Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Cor van Thiel on vr 01-01-2016 at 11:42:59,06. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Cor van Thiel\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 1-1-2016 11:46:50 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\DriverWhiz deleted successfully C:\PROGRA~2\NETGEAR deleted successfully C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully C:\Users\UpdatusUser\AppData\LocalLow deleted successfully C:\Users\Cor van Thiel\AppData\Local\ActiveSync deleted successfully C:\Users\Cor van Thiel\AppData\Local\calibre-cache deleted successfully C:\Users\Cor van Thiel\AppData\Local\DriverToolkit deleted successfully C:\Users\Cor van Thiel\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Cor van Thiel\AppData\Local\EmieSiteList deleted successfully C:\Users\Cor van Thiel\AppData\Local\EmieUserList deleted successfully C:\Users\Cor van Thiel\AppData\Local\Opera Software deleted successfully C:\Users\Cor van Thiel\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] ==== Deleting Files \ Folders ====================== C:\PROGRA~2\DriverWhiz not found C:\PROGRA~2\NETGEAR not found C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found C:\Users\Cor van Thiel\AppData\Roaming\0A1Q1J1G1F2W1I1P1Q1N1P0P2Y1S deleted C:\Users\Cor van Thiel\AppData\Roaming\calibre deleted C:\Program Files (x86)\IObit deleted C:\Program Files (x86)\DriverToolkit deleted C:\PROGRA~2\SopCast deleted C:\PROGRA~2\GreenTree Applications deleted C:\PROGRA~3\ParetoLogic deleted C:\PROGRA~3\YTD Video Downloader deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\{EB5F5A55-037A-4E47-806B-2C8AA9374701} deleted C:\PROGRA~3\Package Cache deleted C:\Users\Cor van Thiel\AppData\Local\FileViewPro deleted C:\Users\Cor van Thiel\AppData\Local\Avanquest deleted C:\Users\Cor van Thiel\AppData\Local\IAC deleted C:\Users\Cor van Thiel\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\Users\Cor van Thiel\AppData\LocalLow\IAC deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted C:\Users\Cor van Thiel\Desktop\FLV Player.lnk deleted "C:\Windows\Installer\e62656e.msi" deleted "C:\Users\Cor van Thiel\AppData\Roaming\chfuq\dqhee" deleted "C:\Users\Cor van Thiel\AppData\Roaming\chfuq\hqida.ifa" deleted "C:\Users\Cor van Thiel\AppData\Roaming\chfuq\YMQGIX" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\apjsr.sbs" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\axfuk.pfp" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\bknfq.pvr" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\bqhov.mtb" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\cahlj.svv" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\cxdss.msf" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\dfcrf.umq" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\dpeiv.oec" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\ecwkj.wti" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\htbnr.xeb" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\jiwhv.cou" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\kflhg.lmb" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\kjwbg.abg" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\knxwc.pvd" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\ksaxd.ndq" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\lbupo.gag" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\lxfad.ial" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\meppi.rea" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\mujng.doc" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\nliuu.abn" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\nocco.hae" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\ogtmk.jog" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\oonjo.imj" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\pkmir.nkt" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\prjgk.wij" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\qsubf.nnl" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\qtivo.tdb" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\rrecx.kcj" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\sjrcd.vqu" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\socwo.jer" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\spcoc.lpt" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\tdabi.vut" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\tmwwn.aqu" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\twkus.fsp" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\vawcc.npr" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\vofso" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\wtemc.bia" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\xecnr.rfc" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh\YMQGIX" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\bdgah.qbh" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\bigps.opg" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\bnbpj.frk" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\cfqgd" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\dbnwd.ugg" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\dkrla.mxw" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\dmdbi.dhh" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\dwntf.mwn" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\edpsx.eai" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\fbueb.uvg" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\gdoct.ftx" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\ggliu.vhi" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\heueo.xrs" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\hmgil.fdp" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\iedtx.uor" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\ignmd.qvt" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\ini" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\kbuuc.krh" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\kkkjr.xfx" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\kmodn.obx" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\kuqcj.usp" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\ltlqi.gip" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\naquh.bmi" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\nfrhh.sga" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\ocvae.uwe" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\oqrtg.bjw" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\pqice.gxl" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\ptvsb.qqh" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\qffkt.psv" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\qkvbm.xid" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\rhkdw.ffk" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\roskc.cnm" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\ruhjl.ins" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\uanku.mls" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\umetc.thb" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\veviq.hel" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\wptjv.oen" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\wsrtj.dmw" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx\YMQGIX" deleted "C:\Users\Cor van Thiel\AppData\Roaming\chfuq" deleted "C:\Users\Cor van Thiel\AppData\Roaming\fownh" deleted "C:\Users\Cor van Thiel\AppData\Roaming\recrx" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-12-29 12:35:36 62D958869592DE46E089572350E08CB3 67584 --s-a-w- C:\WINDOWS\bootstat.dat ====== C:\Users\CORVAN~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-12-30 21:07:07 D3AB2216EA25A567E5F962AA02EABA82 176632 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-30 21:07:06 B938A8D130578F5217E24D5996EF54BA 826872 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-29 15:28:22 819363A483BB829C443D94CC77119DC9 18678272 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-29 15:28:18 EDC75B4FF6A66B0AC1A360476D9CBCC9 12125184 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-29 15:28:14 083A4C6C21371B011771A350942DEB8F 19339264 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-29 15:28:12 FAE7DA27029FDDA27375722B4DC387D7 138240 ----a-w- C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll 2015-12-29 15:28:11 A820BD54E6B4A68C6E4490EA23FA5650 1860096 ----a-w- C:\WINDOWS\SysWOW64\cdp.dll 2015-12-29 15:28:11 57A2AAE6BD896F54767284BAB7C2D183 1859448 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-12-29 15:28:10 EBD19D0E20C113468631504BFE56FB3F 2185840 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2015-12-29 15:28:10 97097223B24F49F5934188FA24D74B46 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2015-12-29 15:28:09 847B31F89A3009D5D851479224B7579A 2680320 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2015-12-29 15:28:08 90F7CF0E4FFD720EBAC601CABE25D880 2121216 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-12-29 15:28:07 9D97A95801784A94F3DC76E0E49B885C 13017600 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-12-29 15:28:07 7E0CB4ADF324AD6552C36181EB0CBC4D 1118208 ----a-w- C:\WINDOWS\SysWOW64\mfnetsrc.dll 2015-12-29 15:28:06 5B64BFE61393D22D908BB5E2A17B6147 1328128 ----a-w- C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-29 15:28:05 5E8F545EA2A3BE324D800FD926E5010A 2180136 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2015-12-29 15:28:05 3B1D8CE3E56BA82EF02C126226B7C357 948224 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll 2015-12-29 15:28:04 D8E958F0E5929BFEC15238E0E1F94C64 983464 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2015-12-29 15:28:04 600A12A37D8F0B98E3497C59505338D1 716928 ----a-w- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-12-29 15:28:04 532AC1D121972B17BE523A9988A3A0E5 2155008 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2015-12-29 15:28:03 EB6BAC2C67F848F2C0EFE82AEAC5C67A 1540768 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-29 15:28:03 BEDE63EB0B3B100A1FBD2996FE3AF0EF 1505280 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-12-29 15:28:03 302A0BE9FA2874A3E99C0E25C992E7C7 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-29 15:28:03 2EECE39CDFFF244B2489FD8ACDC14D7A 517632 ----a-w- C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-12-29 15:28:02 D80737E0C4AFE5D4714D14F27A9E6CFB 1706496 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2015-12-29 15:28:02 C4C80541BDE649F44EA1F81F7D4C510A 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-29 15:28:02 2029AAF923CE131E5157F6175DE66881 2919320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-29 15:28:01 7CDF1630DCF7C9167E551874D18C3CE0 709120 ----a-w- C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2015-12-29 15:28:01 674333934AEF201C56419742CD86782B 973664 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-12-29 15:28:01 588E4109C8A78BC211AC1D5756652A67 1139200 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-12-29 15:28:01 32BF0F999279961833888317C3FE45D9 2061824 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-12-29 15:28:00 F32770E19F1CB817274BC85824730E48 470528 ----a-w- C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-12-29 15:28:00 B8C4EFAA6AAED98E6B5AB57CAFA489B9 1337240 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2015-12-29 15:28:00 4F04FB02D215667B505A060EEE02B5DF 686592 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-12-29 15:27:59 D262A3DA660F5312D059DADB9034392B 2796032 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-12-29 15:27:59 9ACCC0C1786391EF1FD1FAF12AE22801 340480 ----a-w- C:\WINDOWS\SysWOW64\PlayToDevice.dll 2015-12-29 15:27:58 F8C66D9D6AEC233715C8B32DB203EF6D 502112 ----a-w- C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2015-12-29 15:27:58 D213E29D66D7182AF58CB525EFC2F409 421888 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll 2015-12-29 15:27:58 8310F69B59EFA4EC47B6B3F535BFC3CB 898184 ----a-w- C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-12-29 15:27:58 76B00BE575C4D8CF3D7334240C8DAF90 683008 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll 2015-12-29 15:27:58 6D151B11358362786C45F1A4A21576FA 925064 ----a-w- C:\WINDOWS\SysWOW64\mfplat.dll 2015-12-29 15:27:58 2DA46210CBE5B92C4E79FDD70A6C0ADE 2049024 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-12-29 15:27:58 110A45F765495043CB8ED918FEFD8D90 572928 ----a-w- C:\WINDOWS\SysWOW64\WpcWebFilter.dll 2015-12-29 15:27:57 FD6EE242ACD2E05AFE920139D12C3053 670928 ----a-w- C:\WINDOWS\SysWOW64\mfds.dll 2015-12-29 15:27:57 C85501FE7EFD33E06A877B8786F396B6 462760 ----a-w- C:\WINDOWS\SysWOW64\mfreadwrite.dll 2015-12-29 15:27:57 B934E18B1A20A26768F57EDBD6882A38 884256 ----a-w- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-12-29 15:27:57 A9B375A65A92C45D9723B1BAD8F87D1E 1105920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2015-12-29 15:27:57 86A2DFAAE917E8852363BD716BD8D5CF 334848 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-12-29 15:27:57 775C32A6DE7E9702CB04B10C69D80457 450904 ----a-w- C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2015-12-29 15:27:57 4C85D9A9FD26D3F00BBF5D3F469F1800 241664 ----a-w- C:\WINDOWS\SysWOW64\cryptngc.dll 2015-12-29 15:27:57 0FA8D61A4D4F56063113F9DA4E18848B 289248 ----a-w- C:\WINDOWS\SysWOW64\MFPlay.dll 2015-12-29 15:27:56 F2061A1835E8844637168800292309BF 84832 ----a-w- C:\WINDOWS\SysWOW64\NetSetupApi.dll 2015-12-29 15:27:56 D9EF9F5DA78CD085FD23C8EBB6108662 409088 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2015-12-29 15:27:56 5467DAD0BDB397D84052FCCF8686FB9C 60928 ----a-w- C:\WINDOWS\SysWOW64\mssign32.dll 2015-12-29 15:27:56 4237413A7EDD61589081B9450D657036 116720 ----a-w- C:\WINDOWS\SysWOW64\mfps.dll 2015-12-29 15:27:56 337E7D5B768ABDBEA9F17823F76D5F1B 381952 ----a-w- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-12-29 15:27:56 23A968565D51FEC30EADFBC70BE35117 793600 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2015-12-29 15:27:56 1F48933EFAB68EDD3B456C78E17B89CE 871936 ----a-w- C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL 2015-12-29 15:27:56 184F89725539803B64E718BD0F779DC9 569856 ----a-w- C:\WINDOWS\SysWOW64\qdvd.dll 2015-12-29 15:27:55 D6DF0F68136C6148989E927572319F21 431232 ----a-w- C:\WINDOWS\SysWOW64\WWanAPI.dll 2015-12-29 15:27:55 4CE9BF384DAAE2BF9E49C5B7E2F106F0 270848 ----a-w- C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2015-12-29 15:27:55 4C421E34FF4A836590401A3E9A5B5DE8 415744 ----a-w- C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-29 15:27:55 3A24E199AA5A30D6E7C30D01E2BF4C7E 161280 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2015-12-29 15:27:55 35383CA7169E12D885B9B553F59E3154 41984 ----a-w- C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2015-12-29 15:27:55 102F3BB5D63225A25817C8E44B85533F 63528 ----a-w- C:\WINDOWS\SysWOW64\wwapi.dll 2015-12-29 15:27:53 FDEEA5397A0D079E1EF8F1B765BC7D04 6297088 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2015-12-29 15:27:53 2DE2DAF437341AECB280DBFE88CBB581 346112 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-12-29 15:27:51 A971D150CD168A1F7BD775674896F02C 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2015-12-29 15:27:51 92551AFCC476CBEBBB66B6420C60AB20 5202944 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2015-12-29 15:27:51 7F64C196D3FA41C0F437A158FDEF7F50 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2015-12-29 15:27:51 6BBB4172DDF348821C3C4B7FE844077B 1443328 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-29 15:27:51 382AA3E205808FBF0458A143B0F4ACFF 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2015-12-29 15:27:51 192B579E14C116D2B742FEBE85A4D3C1 2756096 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb 2015-12-29 15:27:50 F60E1993D8D8FD2E23516C1278B209C1 34304 ----a-w- C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe 2015-12-29 15:27:50 D707B12965D5E8DFBD7C5BF7FB12AF02 24064 ----a-w- C:\WINDOWS\SysWOW64\WordBreakers.dll 2015-12-29 15:27:50 CA260C1A4CFC95D49DBE4DAEDCD65585 58368 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2015-12-29 15:27:50 C132402FABE387126B5CB0D2D3426671 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-12-29 15:27:50 B0DB58B85CF68C61AFBEFC107807FECF 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2015-12-29 15:27:50 AA220069ABA44FEB2FEA92FF463E89BC 166912 ----a-w- C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-12-29 15:27:50 AA0644D24DD488B1E1517189DD3DC00B 48640 ----a-w- C:\WINDOWS\SysWOW64\MosHostClient.dll 2015-12-29 15:27:50 9FE071ED2AAE48A691D234E757297CF3 49152 ----a-w- C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2015-12-29 15:27:50 9FA5093D91ED3CB6B4CE67A040C5E40A 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2015-12-29 15:27:50 92F331E360CB8DC73FA1158934CA9491 86528 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2015-12-29 15:27:50 761E6E736B47DA42D74227A26F658108 100864 ----a-w- C:\WINDOWS\SysWOW64\offlinelsa.dll 2015-12-29 15:27:50 65E98344070A6C0B66ED476F735B14D3 59904 ----a-w- C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2015-12-29 15:27:50 1973BD62F29F443E9BC467FAA9F27159 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2015-12-29 15:27:49 D51618B0CB2B51F7D9B8DEB38A454126 36352 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll 2015-12-29 15:27:49 C11AFEBFFDD62BA366D2F146212B415E 110592 ----a-w- C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2015-12-29 15:27:49 6AE2C3CFEA73E2D01CB1E00DBD1EC4A5 205824 ----a-w- C:\WINDOWS\SysWOW64\NmaDirect.dll 2015-12-29 15:27:49 53E2029302DA056DE856D4C662663B2B 10240 ----a-w- C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2015-12-29 15:27:49 52838DDB3B20C7330A30D89509A93B55 1268736 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2015-12-29 15:27:49 451356B814B46BB6582F307E24AA0863 9728 ----a-w- C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2015-12-29 15:27:49 3FCEAC0D175851962F9CF797A370A14F 3072 ----a-w- C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2015-12-29 15:27:49 262D880248233D3A96C15F7C7E1BAD21 58368 ----a-w- C:\WINDOWS\SysWOW64\MosResource.dll 2015-12-29 12:35:21 42DE22BB4E675AE8DADD9038B26F8EFE 2718208 ----a-w- C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-12-29 12:33:12 A82F594EE2471B4F304DA1DF068552EE 758 ----a-w- C:\WINDOWS\SysWOW64\license.rtf 2015-12-29 12:29:53 EF22B84131DB17D40D523F649CAD31D2 366224 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2015-12-29 12:29:53 D0693220928997E1DD513B261AF86308 454056 ----a-w- C:\WINDOWS\SysWOW64\AudioEng.dll 2015-12-29 12:29:53 B13BE7A31C732B5773FDF51FB140B614 334336 ----a-w- C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-12-29 12:29:53 AD2E3CC2771EADB0605CC0FAE73EAA45 405048 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2015-12-29 12:29:53 A4CC1E8330E839AA619978E61AEEEAC4 73360 ----a-w- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2015-12-29 12:29:53 75F7D82383D8CF10D5999874993A2EF5 27136 ----a-w- C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2015-12-29 12:29:53 2AF0E5217FE677C29669E0243F28D64F 70656 ----a-w- C:\WINDOWS\SysWOW64\AppCapture.dll 2015-12-29 12:29:52 EBB01B0223DBB9660E4FFB35854D69BF 400896 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv 2015-12-29 12:29:51 F7F009E10E52C760EF48D2AD7E4D892E 29696 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2015-12-29 12:29:51 F2D9AB28744983980E6BCE08DA077528 21125408 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2015-12-29 12:29:51 F2D2E8091D0929884E6A86AFD9981E2F 2001408 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-12-29 12:29:51 F0ED21F9D39229B305C363B6ED023170 11776 ----a-w- C:\WINDOWS\SysWOW64\dciman32.dll 2015-12-29 12:29:51 BEFAC095C4E511243E91B1F916C243A7 704352 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2015-12-29 12:29:51 BC6B60847CDEFFB3DE3AA394366881DF 490496 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-12-29 12:29:51 ADAF3873B0A29C4AFC0D8B89C3485A94 227840 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll 2015-12-29 12:29:51 AC742BB0B79CD4C535E6A317FD4A18A8 315904 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-12-29 12:29:51 A95DDF60D6EC95625C4987750619C5DB 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2015-12-29 12:29:51 9E57FF10D37B672B8781BAF92DB00A8B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2015-12-29 12:29:51 93050CE746C09F2F6F49A4893FB060ED 647168 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-12-29 12:29:51 8E93F5481D1A608D90104F24DD610B76 540752 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-12-29 12:29:51 8E2CB7E297C2631CB063319377ED7AD0 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2015-12-29 12:29:51 8BAD6657817E0960C7CB6026323828A1 511320 ----a-w- C:\WINDOWS\SysWOW64\mf.dll 2015-12-29 12:29:51 89F3F69C9996D5BCC879C664BF74A4E2 675064 ----a-w- C:\WINDOWS\SysWOW64\dcomp.dll 2015-12-29 12:29:51 54F47C0CD2DE99A7B8C7583CF6C22D92 3072 ----a-w- C:\WINDOWS\SysWOW64\lpk.dll 2015-12-29 12:29:51 3B7DA8EC6FC4F16F85934D944A2149CD 791552 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2015-12-29 12:29:51 31DE6A034E8BBA043CB2F4612033C12A 296488 ----a-w- C:\WINDOWS\SysWOW64\policymanager.dll 2015-12-29 12:29:51 2C5A8D334EFB14914B1618247CD0DAAF 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2015-12-29 12:29:51 1E7B13CDBA9D57D2BF54A7501FB17376 586080 ----a-w- C:\WINDOWS\SysWOW64\wimgapi.dll 2015-12-29 12:29:51 123BD3D4504BB548A823152EAC57DE00 32040 ----a-w- C:\WINDOWS\SysWOW64\mfpmp.exe 2015-12-29 12:28:31 6F2CA3BDD1C78C465BC0C1E5DDA15B28 2629632 ----a-w- C:\WINDOWS\SysWOW64\NlsLexicons0009.dll 2015-12-29 12:28:31 14129011499850E46153AB0E6C325F87 4847616 ----a-w- C:\WINDOWS\SysWOW64\NlsData0009.dll 2015-12-29 12:25:42 F432E0E5B0958F4982D40EB622FBD7FC 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-12-29 12:25:42 BF9CAA33ADD4C21C118148B5CFC5494B 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-12-29 12:25:42 6F391E9286733CC6B34FC0FAB23B8DF3 103120 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-12-29 15:28:26 E761095ADFC48739CA54A3B58242AF0D 24601600 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-12-29 15:28:25 78CF1420E5E88B1664F92F07386D19A8 22393856 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2015-12-29 15:28:19 EE5BD4F67199E1C5142F3C731035D18C 13381120 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-12-29 15:28:15 A6E666BC673DD38C3ECDB53FD83138E7 3993600 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2015-12-29 15:28:15 35A6E2624696F77A8660529E9C5B7B9A 16984064 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2015-12-29 15:28:13 4C1138686002741A423AF26AC247490D 7476576 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-12-29 15:28:13 0DC4BEB16161362B4E46D117204D8566 2843136 ----a-w- C:\WINDOWS\Sysnative\cdp.dll 2015-12-29 15:28:12 F5AF729AD65041D74FED75E02DA4A4DC 138240 ----a-w- C:\WINDOWS\Sysnative\ETWCoreUIComponentsResources.dll 2015-12-29 15:28:12 294BD6D65CE93F7B709DBB38F96759DA 2653816 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2015-12-29 15:28:11 340B841A05087B581B3F321853996960 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2015-12-29 15:28:10 8C8161E40F42E437161972E8866025D5 3355136 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2015-12-29 15:28:10 10020730E0E51555A58C20D361F233A9 2772584 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2015-12-29 15:28:09 9DA2D5EB73F6F61BB32B63B59DF2BB0C 1299504 ----a-w- C:\WINDOWS\Sysnative\mfnetsrc.dll 2015-12-29 15:28:09 10B6962619F3965030395019E352B7B4 870400 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll 2015-12-29 15:28:08 FAD9326ED152667E57B5B2EDBD9973F8 2544256 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2015-12-29 15:28:08 CD2CC65DDF46F065BCC975C2BC89DD11 1648640 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll 2015-12-29 15:28:08 C2D78B6667E0341802C4F38E9C02F93D 2280448 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2015-12-29 15:28:08 AB4C1A9F37C0B8467AC923ED4AD727D6 2647552 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-12-29 15:28:08 A44FB85192EE0DD3F7D6518B63044F4E 2598400 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2015-12-29 15:28:08 7443938BC4B8DCE1D8E6C51BC3F9DBFE 948224 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll 2015-12-29 15:28:07 87E291D9CC3ECE9AA56ABFD8063C4050 1223168 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll 2015-12-29 15:28:07 486C22DD70BE538B1C164AE38E130009 2352128 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2015-12-29 15:28:07 2D7E3C2913AAE063774795E6790BCC48 1212928 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2015-12-29 15:28:06 CA902510DAF327CCFA59BCBFC00B3BAE 912384 ----a-w- C:\WINDOWS\Sysnative\usermgr.dll 2015-12-29 15:28:06 95F53D812EF80A2819E9C1539A629B5F 823264 ----a-w- C:\WINDOWS\Sysnative\mfmpeg2srcsnk.dll 2015-12-29 15:28:06 45B88D0BBAB3EAA10883097C14C33678 1281376 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2015-12-29 15:28:05 8F6118120D9A11A1CFD8822850826064 1155944 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll 2015-12-29 15:28:05 78065D08A6D5886ACF9B6BA7E34A554C 3593216 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2015-12-29 15:28:05 69B4974176206D7276B733B30BCE442E 1717248 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2015-12-29 15:28:05 3A1FCBE9103770CF17F81EBD9809FE1B 697856 ----a-w- C:\WINDOWS\Sysnative\PlayToManager.dll 2015-12-29 15:28:05 184F5C80753CD7F6400AAA4087288B97 2582016 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2015-12-29 15:28:04 63976F057A5A9FD426DC84FB97CF3446 3671888 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-12-29 15:28:03 A2469A19FC330A400E2BED8003331BB8 604672 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-12-29 15:28:03 42B6285314851A693F68F7A7B79FD1B9 1393664 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2015-12-29 15:28:03 2AB2C72D88CE2BC73E6F708D0B1A9657 440160 ----a-w- C:\WINDOWS\Sysnative\services.exe 2015-12-29 15:28:03 25086E02B6C3F34BC4646C134C3E1769 1042432 ----a-w- C:\WINDOWS\Sysnative\BingOnlineServices.dll 2015-12-29 15:28:03 03EB1EBAB72BB8322C30D070C346EA33 1395200 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2015-12-29 15:28:02 E81DF157F4F225928EAE2B1E82863BF6 1817160 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-12-29 15:28:02 549A1696E594E6939C210972B4AD9747 824320 ----a-w- C:\WINDOWS\Sysnative\WpcWebFilter.dll 2015-12-29 15:28:02 4EB351CB5A23E0F7AB2B7137374EFB85 870400 ----a-w- C:\WINDOWS\Sysnative\wpncore.dll 2015-12-29 15:28:02 43091BCAB6446E01AEB9DFFB2538B2F9 1995776 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2015-12-29 15:28:01 93D891995D253D4B6BCFABEE5C73454B 3428864 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll 2015-12-29 15:28:01 839F7EC52C8E6888C4E9120E68652438 589312 ----a-w- C:\WINDOWS\Sysnative\MbaeApi.dll 2015-12-29 15:28:01 6F5EB489BC3368DC11CF3AA605D943BB 638464 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2015-12-29 15:28:01 43B6BF7F95CF7D60599740EF2BF0DDD8 938496 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2015-12-29 15:28:01 04EDF539ED97A3BFBD7464CED7ADBB7A 783360 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-12-29 15:28:00 DD97EF0AE9224B8C1161736E033C03F1 1399224 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2015-12-29 15:28:00 C4DF460B84DB6A0D4C18375DE1117DD0 696160 ----a-w- C:\WINDOWS\Sysnative\NetSetupEngine.dll 2015-12-29 15:28:00 836DC2848B800FC890E8FCF96F5E639B 458752 ----a-w- C:\WINDOWS\Sysnative\PlayToDevice.dll 2015-12-29 15:28:00 686E73A0F24F56A25A78D8EFE8E4B937 1318912 ----a-w- C:\WINDOWS\Sysnative\wifinetworkmanager.dll 2015-12-29 15:28:00 623DAEC255FDCF586F161CF6BF788627 795840 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2015-12-29 15:28:00 589A33EE394273A4F1338EBF705A1CEF 1387008 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2015-12-29 15:27:59 9D9A25E3E658EAC6FA9BC1BC23168516 1092456 ----a-w- C:\WINDOWS\Sysnative\mfplat.dll 2015-12-29 15:27:59 4A657E5F9D4BE53028B643889E786296 2126848 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-12-29 15:27:59 4588022BF3C34392C0C2AFDC3634C0CF 1065080 ----a-w- C:\WINDOWS\Sysnative\mfmp4srcsnk.dll 2015-12-29 15:27:59 334A9D347CC52E7581DC21FA7CDBB261 515584 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll 2015-12-29 15:27:59 28B52034DB907EA14BF8DFB399BC1A94 1734656 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-12-29 15:27:59 0F09B99EF80BB0D914538FC17A305A4F 1131520 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.Audio.dll 2015-12-29 15:27:58 CCB125BB7072FEAFC68A56749FD2DFD7 1020096 ----a-w- C:\WINDOWS\Sysnative\mfsrcsnk.dll 2015-12-29 15:27:58 C8AEE94042CFDF6383C153AFD284AEF1 497152 ----a-w- C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll 2015-12-29 15:27:58 C08AA0383BCEE881C319F23A5189AB8D 794888 ----a-w- C:\WINDOWS\Sysnative\mfds.dll 2015-12-29 15:27:58 A74C62AE99A015CD6275F0D8D8843886 342016 ----a-w- C:\WINDOWS\Sysnative\SensorService.dll 2015-12-29 15:27:58 960E3DB158FC9D262EE33D928AEDA3F5 320000 ----a-w- C:\WINDOWS\Sysnative\cryptngc.dll 2015-12-29 15:27:58 48A7AEF3554919C0CBDFECBB25DF1B09 162304 ----a-w- C:\WINDOWS\Sysnative\DeviceCensus.exe 2015-12-29 15:27:58 39E07EE74F50C39C1EB315152F03199C 607232 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll 2015-12-29 15:27:58 18CE63A5B5EB84FF7F9F575C8FE53F44 931328 ----a-w- C:\WINDOWS\Sysnative\MSMPEG2ENC.DLL 2015-12-29 15:27:58 01AE64981A7C7AE4F84799931D8DAAD1 900608 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.BackgroundTransfer.dll 2015-12-29 15:27:57 F3B1BFB19C6A47DE7706A9CF1A177028 526856 ----a-w- C:\WINDOWS\Sysnative\mfreadwrite.dll 2015-12-29 15:27:57 A2A0FD3DA492A903E6AEC6C2B946F26F 245848 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2015-12-29 15:27:57 83365A5A2632275C7B005B7A4995DCE1 416768 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2015-12-29 15:27:57 7DD3B4B77A787E06A6B3DC9AE7B451E0 292352 ----a-w- C:\WINDOWS\Sysnative\provengine.dll 2015-12-29 15:27:57 7014B74B0F62698EC891A19A781689D5 337840 ----a-w- C:\WINDOWS\Sysnative\MFPlay.dll 2015-12-29 15:27:57 69E727F94BEA64E66C284F3C482F33E6 1035776 ----a-w- C:\WINDOWS\Sysnative\XboxNetApiSvc.dll 2015-12-29 15:27:57 63A71E0B8BEF5FC3A5C9669B5C771A1C 286208 ----a-w- C:\WINDOWS\Sysnative\provhandlers.dll 2015-12-29 15:27:57 6100515B0A4A9DE9EB83E632F873D1F7 323072 ----a-w- C:\WINDOWS\Sysnative\MSFlacDecoder.dll 2015-12-29 15:27:57 32D57C79EA65D0D6A923BF1C26A0EC0A 558080 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2015-12-29 15:27:57 2D1682BEC4615A154079383E25BB0DF2 220672 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2015-12-29 15:27:57 2AE2C153D33AB0D2B89E0920EC2ACF69 498448 ----a-w- C:\WINDOWS\Sysnative\MFCaptureEngine.dll 2015-12-29 15:27:57 0A9C90159378EAF0F45AF2275156EF0D 264544 ----a-w- C:\WINDOWS\Sysnative\ContentDeliveryManager.Utilities.dll 2015-12-29 15:27:56 F7AE2EB8D2FA095AD9DED30CCE10BC13 957440 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2015-12-29 15:27:56 BFFC187B1FFA022F59D652A6A4CA130F 199168 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2015-12-29 15:27:56 95B9A9F4D41A54FD421CF6F7323B87FF 126464 ----a-w- C:\WINDOWS\Sysnative\dialserver.dll 2015-12-29 15:27:56 8F53FEB251B01D2582931B8AC642C28A 387072 ----a-w- C:\WINDOWS\Sysnative\qdvd.dll 2015-12-29 15:27:56 6D7B4647F5FB25CE88E2555A9DFF1D2E 70656 ----a-w- C:\WINDOWS\Sysnative\XblAuthManagerProxy.dll 2015-12-29 15:27:56 6D0F04544716C90220B58008B4422B97 459776 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2015-12-29 15:27:56 57C2033773055CEE5963EBCB999337F8 210432 ----a-w- C:\WINDOWS\Sysnative\wcmcsp.dll 2015-12-29 15:27:56 3B36AFC1B127B13A82752A3F02CE9D8C 543232 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2015-12-29 15:27:56 38F068BA3D5CE3C53A025E1F9381CC54 115040 ----a-w- C:\WINDOWS\Sysnative\NetSetupApi.dll 2015-12-29 15:27:56 2B91178DE30EF92DD383486485B0C97D 523776 ----a-w- C:\WINDOWS\Sysnative\catsrvut.dll 2015-12-29 15:27:55 F40D409308162E071561049ACADF753C 80600 ----a-w- C:\WINDOWS\Sysnative\wwapi.dll 2015-12-29 15:27:55 D6B9D1A83BDDF6912309A9C7C4024E10 133120 ----a-w- C:\WINDOWS\Sysnative\flvprophandler.dll 2015-12-29 15:27:55 D33E93BE685C6B9C72E063EA41F9BAEF 538632 ----a-w- C:\WINDOWS\Sysnative\WWanAPI.dll 2015-12-29 15:27:55 D1BB4122E41E04E2D8D57702396AE031 412512 ----a-w- C:\WINDOWS\Sysnative\wifitask.exe 2015-12-29 15:27:55 BBEC134DA91F61E6D91CDB47D8724E86 382464 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-12-29 15:27:55 9920C9AD4528A4396D19BC03AA2D0882 58408 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.dll 2015-12-29 15:27:55 8BACF65C95DA69173FA80F644502F9BC 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2015-12-29 15:27:55 849275D7BF36660743973B8E28542E45 51680 ----a-w- C:\WINDOWS\Sysnative\SensorsUtilsV2.dll 2015-12-29 15:27:55 54051585F9E1A644C3ED024B639C0E32 231936 ----a-w- C:\WINDOWS\Sysnative\KnobsCore.dll 2015-12-29 15:27:55 2DA8708EB1FCB83375A450D401A1ED09 74240 ----a-w- C:\WINDOWS\Sysnative\mssign32.dll 2015-12-29 15:27:55 14CE7BCE9C6A442BD4B93AB3CB8765BF 375296 ----a-w- C:\WINDOWS\Sysnative\MDEServer.exe 2015-12-29 15:27:54 6D7BC576DEC9750D5F8AED361E687384 704000 ----a-w- C:\WINDOWS\Sysnative\CellularAPI.dll 2015-12-29 15:27:54 1C671129864880F66678D3B80316074E 56320 ----a-w- C:\WINDOWS\Sysnative\provtool.exe 2015-12-29 15:27:54 156963089DF9C18AF330E08BFE41884D 165376 ----a-w- C:\WINDOWS\Sysnative\provdatastore.dll 2015-12-29 15:27:54 01C759FD50DFD46E30CC56B2B672B1A7 203776 ----a-w- C:\WINDOWS\Sysnative\NetSetupSvc.dll 2015-12-29 15:27:53 FDB262D0B2C0790385B894AA4B2C0A6C 182784 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll 2015-12-29 15:27:53 EFA47480BEB0968E3A18479593B2E60C 18944 ----a-w- C:\WINDOWS\Sysnative\wshrm.dll 2015-12-29 15:27:53 E853D5823793FE6E5FB0351F256DC1F2 223232 ----a-w- C:\WINDOWS\Sysnative\fveapibase.dll 2015-12-29 15:27:53 B83CCF1BEECF4BCDE71FC431BAB9A790 34304 ----a-w- C:\WINDOWS\Sysnative\iernonce.dll 2015-12-29 15:27:53 B46D8BBF27B186B0AE7C57C88A1A6D93 6572032 ----a-w- C:\WINDOWS\Sysnative\wwanmm.dll 2015-12-29 15:27:53 B1305CDD98D5FC49863279D4B51DB510 618496 ----a-w- C:\WINDOWS\Sysnative\StorSvc.dll 2015-12-29 15:27:53 A0C330AAF06A36A13171A28FE4B582A2 92160 ----a-w- C:\WINDOWS\Sysnative\policymanagerprecheck.dll 2015-12-29 15:27:53 88B38A7435DFA9B7E8F94F5D5FE999D2 66560 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2015-12-29 15:27:53 7A9FF15EF71DAC09420C4997D3FA7E48 850432 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2015-12-29 15:27:53 735C408ADE2017B8D2F6A8D2C2DB7016 7979008 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2015-12-29 15:27:53 67C1D042FA62E2294973FD0CD1F1BC36 192000 ----a-w- C:\WINDOWS\Sysnative\provisioningcsp.dll 2015-12-29 15:27:53 5F8178A9C45D9C69819C63AFC5988C33 66560 ----a-w- C:\WINDOWS\Sysnative\iesetup.dll 2015-12-29 15:27:53 5B7B6AF7E94E972DCE4BF892ABD466B6 115200 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2015-12-29 15:27:53 55A629331D5EB924A1926C18E5028243 764928 ----a-w- C:\WINDOWS\Sysnative\fveapi.dll 2015-12-29 15:27:53 25DA92A03FFF1A620A950ED6209CDC8F 77312 ----a-w- C:\WINDOWS\Sysnative\ProvPluginEng.dll 2015-12-29 15:27:53 0053C878CDBA8F8D55339547EC2E99E8 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2015-12-29 15:27:52 F0B772D90082371CE0DDE4286EF0AE16 7199232 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2015-12-29 15:27:52 E8C7F673B75210D3F35142361923C945 157184 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe 2015-12-29 15:27:52 D7ED1ADDC1D19A9D6A1C583A938F4AF4 465920 ----a-w- C:\WINDOWS\Sysnative\wwanconn.dll 2015-12-29 15:27:52 781EFD88C2BD9A95CA6961E16AFF7332 168960 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2015-12-29 15:27:51 EACD8F5C17AC39E43E1FCD85674F4B0D 1713664 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2015-12-29 15:27:51 B7D367ABFC188C1AC27C6C961694B5B4 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2015-12-29 15:27:51 9976E10E1FC313755C9F8632F96072F7 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2015-12-29 15:27:51 8A0BAD6F9EEFB0FCD1629F6366394380 1814528 ----a-w- C:\WINDOWS\Sysnative\pnidui.dll 2015-12-29 15:27:51 7950D23F5542F6F8A9D41F046C01067F 2756096 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2015-12-29 15:27:50 E0FBBE85A7DC215F97F7B81236CE2674 60928 ----a-w- C:\WINDOWS\Sysnative\XblAuthTokenBrokerExt.dll 2015-12-29 15:27:50 DC59D9253F50A2D329945CBDBE3B8B7A 32256 ----a-w- C:\WINDOWS\Sysnative\wups2.dll 2015-12-29 15:27:50 D0E812616609B1E6E3317FF46B9177C8 44032 ----a-w- C:\WINDOWS\Sysnative\wsplib.dll 2015-12-29 15:27:50 D0C4A5B386F585B2BE7620D3CEFD7CE8 119808 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2015-12-29 15:27:50 C6F9333F6C5F326B075CBC062E33793D 7680 ----a-w- C:\WINDOWS\Sysnative\readingviewresources.dll 2015-12-29 15:27:50 BF1A001A4EBD005CB412E322F20DB0D7 75264 ----a-w- C:\WINDOWS\Sysnative\EditBufferTestHook.dll 2015-12-29 15:27:50 9F171CF4EDEB38DB4CA906ABD535DC44 13312 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvcProxy.dll 2015-12-29 15:27:50 9E55D606C3CE9A37FB2FE5A419AE9CE6 30208 ----a-w- C:\WINDOWS\Sysnative\StorageUsage.dll 2015-12-29 15:27:50 9C6D0A1464410A25389C9D004DE48D36 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2015-12-29 15:27:50 9AEEB769F72EF13134BC21BA1465CCE3 134656 ----a-w- C:\WINDOWS\Sysnative\wificonnapi.dll 2015-12-29 15:27:50 8C86CB7C7725B196773451DE66602199 75776 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.XboxLive.ProxyStub.dll 2015-12-29 15:27:50 8938F957903BBA18ED242AE4DBF419FD 73728 ----a-w- C:\WINDOWS\Sysnative\wwancfg.dll 2015-12-29 15:27:50 80EEB2E91EE933EFB1384D9866BD997F 64000 ----a-w- C:\WINDOWS\Sysnative\MosHostClient.dll 2015-12-29 15:27:50 7DC5115A32BA087DCED8CF76352A79DC 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll 2015-12-29 15:27:50 7CDB2034A13C7009CFF479C170E21C90 55808 ----a-w- C:\WINDOWS\Sysnative\rilproxy.dll 2015-12-29 15:27:50 7538F05A7C07DB69F6E82B67CAA67286 92160 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll 2015-12-29 15:27:50 716E299C1058C9F2030F31BC7270A210 52224 ----a-w- C:\WINDOWS\Sysnative\Wwanpref.dll 2015-12-29 15:27:50 65267BF5DDCC86AB6DE29AFF488497AA 248832 ----a-w- C:\WINDOWS\Sysnative\UserMgrProxy.dll 2015-12-29 15:27:50 5358F9A3A5C55ED1395BBFFCFA65F551 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2015-12-29 15:27:50 4E5B496EBD95AEE005F54EA49EECAAC6 72704 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2015-12-29 15:27:50 4B4970CB5FF1D25B444F95A18ED8AF22 114688 ----a-w- C:\WINDOWS\Sysnative\offlinelsa.dll 2015-12-29 15:27:50 4AAD96366A51B26F50113A6393CB5587 42496 ----a-w- C:\WINDOWS\Sysnative\mapstoasttask.dll 2015-12-29 15:27:50 46BF56CC45F3EBE9DCF04EA702F79FF7 64000 ----a-w- C:\WINDOWS\Sysnative\ihvrilproxy.dll 2015-12-29 15:27:50 46668562A5BDD2D2F383CAD6D35DCB15 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2015-12-29 15:27:50 447413C46C687CF730051DD8B4EA12F6 75264 ----a-w- C:\WINDOWS\Sysnative\wwanprotdim.dll 2015-12-29 15:27:50 3C9066503DE3E45CB98C8584DE19C186 28160 ----a-w- C:\WINDOWS\Sysnative\nativemap.dll 2015-12-29 15:27:50 35F9920E5B9757E2047C024063C9A279 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2015-12-29 15:27:50 301A917544D10E9F28A946BA0E84C407 160768 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2015-12-29 15:27:50 24206CBE7165E296D598FF98590C4D59 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2015-12-29 15:27:50 23B32FD7B58007D0407B8A4191AB76BB 28672 ----a-w- C:\WINDOWS\Sysnative\WordBreakers.dll 2015-12-29 15:27:50 1CC123FE215B7FFBA4B7889FD13B32D5 36864 ----a-w- C:\WINDOWS\Sysnative\BackgroundTransferHost.exe 2015-12-29 15:27:49 EBDDBFCAA0E8BF346F5DC13BC364B39E 110592 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-MapControls.dll 2015-12-29 15:27:49 8AA095B5A4826840B348D0A94969CE1A 1268736 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll 2015-12-29 15:27:49 79EE5C9F9DF073C315D035A1785B502F 3072 ----a-w- C:\WINDOWS\Sysnative\MapControlStringsRes.dll 2015-12-29 15:27:49 79BD0E63A9E54ED8AFFD19F43B5B83F2 264192 ----a-w- C:\WINDOWS\Sysnative\NmaDirect.dll 2015-12-29 15:27:49 33F4AE1E913D7F865D0CFA716BDC9032 10240 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-MosTrace.dll 2015-12-29 15:27:49 2031A1DA09AFF8A8BADFFF73511AF306 58368 ----a-w- C:\WINDOWS\Sysnative\MosResource.dll 2015-12-29 15:27:49 183B210A411E23AC9C5374AEE5645312 36352 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCoreRes.dll 2015-12-29 15:27:49 08F0E6B466F44EA24CA1601F3196E43E 9728 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-MosHost.dll 2015-12-29 12:34:19 B5748910B3449755DAA42591B50270E5 337808 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT 2015-12-29 12:33:12 A82F594EE2471B4F304DA1DF068552EE 758 ----a-w- C:\WINDOWS\Sysnative\license.rtf 2015-12-29 12:29:53 FAC1E762CB49992381691B00D2069B3E 1063424 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2015-12-29 12:29:53 F5DC166DC9D533651B83B83CD70FD14C 88392 ----a-w- C:\WINDOWS\Sysnative\remoteaudioendpoint.dll 2015-12-29 12:29:53 EF94C4BB5DDCEB9F0A092122582CF4E5 516544 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2015-12-29 12:29:53 B9A74283BD46350F2A32962C1B16225A 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2015-12-29 12:29:53 89E74EC4422905377D45D58FD2832D02 408128 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2015-12-29 12:29:53 890BF20BDF500E4E84720EA84448EDDF 275456 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2015-12-29 12:29:53 81785D31BEB7C741BB23BE0CB98E691F 536768 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2015-12-29 12:29:53 36208F250EE9B93B87AD6384237373A9 110032 ----a-w- C:\WINDOWS\Sysnative\EncDump.dll 2015-12-29 12:29:52 BB2DD53E90A958FDB1254839F30329D5 803840 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-12-29 12:29:51 FE808DE33D79F2ACB8757EE544615626 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2015-12-29 12:29:51 FCB7D0215CA010400777A2144432FBDC 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2015-12-29 12:29:51 FBEFDA259F6254B6590956753421D387 89600 ----a-w- C:\WINDOWS\Sysnative\NFCProvisioningPlugin.dll 2015-12-29 12:29:51 E104F46B2E0C4F760382CF95E248E0AD 43520 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.proxy.dll 2015-12-29 12:29:51 DD723E3E44BBD7A1B94D8914B7E72549 623616 ----a-w- C:\WINDOWS\Sysnative\PhoneProviders.dll 2015-12-29 12:29:51 DA81241A3493CD3B7EEF3AFD6BBE38B6 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2015-12-29 12:29:51 C46FC25D2742C6426F6581A4C59331D9 35656 ----a-w- C:\WINDOWS\Sysnative\mfpmp.exe 2015-12-29 12:29:51 BA45A9F29AB13A0E66BAABF9D7C30B70 523616 ----a-w- C:\WINDOWS\Sysnative\wimserv.exe 2015-12-29 12:29:51 B8F17AB618578B9024D949DE8308B95A 14336 ----a-w- C:\WINDOWS\Sysnative\dciman32.dll 2015-12-29 12:29:51 AD37B56D53795944240011FF4EEBBD30 911648 ----a-w- C:\WINDOWS\Sysnative\dcomp.dll 2015-12-29 12:29:51 ABC346A1CD915DEE6231BB4A7F0B96EC 204800 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-AppModelExecEvents.dll 2015-12-29 12:29:51 9FCC3D4817CCA5BCEF1FB4B14E523EBC 78336 ----a-w- C:\WINDOWS\Sysnative\BarcodeProvisioningPlugin.dll 2015-12-29 12:29:51 9BF34692BC6933BAB7627EC173EB1E8A 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2015-12-29 12:29:51 95AF774B7D20C3006DC0AC9AEDF48655 674816 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2015-12-29 12:29:51 87A8DD15B7DEAC51916358250E5BC7C5 122368 ----a-w- C:\WINDOWS\Sysnative\KnobsCsp.dll 2015-12-29 12:29:51 877512145CB9B3F6EBD5424DE15C14F8 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2015-12-29 12:29:51 85031015C1F1B9A7DAA002DAAEE341AA 2444288 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll 2015-12-29 12:29:51 8456D2DBEAC8F06712FE8AC2AB5A1AE2 969728 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2015-12-29 12:29:51 82EDCF9C603F3FA09AAAACA82D34E74E 450560 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll 2015-12-29 12:29:51 8109C3D1CFDC7AE78605D8F3EA4EAA20 586208 ----a-w- C:\WINDOWS\Sysnative\mf.dll 2015-12-29 12:29:51 80BF2990E01E774D64F6E13F30661942 162304 ----a-w- C:\WINDOWS\Sysnative\tetheringservice.dll 2015-12-29 12:29:51 7B106C453D6EF1A32F8669AD503E21BB 517632 ----a-w- C:\WINDOWS\Sysnative\winspool.drv 2015-12-29 12:29:51 71B94A84934AA3DA61378C4121523FEA 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2015-12-29 12:29:51 6D64E74EF63AD36912C89EA80449A299 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2015-12-29 12:29:51 6D04648D2E3F42A295B6D080A948E9BA 163328 ----a-w- C:\WINDOWS\Sysnative\provops.dll 2015-12-29 12:29:51 6ABAC83AD594B0390C470F9C1C017382 3072 ----a-w- C:\WINDOWS\Sysnative\lpk.dll 2015-12-29 12:29:51 66312F4AFEFB1AE0B80051F8A5E5B26B 698208 ----a-w- C:\WINDOWS\Sysnative\wimgapi.dll 2015-12-29 12:29:51 5E7C875662B05B28E899F0C59B549645 286720 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll 2015-12-29 12:29:51 559E4E19F481FBB9AF622E23772533CC 52736 ----a-w- C:\WINDOWS\Sysnative\RemovableMediaProvisioningPlugin.dll 2015-12-29 12:29:51 44699ED0B4D39D109D1BAEEF0DB66A9E 22572632 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2015-12-29 12:29:51 445E792DB399A2DA611B1F3C9DC6070D 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2015-12-29 12:29:51 3DF7BD7E0E0CFCF8D8856B639FD46C3C 30720 ----a-w- C:\WINDOWS\Sysnative\tetheringconfigsp.dll 2015-12-29 12:29:51 3690FAA19C6D3C68C033D0E5CB3BDB03 28160 ----a-w- C:\WINDOWS\Sysnative\Windows.Management.Provisioning.ProxyStub.dll 2015-12-29 12:29:51 25C9F417FA6FE9073392BD34630A89B4 17408 ----a-w- C:\WINDOWS\Sysnative\IcsEntitlementHost.exe 2015-12-29 12:29:51 233BA5B1A277D0A42E432E9A9F43EF7A 37376 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe 2015-12-29 12:29:51 1A9A77ACDAC29C39F50D2A492FD0DB16 87040 ----a-w- C:\WINDOWS\Sysnative\tzautoupdate.dll 2015-12-29 12:29:51 121C4B3ED671715017C8A37A8F816F06 809312 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2015-12-29 12:29:51 1083375C70D529AA1C8224E13D9E6F40 334736 ----a-w- C:\WINDOWS\Sysnative\policymanager.dll 2015-12-29 12:29:51 0161DABC5CDB2BE6D0B91BEB5386B47D 52736 ----a-w- C:\WINDOWS\Sysnative\tetheringclient.dll 2015-12-29 12:28:31 F44AA79DF45B1CAE6E6C64372D846AA5 6359040 ----a-w- C:\WINDOWS\Sysnative\NlsData0009.dll 2015-12-29 12:28:31 E52612EA0C1C1ACD3ABFD09534F6AAE6 5739520 ----a-w- C:\WINDOWS\Sysnative\prm0009.dll 2015-12-29 12:28:31 8F1CD3FABC7F24FE329FE39A3EB58C58 2629632 ----a-w- C:\WINDOWS\Sysnative\NlsLexicons0009.dll 2015-12-29 12:25:39 E91942A0D00C6AA014B2EA33EE0ED0A3 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe 2015-12-29 12:25:39 E2296A6174894682DF8F0FF29FDDCC82 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll 2015-12-29 12:25:39 C5FEF4B4A7FB961ECDB0AB07DBCF379E 124624 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-12-29 15:28:10 EFEFC245B884B1BE0401931398DCD707 2152800 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2015-12-29 15:27:57 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2015-12-29 15:27:56 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys 2015-12-29 15:27:56 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\WINDOWS\Sysnative\drivers\capimg.sys 2015-12-29 15:27:56 80977779A19947939D680A4899E829EC 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2015-12-29 15:27:55 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2015-12-29 12:37:01 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-12-29 12:29:52 91D3F2A6253EF83EFBD7903028F58C4D 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\tdx.sys 2015-12-29 12:29:51 EF536C54AB9281FDC4E83B07279FCFC4 35680 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys 2015-12-29 12:29:51 70148EFA9A562E7185B75BBE7D376BF7 578912 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2015-12-23 19:58:42 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf 2015-12-23 19:58:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_WinUSB_01009.Wdf ====== C:\WINDOWS\Tasks ====== 2015-12-29 12:57:18 B4B5E2FDCD3F83C947053A909C4645F0 931 ----a-w- C:\WINDOWS\Tasks\EPSON XP-820 Series Update {1271A98E-FDC1-4C14-8C13-DD141CC82210}.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-12-30 21:16:03 -------- d-----w- C:\Program Files\trend micro 2015-12-30 11:53:40 -------- d-----w- C:\Program Files\Speccy 2015-12-29 12:37:09 -------- d-----w- C:\Program Files\Realtek 2015-12-29 12:26:18 -------- d-----w- C:\Program Files\Reference Assemblies 2015-12-29 12:26:18 -------- d-----w- C:\Program Files\MSBuild ======= C:\PROGRA~2 ===== 2015-12-29 12:56:00 -------- d--h--w- C:\PROGRA~2\Uninstall Information 2015-12-29 12:26:18 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2015-12-29 12:26:18 -------- d-----w- C:\PROGRA~2\MSBuild ======= C: ===== ====== C:\Users\Cor van Thiel\AppData\Roaming ====== 2015-12-30 13:23:10 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\DataSharing 2015-12-29 13:06:36 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2015-12-29 12:57:44 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2015-12-29 12:51:42 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2015-12-29 12:51:42 -------- d-----w- C:\Users\Default\AppData\Local\Google 2015-12-29 12:51:42 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2015-12-29 12:51:42 -------- d-----w- C:\Users\Default User\AppData\Local\Google 2015-12-29 12:39:57 -------- d-s---r- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-12-29 12:39:57 -------- d-----w- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-12-29 12:39:57 -------- d-----w- C:\Users\Cor van Thiel\AppData\Roaming 2015-12-29 12:39:57 -------- d-----w- C:\Users\Cor van Thiel\AppData\Local\Temp 2015-12-29 12:39:57 -------- d-----w- C:\Users\Cor van Thiel\AppData\Local\Microsoft 2015-12-29 12:39:57 -------- d-----w- C:\Users\Cor van Thiel\AppData\Local 2015-12-29 12:39:57 -------- d-----r- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-12-29 12:39:57 -------- d-----r- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-12-29 12:39:57 -------- d-----r- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-12-29 12:39:57 -------- d-----r- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2015-12-29 12:39:56 -------- d-s---r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-12-29 12:39:56 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-12-29 12:39:56 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2015-12-29 12:39:56 -------- d-----w- C:\Users\UpdatusUser\AppData\Roaming 2015-12-29 12:39:56 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2015-12-29 12:39:56 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Microsoft 2015-12-29 12:39:56 -------- d-----w- C:\Users\UpdatusUser\AppData\Local 2015-12-29 12:39:56 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-12-29 12:39:56 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-12-29 12:39:56 -------- d-----r- C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-12-29 12:34:59 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache 2015-12-29 12:34:32 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming 2015-12-29 12:34:32 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2015-12-29 12:34:28 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming 2015-12-29 12:34:28 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2015-12-29 12:34:28 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft 2015-12-29 12:34:28 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local 2015-12-29 12:27:46 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft 2015-12-15 21:16:42 -------- d-----w- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avanquest\InPixio Photo Clip 2015-12-15 21:16:42 -------- d-----w- C:\Users\Cor van Thiel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avanquest 2015-12-13 14:16:24 -------- d-----w- C:\Users\Cor van Thiel\AppData\Local\OfficeBSCache-OD-cvthiel@outlook.com ====== C:\Users\Cor van Thiel ====== 2015-12-30 21:15:18 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Cor van Thiel\Downloads\RSITx64.exe 2015-12-30 11:52:02 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Cor van Thiel\Downloads\spsetup129 (1).exe 2015-12-30 11:51:54 FF70EB133BE86B9F9EB18E274DAA6B6C 5111240 ----a-w- C:\Users\Cor van Thiel\Downloads\spsetup129.exe 2015-12-30 09:26:28 CE37F7B85C6EFA00A96A9B2BB9696F51 54437409 ----a-w- C:\Users\Cor van Thiel\Downloads\PROWinx64.exe 2015-12-30 09:19:22 ADE449592745B54724FA70EC488B99FD 2449376 ----a-w- C:\Users\Cor van Thiel\Downloads\DriverToolkitInstaller (1).exe 2015-12-30 09:16:35 ADE449592745B54724FA70EC488B99FD 2449376 ----a-w- C:\Users\Cor van Thiel\Downloads\DriverToolkitInstaller.exe 2015-12-29 13:15:10 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Cor van Thiel\ntuser.ini 2015-12-29 12:57:49 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\UpdatusUser\ntuser.ini 2015-12-29 12:39:57 -------- d--h--w- C:\Users\Cor van Thiel\AppData 2015-12-29 12:39:56 -------- d--h--w- C:\Users\UpdatusUser\AppData 2015-12-29 12:37:22 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2015-12-29 12:35:03 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2015-12-29 12:34:32 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\Saved Games 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Videos 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Pictures 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Music 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Links 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Favorites 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Downloads 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Documents 2015-12-29 12:34:32 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Desktop 2015-12-29 12:34:29 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\Saved Games 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Videos 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Pictures 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Music 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Links 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Favorites 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Downloads 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Documents 2015-12-29 12:34:29 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Desktop 2015-12-29 12:34:28 -------- d--h--w- C:\WINDOWS\serviceprofiles\networkservice\AppData 2015-12-26 20:39:58 C88FF17D0AF4A0BAD05F5A578ADB7F22 4748384 ----a-w- C:\Users\Cor van Thiel\Downloads\wzdu32.exe 2015-12-24 21:49:04 3FA6F7F2ED28B413EBA35B1B6476E11D 82973 ----a-w- C:\Users\Cor van Thiel\Annie van Druten en Marianne.jpg 2015-12-24 15:22:31 3760D1960A73C9CA260651EEB8B71CD0 927824 ----a-w- C:\Users\Cor van Thiel\Downloads\ChromeSetup.exe 2015-12-21 23:59:49 -------- d-----w- C:\Users\Cor van Thiel\Nieuwe map (2) 2015-12-21 23:58:00 -------- d-----w- C:\Users\Cor van Thiel\Nieuwe map 2015-12-13 23:18:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2015-12-13 19:58:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C: exe-files == 2015-12-31 14:11:36 4BA98170D6B04AE7219425AD6943B8BB 2575360 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Packages\C27EB4BA.Dropbox_xbfy0k16fey96\AC\Microsoft\CLR_v4.0_32\NativeImages\Dropbox.WindowsApp\cc742e8f2197dd9aaa302280a64e5e2d\Dropbox.WindowsApp.ni.exe 2015-12-30 21:16:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Cor van Thiel.exe 2015-12-29 15:27:57 E7CD04555F47651B79A50DBA6148019C 820416 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2015-12-29 15:27:57 05CB7AA244D84ED3BB43FDA10413E2F8 815808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2015-12-29 14:12:13 AD60A39A820804E89BC2EAD599ED94E1 8067784 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\OneDriveSetup.exe 2015-12-29 14:12:12 AD60A39A820804E89BC2EAD599ED94E1 8067784 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\OneDriveSetup.exe 2015-12-29 13:55:40 EB0965F7AE1394C0A3165A5E9A32C44D 164040 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncConfig.exe 2015-12-29 13:29:45 2DB7D5B28812523AAF17F71A8EB4832E 171712 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe === C: other files == 2016-01-01 10:36:58 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Temp\_MEI89882\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2016-01-01 10:36:58 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Temp\_MEI89882\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-12-29 15:28:10 EFEFC245B884B1BE0401931398DCD707 2152800 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2015-12-29 15:28:05 78065D08A6D5886ACF9B6BA7E34A554C 3593216 ----a-w- C:\Windows\System32\win32kfull.sys 2015-12-29 15:28:03 42B6285314851A693F68F7A7B79FD1B9 1393664 ----a-w- C:\Windows\System32\win32kbase.sys 2015-12-29 15:27:57 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2015-12-29 15:27:56 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\Windows\System32\drivers\sdstor.sys 2015-12-29 15:27:56 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\Windows\System32\drivers\capimg.sys 2015-12-29 15:27:56 80977779A19947939D680A4899E829EC 604928 ----a-w- C:\Windows\System32\drivers\cng.sys 2015-12-29 15:27:55 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-12-29 15:27:53 5B7B6AF7E94E972DCE4BF892ABD466B6 115200 ----a-w- C:\Windows\System32\win32k.sys 2015-12-29 13:25:17 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Cor van Thiel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\CollectOneDriveLogs.bat 2015-12-29 12:29:52 91D3F2A6253EF83EFBD7903028F58C4D 118624 ----a-w- C:\Windows\System32\drivers\tdx.sys 2015-12-29 12:29:51 EF536C54AB9281FDC4E83B07279FCFC4 35680 ----a-w- C:\Windows\System32\drivers\wimmount.sys 2015-12-29 12:29:51 70148EFA9A562E7185B75BBE7D376BF7 578912 ----a-w- C:\Windows\System32\drivers\afd.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINME.EXE /EPT EPLTarget\P0000000000000000 /M XP-820 Series" [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1820760672-4153734205-3726909139-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" "AshSnap"="C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "OneDrive"="C:\Users\Cor van Thiel\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINME.EXE /EPT EPLTarget\P0000000000000001 /M XP-820 Series" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINME.EXE /EPT EPLTarget\P0000000000000000 /M XP-820 Series" [HKEY_USERS\S-1-5-21-1820760672-4153734205-3726909139-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINME.EXE /EPT EPLTarget\P0000000000000000 /M XP-820 Series" [HKEY_USERS\S-1-5-21-1820760672-4153734205-3726909139-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VM_STI"="C:\Windows\VM_STI.exe Philips SPC200NC Webcam" "wsUpdate"="C:\Users\Cor van Thiel\AppData\Roaming\fownh\qcdba.exe C:\Users\CORVAN~1\AppData\Roaming\fownh\peues.udl" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" "FUFAXRCV"=""C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"" "FUFAXSTM"=""C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" "AshSnap"="C:\Program Files (x86)\Ashampoo\Ashampoo Snap 8\ashsnap.exe" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "OneDrive"="C:\Users\Cor van Thiel\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINME.EXE /EPT EPLTarget\P0000000000000001 /M XP-820 Series" "EPLTarget\P0000000000000000"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINME.EXE /EPT EPLTarget\P0000000000000000 /M XP-820 Series" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Ashampoo HDD Control 3 Guard"="C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\HDDC3Guard.exe -TRAY" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [25-11-2015 13:52] C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [25-11-2015 13:52] C:\WINDOWS\tasks\EPSON XP-820 Series Update {1271A98E-FDC1-4C14-8C13-DD141CC82210}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNME.exe [22-11-2013 01:30] C:\WINDOWS\tasks\EPSON XP-820 Series Update {A45D3213-0333-4862-B935-DE69FE3C2966}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNME.exe [22-11-2013 01:30] C:\WINDOWS\tasks\EPSON XP-820 Series Update {D06AE7FE-4EB4-435A-A6BD-C234636D16E7}.job --a-------- C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNME.exe [22-11-2013 01:30] C:\WINDOWS\tasks\EPSON XP-820 Series Update {DBA71808-3D48-4714-B519-5BF0A592B777}.job --a-------- C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNME.exe [22-11-2013 01:30] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0955a3c674b9f.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08-04-2015 22:50] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\Driver Booster SkipUAC (Cor van Thiel)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\EPSON XP-820 Series Update {A45D3213-0333-4862-B935-DE69FE3C2966}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNME.EXE] "C:\WINDOWS\SysNative\tasks\EPSON XP-820 Series Update {D06AE7FE-4EB4-435A-A6BD-C234636D16E7}" [C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNME.EXE] "C:\WINDOWS\SysNative\tasks\EPSON XP-820 Series Update {DBA71808-3D48-4714-B519-5BF0A592B777}" [C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNME.EXE] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d06751e218e14e" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1d0955a3c674b9f" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{5BB6D48B-D4EF-41E6-92B6-E3048BFEF085}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "e-webprint@epson.com"="C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on" [29-06-2015 23:35] ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Slides - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Drive App Launcher - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" "Search Page"="http://www.google.nl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.nl/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6}" HKCU\SearchScopes\GOOGLE_SEARCH - http://www.google.nl/search?hl=nl&q={searchTerms}&meta= HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vinny27 Adobe Dreamweaver Unattended Packages deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cor van Thiel\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Cor van Thiel\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Cor van Thiel\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Cor van Thiel\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Cor van Thiel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=325 folders=88 175768036 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\CORVAN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 01-01-2016 at 12:18:27,09 ======================