Zoek.exe v5.0.0.1 Updated 14-October-2015
Tool run by Jan on do 15-10-2015 at 15:55:53,61.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jan\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

15-10-2015 15:58:56 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\Program Files\Symantec deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Jan\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jan\AppData\Local\EmieUserList deleted successfully
C:\Users\Jan\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1013068887-1341096901-2197712401-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\ParetoLogic deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\WINDOWS\Syswow64\Windows.Devices.Midi.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Devices.WiFi.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Gaming.Input.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Media.FaceAnalysis.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Import.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Media.MediaControl.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Speech.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Speech.UXRes.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Streaming.ps.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.Networking.Connectivity.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.UI.Immersive.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.UI.Input.Inking.dll" not deleted
"C:\WINDOWS\Syswow64\Windows.UI.Xaml.Maps.dll" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-10-11 11:56:10	FD405AB571CF124CF60A9EA2B957FDC9	14259	----a-w-	C:\WINDOWS\diagerr.xml
2015-10-11 11:56:10	70757BB715401D58378CEFA1164902C8	13338	----a-w-	C:\WINDOWS\diagwrn.xml
====== C:\Users\Jan\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-10-11 14:14:09	967596AE692AD8548BB12F7C3ABA4D07	69120	----a-w-	C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-11 14:14:08	3AAE78433AADAAFBAE069F0748C40826	1151840	----a-w-	C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-11 14:14:08	306EBB85E9395ECB14F22B6923479186	296944	----a-w-	C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-11 14:14:07	972F7163B1755AC29B5257C4E6DD36E0	194368	----a-w-	C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-11 14:14:07	7E3E46AD80A07296A67AF6F4DB21FBF7	39424	----a-w-	C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-11 14:14:04	6671D7581741D12BBAE616BED95996D3	169368	----a-w-	C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-11 14:14:04	3FE8FDBDAE2FC3B8E5FB4DA051720AC7	1768432	----a-w-	C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-11 14:14:04	13D24BC57419FA9319234B82DF5DB571	163840	----a-w-	C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-11 14:14:02	F6BC6D8B9292A0B0AC92797F130DA2B2	1793024	----a-w-	C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-11 14:14:02	B50515DDF73FDACA20C37E6DFB97A41F	378824	----a-w-	C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-11 14:14:01	4AAB380D69340D9BD9B940309BBB96E7	17846272	----a-w-	C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-11 14:14:01	352D352E2D3165B495FC29B932FA74F5	329216	----a-w-	C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-11 14:14:01	25D20E2E2B47907D14C71ABA73A1E8F2	194560	----a-w-	C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-11 14:14:01	2140A60B4638D1E24577CE26FC690F17	154096	----a-w-	C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-11 14:14:00	E743FA2577BB1CFA991998BC9CCF73A1	6513648	----a-w-	C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-11 14:14:00	A142B747D440DA117474B0C3805CA188	11905432	----a-w-	C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-11 13:30:34	776339B81E632F579AB1EC6EE503A9C0	58368	----a-w-	C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-11 13:30:33	F4E25F21AC509AEE3617E9DBA086318E	434376	----a-w-	C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-11 13:30:33	F38B52333E0C93A1C55323719103783B	1357888	----a-w-	C:\WINDOWS\SysWOW64\winmde.dll
2015-10-11 13:30:33	F28E047EF8A68C586F177A3DD625831C	3579904	----a-w-	C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-11 13:30:33	EB7E8B15015C784D8852292206EF1461	1918464	----a-w-	C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-11 13:30:33	E856065895D1133F5457BCDB4452A8D3	74880	----a-w-	C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-11 13:30:33	BE36E4024EABE75FEF529553E023AEF8	646672	----a-w-	C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-11 13:30:33	A66B5D22B883373A44764C003078A828	2646528	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-11 13:30:33	9E8E29389AD2E2C31E65400C5BBC06EC	574464	----a-w-	C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-11 13:30:33	99CEBD54809E76C9CD1839B0492CCF5E	1895568	----a-w-	C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-11 13:30:33	8E2D23AB73A5276FC7CDE134B06F0C03	5454848	----a-w-	C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-11 13:30:33	80D2AE15F53154CEE71C9E3C131FBB9B	407608	----a-w-	C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-11 13:30:33	638747E5050BEB4F5DF9DDE8AC418296	473088	----a-w-	C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-11 13:30:33	5780FAC582AF72AF39D461336E23D39C	18806272	----a-w-	C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-11 13:30:33	53FC0EFBE44591CA16BE1A4309F689DC	253440	----a-w-	C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-11 13:30:33	2570B5FA73B119C16E0E721265126C3A	2446648	----a-w-	C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-11 13:30:33	19DFBB25AB67A2F4D23F08A7D765E802	2154808	----a-w-	C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-11 13:30:33	00A63F21DCEF7D6D58BB73C594C6C75F	19325440	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-11 13:30:33	001D3D691DD268165A3EE49C69078054	658528	----a-w-	C:\WINDOWS\SysWOW64\mfds.dll
2015-10-11 13:30:22	FFCE532A61DD7518BE997267940D7AE4	466432	----a-w-	C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-11 13:30:22	FB3B46B0FFCEDEED7BB5E74D82895118	1171456	----a-w-	C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-11 13:30:22	F69835A120E9627327ECE984D2AC87EA	828928	----a-w-	C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-11 13:30:22	F65307E09D4807EDE95D1016CAF42DAD	587264	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-11 13:30:22	F2BCE0CF75943E18852148B2875F632B	41472	----a-w-	C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-11 13:30:22	EE8FDC90138DD93AA6B1ECA831D9D3CE	1162240	----a-w-	C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-11 13:30:22	E0F11A1D1C7482BBD76448E6FD3AA327	454512	----a-w-	C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-11 13:30:22	E03EC1BA7B6061620367F19249705D1F	625152	----a-w-	C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-11 13:30:22	DFAE92F5EF58FF29E81D951B2BDF45B8	1104384	----a-w-	C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-11 13:30:22	DC7C56F01B96CA5FDB99D241D4E067FC	311808	----a-w-	C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-11 13:30:22	DBAAA86B138D2F8B7EDF7A3ED7ADF8B3	557568	----a-w-	C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-11 13:30:22	DAFFF5B7F43F88907A21996E71812D0C	764416	----a-w-	C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-11 13:30:22	D124F89BBDCFC24A04F159D913852DDC	701952	----a-w-	C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-11 13:30:22	D0A5D8270FF8606D2B445C4359A8FCEB	328704	----a-w-	C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-11 13:30:22	C637D94084069A10759E53F79D5DC4C5	899584	----a-w-	C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-11 13:30:22	C5FBD8DDCD35F7F1242F3587681A2654	193024	----a-w-	C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-11 13:30:22	C45DE57A004A5BD637923BB2EF410E19	131072	----a-w-	C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-11 13:30:22	BCCB55B18CE7054BA288FFEB27BA6F54	1766952	----a-w-	C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-11 13:30:22	A5F48E7E55B076996B67F8F32C9D6D33	2639872	----a-w-	C:\WINDOWS\SysWOW64\esent.dll
2015-10-11 13:30:22	96CC96E8D16E315148047DFEB31EEEE9	13027840	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-11 13:30:22	8B4E59B0B71ECE3CF6234DFAAE0A05DF	172032	----a-w-	C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-11 13:30:22	807178C85CF6375FAB2FE42395FE94D7	677888	----a-w-	C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-11 13:30:22	78FBC37D02A39402B685B7E95A83EFE8	428128	----a-w-	C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-11 13:30:22	73FC0143E518D8DB7AFE9675F4AF8063	2207232	----a-w-	C:\WINDOWS\SysWOW64\wininet.dll
2015-10-11 13:30:22	6FA73C45D51E7909C68FE5A113D5585F	928256	----a-w-	C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-11 13:30:22	6C8012BEB3FF973020E9429CBB6C1696	195584	----a-w-	C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-11 13:30:22	6740B4C8B8B3474F086B8AEBDE4861D8	217088	----a-w-	C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-11 13:30:22	63900F897A025DDFE83737A260C250A5	371712	----a-w-	C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-11 13:30:22	60242DBD3FCFA6D4163B6C29D76295B7	336384	----a-w-	C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-11 13:30:22	54DB5459A808BB03FDEA98325530B946	145920	----a-w-	C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-11 13:30:22	535DCD92E0C7D52A0F1237AF3DCFAAA9	613376	----a-w-	C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-11 13:30:22	4B5286A021D8CA64BABB07D7B9739AF4	512000	----a-w-	C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-11 13:30:22	47F3B89782076037F328AEC18245D4B1	962400	----a-w-	C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-11 13:30:22	3C9FDBB0963B18C9D60B54F8AF81DF11	268800	----a-w-	C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-11 13:30:22	399BED6CD8A3AA7C7CF48A8E55FB4463	579584	----a-w-	C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-11 13:30:22	3277E503E6EA72D19CDC16501FD151BA	5120056	----a-w-	C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-11 13:30:22	2DA15A53E965A27A3D5CF99E3CCC430A	6101504	----a-w-	C:\WINDOWS\SysWOW64\mos.dll
2015-10-11 13:30:22	258A4F9A2C91C6C6E36775CDCCB4AFE1	441168	----a-w-	C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-11 13:30:22	1BFDE0B4AC3E0EB180FBC32A22B8A8B4	464896	----a-w-	C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-11 13:30:22	1B102F53BD7209D712BBE96E9FAA32CA	313856	----a-w-	C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-11 13:30:22	1A917EA73F9B46F31F8E0BA3B44FDD8F	525312	----a-w-	C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-11 13:30:22	1253135EC3029F79601EDCFF55ADC9FC	508248	----a-w-	C:\WINDOWS\SysWOW64\mf.dll
2015-10-11 13:30:22	08D6065A1D6D007C77A688271D915B00	5079552	----a-w-	C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-11 13:30:22	037908D9C8C689490978BFF72532A361	195072	----a-w-	C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-11 13:30:22	00682184457B97EDA4C0C157331A7495	454656	----a-w-	C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-11 13:21:55	BBAFB371A898A008FE059C963877FE05	35480	----a-w-	C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-11 13:21:55	248647FBD0CE51A64F41A1A78401D35D	102608	----a-w-	C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-11 13:21:55	04BEE8994F090D2ED2A761065A30174F	778936	----a-w-	C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-11 12:43:40	570832958FCE670101E3E21407F69556	2029448	----a-w-	C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-11 12:41:15	967596AE692AD8548BB12F7C3ABA4D07	69120	----a-w-	C:\WINDOWS\SysWOW64\OpenCL.DLL
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-10-15 13:46:11	7EA8F68FA54D365F7505C11742890093	16148	----a-w-	C:\WINDOWS\Sysnative\JAN-PC_Jan_HistoryPrediction.bin
2015-10-11 14:14:19	E811CF6785B9F5B1B39BEE6AC777D7E0	151668	----a-w-	C:\WINDOWS\Sysnative\resNOR.cui
2015-10-11 14:14:19	E1E0E0BB95FF2AAA70BDE73E0AC6D754	154372	----a-w-	C:\WINDOWS\Sysnative\resPTB.cui
2015-10-11 14:14:19	BCACA5740008D5D18C5C9FF5518BA9AE	152644	----a-w-	C:\WINDOWS\Sysnative\resSLV.cui
2015-10-11 14:14:19	B5262B7F195E042994AC765BA17FFD13	154084	----a-w-	C:\WINDOWS\Sysnative\resPTG.cui
2015-10-11 14:14:19	6E1B2C41694FCD7F931467B04BF1E7E2	177300	----a-w-	C:\WINDOWS\Sysnative\resRUS.cui
2015-10-11 14:14:19	6C94A4F3BB7D61FFBF3F7BA0988F4F12	154980	----a-w-	C:\WINDOWS\Sysnative\resNLD.cui
2015-10-11 14:14:19	68E449B116F545379BB8F760F97D37DB	155268	----a-w-	C:\WINDOWS\Sysnative\resPLK.cui
2015-10-11 14:14:19	687C8BCEC0A2839B94AA9CADF9386C7F	154260	----a-w-	C:\WINDOWS\Sysnative\resTRK.cui
2015-10-11 14:14:19	4ED203BBF70B9B381DADD172288CF752	188884	----a-w-	C:\WINDOWS\Sysnative\resTHA.cui
2015-10-11 14:14:19	2EE31B1B1552BAAC82F140D3E44E328D	152772	----a-w-	C:\WINDOWS\Sysnative\resSVE.cui
2015-10-11 14:14:19	2B3C4458572EC6FF30F0CC4D313BAF70	155172	----a-w-	C:\WINDOWS\Sysnative\resSKY.cui
2015-10-11 14:14:19	1DCCE2BED64ECC023514872D8EFDDFB4	155828	----a-w-	C:\WINDOWS\Sysnative\resROM.cui
2015-10-11 14:14:18	FA094411B391341B74F4A28EA086217C	155988	----a-w-	C:\WINDOWS\Sysnative\resITA.cui
2015-10-11 14:14:18	EC131C31B3C02D5A8D855990B2985AD4	156100	----a-w-	C:\WINDOWS\Sysnative\resKOR.cui
2015-10-11 14:14:18	D2EFA7145A49FC80CD783E3CF0C6A026	153236	----a-w-	C:\WINDOWS\Sysnative\resHRV.cui
2015-10-11 14:14:18	BB525F4CB1948699A25F587284515F1C	157844	----a-w-	C:\WINDOWS\Sysnative\resFRA.cui
2015-10-11 14:14:18	9FE05A8015EB2F7B30935D94854651EA	181524	----a-w-	C:\WINDOWS\Sysnative\resELL.cui
2015-10-11 14:14:18	93DC6D2CF5D8FDA2100422FF6B23FD03	156020	----a-w-	C:\WINDOWS\Sysnative\resDEU.cui
2015-10-11 14:14:18	7FFCD944762F4F9431E89D9D11E23BA3	155716	----a-w-	C:\WINDOWS\Sysnative\resESN.cui
2015-10-11 14:14:18	76DE8E73B23EECFFC5CF6EEB5B745960	151156	----a-w-	C:\WINDOWS\Sysnative\resDAN.cui
2015-10-11 14:14:18	5AD19B16354874D5012FDC66B53DBE30	149812	----a-w-	C:\WINDOWS\Sysnative\resENU.cui
2015-10-11 14:14:18	5A6A786EA2FDC5044F7D5A6E775AFDBC	157860	----a-w-	C:\WINDOWS\Sysnative\resHUN.cui
2015-10-11 14:14:18	49C8874D74B344649B91F699B7548F55	162500	----a-w-	C:\WINDOWS\Sysnative\resHEB.cui
2015-10-11 14:14:18	3D4F512CA3A3855C5076BC557D08FA69	153620	----a-w-	C:\WINDOWS\Sysnative\resFIN.cui
2015-10-11 14:14:18	118FB7374413A6EE9D15740CF51E9749	162484	----a-w-	C:\WINDOWS\Sysnative\resJPN.cui
2015-10-11 14:14:17	FA31C9FD17B1377E7119B32AF573E6E4	154212	----a-w-	C:\WINDOWS\Sysnative\resCSY.cui
2015-10-11 14:14:17	78395CF28563D494692822F59662939A	147188	----a-w-	C:\WINDOWS\Sysnative\resCHS.cui
2015-10-11 14:14:17	763BC86AAD72AF912379344B2247FCEF	163044	----a-w-	C:\WINDOWS\Sysnative\resARA.cui
2015-10-11 14:14:17	6257ECD4C8BF44EDB8D6760C443BCD7A	148052	----a-w-	C:\WINDOWS\Sysnative\resCHT.cui
2015-10-11 14:14:09	F670F1D48C303181BB8EC5341B6DA79D	143368	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiMCUMD64.dll
2015-10-11 14:14:09	E2A042032FAECB04477D8235FD1181FF	72704	----a-w-	C:\WINDOWS\Sysnative\Intel_OpenCL_ICD64.dll
2015-10-11 14:14:09	D1920675E89BE2CB7CFB72746E305207	109064	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiLogServer64.dll
2015-10-11 14:14:09	CDA48D199EF24D2D4AD17B4628CDC586	866824	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiWinNextAgent64.dll
2015-10-11 14:14:09	7C262180C63630EB2ABAA13F511BEA75	225288	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiUtils64.dll
2015-10-11 14:14:09	76941AB5D961045AB9C59FC90B31E7F1	192520	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiDDEAgent64.dll
2015-10-11 14:14:09	58798EACDE45851955E1CCF5DE977A21	4025864	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiAAC64.dll
2015-10-11 14:14:09	519C59B4584CD43FE219EAC87AA061FA	661000	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiAudioFilter64.dll
2015-10-11 14:14:09	431C877637CD364CB2DE613F29E2E311	617992	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiMux64.dll
2015-10-11 14:14:09	36CD3E7881A7237B3C73711D7DB143B9	357912	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiSilenceFilter64.dll
2015-10-11 14:14:09	3242B4108A74AC15466C4BC445AC8DAE	444832	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiUMS64.exe
2015-10-11 14:14:09	196558F76F0C103D121AD0BDF5687499	1470472	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiSecureSourceFilter64.dll
2015-10-11 14:14:09	11CF5A909468A33C0BB2C586B54E4B0A	2506960	----a-w-	C:\WINDOWS\Sysnative\IntelWiDiVAD64.exe
2015-10-11 14:14:08	FDBFA545B0C37B2B1081BD93236BF64C	216552	----a-w-	C:\WINDOWS\Sysnative\igfxCoIn_v4276.dll
2015-10-11 14:14:08	CA444E453794F1CB237DEA151CAF6F42	2560	----a-w-	C:\WINDOWS\Sysnative\iglhxs64.vp
2015-10-11 14:14:08	9C7CE247AA27168E6BD50B4E0E310A8F	387056	----a-w-	C:\WINDOWS\Sysnative\IntelOpenCL64.dll
2015-10-11 14:14:08	0C92241747B74D28080688B2D703E183	1156000	----a-w-	C:\WINDOWS\Sysnative\iglhsip64.dll
2015-10-11 14:14:07	CFF7C1F481F3C12204573C8CE929FB6B	13824	----a-w-	C:\WINDOWS\Sysnative\igfxLHMLib.dll
2015-10-11 14:14:07	9EF3A2FE5326AC156D8342F9152958DF	229664	----a-w-	C:\WINDOWS\Sysnative\iglhcp64.dll
2015-10-11 14:14:07	7F615D15E70C6C659889F8F1F8D19F93	15344	----a-w-	C:\WINDOWS\Sysnative\igfxLHMLibv2_0.dll
2015-10-11 14:14:07	279C9A69A1944E43230D077AF92E88FD	394224	----a-w-	C:\WINDOWS\Sysnative\igfxOSP.dll
2015-10-11 14:14:07	026A69DF5B0324E289F8D967E40BB810	205728	----a-w-	C:\WINDOWS\Sysnative\igfxext.exe
2015-10-11 14:14:06	ADB6B944A11A99D96205A26C2CFE4D03	230384	----a-w-	C:\WINDOWS\Sysnative\igfxDTCM.dll
2015-10-11 14:14:06	6CF545E42FB2D84E7E5F6ACFADE7CE58	18944	----a-w-	C:\WINDOWS\Sysnative\igfxDILibv2_0.dll
2015-10-11 14:14:06	53CD37E04AF9BEFC1D706D865DE1BD17	18944	----a-w-	C:\WINDOWS\Sysnative\igfxEMLib.dll
2015-10-11 14:14:06	41DC1B2CCF70C770C34A5BB43EFB92D9	18944	----a-w-	C:\WINDOWS\Sysnative\igfxEMLibv2_0.dll
2015-10-11 14:14:05	9DD798A18589C37FED5519B878BB5C7B	96752	----a-w-	C:\WINDOWS\Sysnative\igfxCUIServicePS.dll
2015-10-11 14:14:05	358D7320BF311585831BF996CB35A0E8	20976	----a-w-	C:\WINDOWS\Sysnative\igfxDILib.dll
2015-10-11 14:14:05	356D1292DF64F480BEE5F34FAAF41059	78336	----a-w-	C:\WINDOWS\Sysnative\igfxDHLibv2_0.dll
2015-10-11 14:14:05	062D8E0E60F18E7C24D728928F140BF8	69616	----a-w-	C:\WINDOWS\Sysnative\igfxDHLib.dll
2015-10-11 14:14:04	DE7515060AF5082C53099824F5DC316D	193536	----a-w-	C:\WINDOWS\Sysnative\igfx11cmrt64.dll
2015-10-11 14:14:04	90D1C9A7FD6E04D8509704BF659B6FA8	265712	----a-w-	C:\WINDOWS\Sysnative\igfxCPL.cpl
2015-10-11 14:14:04	7B755CA08AC87FDFA196EBA0E09BDAA7	199088	----a-w-	C:\WINDOWS\Sysnative\igfxcmrt64.dll
2015-10-11 14:14:04	0250B46226E0A8D394385767386CE40E	2037232	----a-w-	C:\WINDOWS\Sysnative\igfxcmjit64.dll
2015-10-11 14:14:03	6067E16D5F1F5CAAD3223CB251988629	11053048	----a-w-	C:\WINDOWS\Sysnative\igdumdim64.dll
2015-10-11 14:14:02	F120506B035E0E7819A199FE4609BD90	469216	----a-w-	C:\WINDOWS\Sysnative\igdmd64.dll
2015-10-11 14:14:02	21B3D87C69C83A60D72392289ACD6B91	1995760	----a-w-	C:\WINDOWS\Sysnative\igdrcl64.dll
2015-10-11 14:14:01	93EE251794FCABA67E3E08C97170449E	22915568	----a-w-	C:\WINDOWS\Sysnative\igdfcl64.dll
2015-10-11 14:14:01	804E60402D405CCC4F3D5039355FC08D	232960	----a-w-	C:\WINDOWS\Sysnative\igdde64.dll
2015-10-11 14:14:01	7A6934BA4F68E5C9570C3D7ABBB9311E	172528	----a-w-	C:\WINDOWS\Sysnative\igdail64.dll
2015-10-11 14:14:01	05F154BA1F54255B5F05BECFCA90343A	374272	----a-w-	C:\WINDOWS\Sysnative\igdbcl64.dll
2015-10-11 14:14:00	84BEE135B2F821A1508D046F1CB3012C	102912	----a-w-	C:\WINDOWS\Sysnative\IccLibDll_x64.dll
2015-10-11 14:14:00	18885318F2F586C4126763C18F7AEB79	8528896	----a-w-	C:\WINDOWS\Sysnative\ig7icd64.dll
2015-10-11 14:13:59	F9971588284C97C2BB6F08B00DCD95BD	4371888	----a-w-	C:\WINDOWS\Sysnative\Gfxv4_0.exe
2015-10-11 14:13:59	E75D49CE944055678C6407BF9D921265	165808	----a-w-	C:\WINDOWS\Sysnative\difx64.exe
2015-10-11 14:13:59	B6BD7E8A80EB758E3A09526E50AE2ACE	970656	----a-w-	C:\WINDOWS\Sysnative\GfxUIEx.exe
2015-10-11 14:13:59	81AF4006CBF7FA798B6FB0588078A2DB	410528	----a-w-	C:\WINDOWS\Sysnative\CustomModeAppv2_0.exe
2015-10-11 14:13:59	4AE23C5530BBF693A020BCC6B865D922	556960	----a-w-	C:\WINDOWS\Sysnative\DPTopologyApp.exe
2015-10-11 14:13:59	447C239BDBE2B88D4F62137DC9AEC2A3	554928	----a-w-	C:\WINDOWS\Sysnative\DPTopologyAppv2_0.exe
2015-10-11 14:13:59	338C132878ACF56C611F0889EB98E15A	4369816	----a-w-	C:\WINDOWS\Sysnative\Gfxv2_0.exe
2015-10-11 14:13:59	15A594088A77D9EFC0FD1A7F2B2388DB	409520	----a-w-	C:\WINDOWS\Sysnative\CustomModeApp.exe
2015-10-11 14:13:59	0E2B7D35E3DDD21AF04FB4D98C2BCF7F	316245	----a-w-	C:\WINDOWS\Sysnative\DisplayAudiox64.cab
2015-10-11 13:30:33	F57FE0BD8BD7E1F8088FE18D0FD7BEE9	501008	----a-w-	C:\WINDOWS\Sysnative\AudioEng.dll
2015-10-11 13:30:33	F0B43C550BD519423FB79A58A860CE0B	204288	----a-w-	C:\WINDOWS\Sysnative\LocationPeCell.dll
2015-10-11 13:30:33	E6337423BD19DD12EB6777934B57E0F4	176640	----a-w-	C:\WINDOWS\Sysnative\LocationPeIP.dll
2015-10-11 13:30:33	E130DF660C8E4C6ED1255F2276CC2802	7523328	----a-w-	C:\WINDOWS\Sysnative\Chakra.dll
2015-10-11 13:30:33	D907DFF972354542D5B0B4414B308B75	312832	----a-w-	C:\WINDOWS\Sysnative\SensorsApi.dll
2015-10-11 13:30:33	D88952BD78157D66A0921B63F5DD0EC5	439296	----a-w-	C:\WINDOWS\Sysnative\LocationWebproxy.dll
2015-10-11 13:30:33	CD8169F2DE6AFF7CC56A596BCC2326E8	24595456	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
2015-10-11 13:30:33	C9C6D1C3171A866F10C7D58777E9638A	2417664	----a-w-	C:\WINDOWS\Sysnative\MFMediaEngine.dll
2015-10-11 13:30:33	C7503A49364DB2AF7A7DE177B233081F	1844736	----a-w-	C:\WINDOWS\Sysnative\workfolderssvc.dll
2015-10-11 13:30:33	B91D329CB2EF570B6A7CEB409625DD32	21875712	----a-w-	C:\WINDOWS\Sysnative\edgehtml.dll
2015-10-11 13:30:33	B82363129E8554D58B95A6935B83891D	781976	----a-w-	C:\WINDOWS\Sysnative\mfds.dll
2015-10-11 13:30:33	B171608F20705895726DE86B34D1FBAC	95744	----a-w-	C:\WINDOWS\Sysnative\LocationWiFiAdapter.dll
2015-10-11 13:30:33	AC180D981BD23443793F7AA71BBE344A	599552	----a-w-	C:\WINDOWS\Sysnative\wpnapps.dll
2015-10-11 13:30:33	A5B7CAFA0327BCBC2FC6F1C9F95191CA	342016	----a-w-	C:\WINDOWS\Sysnative\LocationGeofences.dll
2015-10-11 13:30:33	A0DBB9386BEA8DA1A159C2A2E07081A3	856576	----a-w-	C:\WINDOWS\Sysnative\MPSSVC.dll
2015-10-11 13:30:33	99E14B1011FC214DA89D9559AD816B3A	243760	----a-w-	C:\WINDOWS\Sysnative\mfps.dll
2015-10-11 13:30:33	78ECC7FEDA1790706A8ED7D864F754FC	2464216	----a-w-	C:\WINDOWS\Sysnative\mfcore.dll
2015-10-11 13:30:33	7614E6E6B53E8FE6E6B8A6D6D3CC2018	1067520	----a-w-	C:\WINDOWS\Sysnative\audiosrv.dll
2015-10-11 13:30:33	71107775BE0E612150F032CE21DD9C7C	88384	----a-w-	C:\WINDOWS\Sysnative\remoteaudioendpoint.dll
2015-10-11 13:30:33	6D6E7210CBD7C0AA2130F3F3F14D32A5	2824248	----a-w-	C:\WINDOWS\Sysnative\msmpeg2vdec.dll
2015-10-11 13:30:33	68DE1997977CD3A86D5F8D0FD23056EA	1563392	----a-w-	C:\WINDOWS\Sysnative\winmde.dll
2015-10-11 13:30:33	5E010B486F7FB28D9B79AAC471FE484F	476760	----a-w-	C:\WINDOWS\Sysnative\MFCaptureEngine.dll
2015-10-11 13:30:33	5793FBBB1F120D1815A8348434ED236C	221184	----a-w-	C:\WINDOWS\Sysnative\LocationPeWiFi.dll
2015-10-11 13:30:33	52E7F6343A99747CE5772B04FFCE00A3	771072	----a-w-	C:\WINDOWS\Sysnative\Chakradiag.dll
2015-10-11 13:30:33	509FF13E5C4FD63846FCA01A5ED912DB	521728	----a-w-	C:\WINDOWS\Sysnative\PsmServiceExtHost.dll
2015-10-11 13:30:33	36E46F26B5291A7D324466602A88947B	784136	----a-w-	C:\WINDOWS\Sysnative\mfsvr.dll
2015-10-11 13:30:33	3478670E8646CC536E1EF21F077F4DD6	2156400	----a-w-	C:\WINDOWS\Sysnative\hevcdecoder.dll
2015-10-11 13:30:33	33F308FD702D507A7BB28BF2E80C2717	3248640	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.dll
2015-10-11 13:30:33	2C82D9E55432915A68A609008BDEF41A	1563472	----a-w-	C:\WINDOWS\Sysnative\wmpmde.dll
2015-10-11 13:30:33	11AE1E4065376FCD89C0A37C5953164E	4791296	----a-w-	C:\WINDOWS\Sysnative\jscript9.dll
2015-10-11 13:30:33	07B5710393558DD734647D5F2F020647	215552	----a-w-	C:\WINDOWS\Sysnative\LocationCrowdsource.dll
2015-10-11 13:30:22	F9BD360A4799BB54A01692940C46CA2B	537080	----a-w-	C:\WINDOWS\Sysnative\WWanAPI.dll
2015-10-11 13:30:22	F1A6A22A63F380DFF28C55B11D688B0C	102304	----a-w-	C:\WINDOWS\Sysnative\omadmapi.dll
2015-10-11 13:30:22	F01743062DA74A24A0E7836289E33731	187904	----a-w-	C:\WINDOWS\Sysnative\provisioningcsp.dll
2015-10-11 13:30:22	EF3BBA8739757B470D0E49C8619A31C0	53760	----a-w-	C:\WINDOWS\Sysnative\Windows.Speech.Pal.dll
2015-10-11 13:30:22	ECA28C8F0FF34A2BD8311CBA2D35B143	121856	----a-w-	C:\WINDOWS\Sysnative\dmcsps.dll
2015-10-11 13:30:22	EBD5F0FDD3EBB6EE6F6EE524206AD0AE	26624	----a-w-	C:\WINDOWS\Sysnative\LicenseManagerShellext.exe
2015-10-11 13:30:22	EA8B28FFF774F7C7862C8746E1FDECF6	273920	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.LockScreen.dll
2015-10-11 13:30:22	EA1C2DAB8A63712B94897A58557B086C	371712	----a-w-	C:\WINDOWS\Sysnative\nlasvc.dll
2015-10-11 13:30:22	E5D86250453B33900666D92ED1A92ABE	2740224	----a-w-	C:\WINDOWS\Sysnative\wininet.dll
2015-10-11 13:30:22	E41C778D6208A51F57557523E2B479B5	1205248	----a-w-	C:\WINDOWS\Sysnative\Unistore.dll
2015-10-11 13:30:22	E2AE190B76C27430E4E8258D0C44C79B	317440	----a-w-	C:\WINDOWS\Sysnative\configmanager2.dll
2015-10-11 13:30:22	DE8B9EE2E86532686497FE5A1E44E90D	467968	----a-w-	C:\WINDOWS\Sysnative\MBMediaManager.dll
2015-10-11 13:30:22	DE82BD1C35547D04241DB1DB3D4808E0	6487248	----a-w-	C:\WINDOWS\Sysnative\windows.storage.dll
2015-10-11 13:30:22	DDCBE4B09287CF224B63015F9C6BD31F	1295712	----a-w-	C:\WINDOWS\Sysnative\wpx.dll
2015-10-11 13:30:22	DBA8FE1EAA344106C334E193D3D57B66	73728	----a-w-	C:\WINDOWS\Sysnative\wwancfg.dll
2015-10-11 13:30:22	DAFEABE69E915A2374E13C6B24EF331F	690688	----a-w-	C:\WINDOWS\Sysnative\CellularAPI.dll
2015-10-11 13:30:22	D7B28BF9E08128C5A8B89FFD5BEB6B88	465920	----a-w-	C:\WINDOWS\Sysnative\wwanconn.dll
2015-10-11 13:30:22	D61C3ED7C5F0D1B5BD9B351FEC381D57	120832	----a-w-	C:\WINDOWS\Sysnative\omadmclient.exe
2015-10-11 13:30:22	D5AAA188C70146977CFEE8D128599F3F	378368	----a-w-	C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll
2015-10-11 13:30:22	D4E92C0C0F9C5054B03D67A3C0B41961	555768	----a-w-	C:\WINDOWS\Sysnative\directmanipulation.dll
2015-10-11 13:30:22	D37063C5B492B7B4F26D24C62167C8BE	137728	----a-w-	C:\WINDOWS\Sysnative\VEStoreEventHandlers.dll
2015-10-11 13:30:22	D23F211E1AA0787EFEC373D172D4A1C2	1181696	----a-w-	C:\WINDOWS\Sysnative\wwansvc.dll
2015-10-11 13:30:22	D1AA97B30A9ED6F89DC3848C8BF53513	224256	----a-w-	C:\WINDOWS\Sysnative\KnobsCore.dll
2015-10-11 13:30:22	CF2B0ADDBA61B3B9FA339118FC742032	1812480	----a-w-	C:\WINDOWS\Sysnative\pnidui.dll
2015-10-11 13:30:22	C92EBECB1E30E7E6006C0D8B4040C3F6	274944	----a-w-	C:\WINDOWS\Sysnative\syncutil.dll
2015-10-11 13:30:22	C8C5DFF028EA28D7846E95D8E5461794	570880	----a-w-	C:\WINDOWS\Sysnative\MbaeApi.dll
2015-10-11 13:30:22	C66E058599A44E0EEA95B3E0547345D2	30208	----a-w-	C:\WINDOWS\Sysnative\syncmlhook.dll
2015-10-11 13:30:22	C5E2FBB19641860794CEE2B580192732	966416	----a-w-	C:\WINDOWS\Sysnative\twinapi.appcore.dll
2015-10-11 13:30:22	C1E6FBEBD285CABA0985533A56144F5F	288256	----a-w-	C:\WINDOWS\Sysnative\PimIndexMaintenance.dll
2015-10-11 13:30:22	BBA571F40F08F967531573109F7FA95E	169984	----a-w-	C:\WINDOWS\Sysnative\mdmregistration.dll
2015-10-11 13:30:22	B9FC9E9B55C74557FEC004BF8B1184F4	359936	----a-w-	C:\WINDOWS\Sysnative\ncsi.dll
2015-10-11 13:30:22	B8401703E619E7BD7B5A659306A9BFE6	84480	----a-w-	C:\WINDOWS\Sysnative\MDMAppInstaller.exe
2015-10-11 13:30:22	B7927A1D40BD17BC963E9353DBB36CD7	869376	----a-w-	C:\WINDOWS\Sysnative\MapControlCore.dll
2015-10-11 13:30:22	B70FF53144AC4B3C7D98BFB7D7C239BD	2236416	----a-w-	C:\WINDOWS\Sysnative\wuaueng.dll
2015-10-11 13:30:22	B3CD8B2CBC6E48B194116B28F72CDA67	408064	----a-w-	C:\WINDOWS\Sysnative\CredProvDataModel.dll
2015-10-11 13:30:22	B31569B0E7A467D4050FA49CFCBFCEFA	204800	----a-w-	C:\WINDOWS\Sysnative\wcmcsp.dll
2015-10-11 13:30:22	AF34122A1B595218036B4049D802B470	1203712	----a-w-	C:\WINDOWS\Sysnative\Windows.Devices.Bluetooth.dll
2015-10-11 13:30:22	AE8B34FB5B54025E9C6895A45947A515	796160	----a-w-	C:\WINDOWS\Sysnative\TokenBroker.dll
2015-10-11 13:30:22	AA38E0578EBAD030D4CB098A9F5E650B	720896	----a-w-	C:\WINDOWS\Sysnative\EmailApis.dll
2015-10-11 13:30:22	A51AC21B1F31FD7F4EC2811E33572AFC	859136	----a-w-	C:\WINDOWS\Sysnative\modernexecserver.dll
2015-10-11 13:30:22	A40484AC27EE08DBE7F8DA5E1F6651ED	591360	----a-w-	C:\WINDOWS\Sysnative\wcmsvc.dll
2015-10-11 13:30:22	9D4A09AB97C2F0EC6BFA6B54AA2BA239	3781120	----a-w-	C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll
2015-10-11 13:30:22	9C2B0E3A21CECD14E20A848F0DE94B24	517632	----a-w-	C:\WINDOWS\Sysnative\NotificationController.dll
2015-10-11 13:30:22	9BD143B8F803AC81F701BA0B8486212D	752640	----a-w-	C:\WINDOWS\Sysnative\ChatApis.dll
2015-10-11 13:30:22	98986780B8D494326D28DCAB6D601450	154624	----a-w-	C:\WINDOWS\Sysnative\dmcertinst.exe
2015-10-11 13:30:22	974C92640A3DAA475E15E3C79299B690	1795072	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll
2015-10-11 13:30:22	95EC1A9A6926F5091957F6CA52A34F21	162304	----a-w-	C:\WINDOWS\Sysnative\SubscriptionMgr.dll
2015-10-11 13:30:22	959695FD137FF0DEFC6152AAB03AA3D6	1216512	----a-w-	C:\WINDOWS\Sysnative\netcenter.dll
2015-10-11 13:30:22	9170F95C48D44BABB9546CBDC2D4CEBA	257024	----a-w-	C:\WINDOWS\Sysnative\UserDataAccountApis.dll
2015-10-11 13:30:22	913E47FCD3B43EC27215F90884915CAF	780288	----a-w-	C:\WINDOWS\Sysnative\Windows.ApplicationModel.Store.dll
2015-10-11 13:30:22	8D23F0819A00C547814409B734DD3747	503808	----a-w-	C:\WINDOWS\Sysnative\tileobjserver.dll
2015-10-11 13:30:22	8AFDD74F2DC5BAD9B2215FB19DB65240	809352	----a-w-	C:\WINDOWS\Sysnative\CoreMessaging.dll
2015-10-11 13:30:22	891C83BE8BA62B7547B9A6576A360C71	1010176	----a-w-	C:\WINDOWS\Sysnative\RDXService.dll
2015-10-11 13:30:22	88E6A429944544346EC3AE1FD7D24BCC	149504	----a-w-	C:\WINDOWS\Sysnative\tetheringservice.dll
2015-10-11 13:30:22	888513B8C53C7574A9CC14195F5BFCA3	81488	----a-w-	C:\WINDOWS\Sysnative\acmigration.dll
2015-10-11 13:30:22	887065722784FD70B880B0D900E4884D	185344	----a-w-	C:\WINDOWS\Sysnative\psmsrv.dll
2015-10-11 13:30:22	87E5D206DCDD7E8DB7A597DA59FB9A07	1423872	----a-w-	C:\WINDOWS\Sysnative\UserDataService.dll
2015-10-11 13:30:22	86C0DEE6940878A1496CBBA856FF4E5B	584656	----a-w-	C:\WINDOWS\Sysnative\mf.dll
2015-10-11 13:30:22	85AC4CA67BECC08CBC655A8D8919B23B	1331200	----a-w-	C:\WINDOWS\Sysnative\UIAutomationCore.dll
2015-10-11 13:30:22	85146ABCB1EF298D1FF6EE4D5541788C	832512	----a-w-	C:\WINDOWS\Sysnative\MapsStore.dll
2015-10-11 13:30:22	7ED8EF17B3A6C69DA6A0EC90CFBB4ABB	7055872	----a-w-	C:\WINDOWS\Sysnative\BingMaps.dll
2015-10-11 13:30:22	7DDB731AD3E9F9F91D62E991BD52814F	79872	----a-w-	C:\WINDOWS\Sysnative\HttpsDataSource.dll
2015-10-11 13:30:22	7D2165B4B27E11B3E557DB26CAA2BAFF	1382400	----a-w-	C:\WINDOWS\Sysnative\win32kbase.sys
2015-10-11 13:30:22	7BCC113B00736AA930DAA49CA7858808	856576	----a-w-	C:\WINDOWS\Sysnative\ContactApis.dll
2015-10-11 13:30:22	7910232E31799A576F2509DA92CB8813	928256	----a-w-	C:\WINDOWS\Sysnative\JpMapControl.dll
2015-10-11 13:30:22	77C8CD0AACC1D059EDF6E91920D11550	421888	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll
2015-10-11 13:30:22	754BC3E56FF301B9EE8A764932D02124	513536	----a-w-	C:\WINDOWS\Sysnative\ngcsvc.dll
2015-10-11 13:30:22	7505ACFD9362DA74FEB623F21FE3B391	1601536	----a-w-	C:\WINDOWS\Sysnative\Windows.Media.Speech.dll
2015-10-11 13:30:22	6FA4BB1AA0C18F5CFB96F228376BD249	2494712	----a-w-	C:\WINDOWS\Sysnative\CoreUIComponents.dll
2015-10-11 13:30:22	6C9DDD0611379864596D2A8DE7B1870C	504320	----a-w-	C:\WINDOWS\Sysnative\DataSenseHandlers.dll
2015-10-11 13:30:22	684F1E1B5D07451B600EA3C3D728A534	281600	----a-w-	C:\WINDOWS\Sysnative\VEEventDispatcher.dll
2015-10-11 13:30:22	65F1F4DBB4A6FA971BF9F00129F452A0	494592	----a-w-	C:\WINDOWS\Sysnative\StoreAgent.dll
2015-10-11 13:30:22	65A0B3477231CE37B09A719DBBB9FCF1	671232	----a-w-	C:\WINDOWS\Sysnative\WUDFx02000.dll
2015-10-11 13:30:22	63D8A023148D8436D6CBA65E2B9ED56A	143360	----a-w-	C:\WINDOWS\Sysnative\provops.dll
2015-10-11 13:30:22	5BA872CD68B18193FC82DFE125A15FC4	163840	----a-w-	C:\WINDOWS\Sysnative\CallHistoryClient.dll
2015-10-11 13:30:22	562078FF6ED0C2B1C09078343437D03E	168960	----a-w-	C:\WINDOWS\Sysnative\mdmmigrator.dll
2015-10-11 13:30:22	5424E49F79EB68E5F10439405101A09B	627712	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.dll
2015-10-11 13:30:22	537826436B921256BA9055F65A97ED91	7569408	----a-w-	C:\WINDOWS\Sysnative\mos.dll
2015-10-11 13:30:22	52C3440B5098BFB99D91E869A26ECB30	1213440	----a-w-	C:\WINDOWS\Sysnative\RemoteNaturalLanguage.dll
2015-10-11 13:30:22	5252CE15DB06AB5A796EBC361EAC1528	8020816	----a-w-	C:\WINDOWS\Sysnative\ntoskrnl.exe
2015-10-11 13:30:22	506F9F526D42BB4C0A579CB78F923A48	483328	----a-w-	C:\WINDOWS\Sysnative\OneDriveSettingSyncProvider.dll
2015-10-11 13:30:22	4A54273338073939384A14BF0D7AFC14	88064	----a-w-	C:\WINDOWS\Sysnative\ngckeyenum.dll
2015-10-11 13:30:22	49B00A59043431804A5BCB5E48F735B3	414208	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentClient.dll
2015-10-11 13:30:22	49213BF8E7EEE157F128C58D75043B09	68096	----a-w-	C:\WINDOWS\Sysnative\EnterpriseDesktopAppMgmtCSP.dll
2015-10-11 13:30:22	444016D88142B82366EC516C3CF714E0	2178560	----a-w-	C:\WINDOWS\Sysnative\AppXDeploymentServer.dll
2015-10-11 13:30:22	43A1B8B43CA4E213E0FD920F2FD6BCBA	267776	----a-w-	C:\WINDOWS\Sysnative\Windows.Internal.Management.dll
2015-10-11 13:30:22	41C0EC5B11375F9CA045AFEF1EB75D5F	366592	----a-w-	C:\WINDOWS\Sysnative\wuuhext.dll
2015-10-11 13:30:22	405BD80834094E297664CE0A7EE70EF9	2987520	----a-w-	C:\WINDOWS\Sysnative\esent.dll
2015-10-11 13:30:22	3C096082A9232B7CEE4653B9C9031769	2228736	----a-w-	C:\WINDOWS\Sysnative\wlansvc.dll
2015-10-11 13:30:22	3B397ED55AE652520503CCE0996B0D25	160256	----a-w-	C:\WINDOWS\Sysnative\enrollmentapi.dll
2015-10-11 13:30:22	3AED81953A08DA52C64F3D92D4A21CD8	223232	----a-w-	C:\WINDOWS\Sysnative\PhoneCallHistoryApis.dll
2015-10-11 13:30:22	3A4A543F135DE9A06ABA9DF982D79DD7	526336	----a-w-	C:\WINDOWS\Sysnative\bisrv.dll
2015-10-11 13:30:22	390EAAB81E5C1DB0FD4920796C74AB48	1290240	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Shell.dll
2015-10-11 13:30:22	38F08B82ADEEA1003B4A5177BB5366B3	347136	----a-w-	C:\WINDOWS\Sysnative\ncryptprov.dll
2015-10-11 13:30:22	37B5ECB8C390D9FD5A5BB2FFB7294B9E	553808	----a-w-	C:\WINDOWS\Sysnative\SettingSyncHost.exe
2015-10-11 13:30:22	363F3F99863C2BB8612C9133E45BF3E6	387584	----a-w-	C:\WINDOWS\Sysnative\LockAppBroker.dll
2015-10-11 13:30:22	35DAE99CA54E05DE5EE404EC20DD073F	16708608	----a-w-	C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll
2015-10-11 13:30:22	33FF0B7585F54C0F33C38F5DCAB1DA01	3586560	----a-w-	C:\WINDOWS\Sysnative\win32kfull.sys
2015-10-11 13:30:22	334206DD8DA94B0AEBC46A3196888031	83968	----a-w-	C:\WINDOWS\Sysnative\DeviceEnroller.exe
2015-10-11 13:30:22	327DA4A4DE4E9BECF2C16967366C74E2	186880	----a-w-	C:\WINDOWS\Sysnative\cloudAP.dll
2015-10-11 13:30:22	311F4D131C28DA12595132A35124E955	910848	----a-w-	C:\WINDOWS\Sysnative\SharedStartModel.dll
2015-10-11 13:30:22	2C144777278ECD6DFF4B5A90F742C1AA	346112	----a-w-	C:\WINDOWS\Sysnative\ngccredprov.dll
2015-10-11 13:30:22	2481E9E8858AD0A223FA3110916EF0C1	6572032	----a-w-	C:\WINDOWS\Sysnative\wwanmm.dll
2015-10-11 13:30:22	223A5048FE554992D8E7D0195D57AA19	1397088	----a-w-	C:\WINDOWS\Sysnative\LicenseManager.dll
2015-10-11 13:30:22	1CD8BB41436524A2748A77005E5DEB8A	579072	----a-w-	C:\WINDOWS\Sysnative\winlogon.exe
2015-10-11 13:30:22	194239DA484C7DB62E6773ABB5DD4463	269312	----a-w-	C:\WINDOWS\Sysnative\provengine.dll
2015-10-11 13:30:22	157B1CABAF5201237EECA4FB0F34D822	403456	----a-w-	C:\WINDOWS\Sysnative\dmenrollengine.dll
2015-10-11 13:30:22	1547E4F51567E522CA96BC367CC9D295	590336	----a-w-	C:\WINDOWS\Sysnative\MessagingDataModel2.dll
2015-10-11 13:30:22	14503C58C1528D83FB2328840784EC78	621056	----a-w-	C:\WINDOWS\Sysnative\enterprisecsps.dll
2015-10-11 13:30:22	10FC981B716CCC25CDD5D306EBBC022D	1276416	----a-w-	C:\WINDOWS\Sysnative\wifinetworkmanager.dll
2015-10-11 13:30:22	109F35CCD84FE9AD1E3B6A2953CF2C9D	685568	----a-w-	C:\WINDOWS\Sysnative\AppointmentApis.dll
2015-10-11 13:30:22	0968D575D9108497A6DC37749D4A6C4F	2093056	----a-w-	C:\WINDOWS\Sysnative\wlidsvc.dll
2015-10-11 13:30:22	09247D43F19CAFEEFEBF6A32F3A1225F	118272	----a-w-	C:\WINDOWS\Sysnative\KnobsCsp.dll
2015-10-11 13:30:22	031080A610C302B0279A267411EDB7E3	2226688	----a-w-	C:\WINDOWS\Sysnative\NetworkMobileSettings.dll
2015-10-11 13:30:22	02954F6B3389EF56088EF1C99B6105BA	202240	----a-w-	C:\WINDOWS\Sysnative\accountaccessor.dll
2015-10-11 13:30:22	02707CF32272B726BB410E6717BBB7E8	446976	----a-w-	C:\WINDOWS\Sysnative\MapConfiguration.dll
2015-10-11 13:30:22	02077F66F8CF2F1FD58403D371482B01	106496	----a-w-	C:\WINDOWS\Sysnative\KeywordDetectorMsftSidAdapter.dll
2015-10-11 13:21:52	A2C74EF675150C94DA6D2A15B5F92612	1166520	----a-w-	C:\WINDOWS\Sysnative\PresentationNative_v0300.dll
2015-10-11 13:21:52	26A67F58D21ECE5650005F43393C19FC	35480	----a-w-	C:\WINDOWS\Sysnative\TsWpfWrp.exe
2015-10-11 13:21:51	85BF4619A138A6A8AD31C6E83E795A98	124112	----a-w-	C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll
2015-10-11 13:02:19	AFDFB2A957AEBCA5CBB40F97F1AA4AC1	22980	----a-w-	C:\WINDOWS\Sysnative\emptyregdb.dat
2015-10-11 12:43:46	140BDD1C0C9EB014951E79E6E556F837	2123230	----a-w-	C:\WINDOWS\Sysnative\PerfStringBackup.INI
2015-10-11 12:41:15	E2A042032FAECB04477D8235FD1181FF	72704	----a-w-	C:\WINDOWS\Sysnative\OpenCL.DLL
2015-10-11 12:40:34	FF97BC35DA938684634492DA69DE1033	5096627	----a-w-	C:\WINDOWS\Sysnative\nvcoproc.bin
2015-10-11 12:40:34	F49929E1249B951D5CAEA622E6ED455C	1059984	----a-w-	C:\WINDOWS\Sysnative\nv3dappshext.dll
2015-10-11 12:40:34	E8A524D10C99A39992148703CEC60185	3493008	----a-w-	C:\WINDOWS\Sysnative\nvsvc64.dll
2015-10-11 12:40:34	9AC2925125E34EE169173D212866F666	62792	----a-w-	C:\WINDOWS\Sysnative\nvshext.dll
2015-10-11 12:40:34	8D02DE6F669FB1D581771150A03DE4B4	385168	----a-w-	C:\WINDOWS\Sysnative\nvmctray.dll
2015-10-11 12:40:34	346D3B40EE85127A1FD664FD2A978B5B	2558792	----a-w-	C:\WINDOWS\Sysnative\nvsvcr.dll
2015-10-11 12:40:34	26836E4F6E6602D3418E49F7EA801A52	6873744	----a-w-	C:\WINDOWS\Sysnative\nvcpl.dll
2015-10-11 12:40:34	1B44B5244EAF26BEC315AE84B0AFFC66	937616	----a-w-	C:\WINDOWS\Sysnative\nvvsvc.exe
2015-10-11 12:40:34	083495DA4CFDFBB6AB3C44B05B7BA265	75080	----a-w-	C:\WINDOWS\Sysnative\nv3dappshextr.dll
2015-10-07 00:11:38	ACC1E105567D2186E0F5647742FAD9BF	56008	----a-w-	C:\WINDOWS\Sysnative\ETDCoInstaller01000.dll
====== C:\WINDOWS\Sysnative\drivers =====
2015-10-11 14:18:11	238D669CE5F661F1E9A8CD19CB13A304	4334232	----a-w-	C:\WINDOWS\Sysnative\drivers\athw10x.sys
2015-10-11 13:30:33	927AD29D7F91B9A0C5294932374DA15E	894256	----a-w-	C:\WINDOWS\Sysnative\drivers\Wdf01000.sys
2015-10-11 13:30:33	7EBD20284AC9BF9F0A020B86769BB074	2432336	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2015-10-11 13:30:33	616F40B897DA651221F86A1741E9609B	1168736	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2015-10-11 13:30:33	1434CA8A224655AD096D57DB24D3AA85	406864	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2015-10-11 13:30:22	FDB239DBE2A14B572D21ABCEDC7BB5D0	505696	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2015-10-11 13:30:22	FA5C94FB36625787063D04CF2F24E890	320000	----a-w-	C:\WINDOWS\Sysnative\drivers\portcls.sys
2015-10-11 13:30:22	C08449092043601887A1743350888635	516448	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2015-10-11 13:30:22	B6A33DCEBE437F909615E89BA5FB1385	395088	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2015-10-11 13:30:22	89C9C3745F270EF93988DA57BC6AA62B	1983824	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2015-10-11 13:30:22	854AF190F55E6D70EC65A85798F896E2	36352	----a-w-	C:\WINDOWS\Sysnative\drivers\buttonconverter.sys
2015-10-11 13:30:22	70469C8AC4AD367295E70CFDD81B754C	99664	----a-w-	C:\WINDOWS\Sysnative\drivers\pdc.sys
2015-10-11 13:30:22	5A1C6AFFF6946C5C21A27AE05084C0D1	332624	----a-w-	C:\WINDOWS\Sysnative\drivers\fastfat.sys
2015-10-11 13:30:22	004C66464D8FE76D5DA78BE6777D61AF	278352	----a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2015-10-07 00:11:38	6BD85B39B7B23F03B24CF641ED29147B	525512	----a-w-	C:\WINDOWS\Sysnative\drivers\ETD.sys
2015-10-01 07:08:47	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2015-10-01 07:08:08	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2015-10-01 07:08:08	AE757332EA130E94E646621CC695B52A	63704	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2015-10-01 07:08:08	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
2015-09-27 09:11:46	6AD8B3D182C22577357EB1F03D31D03C	3120	----a-w-	C:\WINDOWS\Sysnative\Tasks\{0C32308B-9D5B-4718-93F7-B93FE4E5CB07}
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-10-11 13:23:09	--------	d-----w-	C:\Program Files\Reference Assemblies
2015-10-11 13:23:09	--------	d-----w-	C:\Program Files\MSBuild
2015-10-11 12:46:22	--------	d-----w-	C:\Program Files\Common Files\SpeechEngines
2015-10-11 12:41:10	--------	d-----w-	C:\Program Files\Intel
2015-10-11 12:39:58	--------	d-----w-	C:\Program Files\NVIDIA Corporation
2015-10-11 12:39:43	--------	d-----w-	C:\Program Files\Elantech
2015-09-27 09:06:13	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-10-11 13:23:09	--------	d-----w-	C:\PROGRA~2\Reference Assemblies
2015-10-11 13:23:09	--------	d-----w-	C:\PROGRA~2\MSBuild
2015-10-11 12:46:26	--------	d-----w-	C:\PROGRA~2\COMMON~1\SpeechEngines
2015-10-11 12:41:02	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel
2015-10-11 12:39:59	--------	d-----w-	C:\PROGRA~2\NVIDIA Corporation
2015-10-01 19:43:03	--------	d-----w-	C:\PROGRA~2\ESET
2015-09-27 09:03:23	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Jan\AppData\Roaming ======
2015-10-11 15:41:07	--------	d-----w-	C:\Users\Jan\AppData\Local\MicrosoftEdge
2015-10-11 14:26:00	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing
2015-10-11 14:12:34	--------	d-----w-	C:\Users\Jan\AppData\Local\Publishers
2015-10-11 14:10:52	--------	d-----w-	C:\Users\Jan\AppData\Local\Comms
2015-10-11 14:08:56	--------	d-----w-	C:\Users\Jan\AppData\Local\Packages
2015-10-11 14:08:43	--------	d-----w-	C:\Users\Jan\AppData\Local\TileDataLayer
2015-10-11 13:02:45	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages
2015-10-11 12:58:01	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Trusteer
2015-10-11 12:50:25	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2015-10-11 12:50:25	--------	d-----w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2015-10-11 12:50:25	--------	d-----w-	C:\Users\Default\AppData\Local\Trusteer
2015-10-11 12:50:25	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools
2015-10-11 12:50:25	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility
2015-10-11 12:50:25	--------	d-----w-	C:\Users\Default User\AppData\Local\Trusteer
2015-10-11 12:44:43	--------	d-s---r-	C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-11 12:44:43	--------	d-----w-	C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-11 12:44:43	--------	d-----w-	C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-11 12:44:43	--------	d-----w-	C:\Users\UpdatusUser\AppData\Roaming
2015-10-11 12:44:43	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Temp
2015-10-11 12:44:43	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Microsoft
2015-10-11 12:44:43	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local
2015-10-11 12:44:43	--------	d-----r-	C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-11 12:44:43	--------	d-----r-	C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-11 12:44:43	--------	d-----r-	C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-11 12:44:42	--------	d-s---r-	C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-11 12:44:42	--------	d-----w-	C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-11 12:44:42	--------	d-----w-	C:\Users\Jan\AppData\Roaming
2015-10-11 12:44:42	--------	d-----w-	C:\Users\Jan\AppData\Local\Temp
2015-10-11 12:44:42	--------	d-----w-	C:\Users\Jan\AppData\Local\Microsoft
2015-10-11 12:44:42	--------	d-----w-	C:\Users\Jan\AppData\Local
2015-10-11 12:44:42	--------	d-----r-	C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-11 12:44:42	--------	d-----r-	C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-11 12:44:42	--------	d-----r-	C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-11 12:44:42	--------	d-----r-	C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-10-11 12:40:27	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft
2015-09-27 11:54:04	--------	d-----w-	C:\Users\Jan\AppData\Local\CEF
====== C:\Users\Jan ======
2015-10-13 19:55:34	8BA618F15C8D721B12668D602DBAE5DB	1682432	----a-w-	C:\Users\Jan\Downloads\adwcleaner_5.013.exe
2015-10-11 14:16:23	--------	d-----r-	C:\Users\Jan\OneDrive
2015-10-11 14:08:15	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Jan\ntuser.ini
2015-10-11 12:44:43	--------	d--h--w-	C:\Users\UpdatusUser\AppData
2015-10-11 12:44:42	--------	d--h--w-	C:\Users\Jan\AppData
2015-10-11 12:43:58	3AE3174792BEC422EBDC28B4FB98A835	4194304	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bin
2015-10-11 12:43:58	227F8A07970C5607B861273CFAE71D44	4194304	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\msmqlog.bak
2015-10-11 12:40:43	--------	d-----w-	C:\ProgramData\NVIDIA
2015-10-11 12:40:15	--------	d-----w-	C:\ProgramData\NVIDIA Corporation
2015-09-27 09:03:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==
2015-10-14 22:55:57	3C97F7EC2DDF11D6E2D9F1B79350FBCC	128	----a-w-	C:\$Recycle.Bin\S-1-5-21-1013068887-1341096901-2197712401-1001\$II2GI1L.exe
2015-10-14 16:03:33	C5B68AC8EC40CAB217AB4F479B953B54	2870984	----a-w-	C:\$Recycle.Bin\S-1-5-21-1013068887-1341096901-2197712401-1001\$RI2GI1L.exe
2015-10-14 16:02:55	1930E662549EB8F2E218F552E95F084E	128	----a-w-	C:\$Recycle.Bin\S-1-5-21-1013068887-1341096901-2197712401-1001\$IU61H0K.exe
2015-10-13 20:10:16	33DEC4E1ECDC062D91625885E4743A0D	136	----a-w-	C:\$Recycle.Bin\S-1-5-21-1013068887-1341096901-2197712401-1001\$I89PONG.exe
2015-10-13 19:55:34	8BA618F15C8D721B12668D602DBAE5DB	1682432	----a-w-	C:\Users\Jan\Downloads\adwcleaner_5.013.exe
2015-10-13 16:36:51	1B16795D3CB7A9FAA3FC41C56EF2966D	149184	----a-w-	C:\Users\Jan\AppData\Local\Temp\5451BF1B-A51B-462A-9F1E-197166398A85\DismHost.exe
2015-10-13 13:31:27	F0B5FAE0268D84B1CE6EA3B98D4D69EB	331464	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2015-10-13 13:31:27	E78517BD20C282FBCA150D2B3ACCC760	2870984	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2015-10-13 13:31:27	B23901621E5BD2EF1AAC3E6E6CB9E7FF	422600	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2015-10-13 13:26:13	C5B68AC8EC40CAB217AB4F479B953B54	2870984	----a-w-	C:\$Recycle.Bin\S-1-5-21-1013068887-1341096901-2197712401-1001\$R89PONG.exe
2015-10-13 06:17:56	80E111EED816640FB795EB335265F820	3932296	----a-w-	C:\Windows\InfusedApps\Packages\Microsoft.WindowsDVDPlayer_3.6.11761.0_x64__8wekyb3d8bbwe\DvdPlayer.UI.exe
2015-10-11 14:16:56	E3EC81D634A09EAD6155E9F6F5ABFA18	7846992	----a-w-	C:\Users\Jan\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
2015-10-11 14:16:56	E3EC81D634A09EAD6155E9F6F5ABFA18	7846992	----a-w-	C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\OneDriveSetup.exe
2015-10-11 14:16:41	F4601CDFF7E3F1100BBB00B2FF76DB56	147632	----a-w-	C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncConfig.exe
2015-10-11 14:16:22	C2D2FFD27F46815951C9562F0A2EC864	405584	----a-w-	C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
2015-10-11 14:14:09	3242B4108A74AC15466C4BC445AC8DAE	444832	----a-w-	C:\Windows\System32\IntelWiDiUMS64.exe
2015-10-11 14:14:09	11CF5A909468A33C0BB2C586B54E4B0A	2506960	----a-w-	C:\Windows\System32\IntelWiDiVAD64.exe
2015-10-11 14:14:07	026A69DF5B0324E289F8D967E40BB810	205728	----a-w-	C:\Windows\System32\igfxext.exe
2015-10-11 14:13:59	F9971588284C97C2BB6F08B00DCD95BD	4371888	----a-w-	C:\Windows\System32\Gfxv4_0.exe
2015-10-11 14:13:59	E75D49CE944055678C6407BF9D921265	165808	----a-w-	C:\Windows\System32\difx64.exe
2015-10-11 14:13:59	B6BD7E8A80EB758E3A09526E50AE2ACE	970656	----a-w-	C:\Windows\System32\GfxUIEx.exe
2015-10-11 14:13:59	81AF4006CBF7FA798B6FB0588078A2DB	410528	----a-w-	C:\Windows\System32\CustomModeAppv2_0.exe
2015-10-11 14:13:59	4AE23C5530BBF693A020BCC6B865D922	556960	----a-w-	C:\Windows\System32\DPTopologyApp.exe
2015-10-11 14:13:59	447C239BDBE2B88D4F62137DC9AEC2A3	554928	----a-w-	C:\Windows\System32\DPTopologyAppv2_0.exe
2015-10-11 14:13:59	338C132878ACF56C611F0889EB98E15A	4369816	----a-w-	C:\Windows\System32\Gfxv2_0.exe
2015-10-11 14:13:59	15A594088A77D9EFC0FD1A7F2B2388DB	409520	----a-w-	C:\Windows\System32\CustomModeApp.exe
2015-10-11 13:30:33	5275394FE00E85B13DC535C67961DFEB	1907536	----a-w-	C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2015-10-11 13:30:33	4A6E77B420F384AA8CB429904F7BF088	6263152	----a-w-	C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
2015-10-11 13:30:22	F55E9DF5284E75728CBED4EC3228A536	624480	----a-w-	C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe
2015-10-11 13:30:22	EBD5F0FDD3EBB6EE6F6EE524206AD0AE	26624	----a-w-	C:\Windows\System32\LicenseManagerShellext.exe
2015-10-11 13:30:22	E1DB432B3147F70BF684846439ADE38B	136192	----a-w-	C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
2015-10-11 13:30:22	E19833B3E69A5B829AB97D5CBD3BF356	1876832	----a-w-	C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2015-10-11 13:30:22	D61C3ED7C5F0D1B5BD9B351FEC381D57	120832	----a-w-	C:\Windows\System32\omadmclient.exe
2015-10-11 13:30:22	B8401703E619E7BD7B5A659306A9BFE6	84480	----a-w-	C:\Windows\System32\MDMAppInstaller.exe
2015-10-11 13:30:22	ACF279AB64D406EDB223543E5A113939	220160	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
2015-10-11 13:30:22	98986780B8D494326D28DCAB6D601450	154624	----a-w-	C:\Windows\System32\dmcertinst.exe
2015-10-11 13:30:22	9853C2A9EF7FBC341C65EF89908CA052	482816	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\PlacesServer.exe
2015-10-11 13:30:22	948BD4AC1C7C572312048A284D6C9A7F	562688	----a-w-	C:\Windows\System32\Speech\SpeechUX\SpeechUXWiz.exe
2015-10-11 13:30:22	695DFBE0357DB32E4475F74053D021BC	7455056	----a-w-	C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
2015-10-11 13:30:22	5252CE15DB06AB5A796EBC361EAC1528	8020816	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-10-11 13:30:22	37B5ECB8C390D9FD5A5BB2FFB7294B9E	553808	----a-w-	C:\Windows\System32\SettingSyncHost.exe
2015-10-11 13:30:22	334206DD8DA94B0AEBC46A3196888031	83968	----a-w-	C:\Windows\System32\DeviceEnroller.exe
2015-10-11 13:30:22	1CD8BB41436524A2748A77005E5DEB8A	579072	----a-w-	C:\Windows\System32\winlogon.exe
2015-10-11 13:21:52	26A67F58D21ECE5650005F43393C19FC	35480	----a-w-	C:\Windows\System32\TsWpfWrp.exe
2015-10-11 12:40:44	E2E4E0AD83D9418FD1C8CCB3C84D622C	414024	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE
2015-10-11 12:40:34	DB1EC96C28212D0EAE597317EEFF6D67	1253008	----a-w-	C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
2015-10-11 12:40:34	B97485DF340ADAAD026F305E49911368	3405968	----a-w-	C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe
2015-10-11 12:40:34	AAE0A5221483812B568755B040676FC2	12730512	----a-w-	C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
2015-10-11 12:40:34	3244E954707B649F16ECB3D94CE56600	2447688	----a-w-	C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
2015-10-11 12:40:34	1FE48F0A7F1A19175D330E85FCB46E30	62096	----a-w-	C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe
2015-10-11 12:40:34	1D79EFA8A44FBE19CE593C44CF01AE3C	62280	----a-w-	C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe
2015-10-11 12:40:34	1B44B5244EAF26BEC315AE84B0AFFC66	937616	----a-w-	C:\Windows\System32\nvvsvc.exe
2015-10-11 12:40:32	E2E4E0AD83D9418FD1C8CCB3C84D622C	414024	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{977B1DBB-9E7F-417B-B5E5-95F15A9BF0AF}\setup.exe
2015-10-11 11:00:37	B272F716AD20CFA8EC0CCBC232B122F0	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1013068887-1341096901-2197712401-1001\$IB5OFRY.exe
2015-10-11 10:58:35	7A0E44A9ECBC5D9897BB09D2CDB674B0	10373208	----a-w-	C:\$Windows.~BT\Sources\setupprep.exe
2015-10-11 10:55:34	07D733DAB53FD7E2E7C8442216073379	873800	----a-w-	C:\Users\Jan\AppData\Local\Google\Chrome\User Data\SwReporter\4.30.4\software_reporter_tool.exe
2015-10-11 08:43:39	4B0F506ACF0A8AE6D6B3E4CF6778B722	122568	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2015-10-11 08:43:39	21B9AB1916917F9476B767F605345E62	532168	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
=== C: other files ==
2015-10-13 20:11:34	560EDC0912BDB68290930E2542823A24	135760	----a-w-	C:\Users\Jan\AppData\Local\Temp\ehdrv.sys
2015-10-11 14:18:11	238D669CE5F661F1E9A8CD19CB13A304	4334232	----a-w-	C:\Windows\System32\drivers\athw10x.sys
2015-10-11 14:16:39	8CF4163521FDB8E53482003C7EFA7121	5850	----a-w-	C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\CollectOneDriveLogs.bat
2015-10-11 13:30:33	927AD29D7F91B9A0C5294932374DA15E	894256	----a-w-	C:\Windows\System32\drivers\Wdf01000.sys
2015-10-11 13:30:33	7EBD20284AC9BF9F0A020B86769BB074	2432336	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2015-10-11 13:30:33	616F40B897DA651221F86A1741E9609B	1168736	----a-w-	C:\Windows\System32\drivers\ndis.sys
2015-10-11 13:30:33	1434CA8A224655AD096D57DB24D3AA85	406864	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS
2015-10-11 13:30:22	FDB239DBE2A14B572D21ABCEDC7BB5D0	505696	----a-w-	C:\Windows\System32\drivers\dxgmms2.sys
2015-10-11 13:30:22	FA5C94FB36625787063D04CF2F24E890	320000	----a-w-	C:\Windows\System32\drivers\portcls.sys
2015-10-11 13:30:22	C08449092043601887A1743350888635	516448	----a-w-	C:\Windows\System32\drivers\USBHUB3.SYS
2015-10-11 13:30:22	B6A33DCEBE437F909615E89BA5FB1385	395088	----a-w-	C:\Windows\System32\drivers\dxgmms1.sys
2015-10-11 13:30:22	89C9C3745F270EF93988DA57BC6AA62B	1983824	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2015-10-11 13:30:22	854AF190F55E6D70EC65A85798F896E2	36352	----a-w-	C:\Windows\System32\drivers\buttonconverter.sys
2015-10-11 13:30:22	7D2165B4B27E11B3E557DB26CAA2BAFF	1382400	----a-w-	C:\Windows\System32\win32kbase.sys
2015-10-11 13:30:22	70469C8AC4AD367295E70CFDD81B754C	99664	----a-w-	C:\Windows\System32\drivers\pdc.sys
2015-10-11 13:30:22	5A1C6AFFF6946C5C21A27AE05084C0D1	332624	----a-w-	C:\Windows\System32\drivers\fastfat.sys
2015-10-11 13:30:22	33FF0B7585F54C0F33C38F5DCAB1DA01	3586560	----a-w-	C:\Windows\System32\win32kfull.sys
2015-10-11 13:30:22	004C66464D8FE76D5DA78BE6777D61AF	278352	----a-w-	C:\Windows\System32\drivers\sdbus.sys
2015-10-11 12:56:39	1DE0CBF15AC67AE0E5B456ADEFB89493	24192	----a-r-	C:\Windows\ELAMBKUP\SYMELAM.SYS

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1013068887-1341096901-2197712401-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"BrStsInd00"="C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe /AUTORUN"
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.143.296\AsusWSPanel.exe /S"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"OneDrive"="C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll,C:\\WINDOWS\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ACMON]
"command"="C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe"
"hkey"="HKLM"
"item"="ACMON"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""
"hkey"="HKLM"
"item"="Adobe Reader Speed Launcher"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RTHDVCPL"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-09-2015 18:41]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16-09-2015 18:41]
C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job --a-------- C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []
C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job --a-------- C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe]
"C:\WINDOWS\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe]
"C:\WINDOWS\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe]
"C:\WINDOWS\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\WINDOWS\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\WSCStub.exe"]
"C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\WINDOWS\SysNative\tasks\{0C32308B-9D5B-4718-93F7-B93FE4E5CB07}" [C:\Program Files (x86)\OpenOffice 4\program\soffice.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Autofix" [C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\SymErr.exe]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-06-21 19:29:04	--------	d-----w-	C:\PROGRA~3\Samsung
2015-06-22 11:19:28	--------	d-----w-	C:\PROGRA~3\Skype
2015-07-30 21:51:49	--------	d-sh--we	C:\PROGRA~3\Application Data
2015-07-30 21:51:49	--------	d-sh--we	C:\PROGRA~3\Desktop
2015-07-30 21:51:49	--------	d-sh--we	C:\PROGRA~3\Documents
2015-07-30 21:51:49	--------	d-sh--we	C:\PROGRA~3\Start Menu
2015-07-30 21:51:49	--------	d-sh--we	C:\PROGRA~3\Templates
2015-07-30 21:53:14	--------	d-----w-	C:\PROGRA~3\USOShared
2015-07-30 22:42:06	--------	d-----w-	C:\PROGRA~3\regid.1991-06.com.microsoft
2015-07-30 22:42:06	--------	d-----w-	C:\PROGRA~3\USOPrivate
2015-07-30 22:42:06	--------	d-s---w-	C:\PROGRA~3\Microsoft
2015-09-10 05:35:38	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2015-10-11 12:40:15	--------	d-----w-	C:\PROGRA~3\NVIDIA Corporation
2015-10-11 12:40:43	--------	d-----w-	C:\PROGRA~3\NVIDIA
2015-10-11 13:05:09	--------	d-sh--we	C:\PROGRA~3\Bureaublad
2015-10-11 13:05:09	--------	d-sh--we	C:\PROGRA~3\Documenten
2015-10-11 13:05:09	--------	d-sh--we	C:\PROGRA~3\Favorieten
2015-10-11 13:05:09	--------	d-sh--we	C:\PROGRA~3\Menu Start
2015-10-11 13:05:10	--------	d-sh--we	C:\PROGRA~3\Sjablonen

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{EBA722F5-038F-4CAF-9EE2-545A221628BC}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.2.15\coFFPlgn" [11-10-2015 17:29]

==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.4.24\Exts\Chrome.crx[23-09-2015 08:44]
iikflkcanblccfahdhdonehdalibjnif - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bbjllphbppobebmjpjcijfbakobcheof - No path found[]

Google Docs - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Rapport - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof
YouTube - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Norton Security Toolbar - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Google Search - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Docs Offline - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Norton Identity Safe - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Norton Safe Search as default for Chrome - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl
Chrome Web Store Payments - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nortonsafe.search.ask.com_0.localstorage deleted successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nortonsafe.search.ask.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1013068887-1341096901-2197712401-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully
HKEY_USERS\S-1-5-21-1013068887-1341096901-2197712401-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{D19CA586-DD6C-4a0a-96F8-14644F340D60} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{40211632-250D-4B8C-B04E-DA45BAE6DF8C} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=23 folders=2 8645153 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Jan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\Syswow64\Windows.Devices.Midi.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Devices.WiFi.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Gaming.Input.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Media.FaceAnalysis.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Import.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Media.MediaControl.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Speech.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Speech.UXRes.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Media.Streaming.ps.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.Networking.Connectivity.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.UI.Immersive.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.UI.Input.Inking.dll"  not deleted
"C:\WINDOWS\Syswow64\Windows.UI.Xaml.Maps.dll"  not deleted

==== EOF on do 15-10-2015 at 17:36:47,85 ======================