Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Janne Lambert on ma 11/01/2016 at 18:01:06,91. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Janne Lambert\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 11/01/2016 18:05:47 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Cisco deleted successfully C:\PROGRA~2\RelayKeeper deleted successfully C:\Program Files\Google deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\Program Files\Common Files\Intel deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully C:\Users\Janne Lambert\AppData\Local\ActiveSync deleted successfully C:\Users\Janne Lambert\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Janne Lambert\AppData\Local\EmieSiteList deleted successfully C:\Users\Janne Lambert\AppData\Local\EmieUserList deleted successfully C:\Users\Janne Lambert\AppData\Local\NetworkTiles deleted successfully C:\Users\Janne Lambert\AppData\Local\Opera Software deleted successfully C:\Users\Janne Lambert\AppData\Local\PackageStaging deleted successfully C:\Users\Janne Lambert\AppData\Local\Skype deleted successfully C:\Users\janne_000\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3577948327-2292428509-81639717-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3577948327-2292428509-81639717-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3577948327-2292428509-81639717-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Albelli.be Fotoboeken Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Ashampoo AppLauncher (Medion) v.1.0.0 AVG 2015 AVG Web TuneUp Bonjour CyberLink LabelPrint 2.5 CyberLink MediaEspresso 6.5 CyberLink PhotoDirector 3 CyberLink Power2Go 8 CyberLink PowerDirector CyberLink PowerDVD 10 CyberLink PowerDVD Copy 1.5 CyberLink PowerRecover CyberLink YouCam 5 D3DX10 Dropbox Fotogalerie Galerˇa de fotos Galerie de photos Google Chrome Google Earth Google Update Helper iCloud Intel PROSet Wireless Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel© PROSet/Wireless WiFi Software Intel© Trusted Connect Service Client iTunes Medion Home Cinema 10 Microsoft Application Error Reporting Microsoft Office 365 - nl-nl Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Movie Maker Mozilla Maintenance Service Mozilla Thunderbird 31.6.0 (x86 nl) MSVCRT MSVCRT Redists MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP3 Parser (KB2758694) Office 16 Click-to-Run Extensibility Component Office 16 Click-to-Run Licensing Component Office 16 Click-to-Run Localization Component ooVoo PHotkey Photo Common Photo Gallery PhotoNow Pixum Fotowereld Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader SimpleMind desktop Pro 1.9.4d Skype Click to Call SkypeT 7.16 Spotify Synaptics Pointing Device Driver Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD Teach2000 versie 8.51 Vegas Pro 13.0 (64-bit) Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack ==== Running Processes ====================== C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\PHotkey\PHotkey.exe C:\Program Files (x86)\PHotkey\HCSynApi.exe C:\Program Files (x86)\PHotkey\POSD.exe C:\Program Files (x86)\PHotkey\GPMTray.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\ooVoo\ooVoo.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe C:\Users\Janne Lambert\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Janne Lambert\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\AVG Web TuneUp\vprot.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe C:\Users\Janne Lambert\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Janne Lambert\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.2.4 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Cisco not found C:\PROGRA~2\RelayKeeper not found C:\PROGRA~2\AllSaverr deleted C:\PROGRA~2\BitTorrent Surf Beta deleted C:\PROGRA~2\DDEaelExpreuss deleted C:\PROGRA~2\DiscountExtennsii deleted C:\PROGRA~2\Download Button deleted C:\PROGRA~2\EnjoyCCouopon deleted C:\PROGRA~2\Funn2Save deleted C:\PROGRA~2\ShhopoDaRop deleted C:\PROGRA~2\UNiDeeAlsi deleted C:\Program Files\AVG Web TuneUp deleted C:\ProgramData\AVG Secure Search deleted C:\ProgramData\Avg_Update_0615tb deleted C:\PROGRA~3\{23351c1f-3195-ac63-2335-51c1f319707c} deleted C:\Users\Janne Lambert\AppData\Local\AVG Web TuneUp deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\PROGRA~3\Avg_Update_1215av deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\SlimWare Utilities Inc deleted C:\Users\Janne Lambert\AppData\Local\SlimWare Utilities Inc deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Janne Lambert\AppData\LocalLow\AVG Web TuneUp deleted C:\WINDOWS\tasks\0615tbUpdateInfo.job deleted C:\windows\SysNative\tasks\SlimCleaner Plus (Scheduled Scan - Janne Lambert) deleted C:\WINDOWS\tasks\SlimCleaner Plus (Scheduled Scan - Janne Lambert).job deleted "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted "C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.2.4\avgdttbx.dll" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\log4cplusU.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.4\avgdttbx.dll" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.4\log4cplusU.dll" deleted "C:\Program Files (x86)\AVG Web TuneUp" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search" deleted "C:\PROGRA~2\AVG Web TuneUp" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\40.2.4" deleted "C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.2.4" deleted "C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\40.2.4" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3978 MB CPU Info: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz CPU Speed: 2448,7 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Bluetooth Device (Personal Area Network) | Realtek PCIe GBE Family Controller | Intel(R) Centrino(R) Wireless-N 2230 | Microsoft Wi-Fi Direct Virtual Adapter CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208DB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 868,2GB | D: 60,0GB Hard Disks - Free: C: 591,8GB | D: 42,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | MEDION - 1 Time Zone: Romance (standaardtijd) Motherboard *: Medion E6234 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Internet Explorer Version: 11.20.10586.0 Google Chrome version: 47.0.2526.106 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-01-09 17:10:51 A07669C125C0B5FF84E94F7750B2230B 67584 --s-a-w- C:\WINDOWS\bootstat.dat ====== C:\Users\JANNEL~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-01-09 17:13:02 967596AE692AD8548BB12F7C3ABA4D07 69120 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-01-09 17:12:32 42DE22BB4E675AE8DADD9038B26F8EFE 2718208 ----a-w- C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-01-09 17:07:59 79422D76818752C6D935A97C8FFC4EEA 44147 ----a-w- C:\WINDOWS\SysWOW64\license.rtf 2016-01-09 17:01:18 EF22B84131DB17D40D523F649CAD31D2 366224 ----a-w- C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-09 17:01:18 EDC75B4FF6A66B0AC1A360476D9CBCC9 12125184 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-09 17:01:18 EBB01B0223DBB9660E4FFB35854D69BF 400896 ----a-w- C:\WINDOWS\SysWOW64\winspool.drv 2016-01-09 17:01:18 EB6BAC2C67F848F2C0EFE82AEAC5C67A 1540768 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-01-09 17:01:18 D0693220928997E1DD513B261AF86308 454056 ----a-w- C:\WINDOWS\SysWOW64\AudioEng.dll 2016-01-09 17:01:18 C9E25AB152E9E111F2820AFC6C89B641 2179584 ----a-w- C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-09 17:01:18 C406EDC958F835CFF2D16FD33DDB36D3 2918808 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-01-09 17:01:18 B13BE7A31C732B5773FDF51FB140B614 334336 ----a-w- C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-01-09 17:01:18 AD2E3CC2771EADB0605CC0FAE73EAA45 405048 ----a-w- C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-09 17:01:18 A4CC1E8330E839AA619978E61AEEEAC4 73360 ----a-w- C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2016-01-09 17:01:18 9C58CC40F82DF28B3C0B04EA2AC8F99F 116728 ----a-w- C:\WINDOWS\SysWOW64\mfps.dll 2016-01-09 17:01:18 9ACCC0C1786391EF1FD1FAF12AE22801 340480 ----a-w- C:\WINDOWS\SysWOW64\PlayToDevice.dll 2016-01-09 17:01:18 86A2DFAAE917E8852363BD716BD8D5CF 334848 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-09 17:01:18 819363A483BB829C443D94CC77119DC9 18678272 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-09 17:01:18 75F7D82383D8CF10D5999874993A2EF5 27136 ----a-w- C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll 2016-01-09 17:01:18 4F04FB02D215667B505A060EEE02B5DF 686592 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-09 17:01:18 4928A84450E64625366CA7EABACAE779 382464 ----a-w- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-01-09 17:01:18 2EECE39CDFFF244B2489FD8ACDC14D7A 517632 ----a-w- C:\WINDOWS\SysWOW64\PlayToManager.dll 2016-01-09 17:01:18 2DA46210CBE5B92C4E79FDD70A6C0ADE 2049024 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-09 17:01:18 2AF0E5217FE677C29669E0243F28D64F 70656 ----a-w- C:\WINDOWS\SysWOW64\AppCapture.dll 2016-01-09 17:01:18 24E63481D1723141B56630F3046899BC 19338240 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-09 17:01:18 192B579E14C116D2B742FEBE85A4D3C1 2756096 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb 2016-01-09 17:01:18 190C0F670CD296BE609ACDA1F366FB26 2064384 ----a-w- C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-01-09 17:01:14 F7F009E10E52C760EF48D2AD7E4D892E 29696 ----a-w- C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-01-09 17:01:14 F3C3640C70044210DB4D480969420D44 1706496 ----a-w- C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-01-09 17:01:14 F2D9AB28744983980E6BCE08DA077528 21125408 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-01-09 17:01:14 D6DF0F68136C6148989E927572319F21 431232 ----a-w- C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-09 17:01:14 D213E29D66D7182AF58CB525EFC2F409 421888 ----a-w- C:\WINDOWS\SysWOW64\LogonController.dll 2016-01-09 17:01:14 AA220069ABA44FEB2FEA92FF463E89BC 166912 ----a-w- C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-09 17:01:14 9E57FF10D37B672B8781BAF92DB00A8B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-01-09 17:01:14 5B64BFE61393D22D908BB5E2A17B6147 1328128 ----a-w- C:\WINDOWS\SysWOW64\comsvcs.dll 2016-01-09 17:01:14 5467DAD0BDB397D84052FCCF8686FB9C 60928 ----a-w- C:\WINDOWS\SysWOW64\mssign32.dll 2016-01-09 17:01:14 532AC1D121972B17BE523A9988A3A0E5 2155008 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2016-01-09 17:01:14 4C421E34FF4A836590401A3E9A5B5DE8 415744 ----a-w- C:\WINDOWS\SysWOW64\catsrvut.dll 2016-01-09 17:01:14 31DE6A034E8BBA043CB2F4612033C12A 296488 ----a-w- C:\WINDOWS\SysWOW64\policymanager.dll 2016-01-09 17:01:14 1E7B13CDBA9D57D2BF54A7501FB17376 586080 ----a-w- C:\WINDOWS\SysWOW64\wimgapi.dll 2016-01-09 17:01:14 102F3BB5D63225A25817C8E44B85533F 63528 ----a-w- C:\WINDOWS\SysWOW64\wwapi.dll 2016-01-09 17:01:11 F32770E19F1CB817274BC85824730E48 470528 ----a-w- C:\WINDOWS\SysWOW64\MbaeApi.dll 2016-01-09 17:01:11 D52DBC4E0729FF2E8A623F33687468BF 160768 ----a-w- C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-01-09 17:01:11 D325A5C1E02D0711F5D862E04E527764 6297088 ----a-w- C:\WINDOWS\SysWOW64\mos.dll 2016-01-09 17:01:11 CFF6561FE6740E23FBFE0FF99C8A48B7 409088 ----a-w- C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-01-09 17:01:11 CA260C1A4CFC95D49DBE4DAEDCD65585 58368 ----a-w- C:\WINDOWS\SysWOW64\MosStorage.dll 2016-01-09 17:01:11 C11AFEBFFDD62BA366D2F146212B415E 110592 ----a-w- C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll 2016-01-09 17:01:11 B1D9E0B2B7E713E76764B2862E4F9E3E 346112 ----a-w- C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-01-09 17:01:11 B0DB58B85CF68C61AFBEFC107807FECF 784896 ----a-w- C:\WINDOWS\SysWOW64\NMAA.dll 2016-01-09 17:01:11 AA0644D24DD488B1E1517189DD3DC00B 48640 ----a-w- C:\WINDOWS\SysWOW64\MosHostClient.dll 2016-01-09 17:01:11 A971D150CD168A1F7BD775674896F02C 711680 ----a-w- C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-01-09 17:01:11 92F331E360CB8DC73FA1158934CA9491 86528 ----a-w- C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-09 17:01:11 92551AFCC476CBEBBB66B6420C60AB20 5202944 ----a-w- C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-09 17:01:11 8BAD6657817E0960C7CB6026323828A1 511320 ----a-w- C:\WINDOWS\SysWOW64\mf.dll 2016-01-09 17:01:11 7F64C196D3FA41C0F437A158FDEF7F50 800768 ----a-w- C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-01-09 17:01:11 7CDF1630DCF7C9167E551874D18C3CE0 709120 ----a-w- C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2016-01-09 17:01:11 6AE2C3CFEA73E2D01CB1E00DBD1EC4A5 205824 ----a-w- C:\WINDOWS\SysWOW64\NmaDirect.dll 2016-01-09 17:01:11 5661751DF301C52E09C1C8CDBDA3527B 975200 ----a-w- C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-01-09 17:01:11 53E2029302DA056DE856D4C662663B2B 10240 ----a-w- C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll 2016-01-09 17:01:11 4C85D9A9FD26D3F00BBF5D3F469F1800 241664 ----a-w- C:\WINDOWS\SysWOW64\cryptngc.dll 2016-01-09 17:01:11 451356B814B46BB6582F307E24AA0863 9728 ----a-w- C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll 2016-01-09 17:01:11 3FCEAC0D175851962F9CF797A370A14F 3072 ----a-w- C:\WINDOWS\SysWOW64\MapControlStringsRes.dll 2016-01-09 17:01:11 3B1D8CE3E56BA82EF02C126226B7C357 948224 ----a-w- C:\WINDOWS\SysWOW64\Unistore.dll 2016-01-09 17:01:11 262D880248233D3A96C15F7C7E1BAD21 58368 ----a-w- C:\WINDOWS\SysWOW64\MosResource.dll 2016-01-09 17:01:11 123BD3D4504BB548A823152EAC57DE00 32040 ----a-w- C:\WINDOWS\SysWOW64\mfpmp.exe 2016-01-09 17:01:10 FAE7DA27029FDDA27375722B4DC387D7 138240 ----a-w- C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll 2016-01-09 17:01:10 F2D2E8091D0929884E6A86AFD9981E2F 2001408 ----a-w- C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-01-09 17:01:10 F0ED21F9D39229B305C363B6ED023170 11776 ----a-w- C:\WINDOWS\SysWOW64\dciman32.dll 2016-01-09 17:01:10 EBD19D0E20C113468631504BFE56FB3F 2185840 ----a-w- C:\WINDOWS\SysWOW64\d3d11.dll 2016-01-09 17:01:10 D707B12965D5E8DFBD7C5BF7FB12AF02 24064 ----a-w- C:\WINDOWS\SysWOW64\WordBreakers.dll 2016-01-09 17:01:10 D6AA8B7C19774471F2CD45DB291B950B 13017600 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-09 17:01:10 D51618B0CB2B51F7D9B8DEB38A454126 36352 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll 2016-01-09 17:01:10 C4C80541BDE649F44EA1F81F7D4C510A 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-09 17:01:10 C132402FABE387126B5CB0D2D3426671 133632 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-09 17:01:10 BEFAC095C4E511243E91B1F916C243A7 704352 ----a-w- C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-09 17:01:10 BEDE63EB0B3B100A1FBD2996FE3AF0EF 1505280 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-01-09 17:01:10 BC6B60847CDEFFB3DE3AA394366881DF 490496 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-01-09 17:01:10 B8C4EFAA6AAED98E6B5AB57CAFA489B9 1337240 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2016-01-09 17:01:10 ADAF3873B0A29C4AFC0D8B89C3485A94 227840 ----a-w- C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-01-09 17:01:10 AC742BB0B79CD4C535E6A317FD4A18A8 315904 ----a-w- C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-01-09 17:01:10 A95DDF60D6EC95625C4987750619C5DB 93696 ----a-w- C:\WINDOWS\SysWOW64\fontsub.dll 2016-01-09 17:01:10 A820BD54E6B4A68C6E4490EA23FA5650 1860096 ----a-w- C:\WINDOWS\SysWOW64\cdp.dll 2016-01-09 17:01:10 9FE071ED2AAE48A691D234E757297CF3 49152 ----a-w- C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll 2016-01-09 17:01:10 9FA5093D91ED3CB6B4CE67A040C5E40A 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-01-09 17:01:10 97097223B24F49F5934188FA24D74B46 1944576 ----a-w- C:\WINDOWS\SysWOW64\InputService.dll 2016-01-09 17:01:10 93050CE746C09F2F6F49A4893FB060ED 647168 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2016-01-09 17:01:10 90F7CF0E4FFD720EBAC601CABE25D880 2121216 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-01-09 17:01:10 8E93F5481D1A608D90104F24DD610B76 540752 ----a-w- C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-01-09 17:01:10 8E2CB7E297C2631CB063319377ED7AD0 303104 ----a-w- C:\WINDOWS\SysWOW64\atmfd.dll 2016-01-09 17:01:10 89F3F69C9996D5BCC879C664BF74A4E2 675064 ----a-w- C:\WINDOWS\SysWOW64\dcomp.dll 2016-01-09 17:01:10 847B31F89A3009D5D851479224B7579A 2680320 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2016-01-09 17:01:10 761E6E736B47DA42D74227A26F658108 100864 ----a-w- C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-01-09 17:01:10 6BBB4172DDF348821C3C4B7FE844077B 1443328 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-01-09 17:01:10 65E98344070A6C0B66ED476F735B14D3 59904 ----a-w- C:\WINDOWS\SysWOW64\EditBufferTestHook.dll 2016-01-09 17:01:10 588E4109C8A78BC211AC1D5756652A67 1139200 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-01-09 17:01:10 57A2AAE6BD896F54767284BAB7C2D183 1859448 ----a-w- C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-01-09 17:01:10 54F47C0CD2DE99A7B8C7583CF6C22D92 3072 ----a-w- C:\WINDOWS\SysWOW64\lpk.dll 2016-01-09 17:01:10 52838DDB3B20C7330A30D89509A93B55 1268736 ----a-w- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-01-09 17:01:10 3B7DA8EC6FC4F16F85934D944A2149CD 791552 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-01-09 17:01:10 382AA3E205808FBF0458A143B0F4ACFF 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-01-09 17:01:10 35383CA7169E12D885B9B553F59E3154 41984 ----a-w- C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll 2016-01-09 17:01:10 302A0BE9FA2874A3E99C0E25C992E7C7 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-01-09 17:01:10 2C5A8D334EFB14914B1618247CD0DAAF 37376 ----a-w- C:\WINDOWS\SysWOW64\atmlib.dll 2016-01-09 17:01:10 23A968565D51FEC30EADFBC70BE35117 793600 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2016-01-09 17:01:10 1973BD62F29F443E9BC467FAA9F27159 83456 ----a-w- C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-01-09 16:54:17 F432E0E5B0958F4982D40EB622FBD7FC 35480 ----a-w- C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-01-09 16:54:17 BF9CAA33ADD4C21C118148B5CFC5494B 778936 ----a-w- C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-01-09 16:54:17 6F391E9286733CC6B34FC0FAB23B8DF3 103120 ----a-w- C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-01-09 17:13:02 E2A042032FAECB04477D8235FD1181FF 72704 ----a-w- C:\WINDOWS\Sysnative\OpenCL.DLL 2016-01-09 17:09:19 323257BD1011176822B2C782B7BB56C4 347352 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT 2016-01-09 17:07:59 79422D76818752C6D935A97C8FFC4EEA 44147 ----a-w- C:\WINDOWS\Sysnative\license.rtf 2016-01-09 17:01:18 FAC1E762CB49992381691B00D2069B3E 1063424 ----a-w- C:\WINDOWS\Sysnative\audiosrv.dll 2016-01-09 17:01:18 F5DC166DC9D533651B83B83CD70FD14C 88392 ----a-w- C:\WINDOWS\Sysnative\remoteaudioendpoint.dll 2016-01-09 17:01:18 EF94C4BB5DDCEB9F0A092122582CF4E5 516544 ----a-w- C:\WINDOWS\Sysnative\AudioEng.dll 2016-01-09 17:01:18 EE5BD4F67199E1C5142F3C731035D18C 13381120 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-01-09 17:01:18 E81DF157F4F225928EAE2B1E82863BF6 1817160 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-01-09 17:01:18 C6F9333F6C5F326B075CBC062E33793D 7680 ----a-w- C:\WINDOWS\Sysnative\readingviewresources.dll 2016-01-09 17:01:18 BDB36F389EBE038A65BB6D111A45C180 497664 ----a-w- C:\WINDOWS\Sysnative\mfmkvsrcsnk.dll 2016-01-09 17:01:18 BBEC134DA91F61E6D91CDB47D8724E86 382464 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2016-01-09 17:01:18 BB2DD53E90A958FDB1254839F30329D5 803840 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2016-01-09 17:01:18 B9A74283BD46350F2A32962C1B16225A 369912 ----a-w- C:\WINDOWS\Sysnative\audiodg.exe 2016-01-09 17:01:18 B83CCF1BEECF4BCDE71FC431BAB9A790 34304 ----a-w- C:\WINDOWS\Sysnative\iernonce.dll 2016-01-09 17:01:18 9B9DDF6DE4D00AF11D38D5DD0FDDA574 2587136 ----a-w- C:\WINDOWS\Sysnative\MFMediaEngine.dll 2016-01-09 17:01:18 89E74EC4422905377D45D58FD2832D02 408128 ----a-w- C:\WINDOWS\Sysnative\AUDIOKSE.dll 2016-01-09 17:01:18 890BF20BDF500E4E84720EA84448EDDF 275456 ----a-w- C:\WINDOWS\Sysnative\AudioEndpointBuilder.dll 2016-01-09 17:01:18 81785D31BEB7C741BB23BE0CB98E691F 536768 ----a-w- C:\WINDOWS\Sysnative\AudioSes.dll 2016-01-09 17:01:18 7950D23F5542F6F8A9D41F046C01067F 2756096 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb 2016-01-09 17:01:18 78CF1420E5E88B1664F92F07386D19A8 22393856 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-01-09 17:01:18 720089B5145468B8EC05707D3262D4E3 2544264 ----a-w- C:\WINDOWS\Sysnative\mfcore.dll 2016-01-09 17:01:18 5F8178A9C45D9C69819C63AFC5988C33 66560 ----a-w- C:\WINDOWS\Sysnative\iesetup.dll 2016-01-09 17:01:18 4EB351CB5A23E0F7AB2B7137374EFB85 870400 ----a-w- C:\WINDOWS\Sysnative\wpncore.dll 2016-01-09 17:01:18 4A657E5F9D4BE53028B643889E786296 2126848 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2016-01-09 17:01:18 36208F250EE9B93B87AD6384237373A9 110032 ----a-w- C:\WINDOWS\Sysnative\EncDump.dll 2016-01-09 17:01:18 2D1682BEC4615A154079383E25BB0DF2 220672 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2016-01-09 17:01:18 226BFF5829028C6809EF4D369221103F 245848 ----a-w- C:\WINDOWS\Sysnative\mfps.dll 2016-01-09 17:01:18 129ECAE2946DAD072B917E3A66CB19FB 24601600 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-01-09 17:01:18 04EDF539ED97A3BFBD7464CED7ADBB7A 783360 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2016-01-09 17:01:14 FCB7D0215CA010400777A2144432FBDC 630632 ----a-w- C:\WINDOWS\Sysnative\fontdrvhost.exe 2016-01-09 17:01:14 DA81241A3493CD3B7EEF3AFD6BBE38B6 92352 ----a-w- C:\WINDOWS\Sysnative\acmigration.dll 2016-01-09 17:01:14 B8F17AB618578B9024D949DE8308B95A 14336 ----a-w- C:\WINDOWS\Sysnative\dciman32.dll 2016-01-09 17:01:14 9BF34692BC6933BAB7627EC173EB1E8A 45568 ----a-w- C:\WINDOWS\Sysnative\atmlib.dll 2016-01-09 17:01:14 95AF774B7D20C3006DC0AC9AEDF48655 674816 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.dll 2016-01-09 17:01:14 877512145CB9B3F6EBD5424DE15C14F8 365568 ----a-w- C:\WINDOWS\Sysnative\atmfd.dll 2016-01-09 17:01:14 6D64E74EF63AD36912C89EA80449A299 118272 ----a-w- C:\WINDOWS\Sysnative\fontsub.dll 2016-01-09 17:01:14 6ABAC83AD594B0390C470F9C1C017382 3072 ----a-w- C:\WINDOWS\Sysnative\lpk.dll 2016-01-09 17:01:14 69B4974176206D7276B733B30BCE442E 1717248 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2016-01-09 17:01:13 FE808DE33D79F2ACB8757EE544615626 414720 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.exe 2016-01-09 17:01:13 FDB262D0B2C0790385B894AA4B2C0A6C 182784 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll 2016-01-09 17:01:13 FBEFDA259F6254B6590956753421D387 89600 ----a-w- C:\WINDOWS\Sysnative\NFCProvisioningPlugin.dll 2016-01-09 17:01:13 F7AE2EB8D2FA095AD9DED30CCE10BC13 957440 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2016-01-09 17:01:13 F40D409308162E071561049ACADF753C 80600 ----a-w- C:\WINDOWS\Sysnative\wwapi.dll 2016-01-09 17:01:13 EFA47480BEB0968E3A18479593B2E60C 18944 ----a-w- C:\WINDOWS\Sysnative\wshrm.dll 2016-01-09 17:01:13 EACD8F5C17AC39E43E1FCD85674F4B0D 1713664 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2016-01-09 17:01:13 E8C7F673B75210D3F35142361923C945 157184 ----a-w- C:\WINDOWS\Sysnative\dmcertinst.exe 2016-01-09 17:01:13 E15B5C1DFD00E795996B7F44BD5FBC2A 231936 ----a-w- C:\WINDOWS\Sysnative\KnobsCore.dll 2016-01-09 17:01:13 E138253ED869355B84DAE6CF37A80C63 607232 ----a-w- C:\WINDOWS\Sysnative\wcmsvc.dll 2016-01-09 17:01:13 E104F46B2E0C4F760382CF95E248E0AD 43520 ----a-w- C:\WINDOWS\Sysnative\bcastdvr.proxy.dll 2016-01-09 17:01:13 DD723E3E44BBD7A1B94D8914B7E72549 623616 ----a-w- C:\WINDOWS\Sysnative\PhoneProviders.dll 2016-01-09 17:01:13 D7ED1ADDC1D19A9D6A1C583A938F4AF4 465920 ----a-w- C:\WINDOWS\Sysnative\wwanconn.dll 2016-01-09 17:01:13 D33E93BE685C6B9C72E063EA41F9BAEF 538632 ----a-w- C:\WINDOWS\Sysnative\WWanAPI.dll 2016-01-09 17:01:13 D0E812616609B1E6E3317FF46B9177C8 44032 ----a-w- C:\WINDOWS\Sysnative\wsplib.dll 2016-01-09 17:01:13 CD2CC65DDF46F065BCC975C2BC89DD11 1648640 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll 2016-01-09 17:01:13 CA902510DAF327CCFA59BCBFC00B3BAE 912384 ----a-w- C:\WINDOWS\Sysnative\usermgr.dll 2016-01-09 17:01:13 C66D5ABBFAE385615407A90158AADB2B 292352 ----a-w- C:\WINDOWS\Sysnative\provengine.dll 2016-01-09 17:01:13 B46D8BBF27B186B0AE7C57C88A1A6D93 6572032 ----a-w- C:\WINDOWS\Sysnative\wwanmm.dll 2016-01-09 17:01:13 B1054C945294A66EBF969D6256B6AA6B 209920 ----a-w- C:\WINDOWS\Sysnative\wcmcsp.dll 2016-01-09 17:01:13 AB4C1A9F37C0B8467AC923ED4AD727D6 2647552 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-01-09 17:01:13 A6E666BC673DD38C3ECDB53FD83138E7 3993600 ----a-w- C:\WINDOWS\Sysnative\SettingsHandlers_nt.dll 2016-01-09 17:01:13 A2469A19FC330A400E2BED8003331BB8 604672 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2016-01-09 17:01:13 9FCC3D4817CCA5BCEF1FB4B14E523EBC 78336 ----a-w- C:\WINDOWS\Sysnative\BarcodeProvisioningPlugin.dll 2016-01-09 17:01:13 9F465D3AD1DE2AB4EBCA0B514B8AD608 286208 ----a-w- C:\WINDOWS\Sysnative\provhandlers.dll 2016-01-09 17:01:13 9976E10E1FC313755C9F8632F96072F7 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-01-09 17:01:13 8B362AFF26AFF41CC5ED6A890E9255F8 165376 ----a-w- C:\WINDOWS\Sysnative\provdatastore.dll 2016-01-09 17:01:13 8A0BAD6F9EEFB0FCD1629F6366394380 1814528 ----a-w- C:\WINDOWS\Sysnative\pnidui.dll 2016-01-09 17:01:13 8938F957903BBA18ED242AE4DBF419FD 73728 ----a-w- C:\WINDOWS\Sysnative\wwancfg.dll 2016-01-09 17:01:13 87A8DD15B7DEAC51916358250E5BC7C5 122368 ----a-w- C:\WINDOWS\Sysnative\KnobsCsp.dll 2016-01-09 17:01:13 83365A5A2632275C7B005B7A4995DCE1 416768 ----a-w- C:\WINDOWS\Sysnative\dmenrollengine.dll 2016-01-09 17:01:13 7CDB2034A13C7009CFF479C170E21C90 55808 ----a-w- C:\WINDOWS\Sysnative\rilproxy.dll 2016-01-09 17:01:13 7B106C453D6EF1A32F8669AD503E21BB 517632 ----a-w- C:\WINDOWS\Sysnative\winspool.drv 2016-01-09 17:01:13 781EFD88C2BD9A95CA6961E16AFF7332 168960 ----a-w- C:\WINDOWS\Sysnative\mdmmigrator.dll 2016-01-09 17:01:13 746F92B769F1FB5BB7DE50C26CBF2D7D 3671896 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2016-01-09 17:01:13 71B94A84934AA3DA61378C4121523FEA 86528 ----a-w- C:\WINDOWS\Sysnative\AppCapture.dll 2016-01-09 17:01:13 716E299C1058C9F2030F31BC7270A210 52224 ----a-w- C:\WINDOWS\Sysnative\Wwanpref.dll 2016-01-09 17:01:13 6F5EB489BC3368DC11CF3AA605D943BB 638464 ----a-w- C:\WINDOWS\Sysnative\enterprisecsps.dll 2016-01-09 17:01:13 6D7BC576DEC9750D5F8AED361E687384 704000 ----a-w- C:\WINDOWS\Sysnative\CellularAPI.dll 2016-01-09 17:01:13 6D04648D2E3F42A295B6D080A948E9BA 163328 ----a-w- C:\WINDOWS\Sysnative\provops.dll 2016-01-09 17:01:13 66E92A4DC1FE4DD825694058F54748E3 2598400 ----a-w- C:\WINDOWS\Sysnative\NetworkMobileSettings.dll 2016-01-09 17:01:13 65267BF5DDCC86AB6DE29AFF488497AA 248832 ----a-w- C:\WINDOWS\Sysnative\UserMgrProxy.dll 2016-01-09 17:01:13 623DAEC255FDCF586F161CF6BF788627 795840 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2016-01-09 17:01:13 559E4E19F481FBB9AF622E23772533CC 52736 ----a-w- C:\WINDOWS\Sysnative\RemovableMediaProvisioningPlugin.dll 2016-01-09 17:01:13 4D9E69B803DFA70981BC1853AB930EF6 192000 ----a-w- C:\WINDOWS\Sysnative\provisioningcsp.dll 2016-01-09 17:01:13 4C1138686002741A423AF26AC247490D 7476576 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-01-09 17:01:13 486C22DD70BE538B1C164AE38E130009 2352128 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2016-01-09 17:01:13 46BF56CC45F3EBE9DCF04EA702F79FF7 64000 ----a-w- C:\WINDOWS\Sysnative\ihvrilproxy.dll 2016-01-09 17:01:13 447413C46C687CF730051DD8B4EA12F6 75264 ----a-w- C:\WINDOWS\Sysnative\wwanprotdim.dll 2016-01-09 17:01:13 44699ED0B4D39D109D1BAEEF0DB66A9E 22572632 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-01-09 17:01:13 445E792DB399A2DA611B1F3C9DC6070D 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-01-09 17:01:13 3690FAA19C6D3C68C033D0E5CB3BDB03 28160 ----a-w- C:\WINDOWS\Sysnative\Windows.Management.Provisioning.ProxyStub.dll 2016-01-09 17:01:13 334A9D347CC52E7581DC21FA7CDBB261 515584 ----a-w- C:\WINDOWS\Sysnative\LogonController.dll 2016-01-09 17:01:13 301A917544D10E9F28A946BA0E84C407 160768 ----a-w- C:\WINDOWS\Sysnative\enrollmentapi.dll 2016-01-09 17:01:13 2DA8708EB1FCB83375A450D401A1ED09 74240 ----a-w- C:\WINDOWS\Sysnative\mssign32.dll 2016-01-09 17:01:13 2D7E3C2913AAE063774795E6790BCC48 1212928 ----a-w- C:\WINDOWS\Sysnative\wwansvc.dll 2016-01-09 17:01:13 2B91178DE30EF92DD383486485B0C97D 523776 ----a-w- C:\WINDOWS\Sysnative\catsrvut.dll 2016-01-09 17:01:13 2AB2C72D88CE2BC73E6F708D0B1A9657 440160 ----a-w- C:\WINDOWS\Sysnative\services.exe 2016-01-09 17:01:13 28B52034DB907EA14BF8DFB399BC1A94 1734656 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-01-09 17:01:13 24206CBE7165E296D598FF98590C4D59 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-01-09 17:01:13 233BA5B1A277D0A42E432E9A9F43EF7A 37376 ----a-w- C:\WINDOWS\Sysnative\LaunchWinApp.exe 2016-01-09 17:01:13 1373E9DE712A0F2A3EAEFA14AB31B812 1995264 ----a-w- C:\WINDOWS\Sysnative\ActiveSyncProvider.dll 2016-01-09 17:01:13 1083375C70D529AA1C8224E13D9E6F40 334736 ----a-w- C:\WINDOWS\Sysnative\policymanager.dll 2016-01-09 17:01:13 072E1B2CBBC2CF85D02E5CE4761F7B43 77312 ----a-w- C:\WINDOWS\Sysnative\ProvPluginEng.dll 2016-01-09 17:01:13 01605124DA346314F07656A31CF805EE 56320 ----a-w- C:\WINDOWS\Sysnative\provtool.exe 2016-01-09 17:01:11 EBDDBFCAA0E8BF346F5DC13BC364B39E 110592 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-MapControls.dll 2016-01-09 17:01:11 DC59D9253F50A2D329945CBDBE3B8B7A 32256 ----a-w- C:\WINDOWS\Sysnative\wups2.dll 2016-01-09 17:01:11 D801BEAF19635AEF5A05154C70823B4B 558080 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2016-01-09 17:01:11 D6468F2005F90E1EA3616E2F77A5199C 7979008 ----a-w- C:\WINDOWS\Sysnative\mos.dll 2016-01-09 17:01:11 C46FC25D2742C6426F6581A4C59331D9 35656 ----a-w- C:\WINDOWS\Sysnative\mfpmp.exe 2016-01-09 17:01:11 C2D78B6667E0341802C4F38E9C02F93D 2280448 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-01-09 17:01:11 BA45A9F29AB13A0E66BAABF9D7C30B70 523616 ----a-w- C:\WINDOWS\Sysnative\wimserv.exe 2016-01-09 17:01:11 A74C62AE99A015CD6275F0D8D8843886 342016 ----a-w- C:\WINDOWS\Sysnative\SensorService.dll 2016-01-09 17:01:11 A416BA4A4C9B37180EA35315A7D8F1E0 269824 ----a-w- C:\WINDOWS\Sysnative\moshostcore.dll 2016-01-09 17:01:11 9920C9AD4528A4396D19BC03AA2D0882 58408 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.dll 2016-01-09 17:01:11 960E3DB158FC9D262EE33D928AEDA3F5 320000 ----a-w- C:\WINDOWS\Sysnative\cryptngc.dll 2016-01-09 17:01:11 8BACF65C95DA69173FA80F644502F9BC 26408 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe 2016-01-09 17:01:11 87E291D9CC3ECE9AA56ABFD8063C4050 1223168 ----a-w- C:\WINDOWS\Sysnative\Unistore.dll 2016-01-09 17:01:11 849275D7BF36660743973B8E28542E45 51680 ----a-w- C:\WINDOWS\Sysnative\SensorsUtilsV2.dll 2016-01-09 17:01:11 839F7EC52C8E6888C4E9120E68652438 589312 ----a-w- C:\WINDOWS\Sysnative\MbaeApi.dll 2016-01-09 17:01:11 836DC2848B800FC890E8FCF96F5E639B 458752 ----a-w- C:\WINDOWS\Sysnative\PlayToDevice.dll 2016-01-09 17:01:11 8109C3D1CFDC7AE78605D8F3EA4EAA20 586208 ----a-w- C:\WINDOWS\Sysnative\mf.dll 2016-01-09 17:01:11 80EEB2E91EE933EFB1384D9866BD997F 64000 ----a-w- C:\WINDOWS\Sysnative\MosHostClient.dll 2016-01-09 17:01:11 80BF2990E01E774D64F6E13F30661942 162304 ----a-w- C:\WINDOWS\Sysnative\tetheringservice.dll 2016-01-09 17:01:11 79EE5C9F9DF073C315D035A1785B502F 3072 ----a-w- C:\WINDOWS\Sysnative\MapControlStringsRes.dll 2016-01-09 17:01:11 79BD0E63A9E54ED8AFFD19F43B5B83F2 264192 ----a-w- C:\WINDOWS\Sysnative\NmaDirect.dll 2016-01-09 17:01:11 7538F05A7C07DB69F6E82B67CAA67286 92160 ----a-w- C:\WINDOWS\Sysnative\SensorsNativeApi.V2.dll 2016-01-09 17:01:11 722ACEC7B2A71664C94130D1FA924F73 198656 ----a-w- C:\WINDOWS\Sysnative\InstallAgent.exe 2016-01-09 17:01:11 66312F4AFEFB1AE0B80051F8A5E5B26B 698208 ----a-w- C:\WINDOWS\Sysnative\wimgapi.dll 2016-01-09 17:01:11 5358F9A3A5C55ED1395BBFFCFA65F551 28672 ----a-w- C:\WINDOWS\Sysnative\mapsupdatetask.dll 2016-01-09 17:01:11 4AAD96366A51B26F50113A6393CB5587 42496 ----a-w- C:\WINDOWS\Sysnative\mapstoasttask.dll 2016-01-09 17:01:11 3DF7BD7E0E0CFCF8D8856B639FD46C3C 30720 ----a-w- C:\WINDOWS\Sysnative\tetheringconfigsp.dll 2016-01-09 17:01:11 3C9066503DE3E45CB98C8584DE19C186 28160 ----a-w- C:\WINDOWS\Sysnative\nativemap.dll 2016-01-09 17:01:11 3A1FCBE9103770CF17F81EBD9809FE1B 697856 ----a-w- C:\WINDOWS\Sysnative\PlayToManager.dll 2016-01-09 17:01:11 35F9920E5B9757E2047C024063C9A279 988160 ----a-w- C:\WINDOWS\Sysnative\NMAA.dll 2016-01-09 17:01:11 2C7345FD953F3B9197A2DD2F28182DE1 1284960 ----a-w- C:\WINDOWS\Sysnative\LicenseManager.dll 2016-01-09 17:01:11 2844CC3C80109255E42249D77C7FFD51 850432 ----a-w- C:\WINDOWS\Sysnative\MapsStore.dll 2016-01-09 17:01:11 25C9F417FA6FE9073392BD34630A89B4 17408 ----a-w- C:\WINDOWS\Sysnative\IcsEntitlementHost.exe 2016-01-09 17:01:11 2031A1DA09AFF8A8BADFFF73511AF306 58368 ----a-w- C:\WINDOWS\Sysnative\MosResource.dll 2016-01-09 17:01:11 121C4B3ED671715017C8A37A8F816F06 809312 ----a-w- C:\WINDOWS\Sysnative\WWAHost.exe 2016-01-09 17:01:11 08F0E6B466F44EA24CA1601F3196E43E 9728 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-MosHost.dll 2016-01-09 17:01:11 02718A3260FCF64A66DC172AB66116CB 543232 ----a-w- C:\WINDOWS\Sysnative\StoreAgent.dll 2016-01-09 17:01:11 0161DABC5CDB2BE6D0B91BEB5386B47D 52736 ----a-w- C:\WINDOWS\Sysnative\tetheringclient.dll 2016-01-09 17:01:10 F5AF729AD65041D74FED75E02DA4A4DC 138240 ----a-w- C:\WINDOWS\Sysnative\ETWCoreUIComponentsResources.dll 2016-01-09 17:01:10 F0B772D90082371CE0DDE4286EF0AE16 7199232 ----a-w- C:\WINDOWS\Sysnative\BingMaps.dll 2016-01-09 17:01:10 EF4694F51FA31CA36324AD568BE2AB85 66560 ----a-w- C:\WINDOWS\Sysnative\moshost.dll 2016-01-09 17:01:10 E0FBBE85A7DC215F97F7B81236CE2674 60928 ----a-w- C:\WINDOWS\Sysnative\XblAuthTokenBrokerExt.dll 2016-01-09 17:01:10 DD97EF0AE9224B8C1161736E033C03F1 1399224 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2016-01-09 17:01:10 D702B39E3E55C3487872B8523D29F8A3 459776 ----a-w- C:\WINDOWS\Sysnative\MapConfiguration.dll 2016-01-09 17:01:10 D0C4A5B386F585B2BE7620D3CEFD7CE8 119808 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvc.dll 2016-01-09 17:01:10 BF1A001A4EBD005CB412E322F20DB0D7 75264 ----a-w- C:\WINDOWS\Sysnative\EditBufferTestHook.dll 2016-01-09 17:01:10 B7D367ABFC188C1AC27C6C961694B5B4 1056256 ----a-w- C:\WINDOWS\Sysnative\JpMapControl.dll 2016-01-09 17:01:10 AD37B56D53795944240011FF4EEBBD30 911648 ----a-w- C:\WINDOWS\Sysnative\dcomp.dll 2016-01-09 17:01:10 ABC346A1CD915DEE6231BB4A7F0B96EC 204800 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-AppModelExecEvents.dll 2016-01-09 17:01:10 9F171CF4EDEB38DB4CA906ABD535DC44 13312 ----a-w- C:\WINDOWS\Sysnative\MapsBtSvcProxy.dll 2016-01-09 17:01:10 9C6D0A1464410A25389C9D004DE48D36 175616 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Core.TextInput.dll 2016-01-09 17:01:10 8C8161E40F42E437161972E8866025D5 3355136 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2016-01-09 17:01:10 8AA095B5A4826840B348D0A94969CE1A 1268736 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.Resources.dll 2016-01-09 17:01:10 85031015C1F1B9A7DAA002DAAEE341AA 2444288 ----a-w- C:\WINDOWS\Sysnative\twinui.appcore.dll 2016-01-09 17:01:10 8456D2DBEAC8F06712FE8AC2AB5A1AE2 969728 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-01-09 17:01:10 82EDCF9C603F3FA09AAAACA82D34E74E 450560 ----a-w- C:\WINDOWS\Sysnative\Windows.Internal.Bluetooth.dll 2016-01-09 17:01:10 7DC5115A32BA087DCED8CF76352A79DC 108544 ----a-w- C:\WINDOWS\Sysnative\InputLocaleManager.dll 2016-01-09 17:01:10 7CC48808D8F6749DD6AC42DADE594517 3593216 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-01-09 17:01:10 7443938BC4B8DCE1D8E6C51BC3F9DBFE 948224 ----a-w- C:\WINDOWS\Sysnative\XblAuthManager.dll 2016-01-09 17:01:10 6D7B4647F5FB25CE88E2555A9DFF1D2E 70656 ----a-w- C:\WINDOWS\Sysnative\XblAuthManagerProxy.dll 2016-01-09 17:01:10 6B68F6740755D093B68B5A1AAF87B36D 16984576 ----a-w- C:\WINDOWS\Sysnative\Windows.UI.Xaml.dll 2016-01-09 17:01:10 5E7C875662B05B28E899F0C59B549645 286720 ----a-w- C:\WINDOWS\Sysnative\deviceaccess.dll 2016-01-09 17:01:10 5B7B6AF7E94E972DCE4BF892ABD466B6 115200 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2016-01-09 17:01:10 589A33EE394273A4F1338EBF705A1CEF 1387008 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-01-09 17:01:10 4E5B496EBD95AEE005F54EA49EECAAC6 72704 ----a-w- C:\WINDOWS\Sysnative\MosStorage.dll 2016-01-09 17:01:10 4B4970CB5FF1D25B444F95A18ED8AF22 114688 ----a-w- C:\WINDOWS\Sysnative\offlinelsa.dll 2016-01-09 17:01:10 48A7AEF3554919C0CBDFECBB25DF1B09 162304 ----a-w- C:\WINDOWS\Sysnative\DeviceCensus.exe 2016-01-09 17:01:10 46668562A5BDD2D2F383CAD6D35DCB15 89088 ----a-w- C:\WINDOWS\Sysnative\MapsCSP.dll 2016-01-09 17:01:10 43B6BF7F95CF7D60599740EF2BF0DDD8 938496 ----a-w- C:\WINDOWS\Sysnative\MapControlCore.dll 2016-01-09 17:01:10 42B6285314851A693F68F7A7B79FD1B9 1393664 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2016-01-09 17:01:10 340B841A05087B581B3F321853996960 2624512 ----a-w- C:\WINDOWS\Sysnative\InputService.dll 2016-01-09 17:01:10 33F4AE1E913D7F865D0CFA716BDC9032 10240 ----a-w- C:\WINDOWS\Sysnative\Microsoft-Windows-MosTrace.dll 2016-01-09 17:01:10 294BD6D65CE93F7B709DBB38F96759DA 2653816 ----a-w- C:\WINDOWS\Sysnative\CoreUIComponents.dll 2016-01-09 17:01:10 25086E02B6C3F34BC4646C134C3E1769 1042432 ----a-w- C:\WINDOWS\Sysnative\BingOnlineServices.dll 2016-01-09 17:01:10 23B32FD7B58007D0407B8A4191AB76BB 28672 ----a-w- C:\WINDOWS\Sysnative\WordBreakers.dll 2016-01-09 17:01:10 1A9A77ACDAC29C39F50D2A492FD0DB16 87040 ----a-w- C:\WINDOWS\Sysnative\tzautoupdate.dll 2016-01-09 17:01:10 183B210A411E23AC9C5374AEE5645312 36352 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCoreRes.dll 2016-01-09 17:01:10 10B6962619F3965030395019E352B7B4 870400 ----a-w- C:\WINDOWS\Sysnative\modernexecserver.dll 2016-01-09 17:01:10 10020730E0E51555A58C20D361F233A9 2772584 ----a-w- C:\WINDOWS\Sysnative\d3d11.dll 2016-01-09 17:01:10 0DC4BEB16161362B4E46D117204D8566 2843136 ----a-w- C:\WINDOWS\Sysnative\cdp.dll 2016-01-09 17:01:10 03EB1EBAB72BB8322C30D070C346EA33 1395200 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2016-01-09 16:54:12 E91942A0D00C6AA014B2EA33EE0ED0A3 35480 ----a-w- C:\WINDOWS\Sysnative\TsWpfWrp.exe 2016-01-09 16:54:12 E2296A6174894682DF8F0FF29FDDCC82 1166520 ----a-w- C:\WINDOWS\Sysnative\PresentationNative_v0300.dll 2016-01-09 16:54:12 C5FEF4B4A7FB961ECDB0AB07DBCF379E 124624 ----a-w- C:\WINDOWS\Sysnative\PresentationCFFRasterizerNative_v0300.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-01-09 17:13:20 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_SynTP_01011.Wdf 2016-01-09 17:13:07 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2016-01-09 17:01:18 EFEFC245B884B1BE0401931398DCD707 2152800 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-01-09 17:01:18 91D3F2A6253EF83EFBD7903028F58C4D 118624 ----a-w- C:\WINDOWS\Sysnative\drivers\tdx.sys 2016-01-09 17:01:18 70148EFA9A562E7185B75BBE7D376BF7 578912 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2016-01-09 17:01:13 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2016-01-09 17:01:11 EF536C54AB9281FDC4E83B07279FCFC4 35680 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys 2016-01-09 17:01:10 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys 2016-01-09 17:01:10 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\WINDOWS\Sysnative\drivers\capimg.sys 2016-01-09 17:01:10 80977779A19947939D680A4899E829EC 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-01-09 17:01:10 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-01-10 23:34:37 -------- d-----w- C:\Program Files\trend micro 2016-01-10 20:59:55 -------- d-----w- C:\Program Files\Microsoft Office 15 2016-01-10 19:44:20 -------- d-----w- C:\Program Files\Common Files\Lavasoft 2016-01-09 17:13:23 -------- d-----w- C:\Program Files\Realtek 2016-01-09 17:13:06 -------- d-----w- C:\Program Files\Synaptics 2016-01-09 17:12:53 -------- d-----w- C:\Program Files\Intel 2016-01-09 16:54:55 -------- d-----w- C:\Program Files\Reference Assemblies 2016-01-09 16:54:55 -------- d-----w- C:\Program Files\MSBuild ======= C:\PROGRA~2 ===== 2016-01-10 21:12:35 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2016-01-10 20:59:57 -------- d-----w- C:\PROGRA~2\Microsoft Office 2016-01-09 17:33:16 -------- d--h--w- C:\PROGRA~2\Uninstall Information 2016-01-09 17:12:44 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2016-01-09 16:54:55 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2016-01-09 16:54:55 -------- d-----w- C:\PROGRA~2\MSBuild 2015-12-14 12:02:03 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype ======= C: ===== ====== C:\Users\Janne Lambert\AppData\Roaming ====== 2016-01-09 17:44:49 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Packages 2016-01-09 17:35:29 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2016-01-09 17:33:04 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\MediaServer 2016-01-09 17:33:04 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2016-01-09 17:31:51 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg2015 2016-01-09 17:28:57 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2016-01-09 17:28:57 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2016-01-09 17:17:02 -------- d-s---r- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-01-09 17:17:02 -------- d-----w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-01-09 17:17:02 -------- d-----w- C:\Users\Janne Lambert\AppData\Roaming 2016-01-09 17:17:02 -------- d-----w- C:\Users\Janne Lambert\AppData\Local\Temp 2016-01-09 17:17:02 -------- d-----w- C:\Users\Janne Lambert\AppData\Local\Microsoft 2016-01-09 17:17:02 -------- d-----w- C:\Users\Janne Lambert\AppData\Local 2016-01-09 17:17:02 -------- d-----r- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-01-09 17:17:02 -------- d-----r- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-01-09 17:17:02 -------- d-----r- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-01-09 17:17:02 -------- d-----r- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-01-09 17:17:01 -------- d-----w- C:\Users\Administrator\AppData\Roaming 2016-01-09 17:17:01 -------- d-----w- C:\Users\Administrator\AppData\Local\Temp 2016-01-09 17:17:01 -------- d-----w- C:\Users\Administrator\AppData\Local\Microsoft 2016-01-09 17:17:01 -------- d-----w- C:\Users\Administrator\AppData\Local 2016-01-09 17:16:59 -------- d-s---r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-01-09 17:16:59 -------- d-----w- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-01-09 17:16:59 -------- d-----w- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-01-09 17:16:59 -------- d-----w- C:\Users\Gast\AppData\Roaming 2016-01-09 17:16:59 -------- d-----w- C:\Users\Gast\AppData\Local\Temp 2016-01-09 17:16:59 -------- d-----w- C:\Users\Gast\AppData\Local\Microsoft 2016-01-09 17:16:59 -------- d-----w- C:\Users\Gast\AppData\Local 2016-01-09 17:16:59 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-01-09 17:16:59 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-01-09 17:16:59 -------- d-----r- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2016-01-09 17:10:06 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache 2016-01-09 17:09:37 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming 2016-01-09 17:09:37 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp 2016-01-09 17:09:31 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Roaming 2016-01-09 17:09:31 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp 2016-01-09 17:09:31 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Microsoft 2016-01-09 17:09:31 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\AppData\Local 2016-01-09 16:58:10 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft ====== C:\Users\Janne Lambert ====== 2016-01-10 23:34:09 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Janne Lambert\Downloads\RSITx64.exe 2016-01-10 21:07:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's 2016-01-10 20:59:26 1BB6401072AD41BF082263FFE653E4E5 3189416 ----a-w- C:\Users\Janne Lambert\Downloads\Setup.X86.nl-NL_O365HomePremRetail_0a09db90-f71e-4f11-951e-247c2f28866a_TX_DB_ (2).exe 2016-01-10 20:43:19 1BB6401072AD41BF082263FFE653E4E5 3189416 ----a-w- C:\Users\Janne Lambert\Downloads\Setup.X86.nl-NL_O365HomePremRetail_0a09db90-f71e-4f11-951e-247c2f28866a_TX_DB_ (1).exe 2016-01-10 20:42:14 1BB6401072AD41BF082263FFE653E4E5 3189416 ----a-w- C:\Users\Janne Lambert\Downloads\Setup.X86.nl-NL_O365HomePremRetail_0a09db90-f71e-4f11-951e-247c2f28866a_TX_DB_.exe 2016-01-10 19:45:33 49E3825ACB348F848D9B841E4D48FD3B 22908888 ----a-w- C:\Users\Janne Lambert\Downloads\mbam-setup-2.2.0.1024.exe 2016-01-10 19:42:58 -------- d-----w- C:\ProgramData\Lavasoft 2016-01-10 19:42:45 B3665C25102FDAD506CEF3B204E9B0F9 2012464 ----a-w- C:\Users\Janne Lambert\Downloads\Adaware_Installer.exe 2016-01-10 19:29:53 ECFE1C2B2E07596E78C39637F5303E25 6805440 ----a-w- C:\Users\Janne Lambert\Downloads\ccsetup_513.exe 2016-01-09 19:02:45 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Janne Lambert\ntuser.ini 2016-01-09 17:28:57 -------- d-----w- C:\Users\Default\Roaming 2016-01-09 17:17:02 -------- d--h--w- C:\Users\Janne Lambert\AppData 2016-01-09 17:17:01 -------- d--h--w- C:\Users\Administrator\AppData 2016-01-09 17:16:59 -------- d--h--w- C:\Users\Gast\AppData 2016-01-09 17:13:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2016-01-09 17:10:13 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-01-09 17:09:37 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\Saved Games 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Videos 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Pictures 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Music 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Links 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Favorites 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Downloads 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Documents 2016-01-09 17:09:37 -------- d-----r- C:\WINDOWS\serviceprofiles\Localservice\Desktop 2016-01-09 17:09:31 -------- d--h--w- C:\WINDOWS\serviceprofiles\networkservice\AppData 2016-01-09 17:09:31 -------- d-----w- C:\WINDOWS\serviceprofiles\networkservice\Saved Games 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Videos 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Pictures 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Music 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Links 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Favorites 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Downloads 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Documents 2016-01-09 17:09:31 -------- d-----r- C:\WINDOWS\serviceprofiles\networkservice\Desktop 2015-12-14 12:02:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2016-01-10 23:34:37 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Janne Lambert.exe 2016-01-10 21:06:20 FCA4EE579FBAB1FD0707E705C0DCF0A2 19152 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX40.exe 2016-01-10 21:05:51 1C85C43407C7B3E2C0AE7B9AFAB0DA2D 19152 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.exe 2016-01-10 21:05:30 B184558FDE0F500A47730502F6D67E0E 44224 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Flattener\Flattener.exe 2016-01-10 21:05:26 C3CB3D0F522A20C8604824CADB475E87 19152 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ADDINS\Microsoft Power Query for Excel Integrated\bin\Microsoft.Mashup.Container.NetFX45.exe 2016-01-10 21:04:59 E94CD6FC12C22C975DAED6AA7ABD1663 7217832 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Integration\OneDriveSetup.exe 2016-01-10 21:01:46 036CE9940E4FD663131756C393DC5C1C 2434768 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Integration\Integrator.exe 2016-01-10 21:01:45 96EE3CFFEE77FE2630DADA13F8DC090A 369296 ----a-w- C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe 2016-01-10 21:01:43 B5457D8CE213D5CDA1E619B4C68917E4 215768 ----a-w- C:\Program Files (x86)\Microsoft Office\root\client\AppVDllSurrogate32.exe 2016-01-10 21:01:43 3A311F1275D9757804C4D485C1DB0DE6 255192 ----a-w- C:\Program Files (x86)\Microsoft Office\root\client\AppVDllSurrogate64.exe 2016-01-10 21:00:11 F24EC7312356CF7761C308A5047C9823 79016 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOHTMED.EXE 2016-01-10 21:00:11 F085E51FB0B0FAFEBB2BF17B81E19692 308392 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\VPREVIEW.EXE 2016-01-10 21:00:11 EC52E50CC8534DA9B859DA80FB89D00F 24252584 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE 2016-01-10 21:00:11 EB4DC9628C1DAA8C62B12C9DF7324129 743592 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\protocolhandler.exe 2016-01-10 21:00:11 B3905861D4A6D75B6BCF66AD7332CDBD 3016360 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\WORDICON.EXE 2016-01-10 21:00:11 ADF394C79EEA00EDDC8EA8326E025DBD 707240 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSQRY32.EXE 2016-01-10 21:00:11 AD25ECFF7146656D6D06CE259A33C35A 3510440 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\PPTICO.EXE 2016-01-10 21:00:11 AB7413C14997FAE00FEE71940FDC31DC 3686568 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\XLICONS.EXE 2016-01-10 21:00:11 A14758194E7881A31258965392F954EA 523944 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOUC.EXE 2016-01-10 21:00:11 9FDE3092B264E054308F6E1E61AD3319 48296 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\SCANPST.EXE 2016-01-10 21:00:11 8A81EA11A8649E4EBA615E9FD28F4C9F 159400 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE 2016-01-10 21:00:11 86BEDEA753990794EB053A4EEB6A128C 1683112 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE 2016-01-10 21:00:11 8240DB6946CF127A037A5AAA8E4B19D9 174792 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSREC.EXE 2016-01-10 21:00:11 804D84920A38F82CB7EF940D3DA70D61 1928360 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE 2016-01-10 21:00:11 7A586F0ED8EB92BC054A0C70F76AD3B3 102056 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\NAMECONTROLSERVER.EXE 2016-01-10 21:00:11 7714B35E316DF67FCF0B143910B0C411 57512 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE 2016-01-10 21:00:11 645A7A145578B480127662582187F133 457384 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE 2016-01-10 21:00:11 5BEC9E14475D04B3E8F2114DC779C731 10648232 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE 2016-01-10 21:00:11 5A525186A472BFAE7E415343B5C99215 10294952 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\PDFREFLOW.EXE 2016-01-10 21:00:11 3EEB4E64AE91174D995905F85187AC10 1850536 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE 2016-01-10 21:00:11 3A7966A49401A0C53FF5F1E37F7EC57B 366248 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\SELFCERT.EXE 2016-01-10 21:00:11 2F5281DCC14D664671FDF165EF337B70 567464 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ORGCHART.EXE 2016-01-10 21:00:11 016F443605395CB37925677EE28C6D43 28840 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\Wordconv.exe 2016-01-10 21:00:10 E5E616676728180C9A3F2B694B955D7A 192680 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\IEContentService.exe 2016-01-10 21:00:10 D40921CAB2DEEDFB78D41DAB7BD5DEDC 764072 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\FIRSTRUN.EXE 2016-01-10 21:00:10 BEF8219EE0FBF549453D1953B9EFD75C 25729192 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\excelcnv.exe 2016-01-10 21:00:10 A77B12FE8F57C75B3ABAFBF779FFA1DA 168616 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\CNFNOT32.EXE 2016-01-10 21:00:10 7658B1B13D03DBFDB607C19D6BBAB8C5 1027752 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\misc.exe 2016-01-10 21:00:10 55573BD9ED49DFD7ED12DDCDD0C352CB 29113000 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE 2016-01-10 21:00:10 2F8868BD681CF18930191FDB0607F6FF 380584 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\CLVIEW.EXE 2016-01-10 21:00:10 18B0579F63ABE803355681F181DE01B0 4408488 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\GRAPH.EXE 2016-01-10 21:00:10 0C1A944A695418A7A4708CA6B86E4255 15755432 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE 2016-01-10 21:00:10 0739F4F3AD021B275340361650D6CE71 3749032 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\ACCICONS.EXE 2016-01-10 20:59:57 0805A851E9B3FC792187EDC661BE3EF6 324264 ----a-w- C:\Program Files (x86)\Microsoft Office\root\Office16\PerfBoost.exe 2016-01-10 20:59:55 6935C26F80D50F2A106B957A5DD23A9E 1115880 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 2016-01-10 20:59:55 6935C26F80D50F2A106B957A5DD23A9E 1115880 ----a-w- C:\Program Files\Microsoft Office 15\ClientX64\IntegratedOffice.exe 2016-01-10 20:59:46 B74CDDD786E0824AB1439681DFC92583 2748600 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe 2016-01-10 20:59:46 89F0EA7E7AA53F296BEF257478301894 358616 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\MavInject32.exe 2016-01-10 20:59:46 6935C26F80D50F2A106B957A5DD23A9E 1115880 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe 2016-01-10 20:59:46 37407FBD9E01B8BB68CD471631A302FA 263896 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe 2016-01-10 20:59:46 1A8C5FAEF785A8CDD191AD06DBF1530B 6096072 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe 2016-01-10 20:59:45 AA7A3BF04E2D0E8596BE429C2C113607 2054872 ----a-w- C:\Program Files\Common Files\microsoft shared\ClickToRun\appvcleaner.exe 2016-01-09 17:01:18 E7CD04555F47651B79A50DBA6148019C 820416 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2016-01-09 17:01:18 05CB7AA244D84ED3BB43FDA10413E2F8 815808 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe === C: other files == 2016-01-10 10:57:23 2016BB84C4776AC614DEE7F4399BAFD6 48113 ----a-w- C:\Users\Janne Lambert\iCloudDrive\com~apple~Pages\Leeg.pages\Index.zip 2016-01-09 19:14:15 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Janne Lambert\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\CollectOneDriveLogs.bat 2016-01-09 17:13:20 C584D941C2F915B27FAEE9B407744641 42184 ----a-w- C:\Program Files\Synaptics\SynTP\Smb_driver_AMDASF.sys 2016-01-09 17:13:20 8A6571231D93C08434A56E19E33A35CB 42696 ----a-w- C:\Program Files\Synaptics\SynTP\Smb_driver_Intel.sys 2016-01-09 17:01:18 EFEFC245B884B1BE0401931398DCD707 2152800 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2016-01-09 17:01:18 91D3F2A6253EF83EFBD7903028F58C4D 118624 ----a-w- C:\Windows\System32\drivers\tdx.sys 2016-01-09 17:01:18 70148EFA9A562E7185B75BBE7D376BF7 578912 ----a-w- C:\Windows\System32\drivers\afd.sys 2016-01-09 17:01:13 DBBACE77DDE8CCFD85B37B114965C385 147968 ----a-w- C:\Windows\System32\drivers\rmcast.sys 2016-01-09 17:01:11 EF536C54AB9281FDC4E83B07279FCFC4 35680 ----a-w- C:\Windows\System32\drivers\wimmount.sys 2016-01-09 17:01:10 DE6D7DC78D956928F59F7415A0F41E13 95072 ----a-w- C:\Windows\System32\drivers\sdstor.sys 2016-01-09 17:01:10 C24C27FDF93B85A4EFCF25F830253AA2 117248 ----a-w- C:\Windows\System32\drivers\capimg.sys 2016-01-09 17:01:10 80977779A19947939D680A4899E829EC 604928 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-01-09 17:01:10 7D8B9214692C4D0F1646215D9984E19A 161632 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-01-09 17:01:10 7CC48808D8F6749DD6AC42DADE594517 3593216 ----a-w- C:\Windows\System32\win32kfull.sys 2016-01-09 17:01:10 5B7B6AF7E94E972DCE4BF892ABD466B6 115200 ----a-w- C:\Windows\System32\win32k.sys 2016-01-09 17:01:10 42B6285314851A693F68F7A7B79FD1B9 1393664 ----a-w- C:\Windows\System32\win32kbase.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3577948327-2292428509-81639717-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "ooVoo.exe"="C:\Program Files (x86)\ooVoo\oovoo.exe /minimized" "Spotify Web Helper"="C:\Users\Janne Lambert\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "OneDrive"="C:\Users\Janne Lambert\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "BingSvc"="C:\Users\Janne Lambert\AppData\Local\Microsoft\BingSvc\BingSvc.exe" "Spotify"="C:\Users\Janne Lambert\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_4E50F37566D05129B18193EFEFA17E7E"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-21-3577948327-2292428509-81639717-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3577948327-2292428509-81639717-500\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" "CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "ooVoo.exe"="C:\Program Files (x86)\ooVoo\oovoo.exe /minimized" "Spotify Web Helper"="C:\Users\Janne Lambert\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "OneDrive"="C:\Users\Janne Lambert\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "BingSvc"="C:\Users\Janne Lambert\AppData\Local\Microsoft\BingSvc\BingSvc.exe" "Spotify"="C:\Users\Janne Lambert\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_4E50F37566D05129B18193EFEFA17E7E"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\c2cautoupdatesvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\c2cpnrsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PhoneSvc] ==== Startup Folders ====================== 2015-07-11 20:31:29 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\207A.tmp 2014-12-24 13:44:33 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\28B2.tmp 2015-01-25 10:28:29 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\2E38.tmp 2014-12-17 16:26:13 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\4C8.tmp 2015-03-23 15:39:39 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\56D8.tmp 2015-08-15 17:18:22 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\5F2C.tmp 2015-01-22 15:36:52 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\79F7.tmp 2015-07-29 07:13:25 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\9A71.tmp 2015-08-23 17:22:20 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\A921.tmp 2015-02-10 16:28:47 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\B8D.tmp 2015-07-24 10:54:36 0 ----a-w- C:\Users\Janne Lambert\AppData\Roaming\Microsoft\DE60.tmp ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/08/2015 17:21] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/08/2015 17:21] C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [03/06/2015 02:16] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Synaptics TouchPad Enhancements" [\Program Files\Synaptics\SynTP\SynTPEnh.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{F399618B-F4D6-43DE-8EFB-344FDDBCF3AD}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12/10/2015 08:31] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions chfdnecihphmhljaaejmgoiahnihplgn - No path found[] fcfenmboojpjinhpgggodefccipikbpd - No path found[] YouTube - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb AVG Web TuneUp - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn zwartwit - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmknkbaofpfngeidohlbikiecmankpej Google Search - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf MSN Homepage Bing Search Engine - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd Google Docs Offline - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Pin It Button - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic Google Play - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi Skype - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Background Tab - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic Gmail - Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully C:\Users\Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={886E37CA-E95E-4E24-BF51-CE511877F8C7}&mid=04f5a23548fe47d29d26b95e6f8c6738-9231f3f387a85851c3eb7305a75f11051a24fb8b&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-05-08 20:09:42&v=4.1.8.599&pid=wtu&sg=&sap=hp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting Registry Keys ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully ==== HijackThis Entries ====================== O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Janne Lambert\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKCU\..\Run: [OneDrive] "C:\Users\Janne Lambert\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [BingSvc] C:\Users\Janne Lambert\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKCU\..\Run: [Spotify] "C:\Users\Janne Lambert\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E50F37566D05129B18193EFEFA17E7E] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-3577948327-2292428509-81639717-500\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Administrator') O4 - HKUS\S-1-5-21-3577948327-2292428509-81639717-500\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Administrator') O8 - Extra context menu item: &Envoyer ŕ OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: CyberLink PowerDVD 10 MS Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe O23 - Service: CyberLink PowerDVD 10 MS Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\PHotkey\GFNEXSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Janne Lambert\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Janne Lambert\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\janne_000\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Janne Lambert\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Janne Lambert\AppData\Local\Microsoft\Windows\INetCache\IE\N2E3XHP0 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Janne Lambert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1224 folders=284 640995749 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\JANNEL~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Janne Lambert\AppData\Local\Microsoft\Windows\INetCache\IE\N2E3XHP0" not found ==== EOF on ma 11/01/2016 at 19:02:42,00 ======================