-	C:\WINDOWS\System32\fveapibase.dll
2016-03-12 17:10:36	6D151B11358362786C45F1A4A21576FA	925064	----a-w-	C:\WINDOWS\System32\mfplat.dll
2016-03-12 17:10:36	663BB5E8F425300F19408A962B268D7F	113624	----a-w-	C:\WINDOWS\System32\EncDump.dll
2016-03-12 17:10:36	5814754D92DBD471D5AB7437B20EE3F0	687616	----a-w-	C:\WINDOWS\System32\msfeeds.dll
2016-03-12 17:10:36	54653101CE8F04569B6E49551E882267	748032	----a-w-	C:\WINDOWS\System32\wpncore.dll
2016-03-12 17:10:36	51B550A0FBFA6E04F8595ED0BD99C202	100160	----a-w-	C:\WINDOWS\System32\MP3DMOD.DLL
2016-03-12 17:10:36	502937AB9A06F98B60232ACFAA2BF404	186368	----a-w-	C:\WINDOWS\System32\ie4uinit.exe
2016-03-12 17:10:36	4D554EA34AE794FB3290FD3500501A63	29696	----a-w-	C:\WINDOWS\System32\iernonce.dll
2016-03-12 17:10:36	44CBF47585584D74C3D0C2320031E539	569856	----a-w-	C:\WINDOWS\System32\qdvd.dll
2016-03-12 17:10:36	3A280280AEA583EAB0375C330F7A6CE9	335872	----a-w-	C:\WINDOWS\System32\iedkcs32.dll
2016-03-12 17:10:36	30C2700A2CDEF6042585C9296ABC9054	499432	----a-w-	C:\WINDOWS\System32\advapi32.dll
2016-03-12 17:10:36	29EF8EC898FE21680DB5FB15DB513EC8	235008	----a-w-	C:\WINDOWS\System32\ksproxy.ax
2016-03-12 17:10:36	2236E31FDBF29B5C4B6E36F355347DD8	1300016	----a-w-	C:\WINDOWS\System32\WpcMon.exe
2016-03-12 17:10:36	2003BE1653553FBC9D809BA40AEE4D68	1542656	----a-w-	C:\WINDOWS\System32\quartz.dll
2016-03-12 17:10:36	1F7C4CBC0C5788E3E91C08A3D32F7BB9	1118208	----a-w-	C:\WINDOWS\System32\mfnetsrc.dll
2016-03-12 17:10:36	1F48933EFAB68EDD3B456C78E17B89CE	871936	----a-w-	C:\WINDOWS\System32\MSMPEG2ENC.DLL
2016-03-12 17:10:36	192B579E14C116D2B742FEBE85A4D3C1	2756096	----a-w-	C:\WINDOWS\System32\mshtml.tlb
2016-03-12 17:10:36	132209E26098FCDDEC023B460E68EBEB	1070080	----a-w-	C:\WINDOWS\System32\WMSPDMOE.DLL
2016-03-12 17:10:36	110A45F765495043CB8ED918FEFD8D90	572928	----a-w-	C:\WINDOWS\System32\WpcWebFilter.dll
2016-03-12 17:10:36	0FA8D61A4D4F56063113F9DA4E18848B	289248	----a-w-	C:\WINDOWS\System32\MFPlay.dll
2016-03-12 17:10:36	0B7C5790893F3650162BED4BEA35D9A6	695752	----a-w-	C:\WINDOWS\System32\WMADMOD.DLL
2016-03-12 17:10:36	0A8409C137B580A3EEB80E33649044F3	701384	----a-w-	C:\WINDOWS\System32\mfnetcore.dll
2016-03-12 17:10:36	0A1268471953D61709B68E2F1537E5ED	61440	----a-w-	C:\WINDOWS\System32\iesetup.dll
2016-03-12 17:10:36	09C206C7C594BE128DDB477816008FEF	97792	----a-w-	C:\WINDOWS\System32\dialserver.dll
2016-03-12 17:10:29	FAA5A3DE34FD44C220691C4527E88453	157696	----a-w-	C:\WINDOWS\System32\SimCfg.dll
2016-03-12 17:10:29	F87C928A9C09611670BBF6533281003C	162816	----a-w-	C:\WINDOWS\System32\msorcl32.dll
2016-03-12 17:10:29	F7F4D3C8F419097D5219C80B811978A9	203264	----a-w-	C:\WINDOWS\System32\iassam.dll
2016-03-12 17:10:29	F7169F42A954DEAD789529859921BD36	81112	----a-w-	C:\WINDOWS\System32\OpenWith.exe
2016-03-12 17:10:29	F69D5083FDF08E34125F81DC3321BB5D	6529024	----a-w-	C:\WINDOWS\System32\wwanmm.dll
2016-03-12 17:10:29	F58AFDE7C8F12E247BC3A83359804CAA	140800	----a-w-	C:\WINDOWS\System32\shutdownux.dll
2016-03-12 17:10:29	F0ED21F9D39229B305C363B6ED023170	11776	----a-w-	C:\WINDOWS\System32\dciman32.dll
2016-03-12 17:10:29	EEBE15EFF20FD10C7EE6D6A1FD31F6AE	14848	----a-w-	C:\WINDOWS\System32\wshrm.dll
2016-03-12 17:10:29	EDD93EDB3758471A4862D3CF70FE9007	503296	----a-w-	C:\WINDOWS\System32\vbscript.dll
2016-03-12 17:10:29	EDD54C760B9B70AA3857BD04941D20F8	67072	----a-w-	C:\WINDOWS\System32\wwanprotdim.dll
2016-03-12 17:10:29	E8E1211E912DB0137E21EA0837E68FFD	11776	----a-w-	C:\WINDOWS\System32\sscoreext.dll
2016-03-12 17:10:29	E25595035712B43ED690478179284188	3197440	----a-w-	C:\WINDOWS\System32\SettingsHandlers_nt.dll
2016-03-12 17:10:29	DBE39E4BDCC3D8F49A2B0277652120D0	41984	----a-w-	C:\WINDOWS\System32\pcaui.exe
2016-03-12 17:10:29	DAAEFA9CDDAFC2096B8D0D0F2F0AD6F0	107520	----a-w-	C:\WINDOWS\System32\FilterDS.dll
2016-03-12 17:10:29	D213E29D66D7182AF58CB525EFC2F409	421888	----a-w-	C:\WINDOWS\System32\LogonController.dll
2016-03-12 17:10:29	CF17C8CA575EC10ACDE1671CDED01B73	17408	----a-w-	C:\WINDOWS\System32\rasautou.exe
2016-03-12 17:10:29	CE751328E562F16EDA3437D8B6C81E0E	33280	----a-w-	C:\WINDOWS\System32\wsplib.dll
2016-03-12 17:10:29	C8892F76C2D15CB1175E3F7A04D07904	890880	----a-w-	C:\WINDOWS\System32\WMSPDMOD.DLL
2016-03-12 17:10:29	C31497BE0B66DFF987E8BBF7108633A9	103424	----a-w-	C:\WINDOWS\System32\wificonnapi.dll
2016-03-12 17:10:29	C125005880ED737E95454A93DF76A817	279376	----a-w-	C:\WINDOWS\System32\systemreset.exe
2016-03-12 17:10:29	B745ED5B35D628C4F4D8918930E25188	335360	----a-w-	C:\WINDOWS\System32\DDDS.dll
2016-03-12 17:10:29	AD18802933E2F0BD9FDE02FF35D8AEC3	118272	----a-w-	C:\WINDOWS\System32\mtxoci.dll
2016-03-12 17:10:29	A9E33F498846F8440DAC18991BE2B584	1137856	----a-w-	C:\WINDOWS\System32\appraiser.dll
2016-03-12 17:10:29	A7EFEED89BCDBB8586B39EF9E98997C8	64000	----a-w-	C:\WINDOWS\System32\wwancfg.dll
2016-03-12 17:10:29	A680339559FBC02BC0854D73DDE85C7B	1174008	----a-w-	C:\WINDOWS\System32\msctf.dll
2016-03-12 17:10:29	A2BB500813EB6A960EB362C0803DCC56	443744	----a-w-	C:\WINDOWS\System32\wimserv.exe
2016-03-12 17:10:29	9CBBFF383012199E612FE72877299882	93184	----a-w-	C:\WINDOWS\System32\rasauto.dll
2016-03-12 17:10:29	986E9A8EFFD88AE278EBDAA59E4B113C	385024	----a-w-	C:\WINDOWS\System32\wwanconn.dll
2016-03-12 17:10:29	9797BB52F1943B78CD245B41AE833E1F	653312	----a-w-	C:\WINDOWS\System32\rasapi32.dll
2016-03-12 17:10:29	96D60277EF8CB48BD3D920298C9D7F83	11776	----a-w-	C:\WINDOWS\System32\rastlsext.dll
2016-03-12 17:10:29	94A99147A62D9830676B47D2BFA8FA46	125440	----a-w-	C:\WINDOWS\System32\wshom.ocx
2016-03-12 17:10:29	8880848DC5DEE8BF8FE34DBC57C5655C	129024	----a-w-	C:\WINDOWS\System32\SimAuth.dll
2016-03-12 17:10:29	87D8A048A8F0EE702DEC3FEA8DF0C037	25600	----a-w-	C:\WINDOWS\System32\StorageUsage.dll
2016-03-12 17:10:29	866A9F8875D17A47B0D9B08A782D97FF	176128	----a-w-	C:\WINDOWS\System32\aepic.dll
2016-03-12 17:10:29	7F9FD6CDCF37260243418814398D0177	40448	----a-w-	C:\WINDOWS\System32\Windows.Networking.XboxLive.ProxyStub.dll
2016-03-12 17:10:29	7D81335F3FCD9C37DE3C8C9989428C99	431240	----a-w-	C:\WINDOWS\System32\WWanAPI.dll
2016-03-12 17:10:29	7C4540E407794F95308DD4DCA750E537	549376	----a-w-	C:\WINDOWS\System32\CellularAPI.dll
2016-03-12 17:10:29	7A48941BD36C50DC2D66F0BBA701A73E	176128	----a-w-	C:\WINDOWS\System32\MTFServer.dll
2016-03-12 17:10:29	79061676C5B8CB6C8658D31367CBC548	588288	----a-w-	C:\WINDOWS\System32\PhoneService.dll
2016-03-12 17:10:29	789FB26FFDE8D0B6FAA6B778853CF0B4	1223168	----a-w-	C:\WINDOWS\System32\RecoveryDrive.exe
2016-03-12 17:10:29	76B00BE575C4D8CF3D7334240C8DAF90	683008	----a-w-	C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll
2016-03-12 17:10:29	75F7D82383D8CF10D5999874993A2EF5	27136	----a-w-	C:\WINDOWS\System32\bcastdvr.proxy.dll
2016-03-12 17:10:29	754E3DE9A61C36A86CB6301FA0D16263	520704	----a-w-	C:\WINDOWS\System32\PhoneProviders.dll
2016-03-12 17:10:29	6F260156AB9C4C38A7AF7C333F641746	1793024	----a-w-	C:\WINDOWS\System32\NetworkMobileSettings.dll
2016-03-12 17:10:29	6E7BF3FB027D46B7DEFCFFBEF8C4511D	2026736	----a-w-	C:\WINDOWS\System32\msxml6.dll
2016-03-12 17:10:29	6CE4F5BC53932C885B2276C2B352065C	34816	----a-w-	C:\WINDOWS\System32\usermgrcli.dll
2016-03-12 17:10:29	66FC7843E349C68F424EB79E0A17D8D2	493056	----a-w-	C:\WINDOWS\System32\winlogon.exe
2016-03-12 17:10:29	650A2E42A8965FEEF24105EF3D19780B	510976	----a-w-	C:\WINDOWS\System32\wlidcli.dll
2016-03-12 17:10:29	64F7A89D4DBFA69D40C7C1FF5BB4457E	166912	----a-w-	C:\WINDOWS\System32\UserMgrProxy.dll
2016-03-12 17:10:29	627DC6C1A8D38FFC64BF884C2DE90410	573440	----a-w-	C:\WINDOWS\System32\qedit.dll
2016-03-12 17:10:29	618F2F816184ACD818984435BCF90884	168448	----a-w-	C:\WINDOWS\System32\wcmcsp.dll
2016-03-12 17:10:29	5B64BFE61393D22D908BB5E2A17B6147	1328128	----a-w-	C:\WINDOWS\System32\comsvcs.dll
2016-03-12 17:10:29	559358D3C39A1EC0D944714C32FAD582	799744	----a-w-	C:\WINDOWS\System32\rasdlg.dll
2016-03-12 17:10:29	54F47C0CD2DE99A7B8C7583CF6C22D92	3072	----a-w-	C:\WINDOWS\System32\lpk.dll
2016-03-12 17:10:29	5467DAD0BDB397D84052FCCF8686FB9C	60928	----a-w-	C:\WINDOWS\System32\mssign32.dll
2016-03-12 17:10:29	532AC1D121972B17BE523A9988A3A0E5	2155008	----a-w-	C:\WINDOWS\System32\authui.dll
2016-03-12 17:10:29	529D8C676C042EC2E6930221F81C1A4A	99840	----a-w-	C:\WINDOWS\System32\hlink.dll
2016-03-12 17:10:29	4C421E34FF4A836590401A3E9A5B5DE8	415744	----a-w-	C:\WINDOWS\System32\catsrvut.dll
2016-03-12 17:10:29	4A49EC3B4063CC569134D2BA64FA5022	350720	----a-w-	C:\WINDOWS\System32\CredProvDataModel.dll
2016-03-12 17:10:29	3F8B09A6D234877025A5EBECF9151F58	162816	----a-w-	C:\WINDOWS\System32\MTF.dll
2016-03-12 17:10:29	3B101F7C6FF56673FDC65C220FFE1EE3	48128	----a-w-	C:\WINDOWS\System32\ihvrilproxy.dll
2016-03-12 17:10:29	38B72D108FEA74BAB5B240A791E3D482	203104	----a-w-	C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2016-03-12 17:10:29	302A0BE9FA2874A3E99C0E25C992E7C7	1467392	----a-w-	C:\WINDOWS\System32\GdiPlus.dll
2016-03-12 17:10:29	29B0AB47D5FF5E6926E66B9E23271D1A	1764864	----a-w-	C:\WINDOWS\System32\pnidui.dll
2016-03-12 17:10:29	27C3814755F5078A06B3B95CC6BAD111	13312	----a-w-	C:\WINDOWS\System32\rasadhlp.dll
2016-03-12 17:10:29	24743A802C906182204DD92C821DF357	44544	----a-w-	C:\WINDOWS\System32\rilproxy.dll
2016-03-12 17:10:29	1E7B13CDBA9D57D2BF54A7501FB17376	586080	----a-w-	C:\WINDOWS\System32\wimgapi.dll
2016-03-12 17:10:29	1C1DC38D8D6E075DE06ED174B9E81FE9	535040	----a-w-	C:\WINDOWS\System32\rastls.dll
2016-03-12 17:10:29	18548E72550BBEF6D7B1D11394EB0649	81088	----a-w-	C:\WINDOWS\System32\acmigration.dll
2016-03-12 17:10:29	15CBF93FDCD9CA05C94FC83722E7F364	706048	----a-w-	C:\WINDOWS\System32\usermgr.dll
2016-03-12 17:10:29	102F3BB5D63225A25817C8E44B85533F	63528	----a-w-	C:\WINDOWS\System32\wwapi.dll
2016-03-12 17:10:29	0FC0E3CA4D36EB8A3BC1BA48436C1645	63488	----a-w-	C:\WINDOWS\System32\cfgbkend.dll
2016-03-12 17:10:29	0B202554398DBFDEE5777CDC2E6C8254	364168	----a-w-	C:\WINDOWS\System32\services.exe
2016-03-12 17:10:29	0A1B73BDF991F28BB4DADA3FBE336B70	309088	----a-w-	C:\WINDOWS\System32\wifitask.exe
2016-03-12 17:10:29	0604004E6311491796A8586846B9B929	820224	----a-w-	C:\WINDOWS\System32\XboxNetApiSvc.dll
2016-03-12 17:10:29	04174F7AC86FBC4C28762DDBC7A8F2A7	1496064	----a-w-	C:\WINDOWS\System32\aitstatic.exe
2016-03-12 17:10:29	027BA780411E28F94D7B652BDDC53783	43520	----a-w-	C:\WINDOWS\System32\Wwanpref.dll
2016-03-12 17:10:29	000326E598D2F2FD1E0740F2123D28F9	942592	----a-w-	C:\WINDOWS\System32\reseteng.dll
2016-03-12 17:10:28	460025624EE2152F2FB7486960CBE112	204288	----a-w-	C:\WINDOWS\System32\provengine.dll
2016-03-12 17:10:24	FFC1668489B3FD901A152CEAA5145BEA	168360	----a-w-	C:\WINDOWS\System32\wscapi.dll
2016-03-12 17:10:24	FF5EAE824168CFF1DC160F709A051CC8	358912	----a-w-	C:\WINDOWS\System32\dmenrollengine.dll
2016-03-12 17:10:24	F32770E19F1CB817274BC85824730E48	470528	----a-w-	C:\WINDOWS\System32\MbaeApi.dll
2016-03-12 17:10:24	D9EF9F5DA78CD085FD23C8EBB6108662	409088	----a-w-	C:\WINDOWS\System32\StoreAgent.dll
2016-03-12 17:10:24	D99D73C3C2D43BFFACF0D15033DA6B4D	53248	----a-w-	C:\WINDOWS\System32\ProvPluginEng.dll
2016-03-12 17:10:24	D707B12965D5E8DFBD7C5BF7FB12AF02	24064	----a-w-	C:\WINDOWS\System32\WordBreakers.dll
2016-03-12 17:10:24	D5E3869A0A510054A5699DDEFC8F3136	23552	----a-w-	C:\WINDOWS\System32\mapsupdatetask.dll
2016-03-12 17:10:24	CCD0ECBB9B48217F62005A3B30AEF776	18432	----a-w-	C:\WINDOWS\System32\Windows.Management.Provisioning.ProxyStub.dll
2016-03-12 17:10:24	CBEBD6D9314AD2047BD23F16509D8E4A	131584	----a-w-	C:\WINDOWS\System32\tetheringservice.dll
2016-03-12 17:10:24	CBBE2AE683A404179DF898D4EAD914CE	199168	----a-w-	C:\WINDOWS\System32\provhandlers.dll
2016-03-12 17:10:24	CA260C1A4CFC95D49DBE4DAEDCD65585	58368	----a-w-	C:\WINDOWS\System32\MosStorage.dll
2016-03-12 17:10:24	C45A2E737585F84A6503EB4FAD9B6371	23552	----a-w-	C:\WINDOWS\System32\nativemap.dll
2016-03-12 17:10:24	C3493FC896147510C0B591BE776FAE41	40448	----a-w-	C:\WINDOWS\System32\RemovableMediaProvisioningPlugin.dll
2016-03-12 17:10:24	C11AFEBFFDD62BA366D2F146212B415E	110592	----a-w-	C:\WINDOWS\System32\Microsoft-Windows-MapControls.dll
2016-03-12 17:10:24	BFB8E01951FF5081840F7F926D6F172B	17408	----a-w-	C:\WINDOWS\System32\wups2.dll
2016-03-12 17:10:24	BD876D9654A3AEE5223EED4778E675BF	130560	----a-w-	C:\WINDOWS\System32\mdmmigrator.dll
2016-03-12 17:10:24	BBB582241B78E931D32DD0E713B9433D	58368	----a-w-	C:\WINDOWS\System32\BarcodeProvisioningPlugin.dll
2016-03-12 17:10:24	B8422BC49928455E848A37F3649958D1	42496	----a-w-	C:\WINDOWS\System32\tetheringclient.dll
2016-03-12 17:10:24	B1793DC47728F39E7EF9C1B1E034139F	140288	----a-w-	C:\WINDOWS\System32\enrollmentapi.dll
2016-03-12 17:10:24	B0DB58B85CF68C61AFBEFC107807FECF	784896	----a-w-	C:\WINDOWS\System32\NMAA.dll
2016-03-12 17:10:24	AA0644D24DD488B1E1517189DD3DC00B	48640	----a-w-	C:\WINDOWS\System32\MosHostClient.dll
2016-03-12 17:10:24	A9B0C4D21059830FE0AD962F46010545	34304	----a-w-	C:\WINDOWS\System32\mapstoasttask.dll
2016-03-12 17:10:24	A971D150CD168A1F7BD775674896F02C	711680	----a-w-	C:\WINDOWS\System32\MapControlCore.dll
2016-03-12 17:10:24	A589CD44BDB433F727EE84792FCCF0C0	87040	----a-w-	C:\WINDOWS\System32\MapsBtSvc.dll
2016-03-12 17:10:24	A1EB9EF86954DF012BD3A48803DB36C8	6297088	----a-w-	C:\WINDOWS\System32\mos.dll
2016-03-12 17:10:24	9E84E013166E29FEA871E5E596BD52B5	151552	----a-w-	C:\WINDOWS\System32\KnobsCore.dll
2016-03-12 17:10:24	9C28941E2ECC65A9E20825F3659F1036	23776	----a-w-	C:\WINDOWS\System32\wuauclt.exe
2016-03-12 17:10:24	9ACCC0C1786391EF1FD1FAF12AE22801	340480	----a-w-	C:\WINDOWS\System32\PlayToDevice.dll
2016-03-12 17:10:24	993A4EE49BEE646566F80972E72B531D	116224	----a-w-	C:\WINDOWS\System32\dmcertinst.exe
2016-03-12 17:10:24	966DFA9D02276E67B3EBC0EC911E193B	438784	----a-w-	C:\WINDOWS\System32\Windows.Networking.UX.EapRequestHandler.dll
2016-03-12 17:10:24	907532FFDE2CB2F49B441880F035C967	120832	----a-w-	C:\WINDOWS\System32\provdatastore.dll
2016-03-12 17:10:24	8BAD6657817E0960C7CB6026323828A1	511320	----a-w-	C:\WINDOWS\System32\mf.dll
2016-03-12 17:10:24	7F64C196D3FA41C0F437A158FDEF7F50	800768	----a-w-	C:\WINDOWS\System32\JpMapControl.dll
2016-03-12 17:10:24	7CDF1630DCF7C9167E551874D18C3CE0	709120	----a-w-	C:\WINDOWS\System32\BingOnlineServices.dll
2016-03-12 17:10:24	794D6891102C4CA040C64CB76966CC58	1273728	----a-w-	C:\WINDOWS\System32\user32.dll
2016-03-12 17:10:24	76D352B877C990F96B7B85CA95C15BD3	608256	----a-w-	C:\WINDOWS\System32\MapsStore.dll
2016-03-12 17:10:24	6BECBA890B1AEB896C49C13E276FA8DD	80384	----a-w-	C:\WINDOWS\System32\SensorsNativeApi.V2.dll
2016-03-12 17:10:24	6AE2C3CFEA73E2D01CB1E00DBD1EC4A5	205824	----a-w-	C:\WINDOWS\System32\NmaDirect.dll
2016-03-12 17:10:24	69D01027783BCD13108501B147D923FA	43376	----a-w-	C:\WINDOWS\System32\SensorsUtilsV2.dll
2016-03-12 17:10:24	674333934AEF201C56419742CD86782B	973664	----a-w-	C:\WINDOWS\System32\LicenseManager.dll
2016-03-12 17:10:24	65E98344070A6C0B66ED476F735B14D3	59904	----a-w-	C:\WINDOWS\System32\EditBufferTestHook.dll
2016-03-12 17:10:24	65B18446114D3078A7ED997011E396CD	25088	----a-w-	C:\WINDOWS\System32\tetheringconfigsp.dll
2016-03-12 17:10:24	5C481928AA9636DA64AEB4443BA2AA69	135168	----a-w-	C:\WINDOWS\System32\provisioningcsp.dll
2016-03-12 17:10:24	53E2029302DA056DE856D4C662663B2B	10240	----a-w-	C:\WINDOWS\System32\Microsoft-Windows-MosTrace.dll
2016-03-12 17:10:24	4F5F1E4C323F6D40E1BB0CC0DC18CE0E	73728	----a-w-	C:\WINDOWS\System32\policymanagerprecheck.dll
2016-03-12 17:10:24	4F03BB612736C82CEEF37DB5417A6E99	89600	----a-w-	C:\WINDOWS\System32\win32k.sys
2016-03-12 17:10:24	4E5E9DF5290C7D41E3E7F57C1DAB616F	353792	----a-w-	C:\WINDOWS\System32\DscCore.dll
2016-03-12 17:10:24	4C85D9A9FD26D3F00BBF5D3F469F1800	241664	----a-w-	C:\WINDOWS\System32\cryptngc.dll
2016-03-12 17:10:24	4C27D0E3118F3C23335410C9E8FE00ED	240128	----a-w-	C:\WINDOWS\System32\SensorService.dll
2016-03-12 17:10:24	451356B814B46BB6582F307E24AA0863	9728	----a-w-	C:\WINDOWS\System32\Microsoft-Windows-MosHost.dll
2016-03-12 17:10:24	44EA232C4B4E9A24B68D8AD9BA363470	14848	----a-w-	C:\WINDOWS\System32\IcsEntitlementHost.exe
2016-03-12 17:10:24	3FF51A71289B43752061B6EC24B8045E	44032	----a-w-	C:\WINDOWS\System32\provtool.exe
2016-03-12 17:10:24	3FCEAC0D175851962F9CF797A370A14F	3072	----a-w-	C:\WINDOWS\System32\MapControlStringsRes.dll
2016-03-12 17:10:24	3DC2B14F0D9AB2358F1F99B75B4DA076	325120	----a-w-	C:\WINDOWS\System32\MusUpdateHandlers.dll
2016-03-12 17:10:24	39EE017547FA46BB17C5D5D4D4DE8CA8	51128	----a-w-	C:\WINDOWS\System32\SensorsNativeApi.dll
2016-03-12 17:10:24	38AE24B1BB6C1D67ED81E63951B781FC	144384	----a-w-	C:\WINDOWS\System32\wscsvc.dll
2016-03-12 17:10:24	330D8E185C902CC14AFB60F1FF80ECEC	10752	----a-w-	C:\WINDOWS\System32\MapsBtSvcProxy.dll
2016-03-12 17:10:24	31DE6A034E8BBA043CB2F4612033C12A	296488	----a-w-	C:\WINDOWS\System32\policymanager.dll
2016-03-12 17:10:24	2EECE39CDFFF244B2489FD8ACDC14D7A	517632	----a-w-	C:\WINDOWS\System32\PlayToManager.dll
2016-03-12 17:10:24	2DE2DAF437341AECB280DBFE88CBB581	346112	----a-w-	C:\WINDOWS\System32\MapConfiguration.dll
2016-03-12 17:10:24	262D880248233D3A96C15F7C7E1BAD21	58368	----a-w-	C:\WINDOWS\System32\MosResource.dll
2016-03-12 17:10:24	25274997B7249705C3D346B12964FFBB	50688	----a-w-	C:\WINDOWS\System32\moshost.dll
2016-03-12 17:10:24	231B2A35098FF389FF5D7DCC6B9A6E7A	122368	----a-w-	C:\WINDOWS\System32\omadmclient.exe
2016-03-12 17:10:24	220AC8BC8061A93A1A962CE8A4C4AB00	140800	----a-w-	C:\WINDOWS\System32\MusNotification.exe
2016-03-12 17:10:24	1C22BFBABCF389F2A985A32C01819467	5202944	----a-w-	C:\WINDOWS\System32\BingMaps.dll
2016-03-12 17:10:24	163520CFB807FF90F8E0605BDE52EFF7	48128	----a-w-	C:\WINDOWS\System32\MusNotificationUx.exe
2016-03-12 17:10:24	123BD3D4504BB548A823152EAC57DE00	32040	----a-w-	C:\WINDOWS\System32\mfpmp.exe
2016-03-12 17:10:24	104ED5E318C5EED6178BE9F4B4E1E5A2	4759040	----a-w-	C:\WINDOWS\System32\d2d1.dll
2016-03-12 17:10:24	0F95220B30A257B7C049C8E14B8DA245	74752	----a-w-	C:\WINDOWS\System32\MapsCSP.dll
2016-03-12 17:10:24	0D0D00B930014A3C2FB4BDCBF205598A	86016	----a-w-	C:\WINDOWS\System32\KnobsCsp.dll
2016-03-12 17:10:24	0B247775E6D85763E490BAE3B7CE0CB9	31232	----a-w-	C:\WINDOWS\System32\ztrace_maps.dll
2016-03-12 17:10:24	08560416CB05E037504E75C9FC9CFF35	118272	----a-w-	C:\WINDOWS\System32\provops.dll
2016-03-12 17:10:24	084BDCD719907E5B89F286238E0275E6	66560	----a-w-	C:\WINDOWS\System32\NFCProvisioningPlugin.dll
2016-03-12 17:10:24	002FEA8D8DAD387F4127846A36202E40	203264	----a-w-	C:\WINDOWS\System32\moshostcore.dll
2016-03-12 17:10:23	FAE7DA27029FDDA27375722B4DC387D7	138240	----a-w-	C:\WINDOWS\System32\ETWCoreUIComponentsResources.dll
2016-03-12 17:10:23	F7E43CE6745617BC3D61D4B3391C9F3A	66560	----a-w-	C:\WINDOWS\System32\tzautoupdate.dll
2016-03-12 17:10:23	F60E1993D8D8FD2E23516C1278B209C1	34304	----a-w-	C:\WINDOWS\System32\BackgroundTransferHost.exe
2016-03-12 17:10:23	F2D2E8091D0929884E6A86AFD9981E2F	2001408	----a-w-	C:\WINDOWS\System32\twinui.appcore.dll
2016-03-12 17:10:23	D51618B0CB2B51F7D9B8DEB38A454126	36352	----a-w-	C:\WINDOWS\System32\UIAutomationCoreRes.dll
2016-03-12 17:10:23	CBE2DFB96C188DC8913B0CCBFA50C2FF	1824264	----a-w-	C:\WINDOWS\System32\combase.dll
2016-03-12 17:10:23	B7B67257F01B0B814066F245DAD34367	93696	----a-w-	C:\WINDOWS\System32\winbio.dll
2016-03-12 17:10:23	A820BD54E6B4A68C6E4490EA23FA5650	1860096	----a-w-	C:\WINDOWS\System32\cdp.dll
2016-03-12 17:10:23	9FE071ED2AAE48A691D234E757297CF3	49152	----a-w-	C:\WINDOWS\System32\XblAuthTokenBrokerExt.dll
2016-03-12 17:10:23	9D0BD0FF21F86AE74245A50F657A9F77	382976	----a-w-	C:\WINDOWS\System32\wbiosrvc.dll
2016-03-12 17:10:23	973E60E30EA0364525DC5F359CB061EA	1552896	----a-w-	C:\WINDOWS\System32\wlidsvc.dll
2016-03-12 17:10:23	8FA6855FCD9F683BC6761B97F7F48408	13018624	----a-w-	C:\WINDOWS\System32\Windows.UI.Xaml.dll
2016-03-12 17:10:23	8A4FB745E66D5184DA2FD31735259EDB	299008	----a-w-	C:\WINDOWS\System32\microsoft-windows-system-events.dll
2016-03-12 17:10:23	847B31F89A3009D5D851479224B7579A	2680320	----a-w-	C:\WINDOWS\System32\msftedit.dll
2016-03-12 17:10:23	7E346926E807146BBDC024CF3A65C90C	727752	----a-w-	C:\WINDOWS\System32\dcomp.dll
2016-03-12 17:10:23	7A395D7F908257D298DDC8A190FBD1A0	1087488	----a-w-	C:\WINDOWS\System32\lsasrv.dll
2016-03-12 17:10:23	761E6E736B47DA42D74227A26F658108	100864	----a-w-	C:\WINDOWS\System32\offlinelsa.dll
2016-03-12 17:10:23	6F9FEEB36510524C956E6E8D987CB1D5	1696176	----a-w-	C:\WINDOWS\System32\WMALFXGFXDSP.dll
2016-03-12 17:10:23	6EB3A9117D1849AE452110A2C66CC411	820704	----a-w-	C:\WINDOWS\System32\WinTypes.dll
2016-03-12 17:10:23	626E736B04150EC59601D2D3EEFEDA6D	123392	----a-w-	C:\WINDOWS\System32\ProximityCommon.dll
2016-03-12 17:10:23	5A3BD4FC0B9240B831B6C1D994521B71	204800	----a-w-	C:\WINDOWS\System32\Microsoft-Windows-AppModelExecEvents.dll
2016-03-12 17:10:23	59ED6F0C5F7AE0311EFB5C57925F02C9	233984	----a-w-	C:\WINDOWS\System32\facecredentialprovider.dll
2016-03-12 17:10:23	588E4109C8A78BC211AC1D5756652A67	1139200	----a-w-	C:\WINDOWS\System32\UIAutomationCore.dll
2016-03-12 17:10:23	53F74B2F4AEA9C6A7BB9DABDCC3C7431	613888	----a-w-	C:\WINDOWS\System32\winhttp.dll
2016-03-12 17:10:23	52838DDB3B20C7330A30D89509A93B55	1268736	----a-w-	C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
2016-03-12 17:10:23	4A2AD2C3B186FFE8EFE4DC7AB492F73E	79360	----a-w-	C:\WINDOWS\System32\winhttpcom.dll
2016-03-12 17:10:23	35383CA7169E12D885B9B553F59E3154	41984	----a-w-	C:\WINDOWS\System32\XblAuthManagerProxy.dll
2016-03-12 17:10:23	2B6C84CF3AE5E1CEE5C763115DAF5FB4	389120	----a-w-	C:\WINDOWS\System32\schannel.dll
2016-03-12 17:10:23	0B8C82099C16CC3AF45ABBE9BADC0B0C	498176	----a-w-	C:\WINDOWS\System32\MessagingDataModel2.dll
2016-03-12 17:10:23	00ECC00ED8713D7FDE30323237C5CAEF	792064	----a-w-	C:\WINDOWS\System32\kerberos.dll
2016-03-12 17:06:12	6596D09D8D33EEF79F41C3814E571B03	9482240	----a-w-	C:\WINDOWS\System32\prm0013.dll
2016-03-12 17:05:40	A79C23AB26A57CCD461170B7C6DBD517	871500	----a-w-	C:\WINDOWS\System32\perfh013.dat
2016-03-12 17:05:40	88361FF7E914089E7D55A16669A0050D	45378	----a-w-	C:\WINDOWS\System32\perfd013.dat
2016-03-12 17:05:40	2CB53C6D74DEEB3796BFBE8EB78162A9	177852	----a-w-	C:\WINDOWS\System32\perfc013.dat
2016-03-12 17:05:40	19634DCD3D06284686C8804F903478FF	347468	----a-w-	C:\WINDOWS\System32\perfi013.dat
2016-03-12 16:56:09	F432E0E5B0958F4982D40EB622FBD7FC	35480	----a-w-	C:\WINDOWS\System32\TsWpfWrp.exe
2016-03-12 16:56:09	BF9CAA33ADD4C21C118148B5CFC5494B	778936	----a-w-	C:\WINDOWS\System32\PresentationNative_v0300.dll
2016-03-12 16:56:09	6F391E9286733CC6B34FC0FAB23B8DF3	103120	----a-w-	C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2016-03-12 08:23:09	D773911A06564DFDF6CA97CE37C23797	2028680	----a-w-	C:\WINDOWS\System32\PerfStringBackup.INI
2016-03-12 08:17:38	E4CEFBD9689F5D8B17F1C98246549F47	342264	----a-w-	C:\WINDOWS\System32\FNTCACHE.DAT
====== C:\WINDOWS\system32\drivers =====
2016-03-13 08:04:52	E2694D5287C7725C4386C16811AFD21B	1714016	----a-w-	C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-03-13 08:04:48	49EBEFD579621241A7EDF0C6E1C224C6	1820512	----a-w-	C:\WINDOWS\System32\drivers\ntfs.sys
2016-03-13 08:04:35	1A2AB5A56349E324742FA7E2B0715366	482656	----a-w-	C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-03-13 08:04:24	89A56A86A03414C8ED5A96A52C3BA7B2	381280	----a-w-	C:\WINDOWS\System32\drivers\mrxsmb.sys
2016-03-13 08:04:22	874BC1D8BECF25FB5DAD6359899FB7C2	335712	----a-w-	C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-03-13 08:04:20	2423043FACA29FD128F7E06FDF40DE93	201216	----a-w-	C:\WINDOWS\System32\drivers\xboxgip.sys
2016-03-13 08:04:18	C52523875786AADA77E2A9FEE4412900	462688	----a-w-	C:\WINDOWS\System32\drivers\acpi.sys
2016-03-13 08:04:18	6487AA88CAF7189954504CEE6DDD59F2	228704	----a-w-	C:\WINDOWS\System32\drivers\sdbus.sys
2016-03-13 08:04:16	F6BB5169797D0FFE570388AEA6DCD60E	153952	----a-w-	C:\WINDOWS\System32\drivers\dumpsd.sys
2016-03-13 08:04:16	BC689AD98B66EABDA483CCE6813EA7F9	124256	----a-w-	C:\WINDOWS\System32\drivers\appid.sys
2016-03-13 08:04:15	B19EB766868E8462DF6BC2EC41DA8C62	94208	----a-w-	C:\WINDOWS\System32\drivers\bridge.sys
2016-03-13 08:04:15	9A9AC491BA9AA3AA18F6AAFE1DBE99EF	21504	----a-w-	C:\WINDOWS\System32\drivers\xinputhid.sys
2016-03-13 08:04:12	B2292997F9B42CF0BADE30F455358B29	233984	----a-w-	C:\WINDOWS\System32\drivers\mrxsmb10.sys
2016-03-13 08:04:11	F4CBC1587417F631BBDF941E19255478	107872	----a-w-	C:\WINDOWS\System32\drivers\USBSTOR.SYS
2016-03-13 08:04:07	365593C4BAAB2534377FC56F2E6AC479	429920	----a-w-	C:\WINDOWS\System32\drivers\USBHUB3.SYS
2016-03-13 08:04:05	D49CBC052916F95D184713CA6FC37C5C	80896	----a-w-	C:\WINDOWS\System32\drivers\rasl2tp.sys
2016-03-12 17:10:36	1683BCB69B9950CD8C97865F3EC6781E	95072	----a-w-	C:\WINDOWS\System32\drivers\tdx.sys
2016-03-12 17:10:36	0E423A5854E1265F3B6D27332601355F	471392	----a-w-	C:\WINDOWS\System32\drivers\afd.sys
2016-03-12 17:10:29	D0D7E162E702F4790A6EA4C0C1102258	771424	----a-w-	C:\WINDOWS\System32\drivers\http.sys
2016-03-12 17:10:29	9E649CA7603DFE8ABB69568524A616BF	30048	----a-w-	C:\WINDOWS\System32\drivers\wimmount.sys
2016-03-12 17:10:29	6434A57F79DFCE27F6AB73CB074910E2	121856	----a-w-	C:\WINDOWS\System32\drivers\rmcast.sys
2016-03-12 17:10:29	5865C9FCFB7A2175CD21270A785DFBB5	125952	----a-w-	C:\WINDOWS\System32\drivers\mrxdav.sys
2016-03-12 17:10:23	BE2A61419D971AC8A3C00E027E1FC43F	48640	----a-w-	C:\WINDOWS\System32\drivers\usbser.sys
2016-03-12 17:10:23	7D30C95B11EE389E962DD04C60C2D270	504624	----a-w-	C:\WINDOWS\System32\drivers\cng.sys
2016-03-12 17:10:23	6A813C491F74C68F518E7968CFE1D771	139616	----a-w-	C:\WINDOWS\System32\drivers\ksecpkg.sys
2016-03-12 17:10:23	57A7585BB9952E90C4A791833EB31B99	76128	----a-w-	C:\WINDOWS\System32\drivers\sdstor.sys
2016-03-12 17:10:23	53453E09F6A80A5019E93792F3E0BC04	96768	----a-w-	C:\WINDOWS\System32\drivers\capimg.sys
2016-03-12 08:20:05	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
====== C:\WINDOWS\Tasks ======
2016-03-16 07:27:10	--------	d-----w-	C:\WINDOWS\system32\Tasks\TweakBit
2016-03-11 13:39:43	EB39BA82ABE97DBC1F30A3EDAB8B37A5	2604	----a-w-	C:\WINDOWS\system32\Tasks\Start WinZip Driver Updater Schedule
2016-03-11 13:39:43	AD141F2BAB692EB3597338C0AD540EC3	2644	----a-w-	C:\WINDOWS\system32\Tasks\Start WinZip Driver Updater Update
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-03-20 08:29:39	--------	d-----w-	C:\Program Files\trend micro
2016-03-12 16:56:50	--------	d---a-w-	C:\Program Files\MSBuild
2016-03-12 16:56:50	--------	d-----w-	C:\Program Files\Reference Assemblies
2016-03-12 08:27:51	--------	d-----w-	C:\Program Files\Common Files\SpeechEngines
2016-03-12 08:20:10	--------	d-----w-	C:\Program Files\Realtek
2016-03-12 08:19:41	--------	d-----w-	C:\Program Files\Synaptics
2016-03-03 07:49:11	--------	d-----w-	C:\Program Files\TweakBit
======= C: =====
====== C:\Users\Spirit\AppData\Roaming ======
2016-03-13 09:59:07	--------	d-----w-	C:\WINDOWS\system32\config\systemprofile\AppData\Local\DataSharing
2016-03-12 16:59:45	--------	d-----w-	C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft
2016-03-12 08:52:37	--------	d-----w-	C:\WINDOWS\system32\config\systemprofile\AppData\Local\PeerDistRepub
2016-03-12 08:41:59	--------	d-----w-	C:\WINDOWS\system32\config\systemprofile\AppData\Local\Packages
2016-03-12 08:34:02	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2016-03-12 08:34:02	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2016-03-12 08:34:02	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2016-03-12 08:34:02	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2016-03-12 08:24:24	--------	d-s---r-	C:\Users\Spirit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-03-12 08:24:24	--------	d-----w-	C:\Users\Spirit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-03-12 08:24:24	--------	d-----w-	C:\Users\Spirit\AppData\Roaming
2016-03-12 08:24:24	--------	d-----w-	C:\Users\Spirit\AppData\Local\Temp
2016-03-12 08:24:24	--------	d-----w-	C:\Users\Spirit\AppData\Local\Microsoft
2016-03-12 08:24:24	--------	d-----w-	C:\Users\Spirit\AppData\Local
2016-03-12 08:24:24	--------	d-----r-	C:\Users\Spirit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-03-12 08:24:24	--------	d-----r-	C:\Users\Spirit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-03-12 08:24:24	--------	d-----r-	C:\Users\Spirit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-03-12 08:24:24	--------	d-----r-	C:\Users\Spirit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-03-12 08:24:22	--------	d-s---r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-03-12 08:24:22	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-03-12 08:24:22	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-03-12 08:24:22	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Roaming
2016-03-12 08:24:22	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Temp
2016-03-12 08:24:22	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local\Microsoft
2016-03-12 08:24:22	--------	d-----w-	C:\Users\DefaultAppPool\AppData\Local
2016-03-12 08:24:22	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-03-12 08:24:22	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-03-12 08:24:22	--------	d-----r-	C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-03-12 08:18:27	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache
2016-03-12 08:17:56	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming
2016-03-12 08:17:56	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp
2016-03-12 08:17:52	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming
2016-03-12 08:17:52	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp
2016-03-12 08:17:52	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft
2016-03-12 08:17:52	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local
====== C:\Users\Spirit ======
2016-03-20 08:32:18	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Spirit\Downloads\RSIT(1).exe
2016-03-20 08:29:21	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Spirit\Downloads\RSIT.exe
2016-03-12 08:46:59	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Spirit\ntuser.ini
2016-03-12 08:24:24	--------	d--h--w-	C:\Users\Spirit\AppData
2016-03-12 08:24:22	--------	d--h--w-	C:\Users\DefaultAppPool\AppData
2016-03-12 08:23:23	F01787AEDE49CA97B33787F1CFE317A8	196608	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak
2016-03-12 08:23:23	86ABDF0200788BD79B7271E02A465A90	4194304	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin
2016-03-12 08:18:31	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2016-03-12 08:17:56	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\Saved Games
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Videos
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Pictures
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Music
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Links
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Favorites
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Downloads
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Documents
2016-03-12 08:17:56	--------	d-----r-	C:\WINDOWS\serviceprofiles\Localservice\Desktop
2016-03-12 08:17:52	--------	d--h--w-	C:\WINDOWS\serviceprofiles\networkservice\AppData
2016-03-12 08:17:52	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\Saved Games
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Videos
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Pictures
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Music
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Links
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Favorites
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Downloads
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Documents
2016-03-12 08:17:52	--------	d-----r-	C:\WINDOWS\serviceprofiles\networkservice\Desktop
2016-03-11 13:39:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-03-11 13:39:29	--------	d-----w-	C:\ProgramData\WinZip
2016-03-11 13:39:05	C88FF17D0AF4A0BAD05F5A578ADB7F22	4748384	----a-w-	C:\Users\Spirit\Downloads\wzdu32.exe
2016-03-03 07:49:20	--------	d-----w-	C:\ProgramData\TweakBit
2016-03-03 07:49:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit

====== C: exe-files ==
2016-03-20 08:32:18	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Spirit\Downloads\RSIT(1).exe
2016-03-20 08:29:39	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Spirit.exe
2016-03-20 08:29:21	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Spirit\Downloads\RSIT.exe
2016-03-17 11:20:33	58E08D1BFE49158D1D87980687F6A7AB	120000	----a-w-	C:\Users\Spirit\AppData\Local\Temp\175B1A14-097F-4E13-91A0-584E52843A2B\DismHost.exe
2016-03-14 09:19:52	58E08D1BFE49158D1D87980687F6A7AB	120000	----a-w-	C:\Users\Spirit\AppData\Local\Temp\0189E8BF-9148-4D2A-ABC7-F01BFA720B5C\DismHost.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1562041459-4216995153-4248193827-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo\Program Files\Yahoo\Messenger\YahooMessenger.exe -quiet"
"ISUSPM Startup"="c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe -startup"
"OneDrive"="C:\Users\Spirit\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"AmIcoSinglun"="C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Messenger (Yahoo\Program Files\Yahoo\Messenger\YahooMessenger.exe -quiet"
"ISUSPM Startup"="c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe -startup"
"OneDrive"="C:\Users\Spirit\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-03-2016 08:46]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\system32\tasks\DriverWhiz_RebootScan" [C:\Program Files\DriverWhiz\DriverWhiz.exe]
"C:\WINDOWS\system32\tasks\KMSAuto" [C:\Program Files\KMSAutoS\KMSAutoXP.exe]
"C:\WINDOWS\system32\tasks\Start WinZip Driver Updater Schedule" [C:\Program Files\WinZip Driver Updater\DriverUpdater.exe]
"C:\WINDOWS\system32\tasks\Start WinZip Driver Updater Update" [C:\Program Files\WinZip Driver Updater\DriverUpdater.exe]
"C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\WINDOWS\system32\tasks\TweakBit\FixMyPC\Time for deal" [C:\Program Files\TweakBit\FixMyPC\FixMyPC.exe]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Spirit\AppData\Roaming\Mozilla\Firefox\Profiles\rvtg7qt6.default-1456565733779
999A833D87C8CD918B5EE8C3F8149D2B	- C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll -	Adobe Acrobat
C2D756C95D5AE3D030E7D394B9C771B9	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
F627791AB91E01A9829A8D9B6E024D52	- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_182.dll -	Shockwave Flash


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Driver Updater deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype deleted successfully

==== Empty IE Cache ======================

C:\Users\Spirit\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Spirit\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Spirit\AppData\Local\Mozilla\Firefox\Profiles\rvtg7qt6.default-1456565733779\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=90 folders=7 23520757 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Spirit\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 20-03-2016 at 10:39:12,39 ======================